#9733

pending completion

Build # #9733

Build Type

push

travis_ci

Committed by

web-flow

Commit Message

[To rel/1.2] Add compression and encoding type check for FastCompactionPerformer (#10712)

Run Details

32 of 32 new or added lines in 4 files covered. (100.0%)

79232 of 165563 relevant lines covered (47.86%)

0.48 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

64.83

/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/utils/AuthUtils.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.iotdb.commons.utils;

import org.apache.iotdb.commons.auth.AuthException;
import org.apache.iotdb.commons.auth.entity.PathPrivilege;
import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.conf.CommonDescriptor;
import org.apache.iotdb.commons.conf.IoTDBConstant;
import org.apache.iotdb.commons.exception.MetadataException;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.commons.path.PathDeserializeUtil;
import org.apache.iotdb.commons.security.encrypt.AsymmetricEncryptFactory;
import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
import org.apache.iotdb.confignode.rpc.thrift.TRoleResp;
import org.apache.iotdb.confignode.rpc.thrift.TUserResp;
import org.apache.iotdb.rpc.TSStatusCode;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

public class AuthUtils {
  private static final Logger logger = LoggerFactory.getLogger(AuthUtils.class);
  private static final String ROOT_PREFIX = IoTDBConstant.PATH_ROOT;
  public static PartialPath ROOT_PATH_PRIVILEGE_PATH;
  private static final int MIN_PASSWORD_LENGTH = 4;
  private static final int MIN_USERNAME_LENGTH = 4;
  private static final int MIN_ROLENAME_LENGTH = 4;

  static {
    try {
      ROOT_PATH_PRIVILEGE_PATH =
          new PartialPath(
              IoTDBConstant.PATH_ROOT
                  + IoTDBConstant.PATH_SEPARATOR
                  + IoTDBConstant.MULTI_LEVEL_PATH_WILDCARD);
    } catch (MetadataException e) {
      // do nothing
    }
  }

  private AuthUtils() {
    // Empty constructor
  }

  /**
   * Validate password
   *
   * @param password user password
   * @throws AuthException contains message why password is invalid
   */
  public static void validatePassword(String password) throws AuthException {
    if (password.length() < MIN_PASSWORD_LENGTH) {
      throw new AuthException(
          TSStatusCode.ILLEGAL_PARAMETER,
          "Password's size must be greater than or equal to " + MIN_PASSWORD_LENGTH);
    }
    if (password.contains(" ")) {
      throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password cannot contain spaces");
    }
  }

  /**
   * Checking whether origin password is mapping to encrypt password by encryption
   *
   * @param originPassword the password before encryption
   * @param encryptPassword the password after encryption
   */
  public static boolean validatePassword(String originPassword, String encryptPassword) {
    return AsymmetricEncryptFactory.getEncryptProvider(
            CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(),
            CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter())
        .validate(originPassword, encryptPassword);
  }

  /**
   * Validate username
   *
   * @param username username
   * @throws AuthException contains message why username is invalid
   */
  public static void validateUsername(String username) throws AuthException {
    if (username.length() < MIN_USERNAME_LENGTH) {
      throw new AuthException(
          TSStatusCode.ILLEGAL_PARAMETER,
          "Username's size must be greater than or equal to " + MIN_USERNAME_LENGTH);
    }
    if (username.contains(" ")) {
      throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username cannot contain spaces");
    }
  }

  /**
   * Validate role name
   *
   * @param rolename role name
   * @throws AuthException contains message why rolename is invalid
   */
  public static void validateRolename(String rolename) throws AuthException {
    if (rolename.length() < MIN_ROLENAME_LENGTH) {
      throw new AuthException(
          TSStatusCode.ILLEGAL_PARAMETER,
          "Role name's size must be greater than or equal to " + MIN_ROLENAME_LENGTH);
    }
    if (rolename.contains(" ")) {
      throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name cannot contain spaces");
    }
  }

