zhuyijun/nacos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add resource parser

Browse Source
This commit is contained in:
KomachiSion 2022-01-14 16:52:21 +08:00
parent 4e98013f8e
commit 956df153d6
32 changed files with 967 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java
View File

@ -18,7 +18,7 @@ package com.alibaba.nacos.address.auth;
import com.alibaba.nacos.auth.AuthManager;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.model.User;
/**

2
auth/src/main/java/com/alibaba/nacos/auth/AuthManager.java
View File

@ -17,7 +17,7 @@
package com.alibaba.nacos.auth;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.model.User;
/**

4
auth/src/main/java/com/alibaba/nacos/auth/AuthService.java
View File

@ -16,9 +16,9 @@
package com.alibaba.nacos.auth;
import com.alibaba.nacos.auth.context.IdentityContext;
import com.alibaba.nacos.auth.api.IdentityContext;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
/**
* Auth service.

4
auth/src/main/java/com/alibaba/nacos/auth/context/IdentityContext.java → auth/src/main/java/com/alibaba/nacos/auth/api/IdentityContext.java
View File

@ -5,7 +5,7 @@
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@ -14,7 +14,7 @@
* limitations under the License.
*/
package com.alibaba.nacos.auth.context;
package com.alibaba.nacos.auth.api;
import java.util.HashMap;
import java.util.Map;

4
auth/src/main/java/com/alibaba/nacos/auth/model/Permission.java → auth/src/main/java/com/alibaba/nacos/auth/api/Permission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 1999-2018 Alibaba Group Holding Ltd.
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,7 +14,7 @@
* limitations under the License.
*/
package com.alibaba.nacos.auth.model;
package com.alibaba.nacos.auth.api;
import java.io.Serializable;

76
auth/src/main/java/com/alibaba/nacos/auth/api/Resource.java Normal file
View File

@ -0,0 +1,76 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.api;
import java.io.Serializable;
import java.util.Properties;
/**
* Resource used in authorization.
*
* @author nkorange
* @author mai.jh
* @since 1.2.0
*/
public class Resource implements Serializable {
private static final long serialVersionUID = 925971662931204553L;
private final String namespaceId;
private final String group;
private final String name;
private final String type;
private final Properties properties;
public Resource(String namespaceId, String group, String name, String type, Properties properties) {
this.namespaceId = namespaceId;
this.group = group;
this.name = name;
this.type = type;
this.properties = properties;
}
public String getNamespaceId() {
return namespaceId;
}
public String getGroup() {
return group;
}
public String getName() {
return name;
}
public String getType() {
return type;
}
public Properties getProperties() {
return properties;
}
@Override
public String toString() {
return "Resource{" + "namespaceId='" + namespaceId + '\'' + ", group='" + group + '\'' + ", name='" + name
+ '\'' + ", type='" + type + '\'' + ", properties=" + properties + '}';
}
}

1
auth/src/main/java/com/alibaba/nacos/auth/context/GrpcIdentityContextBuilder.java
View File

@ -17,6 +17,7 @@
package com.alibaba.nacos.auth.context;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.api.IdentityContext;
import com.alibaba.nacos.auth.common.AuthConfigs;
import java.util.Arrays;

1
auth/src/main/java/com/alibaba/nacos/auth/context/HttpIdentityContextBuilder.java
View File

@ -16,6 +16,7 @@
package com.alibaba.nacos.auth.context;
import com.alibaba.nacos.auth.api.IdentityContext;
import com.alibaba.nacos.auth.common.AuthConfigs;
import javax.servlet.http.HttpServletRequest;

4
auth/src/main/java/com/alibaba/nacos/auth/context/IdentityContextBuilder.java
View File

@ -16,6 +16,8 @@
package com.alibaba.nacos.auth.context;
import com.alibaba.nacos.auth.api.IdentityContext;
/**
* Identify context.
*
@ -30,4 +32,4 @@ public interface IdentityContextBuilder<T> {
*/
IdentityContext build(T request);
}
}

