Search in sources :

Example 31 with Secured

use of com.alibaba.nacos.auth.annotation.Secured in project nacos by alibaba.

the class ConfigController method importAndPublishConfig.

/**
 * Execute import and publish config operation.
 *
 * @param request   http servlet request .
 * @param srcUser   src user string value.
 * @param namespace namespace string value.
 * @param policy    policy model.
 * @param file      MultipartFile.
 * @return RestResult Map.
 * @throws NacosException NacosException.
 */
@PostMapping(params = "import=true")
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG)
public RestResult<Map<String, Object>> importAndPublishConfig(HttpServletRequest request, @RequestParam(value = "src_user", required = false) String srcUser, @RequestParam(value = "namespace", required = false) String namespace, @RequestParam(value = "policy", defaultValue = "ABORT") SameConfigPolicy policy, MultipartFile file) throws NacosException {
    Map<String, Object> failedData = new HashMap<>(4);
    if (Objects.isNull(file)) {
        return RestResultUtils.buildResult(ResultCodeEnum.DATA_EMPTY, failedData);
    }
    namespace = NamespaceUtil.processNamespaceParameter(namespace);
    if (StringUtils.isNotBlank(namespace) && persistService.tenantInfoCountByTenantId(namespace) <= 0) {
        failedData.put("succCount", 0);
        return RestResultUtils.buildResult(ResultCodeEnum.NAMESPACE_NOT_EXIST, failedData);
    }
    List<ConfigAllInfo> configInfoList = new ArrayList<>();
    List<Map<String, String>> unrecognizedList = new ArrayList<>();
    try {
        ZipUtils.UnZipResult unziped = ZipUtils.unzip(file.getBytes());
        ZipUtils.ZipItem metaDataZipItem = unziped.getMetaDataItem();
        RestResult<Map<String, Object>> errorResult;
        if (metaDataZipItem != null && Constants.CONFIG_EXPORT_METADATA_NEW.equals(metaDataZipItem.getItemName())) {
            // new export
            errorResult = parseImportDataV2(unziped, configInfoList, unrecognizedList, namespace);
        } else {
            errorResult = parseImportData(unziped, configInfoList, unrecognizedList, namespace);
        }
        if (errorResult != null) {
            return errorResult;
        }
    } catch (IOException e) {
        failedData.put("succCount", 0);
        LOGGER.error("parsing data failed", e);
        return RestResultUtils.buildResult(ResultCodeEnum.PARSING_DATA_FAILED, failedData);
    }
    if (CollectionUtils.isEmpty(configInfoList)) {
        failedData.put("succCount", 0);
        return RestResultUtils.buildResult(ResultCodeEnum.DATA_EMPTY, failedData);
    }
    final String srcIp = RequestUtil.getRemoteIp(request);
    String requestIpApp = RequestUtil.getAppName(request);
    final Timestamp time = TimeUtils.getCurrentTime();
    Map<String, Object> saveResult = persistService.batchInsertOrUpdate(configInfoList, srcUser, srcIp, null, time, false, policy);
    for (ConfigInfo configInfo : configInfoList) {
        ConfigChangePublisher.notifyConfigChange(new ConfigDataChangeEvent(false, configInfo.getDataId(), configInfo.getGroup(), configInfo.getTenant(), time.getTime()));
        ConfigTraceService.logPersistenceEvent(configInfo.getDataId(), configInfo.getGroup(), configInfo.getTenant(), requestIpApp, time.getTime(), InetUtils.getSelfIP(), ConfigTraceService.PERSISTENCE_EVENT_PUB, configInfo.getContent());
    }
    // unrecognizedCount
    if (!unrecognizedList.isEmpty()) {
        saveResult.put("unrecognizedCount", unrecognizedList.size());
        saveResult.put("unrecognizedData", unrecognizedList);
    }
    return RestResultUtils.success("导入成功", saveResult);
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) ZipUtils(com.alibaba.nacos.config.server.utils.ZipUtils) IOException(java.io.IOException) ConfigInfo(com.alibaba.nacos.config.server.model.ConfigInfo) Timestamp(java.sql.Timestamp) ConfigAllInfo(com.alibaba.nacos.config.server.model.ConfigAllInfo) ConfigDataChangeEvent(com.alibaba.nacos.config.server.model.event.ConfigDataChangeEvent) Map(java.util.Map) HashMap(java.util.HashMap) PostMapping(org.springframework.web.bind.annotation.PostMapping) Secured(com.alibaba.nacos.auth.annotation.Secured)

Example 32 with Secured

use of com.alibaba.nacos.auth.annotation.Secured in project nacos by alibaba.

the class ConfigController method publishConfig.