  /**
   * Validate privilege
   *
   * @param privilegeId privilege ID
   * @throws AuthException contains message why privilege is invalid
   */
  public static void validatePrivilege(int privilegeId) throws AuthException {
    if (privilegeId < 0 || privilegeId >= PrivilegeType.values().length) {
      throw new AuthException(
          TSStatusCode.ILLEGAL_PARAMETER, String.format("Invalid privilegeId %d", privilegeId));
    }
  }

  /**
   * Validate path
   *
   * @param path series path
   * @throws AuthException contains message why path is invalid
   */
  public static void validatePath(PartialPath path) throws AuthException {
    if (!path.getFirstNode().equals(ROOT_PREFIX)) {
      throw new AuthException(
          TSStatusCode.ILLEGAL_PARAMETER,
          String.format(
              "Illegal seriesPath %s, seriesPath should start with \"%s\"", path, ROOT_PREFIX));
    }
  }

  /**
   * Validate privilege on path
   *
   * @param path the path of privilege
   * @param privilegeId privilege Id
   * @throws AuthException contains message why path is invalid
   */
  public static void validatePrivilegeOnPath(PartialPath path, int privilegeId)
      throws AuthException {
    validatePrivilege(privilegeId);
    PrivilegeType type = PrivilegeType.values()[privilegeId];
    if (!path.equals(ROOT_PATH_PRIVILEGE_PATH)) {
      validatePath(path);
      switch (type) {
        case READ_TIMESERIES:
        case CREATE_DATABASE:
        case DELETE_DATABASE:
        case CREATE_TIMESERIES:
        case DELETE_TIMESERIES:
        case INSERT_TIMESERIES:
        case ALTER_TIMESERIES:
        case CREATE_TRIGGER:
        case DROP_TRIGGER:
        case START_TRIGGER:
        case STOP_TRIGGER:
        case APPLY_TEMPLATE:
        case CREATE_VIEW:
        case ALTER_VIEW:
        case RENAME_VIEW:
        case DELETE_VIEW:
          return;
        default:
          throw new AuthException(
              TSStatusCode.UNKNOWN_AUTH_PRIVILEGE,
              String.format("Illegal privilege %s on seriesPath %s", type, path));
      }
    } else {
      switch (type) {
        case READ_TIMESERIES:
        case CREATE_DATABASE:
        case DELETE_DATABASE:
        case CREATE_TIMESERIES:
        case DELETE_TIMESERIES:
        case INSERT_TIMESERIES:
        case ALTER_TIMESERIES:
        case CREATE_VIEW:
        case ALTER_VIEW:
        case RENAME_VIEW:
        case DELETE_VIEW:
          validatePath(path);
          return;
        default:
          return;
      }
    }
  }

  /**
   * Encrypt password
   *
   * @param password password
   * @return encrypted password if success
   */
  public static String encryptPassword(String password) {
    return AsymmetricEncryptFactory.getEncryptProvider(
            CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(),
            CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter())
        .encrypt(password);
  }

  /**
   * Check privilege
   *
   * @param path series path
   * @param privilegeId privilege Id
   * @param privilegeList privileges in List structure
   * @exception AuthException throw if path is invalid or path in privilege is invalid
   * @return True if privilege-check passed
   */
  public static boolean checkPrivilege(
      PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) throws AuthException {
    if (privilegeList == null) {
      return false;
    }
    for (PathPrivilege pathPrivilege : privilegeList) {
      if (path != null) {
        if (pathPrivilege.getPath() != null
            && pathPrivilege.getPath().matchFullPath(path)
            && pathPrivilege.getPrivileges().contains(privilegeId)) {
          return true;
        }
      } else {
        if (pathPrivilege.getPath() == null
            && pathPrivilege.getPrivileges().contains(privilegeId)) {
          return true;
        }
      }
    }
    return false;
  }