55
auth/src/main/java/com/alibaba/nacos/auth/model/Resource.java
View File

@ -1,55 +0,0 @@
/*
* Copyright 1999-2018 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.model;
import com.alibaba.nacos.auth.constant.Constants;
import java.io.Serializable;
/**
* Resource used in authorization.
*
* @author nkorange
* @author mai.jh
* @since 1.2.0
*/
public class Resource implements Serializable {
private static final long serialVersionUID = 925971662931204553L;
/**
* The unique key of resource.
*/
private final String key;
public Resource(String key) {
this.key = key;
}
public String getKey() {
return key;
}
public String parseName() {
return key.substring(0, key.lastIndexOf(Constants.Resource.SPLITTER));
}
@Override
public String toString() {
return "Resource{" + "key='" + key + '\'' + '}';
}
}

76
auth/src/main/java/com/alibaba/nacos/auth/parser/AbstractResourceParser.java Normal file
View File

@ -0,0 +1,76 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser;
import com.alibaba.nacos.auth.api.Resource;
import java.util.Properties;
/**
* Abstract Resource parser.
*
* @author xiweng.yy
* @since 2.1.0
*/
public abstract class AbstractResourceParser<R> implements ResourceParser<R> {
@Override
public Resource parse(R request, String type) {
String namespaceId = getNamespaceId(request);
String group = getGroup(request);
String name = getResourceName(request);
Properties properties = getProperties(request);
return new Resource(namespaceId, group, name, type, properties);
}
/**
* Get namespaceId from request.
*
* @param request request
* @return namespaceId
*/
protected abstract String getNamespaceId(R request);
/**
* Get group name from request.
*
* @param request request
* @return group name
*/
protected abstract String getGroup(R request);
/**
* Get resource name from request.
*
* @param request request
* @return resource name
*/
protected abstract String getResourceName(R request);
/**
* Get custom properties from request.
*
* @param request request
* @return custom properties
*/
protected abstract Properties getProperties(R request);
@Override
public String parseName(Object request) {
return null;
}
}

8
auth/src/main/java/com/alibaba/nacos/auth/parser/DefaultResourceParser.java
View File

@ -16,6 +16,7 @@
package com.alibaba.nacos.auth.parser;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.common.utils.StringUtils;
/**
@ -25,7 +26,12 @@ import com.alibaba.nacos.common.utils.StringUtils;
* @author mai.jh
* @since 1.2.0
*/
public class DefaultResourceParser implements ResourceParser {
public class DefaultResourceParser implements ResourceParser<Object> {
@Override
public Resource parse(Object request, String type) {
return null;
}
@Override
public String parseName(Object request) {

15
auth/src/main/java/com/alibaba/nacos/auth/parser/ResourceParser.java
View File

@ -16,6 +16,8 @@
package com.alibaba.nacos.auth.parser;
import com.alibaba.nacos.auth.api.Resource;
/**
* Resource parser.
*
@ -23,7 +25,16 @@ package com.alibaba.nacos.auth.parser;
* @author mai.jh
* @since 1.2.0
*/
public interface ResourceParser {
public interface ResourceParser<R> {
/**
* Parse resource from request.
*
* @param request request
* @param type request type, like naming or config
* @return resource
*/
Resource parse(R request, String type);
/**
* Parse a unique name of the resource from the request.
@ -31,6 +42,8 @@ public interface ResourceParser {
* @param request where we can find the resource info. Given it may vary from Http request to gRPC request, we use a
* Object type for future accommodation.
* @return resource name
* @deprecated replaced by {@link ResourceParser#parse(Object, String)}
*/
@Deprecated
String parseName(Object request);
}

29
auth/src/main/java/com/alibaba/nacos/auth/parser/grpc/AbstractGrpcResourceParser.java Normal file
View File

