Skip to content

Commit

Permalink
optimize permission recycling, add Proxy User Management
Browse files Browse the repository at this point in the history
  • Loading branch information
@wxyn
wxyn committed Jun 16, 2023
1 parent 2c2a87e commit 4829c68
Show file tree
Hide file tree
Showing 9 changed files with 64 additions and 8 deletions.
3 changes: 3 additions & 0 deletions ...erver/src/main/java/com/webank/wedatasphere/dss/scriptis/dao/ScriptisProxyUserMapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.webank.wedatasphere.dss.scriptis.pojo.entity.ScriptisProxyUser;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;

import java.util.List;

Expand All @@ -13,4 +14,6 @@ public interface ScriptisProxyUserMapper extends BaseMapper<ScriptisProxyUser> {

int insertUser(ScriptisProxyUser user);

void deleteProxyUser(@Param("userName") String userName, @Param("proxyUserNames") String[] proxyUserNames);

}
10 changes: 10 additions & 0 deletions ...src/main/java/com/webank/wedatasphere/dss/scriptis/dao/mapper/ScriptisProxyUserMapper.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,16 @@
order by u.create_time desc
</select>

<delete id="deleteProxyUser">
DELETE FROM dss_proxy_user WHERE username = #{userName}
<if test="proxyUserNames != null and proxyUserNames.length>0">
AND proxy_user_name IN
<foreach collection='proxyUserNames' open='(' close=')' separator=',' item='proxyUserName'>
#{proxyUserName}
</foreach>
</if>
</delete>

<insert id="insertUser" parameterType="com.webank.wedatasphere.dss.scriptis.pojo.entity.ScriptisProxyUser" useGeneratedKeys="true" keyProperty="id">
insert into dss_proxy_user(
<if test="id != null and id != 0">id,</if>
Expand Down
5 changes: 5 additions & 0 deletions .../java/com/webank/wedatasphere/dss/scriptis/service/impl/ScriptisProxyUserServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@ public List<DssProxyUser> selectProxyUserList(String userName, DSSWorkspace work
return new ArrayList<>(dssProxyUserMapper.selectProxyUserList(userName));
}

@Override
public void revokeProxyUser(String userName, String[] proxyUserNames) {
dssProxyUserMapper.deleteProxyUser(userName, proxyUserNames);
}

@Override
public int insertProxyUser(ScriptisProxyUser dssProxyUser) {
return dssProxyUserMapper.insertUser(dssProxyUser);
Expand Down
2 changes: 0 additions & 2 deletions ...min-service/src/main/java/com/webank/wedatasphere/dss/framework/admin/conf/AdminConf.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,5 @@ public interface AdminConf {

String[] SUPER_ADMIN_LIST = DSSCommonConf.SUPER_ADMIN_LIST;

String HPMS_USER_TOKEN = CommonVars.apply("wds.dss.workspace.hpms.user.token", "HPMS-KhFGSQkdaaCPBYfE").getValue();


}
4 changes: 2 additions & 2 deletions .../com/webank/wedatasphere/dss/framework/admin/restful/DssFrameworkAdminUserController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
import java.util.List;
import java.util.Map;

import static com.webank.wedatasphere.dss.framework.admin.conf.AdminConf.HPMS_USER_TOKEN;
import static com.webank.wedatasphere.dss.framework.common.conf.TokenConf.HPMS_USER_TOKEN;

@RequestMapping(path = "/dss/framework/admin/user", produces = {"application/json"})
@RestController
Expand Down Expand Up @@ -138,7 +138,7 @@ public Message edit(@Validated @RequestBody DssAdminUser user, HttpServletReques
return Message.ok().data("修改用户成功。", dssAdminUserService.updateUser(user, getWorkspace(req)));
}

@GetMapping("/getAllUsername")
@GetMapping("/getAllUserName")
public Message getAllUsername(){
return Message.ok().data("userNames", dssAdminUserService.getAllUsername());
}
Expand Down
11 changes: 11 additions & 0 deletions ...ork-common/src/main/java/com/webank/wedatasphere/dss/framework/common/conf/TokenConf.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package com.webank.wedatasphere.dss.framework.common.conf;

import org.apache.linkis.common.conf.CommonVars;

public class TokenConf {
private TokenConf() {
throw new IllegalStateException("Configution class");
}
public static final String HPMS_USER_TOKEN = CommonVars.apply("wds.dss.workspace.hpms.user.token", "HPMS-KhFGSQkdaaCPBYfE").getValue();