  /**
   * Get privileges
   *
   * @param path The seriesPath on which the privileges take effect. If seriesPath-free privileges
   *     are desired, this should be null
   * @exception AuthException throw if path is invalid or path in privilege is invalid
   * @return The privileges granted to the role
   */
  public static Set<Integer> getPrivileges(PartialPath path, List<PathPrivilege> privilegeList)
      throws AuthException {
    if (privilegeList == null) {
      return new HashSet<>();
    }
    Set<Integer> privileges = new HashSet<>();
    for (PathPrivilege pathPrivilege : privilegeList) {
      if (path != null) {
        if (pathPrivilege.getPath() != null && pathPrivilege.getPath().matchFullPath(path)) {
          privileges.addAll(pathPrivilege.getPrivileges());
        }
      } else {
        if (pathPrivilege.getPath() == null) {
          privileges.addAll(pathPrivilege.getPrivileges());
        }
      }
    }
    return privileges;
  }

  /**
   * Check if series path has this privilege
   *
   * @param path series path
   * @param privilegeId privilege Id
   * @param privilegeList privileges in List structure
   * @return True if series path has this privilege
   */
  public static boolean hasPrivilege(
      PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
    for (PathPrivilege pathPrivilege : privilegeList) {
      if (pathPrivilege.getPath().equals(path)
          && pathPrivilege.getPrivileges().contains(privilegeId)) {
        pathPrivilege.getReferenceCnt().incrementAndGet();
        return true;
      }
    }
    return false;
  }

  /**
   * Add privilege
   *
   * @param path series path
   * @param privilegeId privilege Id
   * @param privilegeList privileges in List structure of user or role
   */
  public static void addPrivilege(
      PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
    PathPrivilege targetPathPrivilege = null;
    // check PathPrivilege of target path is already existed
    for (PathPrivilege pathPrivilege : privilegeList) {
      if (pathPrivilege.getPath().equals(path)) {
        targetPathPrivilege = pathPrivilege;
        break;
      }
    }
    // if not, then create new PathPrivilege
    if (targetPathPrivilege == null) {
      targetPathPrivilege = new PathPrivilege(path);
      privilegeList.add(targetPathPrivilege);
    }
    // add privilegeId into targetPathPrivilege
    if (privilegeId != PrivilegeType.ALL.ordinal()) {
      targetPathPrivilege.getPrivileges().add(privilegeId);
    } else {
      for (PrivilegeType privilegeType : PrivilegeType.values()) {
        targetPathPrivilege.getPrivileges().add(privilegeType.ordinal());
      }
    }
  }

  /**
   * Remove privilege
   *
   * @param path series path
   * @param privilegeId privilege Id
   * @param privilegeList privileges in List structure of user or role
   */
  public static void removePrivilege(
      PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
    PathPrivilege targetPathPrivilege = null;
    for (PathPrivilege pathPrivilege : privilegeList) {
      if (pathPrivilege.getPath().equals(path)) {
        targetPathPrivilege = pathPrivilege;
        break;
      }
    }
    if (targetPathPrivilege != null) {
      if (privilegeId == PrivilegeType.ALL.ordinal()) {
        // remove all privileges on target path
        privilegeList.remove(targetPathPrivilege);
      } else {
        // remove privilege on target path
        targetPathPrivilege.getPrivileges().remove(privilegeId);
        if (targetPathPrivilege.getPrivileges().isEmpty()) {
          privilegeList.remove(targetPathPrivilege);
        }
      }
    }
  }

  /** Generate empty permission response when failed */
  public static TPermissionInfoResp generateEmptyPermissionInfoResp() {
    TPermissionInfoResp permissionInfoResp = new TPermissionInfoResp();
    permissionInfoResp.setUserInfo(
        new TUserResp("", "", new ArrayList<>(), new ArrayList<>(), false));
    Map<String, TRoleResp> roleInfo = new HashMap<>();
    roleInfo.put("", new TRoleResp("", new ArrayList<>()));
    permissionInfoResp.setRoleInfo(roleInfo);
    return permissionInfoResp;
  }