@ -0,0 +1,29 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.grpc;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.parser.AbstractResourceParser;
/**
* Abstract Grpc Resource Parser.
*
* @author xiweng.yy
*/
public abstract class AbstractGrpcResourceParser extends AbstractResourceParser<Request> {
}

67
auth/src/main/java/com/alibaba/nacos/auth/parser/grpc/ConfigGrpcResourceParser.java Normal file
View File

@ -0,0 +1,67 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.grpc;
import com.alibaba.nacos.api.config.remote.request.ConfigBatchListenRequest;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.common.utils.ReflectUtils;
import com.alibaba.nacos.common.utils.StringUtils;
import java.util.List;
import java.util.Properties;
/**
* Config Grpc resource parser.
*
* @author xiweng.yy
*/
public class ConfigGrpcResourceParser extends AbstractGrpcResourceParser {
@Override
protected String getNamespaceId(Request request) {
String namespaceId = StringUtils.EMPTY;
if (request instanceof ConfigBatchListenRequest) {
List<ConfigBatchListenRequest.ConfigListenContext> configListenContexts = ((ConfigBatchListenRequest) request)
.getConfigListenContexts();
if (!configListenContexts.isEmpty()) {
namespaceId = ((ConfigBatchListenRequest) request).getConfigListenContexts().get(0).getTenant();
}
} else {
namespaceId = (String) ReflectUtils.getFieldValue(request, "tenant", "");
}
return namespaceId;
}
@Override
protected String getGroup(Request request) {
String groupName = (String) ReflectUtils
.getFieldValue(request, com.alibaba.nacos.api.common.Constants.GROUP, "");
return StringUtils.isBlank(groupName) ? Constants.Resource.ANY : groupName;
}
@Override
protected String getResourceName(Request request) {
String dataId = (String) ReflectUtils.getFieldValue(request, com.alibaba.nacos.api.common.Constants.DATAID, "");
return StringUtils.isBlank(dataId) ? Constants.Resource.ANY : dataId;
}
@Override
protected Properties getProperties(Request request) {
return new Properties();
}
}

70
auth/src/main/java/com/alibaba/nacos/auth/parser/grpc/NamingGrpcResourceParser.java Normal file
View File

@ -0,0 +1,70 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.grpc;
import com.alibaba.nacos.api.PropertyKeyConst;
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.remote.request.AbstractNamingRequest;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.common.utils.ReflectUtils;
import com.alibaba.nacos.common.utils.StringUtils;
import java.util.Properties;
/**
* Naming Grpc resource parser.
*
* @author xiweng.yy
*/
public class NamingGrpcResourceParser extends AbstractGrpcResourceParser {
@Override
protected String getNamespaceId(Request request) {
if (request instanceof AbstractNamingRequest) {
return ((AbstractNamingRequest) request).getNamespace();
}
return (String) ReflectUtils.getFieldValue(request, PropertyKeyConst.NAMESPACE, "");
}
@Override
protected String getGroup(Request request) {
String groupName;
if (request instanceof AbstractNamingRequest) {
groupName = ((AbstractNamingRequest) request).getGroupName();
} else {
groupName = (String) ReflectUtils.getFieldValue(request, CommonParams.GROUP_NAME, "");
}
return StringUtils.isBlank(groupName) ? Constants.Resource.ANY : groupName;
}
@Override
protected String getResourceName(Request request) {
String serviceName;
if (request instanceof AbstractNamingRequest) {
serviceName = ((AbstractNamingRequest) request).getServiceName();
} else {
serviceName = (String) ReflectUtils.getFieldValue(request, CommonParams.SERVICE_NAME, "");
}
return StringUtils.isBlank(serviceName) ? Constants.Resource.ANY : serviceName;
}
@Override
protected Properties getProperties(Request request) {
return new Properties();
}
}