/**
 * Adds or updates non-aggregated data.
 *
 * @throws NacosException NacosException.
 */
@PostMapping
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG)
public Boolean publishConfig(HttpServletRequest request, @RequestParam(value = "dataId") String dataId, @RequestParam(value = "group") String group, @RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant, @RequestParam(value = "content") String content, @RequestParam(value = "tag", required = false) String tag, @RequestParam(value = "appName", required = false) String appName, @RequestParam(value = "src_user", required = false) String srcUser, @RequestParam(value = "config_tags", required = false) String configTags, @RequestParam(value = "desc", required = false) String desc, @RequestParam(value = "use", required = false) String use, @RequestParam(value = "effect", required = false) String effect, @RequestParam(value = "type", required = false) String type, @RequestParam(value = "schema", required = false) String schema) throws NacosException {
    final String srcIp = RequestUtil.getRemoteIp(request);
    final String requestIpApp = RequestUtil.getAppName(request);
    if (StringUtils.isBlank(srcUser)) {
        srcUser = RequestUtil.getSrcUserName(request);
    }
    // check type
    if (!ConfigType.isValidType(type)) {
        type = ConfigType.getDefaultType().getType();
    }
    // encrypted
    Pair<String, String> pair = EncryptionHandler.encryptHandler(dataId, content);
    content = pair.getSecond();
    // check tenant
    ParamUtils.checkTenant(tenant);
    ParamUtils.checkParam(dataId, group, "datumId", content);
    ParamUtils.checkParam(tag);
    Map<String, Object> configAdvanceInfo = new HashMap<>(10);
    MapUtil.putIfValNoNull(configAdvanceInfo, "config_tags", configTags);
    MapUtil.putIfValNoNull(configAdvanceInfo, "desc", desc);
    MapUtil.putIfValNoNull(configAdvanceInfo, "use", use);
    MapUtil.putIfValNoNull(configAdvanceInfo, "effect", effect);
    MapUtil.putIfValNoNull(configAdvanceInfo, "type", type);
    MapUtil.putIfValNoNull(configAdvanceInfo, "schema", schema);
    ParamUtils.checkParam(configAdvanceInfo);
    if (AggrWhitelist.isAggrDataId(dataId)) {
        LOGGER.warn("[aggr-conflict] {} attempt to publish single data, {}, {}", RequestUtil.getRemoteIp(request), dataId, group);
        throw new NacosException(NacosException.NO_RIGHT, "dataId:" + dataId + " is aggr");
    }
    final Timestamp time = TimeUtils.getCurrentTime();
    String betaIps = request.getHeader("betaIps");
    ConfigInfo configInfo = new ConfigInfo(dataId, group, tenant, appName, content);
    configInfo.setType(type);
    String encryptedDataKey = pair.getFirst();
    configInfo.setEncryptedDataKey(encryptedDataKey);
    if (StringUtils.isBlank(betaIps)) {
        if (StringUtils.isBlank(tag)) {
            persistService.insertOrUpdate(srcIp, srcUser, configInfo, time, configAdvanceInfo, false);
            ConfigChangePublisher.notifyConfigChange(new ConfigDataChangeEvent(false, dataId, group, tenant, time.getTime()));
        } else {
            persistService.insertOrUpdateTag(configInfo, tag, srcIp, srcUser, time, false);
            ConfigChangePublisher.notifyConfigChange(new ConfigDataChangeEvent(false, dataId, group, tenant, tag, time.getTime()));
        }
    } else {
        // beta publish
        configInfo.setEncryptedDataKey(encryptedDataKey);
        persistService.insertOrUpdateBeta(configInfo, betaIps, srcIp, srcUser, time, false);
        ConfigChangePublisher.notifyConfigChange(new ConfigDataChangeEvent(true, dataId, group, tenant, time.getTime()));
    }
    ConfigTraceService.logPersistenceEvent(dataId, group, tenant, requestIpApp, time.getTime(), InetUtils.getSelfIP(), ConfigTraceService.PERSISTENCE_EVENT_PUB, content);
    return true;
}
Also used : HashMap(java.util.HashMap) ConfigDataChangeEvent(com.alibaba.nacos.config.server.model.event.ConfigDataChangeEvent) ConfigInfo(com.alibaba.nacos.config.server.model.ConfigInfo) Timestamp(java.sql.Timestamp) NacosException(com.alibaba.nacos.api.exception.NacosException) PostMapping(org.springframework.web.bind.annotation.PostMapping) Secured(com.alibaba.nacos.auth.annotation.Secured)