  /**
   * Transform permission from name to privilegeId
   *
   * @param authorizationList the list of privilege name
   * @return the list of privilege Ids
   * @throws AuthException throws if there are no privilege matched
   */
  public static Set<Integer> strToPermissions(String[] authorizationList) throws AuthException {
    Set<Integer> result = new HashSet<>();
    if (authorizationList == null) {
      return result;
    }
    PrivilegeType[] types = PrivilegeType.values();
    for (String authorization : authorizationList) {
      boolean legal = false;
      if ("SET_STORAGE_GROUP".equalsIgnoreCase(authorization)) {
        authorization = PrivilegeType.CREATE_DATABASE.name();
      }
      if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(authorization)) {
        authorization = PrivilegeType.DELETE_DATABASE.name();
      }
      for (PrivilegeType privilegeType : types) {
        if (authorization.equalsIgnoreCase(privilegeType.name())) {
          result.add(privilegeType.ordinal());
          legal = true;
          break;
        }
      }
      if (!legal) {
        throw new AuthException(
            TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, "No such privilege " + authorization);
      }
    }
    return result;
  }

  public static ByteBuffer serializePartialPathList(List<PartialPath> paths) {
    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
    DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);

    try {
      dataOutputStream.writeInt(paths.size());
      for (PartialPath path : paths) {
        path.serialize(dataOutputStream);
      }
    } catch (IOException e) {
      logger.error("Failed to serialize PartialPath list", e);
    }
    return ByteBuffer.wrap(byteArrayOutputStream.toByteArray());
  }

  public static List<PartialPath> deserializePartialPathList(ByteBuffer buffer) {
    int size = buffer.getInt();
    List<PartialPath> paths = new ArrayList<>();
    for (int i = 0; i < size; i++) {
      paths.add((PartialPath) PathDeserializeUtil.deserialize(buffer));
    }
    return paths;
  }
}