30
auth/src/main/java/com/alibaba/nacos/auth/parser/http/AbstractHttpResourceParser.java Normal file
View File

@ -0,0 +1,30 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.http;
import com.alibaba.nacos.auth.parser.AbstractResourceParser;
import javax.servlet.http.HttpServletRequest;
/**
* Abstract Http Resource Parser.
*
* @author xiweng.yy
*/
public abstract class AbstractHttpResourceParser extends AbstractResourceParser<HttpServletRequest> {
}

55
auth/src/main/java/com/alibaba/nacos/auth/parser/http/ConfigHttpResourceParser.java Normal file
View File

@ -0,0 +1,55 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.http;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.common.utils.NamespaceUtil;
import com.alibaba.nacos.common.utils.StringUtils;
import javax.servlet.http.HttpServletRequest;
import java.util.Properties;
/**
* Config Http resource parser.
*
* @author xiweng.yy
*/
public class ConfigHttpResourceParser extends AbstractHttpResourceParser {
@Override
protected String getNamespaceId(HttpServletRequest request) {
return NamespaceUtil.processNamespaceParameter(request.getParameter("tenant"));
}
@Override
protected String getGroup(HttpServletRequest request) {
String groupName = request.getParameter(com.alibaba.nacos.api.common.Constants.GROUP);
return StringUtils.isBlank(groupName) ? Constants.Resource.ANY : groupName;
}
@Override
protected String getResourceName(HttpServletRequest request) {
String dataId = request.getParameter(com.alibaba.nacos.api.common.Constants.DATAID);
return StringUtils.isBlank(dataId) ? Constants.Resource.ANY : dataId;
}
@Override
protected Properties getProperties(HttpServletRequest request) {
return new Properties();
}
}

69
auth/src/main/java/com/alibaba/nacos/auth/parser/http/NamingHttpResourceParser.java Normal file
View File

@ -0,0 +1,69 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.http;
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.common.utils.NamespaceUtil;
import com.alibaba.nacos.common.utils.StringUtils;
import javax.servlet.http.HttpServletRequest;
import java.util.Properties;
/**
* Naming Http resource parser.
*
* @author xiweng.yy
*/
public class NamingHttpResourceParser extends AbstractHttpResourceParser {
@Override
protected String getNamespaceId(HttpServletRequest request) {
return NamespaceUtil.processNamespaceParameter(request.getParameter(CommonParams.NAMESPACE_ID));
}
/**
* Group name from http request might be in service name with format ${group}@@${service}. So if group name is blank
* or {@code null}, should try to get group name from service.
*
* @param request http request
* @return group
*/
@Override
protected String getGroup(HttpServletRequest request) {
String groupName = request.getParameter(CommonParams.GROUP_NAME);
String serviceName = request.getParameter(CommonParams.SERVICE_NAME);
if (StringUtils.isBlank(groupName)) {
groupName = NamingUtils.getGroupName(serviceName);
}
return StringUtils.isBlank(groupName) ? Constants.Resource.ANY : groupName;
}
@Override
protected String getResourceName(HttpServletRequest request) {
// See comment in #getGroup
String serviceName = NamingUtils.getServiceName(request.getParameter(CommonParams.SERVICE_NAME));
return StringUtils.isBlank(serviceName) ? Constants.Resource.ANY : serviceName;
}
@Override
protected Properties getProperties(HttpServletRequest request) {
return new Properties();
}
}

4
auth/src/test/java/com/alibaba/nacos/auth/common/AuthPluginManagerTest.java
View File

@ -18,8 +18,8 @@ package com.alibaba.nacos.auth.common;
import com.alibaba.nacos.auth.AuthPluginManager;
import com.alibaba.nacos.auth.AuthService;
import com.alibaba.nacos.auth.context.IdentityContext;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.IdentityContext;
import com.alibaba.nacos.auth.api.Permission;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

96
auth/src/test/java/com/alibaba/nacos/auth/parser/grpc/ConfigGrpcResourceParserTest.java Normal file
View File