Example 33 with Secured

use of com.alibaba.nacos.auth.annotation.Secured in project nacos by alibaba.

the class ConfigController method deleteConfigs.

/**
 * Execute delete config operation.
 *
 * @return java.lang.Boolean
 * @author klw
 * @Description: delete configuration based on multiple config ids
 * @Date 2019/7/5 10:26
 * @Param [request, response, dataId, group, tenant, tag]
 */
@DeleteMapping(params = "delType=ids")
@Secured(action = ActionTypes.WRITE, signType = SignType.CONFIG)
public RestResult<Boolean> deleteConfigs(HttpServletRequest request, @RequestParam(value = "ids") List<Long> ids) {
    String clientIp = RequestUtil.getRemoteIp(request);
    final Timestamp time = TimeUtils.getCurrentTime();
    List<ConfigInfo> configInfoList = persistService.removeConfigInfoByIds(ids, clientIp, null);
    if (CollectionUtils.isEmpty(configInfoList)) {
        return RestResultUtils.success(true);
    }
    for (ConfigInfo configInfo : configInfoList) {
        ConfigChangePublisher.notifyConfigChange(new ConfigDataChangeEvent(false, configInfo.getDataId(), configInfo.getGroup(), configInfo.getTenant(), time.getTime()));
        ConfigTraceService.logPersistenceEvent(configInfo.getDataId(), configInfo.getGroup(), configInfo.getTenant(), null, time.getTime(), clientIp, ConfigTraceService.PERSISTENCE_EVENT_REMOVE, null);
    }
    return RestResultUtils.success(true);
}
Also used : ConfigDataChangeEvent(com.alibaba.nacos.config.server.model.event.ConfigDataChangeEvent) ConfigInfo(com.alibaba.nacos.config.server.model.ConfigInfo) Timestamp(java.sql.Timestamp) DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping) Secured(com.alibaba.nacos.auth.annotation.Secured)

Example 34 with Secured

use of com.alibaba.nacos.auth.annotation.Secured in project nacos by alibaba.

the class ConfigOpsController method derbyOps.

/**
 * // TODO In a future release, the front page should appear operable The interface to the Derby operations query
 * can only run select statements and is a direct query to the native Derby database without any additional logic.
 *
 * @param sql The query
 * @return {@link RestResult}
 */
@GetMapping(value = "/derby")
@Secured(action = ActionTypes.READ, resource = "nacos/admin")
public RestResult<Object> derbyOps(@RequestParam(value = "sql") String sql) {
    String selectSign = "SELECT";
    String limitSign = "ROWS FETCH NEXT";
    String limit = " OFFSET 0 ROWS FETCH NEXT 1000 ROWS ONLY";
    try {
        if (!PropertyUtil.isEmbeddedStorage()) {
            return RestResultUtils.failed("The current storage mode is not Derby");
        }
        LocalDataSourceServiceImpl dataSourceService = (LocalDataSourceServiceImpl) DynamicDataSource.getInstance().getDataSource();
        if (StringUtils.startsWithIgnoreCase(sql, selectSign)) {
            if (!StringUtils.containsIgnoreCase(sql, limitSign)) {
                sql += limit;
            }
            JdbcTemplate template = dataSourceService.getJdbcTemplate();
            List<Map<String, Object>> result = template.queryForList(sql);
            return RestResultUtils.success(result);
        }
        return RestResultUtils.failed("Only query statements are allowed to be executed");
    } catch (Exception e) {
        return RestResultUtils.failed(e.getMessage());
    }
}
Also used : LocalDataSourceServiceImpl(com.alibaba.nacos.config.server.service.datasource.LocalDataSourceServiceImpl) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) Map(java.util.Map) GetMapping(org.springframework.web.bind.annotation.GetMapping) Secured(com.alibaba.nacos.auth.annotation.Secured)

Example 35 with Secured

use of com.alibaba.nacos.auth.annotation.Secured in project nacos by alibaba.

the class ConfigOpsController method importDerby.