1	/*
2	* Licensed to the Apache Software Foundation (ASF) under one
3	* or more contributor license agreements. See the NOTICE file
4	* distributed with this work for additional information
5	* regarding copyright ownership. The ASF licenses this file
6	* to you under the Apache License, Version 2.0 (the
7	* "License"); you may not use this file except in compliance
8	* with the License. You may obtain a copy of the License at
9	*
10	* http://www.apache.org/licenses/LICENSE-2.0
11	*
12	* Unless required by applicable law or agreed to in writing,
13	* software distributed under the License is distributed on an
14	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15	* KIND, either express or implied. See the License for the
16	* specific language governing permissions and limitations
17	* under the License.
18	*/
19	package org.apache.iotdb.commons.utils;
20
21	import org.apache.iotdb.commons.auth.AuthException;
22	import org.apache.iotdb.commons.auth.entity.PathPrivilege;
23	import org.apache.iotdb.commons.auth.entity.PrivilegeType;
24	import org.apache.iotdb.commons.conf.CommonDescriptor;
25	import org.apache.iotdb.commons.conf.IoTDBConstant;
26	import org.apache.iotdb.commons.exception.MetadataException;
27	import org.apache.iotdb.commons.path.PartialPath;
28	import org.apache.iotdb.commons.path.PathDeserializeUtil;
29	import org.apache.iotdb.commons.security.encrypt.AsymmetricEncryptFactory;
30	import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp;
31	import org.apache.iotdb.confignode.rpc.thrift.TRoleResp;
32	import org.apache.iotdb.confignode.rpc.thrift.TUserResp;
33	import org.apache.iotdb.rpc.TSStatusCode;
34
35	import org.slf4j.Logger;
36	import org.slf4j.LoggerFactory;
37
38	import java.io.ByteArrayOutputStream;
39	import java.io.DataOutputStream;
40	import java.io.IOException;
41	import java.nio.ByteBuffer;
42	import java.util.ArrayList;
43	import java.util.HashMap;
44	import java.util.HashSet;
45	import java.util.List;
46	import java.util.Map;
47	import java.util.Set;
48
49	public class AuthUtils {
50	private static final Logger logger = LoggerFactory.getLogger(AuthUtils.class);	1✔
51	private static final String ROOT_PREFIX = IoTDBConstant.PATH_ROOT;
52	public static PartialPath ROOT_PATH_PRIVILEGE_PATH;
53	private static final int MIN_PASSWORD_LENGTH = 4;
54	private static final int MIN_USERNAME_LENGTH = 4;
55	private static final int MIN_ROLENAME_LENGTH = 4;
56
57	static {
58	try {
59	ROOT_PATH_PRIVILEGE_PATH =	1✔
60	new PartialPath(
61	IoTDBConstant.PATH_ROOT
62	+ IoTDBConstant.PATH_SEPARATOR
63	+ IoTDBConstant.MULTI_LEVEL_PATH_WILDCARD);
64	} catch (MetadataException e) {	×
65	// do nothing
66	}	1✔
67	}	1✔
68
69	private AuthUtils() {
70	// Empty constructor
71	}
72
73	/**
74	* Validate password
75	*
76	* @param password user password
77	* @throws AuthException contains message why password is invalid
78	*/
79	public static void validatePassword(String password) throws AuthException {
80	if (password.length() < MIN_PASSWORD_LENGTH) {	1✔
81	throw new AuthException(	1✔
82	TSStatusCode.ILLEGAL_PARAMETER,
83	"Password's size must be greater than or equal to " + MIN_PASSWORD_LENGTH);
84	}
85	if (password.contains(" ")) {	1✔
86	throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Password cannot contain spaces");	1✔
87	}
88	}	1✔
89
90	/**
91	* Checking whether origin password is mapping to encrypt password by encryption
92	*
93	* @param originPassword the password before encryption
94	* @param encryptPassword the password after encryption
95	*/
96	public static boolean validatePassword(String originPassword, String encryptPassword) {
97	return AsymmetricEncryptFactory.getEncryptProvider(	1✔
98	CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(),	1✔
99	CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter())	1✔