@ -0,0 +1,96 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.grpc;
import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.api.config.remote.request.ConfigBatchListenRequest;
import com.alibaba.nacos.api.config.remote.request.ConfigPublishRequest;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.api.Resource;
import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.*;
public class ConfigGrpcResourceParserTest {
private ConfigGrpcResourceParser resourceParser;
@Before
public void setUp() throws Exception {
resourceParser = new ConfigGrpcResourceParser();
}
@Test
public void testParseWithFullContext() {
Request request = mockConfigRequest("testNs", "testG", "testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutNamespace() {
Request request = mockConfigRequest("", "testG", "testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroup() {
Request request = mockConfigRequest("testNs", "", "testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("*", actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutDataId() {
Request request = mockConfigRequest("testNs", "testG", "");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("*", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithConfigBatchListenRequest() {
ConfigBatchListenRequest request = new ConfigBatchListenRequest();
request.addConfigListenContext("testG", "testD", "testNs", "111");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("*", actual.getGroup());
assertEquals("*", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
private Request mockConfigRequest(String tenant, String group, String dataId) {
ConfigPublishRequest request = new ConfigPublishRequest();
request.setTenant(tenant);
request.setGroup(group);
request.setDataId(dataId);
return request;
}
}

139
auth/src/test/java/com/alibaba/nacos/auth/parser/grpc/NamingGrpcResourceParserTest.java Normal file
View File

@ -0,0 +1,139 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.grpc;
import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.api.naming.remote.request.AbstractNamingRequest;
import com.alibaba.nacos.api.naming.remote.request.NotifySubscriberRequest;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.common.utils.StringUtils;
import org.junit.Before;
import org.junit.Test;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
public class NamingGrpcResourceParserTest {
private NamingGrpcResourceParser resourceParser;
@Before
public void setUp() throws Exception {
resourceParser = new NamingGrpcResourceParser();
}
@Test
public void testParseWithFullContextForNamingRequest() {
AbstractNamingRequest request = mockNamingRequest("testNs", "testG", "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithFullContextForOtherRequest() {
Request request = mockOtherRequest("testNs", "testG", "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutNamespaceForNamingRequest() {
AbstractNamingRequest request = mockNamingRequest(null, "testG", "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertNull(actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutNamespaceForOtherRequest() {
Request request = mockOtherRequest(null, "testG", "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertNull(actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroupForNamingRequest() {
AbstractNamingRequest request = mockNamingRequest("testNs", null, "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroupForOtherRequest() {
Request request = mockOtherRequest("testNs", null, "testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutDataIdForNamingRequest() {
AbstractNamingRequest request = mockNamingRequest("testNs", "testG", null);
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutDataIdForOtherRequest() {
Request request = mockOtherRequest("testNs", "testG", null);
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
private AbstractNamingRequest mockNamingRequest(String testNs, String testG, String testS) {
MockNamingRequest result = new MockNamingRequest();
result.setNamespace(testNs);
result.setGroupName(testG);
result.setServiceName(testS);
return result;
}
private Request mockOtherRequest(String testNs, String testG, String testS) {
NotifySubscriberRequest result = new NotifySubscriberRequest();
result.setNamespace(testNs);
result.setGroupName(testG);
result.setServiceName(testS);
return result;
}
private class MockNamingRequest extends AbstractNamingRequest {
}
}

91
auth/src/test/java/com/alibaba/nacos/auth/parser/http/ConfigHttpResourceParserTest.java Normal file
View File