}
34 changes: 31 additions & 3 deletions ...main/java/com/webank/wedatasphere/dss/framework/proxy/restful/DssProxyUserController.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
package com.webank.wedatasphere.dss.framework.proxy.restful;

import com.webank.wedatasphere.dss.common.auditlog.OperateTypeEnum;
import com.webank.wedatasphere.dss.common.auditlog.TargetTypeEnum;
import com.webank.wedatasphere.dss.common.utils.AuditLogUtils;
import com.webank.wedatasphere.dss.common.utils.DSSExceptionUtils;
import com.webank.wedatasphere.dss.common.utils.DomainUtils;
import com.webank.wedatasphere.dss.common.utils.ScalaFunctionAdapter;
Expand All @@ -16,20 +19,21 @@
import org.apache.linkis.server.conf.ServerConfiguration;
import org.apache.linkis.server.security.ProxyUserSSOUtils;
import org.apache.linkis.server.security.SecurityFilter;
import org.apache.linkis.server.utils.ModuleUserUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.*;
import scala.Tuple2;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;

import static com.webank.wedatasphere.dss.framework.common.conf.TokenConf.HPMS_USER_TOKEN;
import static com.webank.wedatasphere.dss.framework.proxy.conf.ProxyUserConfiguration.DS_PROXY_SELF_ENABLE;
import static com.webank.wedatasphere.dss.framework.proxy.conf.ProxyUserConfiguration.DS_TRUST_TOKEN;

Expand Down Expand Up @@ -123,4 +127,28 @@ public Message setProxyUserCookie(@RequestBody DssProxyUserImpl userRep,
return Message.ok("Success to add proxy user into cookie.");
}

@GetMapping("/getProxyUserName")
public Message getProxyUserName(@RequestParam("userName")String userName){
List<DssProxyUser> dssProxyUsers = dssProxyUserService.selectProxyUserList(userName, null);
List<String> proxyUsernames = dssProxyUsers.stream().map(DssProxyUser::getProxyUserName).collect(Collectors.toList());
return Message.ok().data("userNames", proxyUsernames);
}

@PostMapping("/revokeProxyUser")
public Message revokeProxyUser(HttpServletRequest httpServletRequest,
@RequestParam("userName")String userName,
@RequestParam(required = false, name = "proxyUserNames" )String[] proxyUserNames){
String token = ModuleUserUtils.getToken(httpServletRequest);
if (StringUtils.isNotBlank(token)) {
if(!token.equals(HPMS_USER_TOKEN)){
return Message.error("Token:" + token + " has no permission to revoke proxyUser.");
}
}else {
return Message.error("User:" + userName + " has no permission to revoke proxyUser.");
}
dssProxyUserService.revokeProxyUser(userName,proxyUserNames);
AuditLogUtils.printLog(userName,null, null, TargetTypeEnum.WORKSPACE_ROLE,null,
"deleteProxyUser", OperateTypeEnum.DELETE,"userName:" + userName + " ,proxyUserNames:" + Arrays.toString(proxyUserNames));
return Message.ok();
}
}
1 change: 1 addition & 0 deletions ...rc/main/java/com/webank/wedatasphere/dss/framework/proxy/service/DssProxyUserService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,5 +36,6 @@ default String getProxyUser(HttpServletRequest request) throws DSSProxyUserError
return proxyUser.get();
}

void revokeProxyUser(String userName, String[] proxyUserNames);

}
2 changes: 1 addition & 1 deletion ...java/com/webank/wedatasphere/dss/framework/workspace/restful/DSSWorkspaceUserRestful.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@
import java.util.Map;
import java.util.stream.Collectors;

import static com.webank.wedatasphere.dss.framework.admin.conf.AdminConf.HPMS_USER_TOKEN;
import static com.webank.wedatasphere.dss.framework.common.conf.TokenConf.HPMS_USER_TOKEN;
import static com.webank.wedatasphere.dss.framework.workspace.util.DSSWorkspaceConstant.WORKSPACE_ID_STR;


Expand Down

0 comments on commit 4829c68

Please sign in to comment.