100	.validate(originPassword, encryptPassword);	1✔
101	}
102
103	/**
104	* Validate username
105	*
106	* @param username username
107	* @throws AuthException contains message why username is invalid
108	*/
109	public static void validateUsername(String username) throws AuthException {
110	if (username.length() < MIN_USERNAME_LENGTH) {	1✔
111	throw new AuthException(	1✔
112	TSStatusCode.ILLEGAL_PARAMETER,
113	"Username's size must be greater than or equal to " + MIN_USERNAME_LENGTH);
114	}
115	if (username.contains(" ")) {	1✔
116	throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Username cannot contain spaces");	1✔
117	}
118	}	1✔
119
120	/**
121	* Validate role name
122	*
123	* @param rolename role name
124	* @throws AuthException contains message why rolename is invalid
125	*/
126	public static void validateRolename(String rolename) throws AuthException {
127	if (rolename.length() < MIN_ROLENAME_LENGTH) {	1✔
128	throw new AuthException(	1✔
129	TSStatusCode.ILLEGAL_PARAMETER,
130	"Role name's size must be greater than or equal to " + MIN_ROLENAME_LENGTH);
131	}
132	if (rolename.contains(" ")) {	1✔
133	throw new AuthException(TSStatusCode.ILLEGAL_PARAMETER, "Role name cannot contain spaces");	1✔
134	}
135	}	1✔
136
137	/**
138	* Validate privilege
139	*
140	* @param privilegeId privilege ID
141	* @throws AuthException contains message why privilege is invalid
142	*/
143	public static void validatePrivilege(int privilegeId) throws AuthException {
144	if (privilegeId < 0 \|\| privilegeId >= PrivilegeType.values().length) {	1✔
145	throw new AuthException(	1✔
146	TSStatusCode.ILLEGAL_PARAMETER, String.format("Invalid privilegeId %d", privilegeId));	1✔
147	}
148	}	1✔
149
150	/**
151	* Validate path
152	*
153	* @param path series path
154	* @throws AuthException contains message why path is invalid
155	*/
156	public static void validatePath(PartialPath path) throws AuthException {
157	if (!path.getFirstNode().equals(ROOT_PREFIX)) {	1✔
158	throw new AuthException(	×
159	TSStatusCode.ILLEGAL_PARAMETER,
160	String.format(	×
161	"Illegal seriesPath %s, seriesPath should start with \"%s\"", path, ROOT_PREFIX));
162	}
163	}	1✔
164
165	/**
166	* Validate privilege on path
167	*
168	* @param path the path of privilege
169	* @param privilegeId privilege Id
170	* @throws AuthException contains message why path is invalid
171	*/
172	public static void validatePrivilegeOnPath(PartialPath path, int privilegeId)
173	throws AuthException {
174	validatePrivilege(privilegeId);	1✔
175	PrivilegeType type = PrivilegeType.values()[privilegeId];	1✔
176	if (!path.equals(ROOT_PATH_PRIVILEGE_PATH)) {	1✔
177	validatePath(path);	1✔
178	switch (type) {	1✔
179	case READ_TIMESERIES:
180	case CREATE_DATABASE:
181	case DELETE_DATABASE:
182	case CREATE_TIMESERIES:
183	case DELETE_TIMESERIES:
184	case INSERT_TIMESERIES:
185	case ALTER_TIMESERIES:
186	case CREATE_TRIGGER:
187	case DROP_TRIGGER:
188	case START_TRIGGER:
189	case STOP_TRIGGER:
190	case APPLY_TEMPLATE:
191	case CREATE_VIEW:
192	case ALTER_VIEW:
193	case RENAME_VIEW:
194	case DELETE_VIEW:
195	return;	1✔
196	default:
197	throw new AuthException(	×
198	TSStatusCode.UNKNOWN_AUTH_PRIVILEGE,
199	String.format("Illegal privilege %s on seriesPath %s", type, path));	×
200	}
201	} else {
202	switch (type) {	1✔
203	case READ_TIMESERIES:
204	case CREATE_DATABASE:
205	case DELETE_DATABASE:
206	case CREATE_TIMESERIES:
207	case DELETE_TIMESERIES:
208	case INSERT_TIMESERIES:
209	case ALTER_TIMESERIES:
210	case CREATE_VIEW:
211	case ALTER_VIEW:
212	case RENAME_VIEW:
213	case DELETE_VIEW:
214	validatePath(path);	×
215	return;	×
216	default:
217	return;	1✔
218	}
219	}
220	}
221
222	/**
223	* Encrypt password
224	*
225	* @param password password
226	* @return encrypted password if success
227	*/
228	public static String encryptPassword(String password) {