@ -0,0 +1,91 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.http;
import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.common.utils.StringUtils;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import javax.servlet.http.HttpServletRequest;
import static org.junit.Assert.assertEquals;
import static org.mockito.ArgumentMatchers.eq;
@RunWith(MockitoJUnitRunner.class)
public class ConfigHttpResourceParserTest {
@Mock
private HttpServletRequest request;
private ConfigHttpResourceParser resourceParser;
@Before
public void setUp() throws Exception {
resourceParser = new ConfigHttpResourceParser();
}
@Test
public void testParseWithFullContext() {
Mockito.when(request.getParameter(eq("tenant"))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(Constants.GROUP))).thenReturn("testG");
Mockito.when(request.getParameter(eq(Constants.DATAID))).thenReturn("testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutNamespace() {
Mockito.when(request.getParameter(eq(Constants.GROUP))).thenReturn("testG");
Mockito.when(request.getParameter(eq(Constants.DATAID))).thenReturn("testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals(StringUtils.EMPTY, actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroup() {
Mockito.when(request.getParameter(eq("tenant"))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(Constants.DATAID))).thenReturn("testD");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getGroup());
assertEquals("testD", actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
@Test
public void testParseWithoutDataId() {
Mockito.when(request.getParameter(eq("tenant"))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(Constants.GROUP))).thenReturn("testG");
Resource actual = resourceParser.parse(request, Constants.Config.CONFIG_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getName());
assertEquals(Constants.Config.CONFIG_MODULE, actual.getType());
}
}

113
auth/src/test/java/com/alibaba/nacos/auth/parser/http/NamingHttpResourceParserTest.java Normal file
View File

@ -0,0 +1,113 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.auth.parser.http;
import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.common.utils.StringUtils;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import javax.servlet.http.HttpServletRequest;
import static org.junit.Assert.assertEquals;
import static org.mockito.ArgumentMatchers.eq;
@RunWith(MockitoJUnitRunner.class)
public class NamingHttpResourceParserTest {
@Mock
private HttpServletRequest request;
private NamingHttpResourceParser resourceParser;
@Before
public void setUp() throws Exception {
resourceParser = new NamingHttpResourceParser();
}
@Test
public void testParseWithFullContext() {
Mockito.when(request.getParameter(eq(CommonParams.NAMESPACE_ID))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(CommonParams.GROUP_NAME))).thenReturn("testG");
Mockito.when(request.getParameter(eq(CommonParams.SERVICE_NAME))).thenReturn("testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutNamespace() {
Mockito.when(request.getParameter(eq(CommonParams.GROUP_NAME))).thenReturn("testG");
Mockito.when(request.getParameter(eq(CommonParams.SERVICE_NAME))).thenReturn("testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals(StringUtils.EMPTY, actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroup() {
Mockito.when(request.getParameter(eq(CommonParams.NAMESPACE_ID))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(CommonParams.SERVICE_NAME))).thenReturn("testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals(Constants.DEFAULT_GROUP, actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithGroupInService() {
Mockito.when(request.getParameter(eq(CommonParams.NAMESPACE_ID))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(CommonParams.SERVICE_NAME))).thenReturn("testG@@testS");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals("testS", actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutService() {
Mockito.when(request.getParameter(eq(CommonParams.NAMESPACE_ID))).thenReturn("testNs");
Mockito.when(request.getParameter(eq(CommonParams.GROUP_NAME))).thenReturn("testG");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals("testG", actual.getGroup());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
@Test
public void testParseWithoutGroupAndService() {
Mockito.when(request.getParameter(eq(CommonParams.NAMESPACE_ID))).thenReturn("testNs");
Resource actual = resourceParser.parse(request, Constants.Naming.NAMING_MODULE);
assertEquals("testNs", actual.getNamespaceId());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getGroup());
assertEquals(com.alibaba.nacos.auth.constant.Constants.Resource.ANY, actual.getName());
assertEquals(Constants.Naming.NAMING_MODULE, actual.getType());
}
}