/**
 * // TODO the front page should appear operable The external data source is imported into derby.
 *
 * <p>mysqldump --defaults-file="XXX" --host=0.0.0.0 --protocol=tcp --user=XXX --extended-insert=FALSE \
 * --complete-insert=TRUE \ --skip-triggers --no-create-info --skip-column-statistics "{SCHEMA}" "{TABLE_NAME}"
 *
 * @param multipartFile {@link MultipartFile}
 * @return {@link DeferredResult}
 */
@PostMapping(value = "/data/removal")
@Secured(action = ActionTypes.WRITE, resource = "nacos/admin")
public DeferredResult<RestResult<String>> importDerby(@RequestParam(value = "file") MultipartFile multipartFile) {
    DeferredResult<RestResult<String>> response = new DeferredResult<>();
    if (!PropertyUtil.isEmbeddedStorage()) {
        response.setResult(RestResultUtils.failed("Limited to embedded storage mode"));
        return response;
    }
    DatabaseOperate databaseOperate = ApplicationUtils.getBean(DatabaseOperate.class);
    WebUtils.onFileUpload(multipartFile, file -> {
        NotifyCenter.publishEvent(new DerbyImportEvent(false));
        databaseOperate.dataImport(file).whenComplete((result, ex) -> {
            NotifyCenter.publishEvent(new DerbyImportEvent(true));
            if (Objects.nonNull(ex)) {
                response.setResult(RestResultUtils.failed(ex.getMessage()));
                return;
            }
            response.setResult(result);
        });
    }, response);
    return response;
}
Also used : RestResult(com.alibaba.nacos.common.model.RestResult) DerbyImportEvent(com.alibaba.nacos.config.server.model.event.DerbyImportEvent) DatabaseOperate(com.alibaba.nacos.config.server.service.repository.embedded.DatabaseOperate) DeferredResult(org.springframework.web.context.request.async.DeferredResult) PostMapping(org.springframework.web.bind.annotation.PostMapping) Secured(com.alibaba.nacos.auth.annotation.Secured)

Aggregations

Secured (com.alibaba.nacos.auth.annotation.Secured)104 Resource (com.alibaba.nacos.plugin.auth.api.Resource)34 Test (org.junit.Test)32 GetMapping (org.springframework.web.bind.annotation.GetMapping)20 CanDistro (com.alibaba.nacos.naming.web.CanDistro)17 Instance (com.alibaba.nacos.api.naming.pojo.Instance)16 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)15 PostMapping (org.springframework.web.bind.annotation.PostMapping)13 PutMapping (org.springframework.web.bind.annotation.PutMapping)13 DeleteMapping (org.springframework.web.bind.annotation.DeleteMapping)12 ConfigDataChangeEvent (com.alibaba.nacos.config.server.model.event.ConfigDataChangeEvent)10 Timestamp (java.sql.Timestamp)10 NacosException (com.alibaba.nacos.api.exception.NacosException)8 AbstractNamingRequest (com.alibaba.nacos.api.naming.remote.request.AbstractNamingRequest)8 Request (com.alibaba.nacos.api.remote.request.Request)8 ConfigInfo (com.alibaba.nacos.config.server.model.ConfigInfo)8 ServiceMetadata (com.alibaba.nacos.naming.core.v2.metadata.ServiceMetadata)7 ConfigBatchListenRequest (com.alibaba.nacos.api.config.remote.request.ConfigBatchListenRequest)6 HashMap (java.util.HashMap)6 ConfigAllInfo (com.alibaba.nacos.config.server.model.ConfigAllInfo)5