229	return AsymmetricEncryptFactory.getEncryptProvider(	1✔
230	CommonDescriptor.getInstance().getConfig().getEncryptDecryptProvider(),	1✔
231	CommonDescriptor.getInstance().getConfig().getEncryptDecryptProviderParameter())	1✔
232	.encrypt(password);	1✔
233	}
234
235	/**
236	* Check privilege
237	*
238	* @param path series path
239	* @param privilegeId privilege Id
240	* @param privilegeList privileges in List structure
241	* @exception AuthException throw if path is invalid or path in privilege is invalid
242	* @return True if privilege-check passed
243	*/
244	public static boolean checkPrivilege(
245	PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) throws AuthException {
246	if (privilegeList == null) {	1✔
247	return false;	×
248	}
249	for (PathPrivilege pathPrivilege : privilegeList) {	1✔
250	if (path != null) {	1✔
251	if (pathPrivilege.getPath() != null	1✔
252	&& pathPrivilege.getPath().matchFullPath(path)	1✔
253	&& pathPrivilege.getPrivileges().contains(privilegeId)) {	1✔
254	return true;	1✔
255	}
256	} else {
257	if (pathPrivilege.getPath() == null	×
258	&& pathPrivilege.getPrivileges().contains(privilegeId)) {	×
259	return true;	×
260	}
261	}
262	}	1✔
263	return false;	1✔
264	}
265
266	/**
267	* Get privileges
268	*
269	* @param path The seriesPath on which the privileges take effect. If seriesPath-free privileges
270	* are desired, this should be null
271	* @exception AuthException throw if path is invalid or path in privilege is invalid
272	* @return The privileges granted to the role
273	*/
274	public static Set<Integer> getPrivileges(PartialPath path, List<PathPrivilege> privilegeList)
275	throws AuthException {
276	if (privilegeList == null) {	1✔
277	return new HashSet<>();	×
278	}
279	Set<Integer> privileges = new HashSet<>();	1✔
280	for (PathPrivilege pathPrivilege : privilegeList) {	1✔
281	if (path != null) {	1✔
282	if (pathPrivilege.getPath() != null && pathPrivilege.getPath().matchFullPath(path)) {	1✔
283	privileges.addAll(pathPrivilege.getPrivileges());	1✔
284	}
285	} else {
286	if (pathPrivilege.getPath() == null) {	×
287	privileges.addAll(pathPrivilege.getPrivileges());	×
288	}
289	}
290	}	1✔
291	return privileges;	1✔
292	}
293
294	/**
295	* Check if series path has this privilege
296	*
297	* @param path series path
298	* @param privilegeId privilege Id
299	* @param privilegeList privileges in List structure
300	* @return True if series path has this privilege
301	*/
302	public static boolean hasPrivilege(
303	PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
304	for (PathPrivilege pathPrivilege : privilegeList) {	1✔
305	if (pathPrivilege.getPath().equals(path)	1✔
306	&& pathPrivilege.getPrivileges().contains(privilegeId)) {	1✔
307	pathPrivilege.getReferenceCnt().incrementAndGet();	1✔
308	return true;	1✔
309	}
310	}	1✔
311	return false;	1✔
312	}
313
314	/**
315	* Add privilege
316	*
317	* @param path series path
318	* @param privilegeId privilege Id
319	* @param privilegeList privileges in List structure of user or role
320	*/
321	public static void addPrivilege(
322	PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
323	PathPrivilege targetPathPrivilege = null;	1✔
324	// check PathPrivilege of target path is already existed
325	for (PathPrivilege pathPrivilege : privilegeList) {	1✔
326	if (pathPrivilege.getPath().equals(path)) {	1✔
327	targetPathPrivilege = pathPrivilege;	1✔
328	break;	1✔
329	}
330	}	1✔
331	// if not, then create new PathPrivilege
332	if (targetPathPrivilege == null) {	1✔
333	targetPathPrivilege = new PathPrivilege(path);	1✔
334	privilegeList.add(targetPathPrivilege);	1✔
335	}
336	// add privilegeId into targetPathPrivilege
337	if (privilegeId != PrivilegeType.ALL.ordinal()) {	1✔
338	targetPathPrivilege.getPrivileges().add(privilegeId);	1✔
339	} else {
340	for (PrivilegeType privilegeType : PrivilegeType.values()) {	×