8
config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java
View File

@ -18,6 +18,7 @@ package com.alibaba.nacos.config.server.auth;
import com.alibaba.nacos.api.config.remote.request.ConfigBatchListenRequest;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.auth.parser.ResourceParser;
import com.alibaba.nacos.common.utils.NamespaceUtil;
@ -33,10 +34,15 @@ import java.util.List;
* @author nkorange
* @since 1.2.0
*/
public class ConfigResourceParser implements ResourceParser {
public class ConfigResourceParser implements ResourceParser<Object> {
private static final String AUTH_CONFIG_PREFIX = "config/";
@Override
public Resource parse(Object request, String type) {
return null;
}
@Override
public String parseName(Object requestObj) {

2
config/src/test/java/com/alibaba/nacos/config/server/auth/MockAuthManager.java
View File

@ -18,7 +18,7 @@ package com.alibaba.nacos.config.server.auth;
import com.alibaba.nacos.auth.AuthManager;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.model.User;
import org.springframework.stereotype.Component;

2
console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java
View File

@ -20,7 +20,7 @@ import com.alibaba.nacos.api.common.Constants;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.AuthManager;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.model.User;
import com.alibaba.nacos.common.utils.StringUtils;
import com.alibaba.nacos.config.server.auth.RoleInfo;

2
console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java
View File

@ -17,7 +17,7 @@
package com.alibaba.nacos.console.security.nacos.roles;
import com.alibaba.nacos.auth.common.AuthConfigs;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.common.utils.StringUtils;
import com.alibaba.nacos.config.server.auth.PermissionInfo;
import com.alibaba.nacos.config.server.auth.PermissionPersistService;

2
core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java
View File

@ -20,7 +20,7 @@ import com.alibaba.nacos.auth.AuthManager;
import com.alibaba.nacos.auth.annotation.Secured;
import com.alibaba.nacos.auth.common.AuthConfigs;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.parser.ResourceParser;
import com.alibaba.nacos.common.utils.ExceptionUtil;
import com.alibaba.nacos.core.code.ControllerMethodsCache;

2
core/src/main/java/com/alibaba/nacos/core/auth/RemoteRequestAuthFilter.java
View File

@ -24,7 +24,7 @@ import com.alibaba.nacos.auth.AuthManager;
import com.alibaba.nacos.auth.annotation.Secured;
import com.alibaba.nacos.auth.common.AuthConfigs;
import com.alibaba.nacos.auth.exception.AccessException;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.auth.parser.ResourceParser;
import com.alibaba.nacos.common.utils.ExceptionUtil;
import com.alibaba.nacos.core.remote.AbstractRequestFilter;

8
naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java
View File

@ -20,6 +20,7 @@ import com.alibaba.nacos.api.naming.CommonParams;
import com.alibaba.nacos.api.naming.remote.request.AbstractNamingRequest;
import com.alibaba.nacos.api.naming.utils.NamingUtils;
import com.alibaba.nacos.api.remote.request.Request;
import com.alibaba.nacos.auth.api.Resource;
import com.alibaba.nacos.auth.constant.Constants;
import com.alibaba.nacos.auth.parser.ResourceParser;
import com.alibaba.nacos.common.utils.NamespaceUtil;
@ -35,10 +36,15 @@ import javax.servlet.http.HttpServletRequest;
* @author nkorange
* @since 1.2.0
*/
public class NamingResourceParser implements ResourceParser {
public class NamingResourceParser implements ResourceParser<Object> {
private static final String AUTH_NAMING_PREFIX = "naming/";
@Override
public Resource parse(Object request, String type) {
return null;
}
@Override
public String parseName(Object requestObj) {

2
test/core-test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java
View File

@ -16,7 +16,7 @@
package com.alibaba.nacos.test.core.auth;
import com.alibaba.nacos.Nacos;
import com.alibaba.nacos.auth.model.Permission;
import com.alibaba.nacos.auth.api.Permission;
import com.alibaba.nacos.common.utils.JacksonUtils;
import com.alibaba.nacos.config.server.model.Page;
import com.alibaba.nacos.test.base.HttpClient4Test;