341	targetPathPrivilege.getPrivileges().add(privilegeType.ordinal());	×
342	}
343	}
344	}	1✔
345
346	/**
347	* Remove privilege
348	*
349	* @param path series path
350	* @param privilegeId privilege Id
351	* @param privilegeList privileges in List structure of user or role
352	*/
353	public static void removePrivilege(
354	PartialPath path, int privilegeId, List<PathPrivilege> privilegeList) {
355	PathPrivilege targetPathPrivilege = null;	1✔
356	for (PathPrivilege pathPrivilege : privilegeList) {	1✔
357	if (pathPrivilege.getPath().equals(path)) {	1✔
358	targetPathPrivilege = pathPrivilege;	1✔
359	break;	1✔
360	}
361	}	×
362	if (targetPathPrivilege != null) {	1✔
363	if (privilegeId == PrivilegeType.ALL.ordinal()) {	1✔
364	// remove all privileges on target path
365	privilegeList.remove(targetPathPrivilege);	×
366	} else {
367	// remove privilege on target path
368	targetPathPrivilege.getPrivileges().remove(privilegeId);	1✔
369	if (targetPathPrivilege.getPrivileges().isEmpty()) {	1✔
370	privilegeList.remove(targetPathPrivilege);	1✔
371	}
372	}
373	}
374	}	1✔
375
376	/** Generate empty permission response when failed */
377	public static TPermissionInfoResp generateEmptyPermissionInfoResp() {
378	TPermissionInfoResp permissionInfoResp = new TPermissionInfoResp();	1✔
379	permissionInfoResp.setUserInfo(	1✔
380	new TUserResp("", "", new ArrayList<>(), new ArrayList<>(), false));
381	Map<String, TRoleResp> roleInfo = new HashMap<>();	1✔
382	roleInfo.put("", new TRoleResp("", new ArrayList<>()));	1✔
383	permissionInfoResp.setRoleInfo(roleInfo);	1✔
384	return permissionInfoResp;	1✔
385	}
386
387	/**
388	* Transform permission from name to privilegeId
389	*
390	* @param authorizationList the list of privilege name
391	* @return the list of privilege Ids
392	* @throws AuthException throws if there are no privilege matched
393	*/
394	public static Set<Integer> strToPermissions(String[] authorizationList) throws AuthException {
395	Set<Integer> result = new HashSet<>();	×
396	if (authorizationList == null) {	×
397	return result;	×
398	}
399	PrivilegeType[] types = PrivilegeType.values();	×
400	for (String authorization : authorizationList) {	×
401	boolean legal = false;	×
402	if ("SET_STORAGE_GROUP".equalsIgnoreCase(authorization)) {	×
403	authorization = PrivilegeType.CREATE_DATABASE.name();	×
404	}
405	if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(authorization)) {	×
406	authorization = PrivilegeType.DELETE_DATABASE.name();	×
407	}
408	for (PrivilegeType privilegeType : types) {	×
409	if (authorization.equalsIgnoreCase(privilegeType.name())) {	×
410	result.add(privilegeType.ordinal());	×
411	legal = true;	×
412	break;	×
413	}
414	}
415	if (!legal) {	×
416	throw new AuthException(	×
417	TSStatusCode.UNKNOWN_AUTH_PRIVILEGE, "No such privilege " + authorization);
418	}
419	}
420	return result;	×
421	}
422
423	public static ByteBuffer serializePartialPathList(List<PartialPath> paths) {
424	ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();	×
425	DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);	×
426
427	try {
428	dataOutputStream.writeInt(paths.size());	×
429	for (PartialPath path : paths) {	×
430	path.serialize(dataOutputStream);	×
431	}	×
432	} catch (IOException e) {	×
433	logger.error("Failed to serialize PartialPath list", e);	×
434	}	×
435	return ByteBuffer.wrap(byteArrayOutputStream.toByteArray());	×
436	}
437
438	public static List<PartialPath> deserializePartialPathList(ByteBuffer buffer) {
439	int size = buffer.getInt();	×
440	List<PartialPath> paths = new ArrayList<>();	×
441	for (int i = 0; i < size; i++) {	×
442	paths.add((PartialPath) PathDeserializeUtil.deserialize(buffer));	×
443	}
444	return paths;	×
445	}
446	}

apache / iotdb / #9733

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous