use of io.mycat.config.model.UserConfig in project Mycat_plus by coderczp.
the class ShowTables method getTableSet.
private static Set<String> getTableSet(ServerConnection c, Map<String, String> parm) {
TreeSet<String> tableSet = new TreeSet<String>();
MycatConfig conf = MycatServer.getInstance().getConfig();
Map<String, UserConfig> users = conf.getUsers();
UserConfig user = users == null ? null : users.get(c.getUser());
if (user != null) {
Map<String, SchemaConfig> schemas = conf.getSchemas();
for (String name : schemas.keySet()) {
if (null != parm.get(SCHEMA_KEY) && parm.get(SCHEMA_KEY).toUpperCase().equals(name.toUpperCase())) {
if (null == parm.get("LIKE_KEY")) {
tableSet.addAll(schemas.get(name).getTables().keySet());
} else {
String p = "^" + parm.get("LIKE_KEY").replaceAll("%", ".*");
Pattern pattern = Pattern.compile(p, Pattern.CASE_INSENSITIVE);
Matcher ma;
for (String tname : schemas.get(name).getTables().keySet()) {
ma = pattern.matcher(tname);
if (ma.matches()) {
tableSet.add(tname);
}
}
}
}
}
;
}
return tableSet;
}
use of io.mycat.config.model.UserConfig in project Mycat_plus by coderczp.
the class ShowWhiteHost method setHost.
public static synchronized void setHost(ManagerConnection c, String ips) {
OkPacket ok = new OkPacket();
String[] users = ips.split(",");
if (users.length < 2) {
c.writeErrMessage(ErrorCode.ER_YES, "white host info error.");
return;
}
String host = "";
List<UserConfig> userConfigs = new ArrayList<UserConfig>();
int i = 0;
for (String user : users) {
if (i == 0) {
host = user;
i++;
} else {
i++;
UserConfig uc = MycatServer.getInstance().getConfig().getUsers().get(user);
if (null == uc) {
c.writeErrMessage(ErrorCode.ER_YES, "user doesn't exist in host.");
return;
}
if (uc.getSchemas() == null || uc.getSchemas().size() == 0) {
c.writeErrMessage(ErrorCode.ER_YES, "host contains one root privileges user.");
return;
}
userConfigs.add(uc);
}
}
if (MycatServer.getInstance().getConfig().getFirewall().addWhitehost(host, userConfigs)) {
try {
FirewallConfig.updateToFile(host, userConfigs);
} catch (Exception e) {
LOGGER.warn("set while host error : " + e.getMessage());
c.writeErrMessage(ErrorCode.ER_YES, "white host set success ,but write to file failed :" + e.getMessage());
}
ok.packetId = 1;
ok.affectedRows = 1;
ok.serverStatus = 2;
ok.message = "white host set to succeed.".getBytes();
ok.write(c);
} else {
c.writeErrMessage(ErrorCode.ER_YES, "host duplicated.");
}
}
use of io.mycat.config.model.UserConfig in project Mycat-Server by MyCATApache.
the class XMLServerLoader method loadFirewall.
/**
* 初始载入配置获取防火墙配置,配置防火墙方法之一,一共有两处,另一处:
* @see FirewallConfig
*
* @modification 修改增加网段白名单
* @date 2016/12/8
* @modifiedBy Hash Zhang
*/
private void loadFirewall(Element root) throws IllegalAccessException, InvocationTargetException {
NodeList list = root.getElementsByTagName("host");
Map<String, List<UserConfig>> whitehost = new HashMap<>();
Map<Pattern, List<UserConfig>> whitehostMask = new HashMap<>();
for (int i = 0, n = list.getLength(); i < n; i++) {
Node node = list.item(i);
if (node instanceof Element) {
Element e = (Element) node;
String host = e.getAttribute("host").trim();
String userStr = e.getAttribute("user").trim();
if (this.firewall.existsHost(host)) {
throw new ConfigException("host duplicated : " + host);
}
String[] users = userStr.split(",");
List<UserConfig> userConfigs = new ArrayList<UserConfig>();
for (String user : users) {
UserConfig uc = this.users.get(user);
if (null == uc) {
throw new ConfigException("[user: " + user + "] doesn't exist in [host: " + host + "]");
}
if (uc.getSchemas() == null || uc.getSchemas().size() == 0) {
throw new ConfigException("[host: " + host + "] contains one root privileges user: " + user);
}
userConfigs.add(uc);
}
if (host.contains("*") || host.contains("%")) {
whitehostMask.put(FirewallConfig.getMaskPattern(host), userConfigs);
} else {
whitehost.put(host, userConfigs);
}
}
}
firewall.setWhitehost(whitehost);
firewall.setWhitehostMask(whitehostMask);
WallConfig wallConfig = new WallConfig();
NodeList blacklist = root.getElementsByTagName("blacklist");
for (int i = 0, n = blacklist.getLength(); i < n; i++) {
Node node = blacklist.item(i);
if (node instanceof Element) {
Element e = (Element) node;
String check = e.getAttribute("check");
if (null != check) {
firewall.setCheck(Boolean.parseBoolean(check));
}
Map<String, Object> props = ConfigUtil.loadElements((Element) node);
ParameterMapping.mapping(wallConfig, props);
}
}
firewall.setWallConfig(wallConfig);
firewall.init();
}
use of io.mycat.config.model.UserConfig in project Mycat-Server by MyCATApache.
the class MycatPrivileges method checkFirewallWhiteHostPolicy.
/**
* 防火墙白名单处理,根据防火墙配置,判断目前主机是否可以通过某用户登陆
* 白名单配置请参考:
* @see XMLServerLoader
* @see FirewallConfig
*
* @modification 修改增加网段白名单识别配置
* @date 2016/12/8
* @modifiedBy Hash Zhang
*/
@Override
public boolean checkFirewallWhiteHostPolicy(String user, String host) {
MycatConfig mycatConfig = MycatServer.getInstance().getConfig();
FirewallConfig firewallConfig = mycatConfig.getFirewall();
// 防火墙 白名单处理
boolean isPassed = false;
Map<String, List<UserConfig>> whitehost = firewallConfig.getWhitehost();
Map<Pattern, List<UserConfig>> whitehostMask = firewallConfig.getWhitehostMask();
if ((whitehost == null || whitehost.size() == 0) && (whitehostMask == null || whitehostMask.size() == 0)) {
Map<String, UserConfig> users = mycatConfig.getUsers();
isPassed = users.containsKey(user);
} else {
List<UserConfig> list = whitehost.get(host);
Set<Pattern> patterns = whitehostMask.keySet();
if (patterns != null && patterns.size() > 0) {
for (Pattern pattern : patterns) {
if (pattern.matcher(host).find()) {
isPassed = true;
break;
}
}
}
if (list != null) {
for (UserConfig userConfig : list) {
if (userConfig.getName().equals(user)) {
isPassed = true;
break;
}
}
}
}
if (!isPassed) {
ALARM.error(new StringBuilder().append(Alarms.FIREWALL_ATTACK).append("[host=").append(host).append(",user=").append(user).append(']').toString());
return false;
}
return true;
}
use of io.mycat.config.model.UserConfig in project Mycat-Server by MyCATApache.
the class ReloadConfig method reload_all.
public static boolean reload_all() {
/**
* 1、载入新的配置
* 1.1、ConfigInitializer 初始化,基本自检
* 1.2、DataNode/DataHost 实际链路检测
*/
ConfigInitializer loader = new ConfigInitializer(true);
Map<String, UserConfig> newUsers = loader.getUsers();
Map<String, SchemaConfig> newSchemas = loader.getSchemas();
Map<String, PhysicalDBNode> newDataNodes = loader.getDataNodes();
Map<String, PhysicalDBPool> newDataHosts = loader.getDataHosts();
MycatCluster newCluster = loader.getCluster();
FirewallConfig newFirewall = loader.getFirewall();
/**
* 1.2、实际链路检测
*/
loader.testConnection();
/**
* 2、承接
* 2.1、老的 dataSource 继续承接新建请求
* 2.2、新的 dataSource 开始初始化, 完毕后交由 2.3
* 2.3、新的 dataSource 开始承接新建请求
* 2.4、老的 dataSource 内部的事务执行完毕, 相继关闭
* 2.5、老的 dataSource 超过阀值的,强制关闭
*/
MycatConfig config = MycatServer.getInstance().getConfig();
/**
* 2.1 、老的 dataSource 继续承接新建请求, 此处什么也不需要做
*/
boolean isReloadStatusOK = true;
/**
* 2.2、新的 dataHosts 初始化
*/
for (PhysicalDBPool dbPool : newDataHosts.values()) {
String hostName = dbPool.getHostName();
// 设置 schemas
ArrayList<String> dnSchemas = new ArrayList<String>(30);
for (PhysicalDBNode dn : newDataNodes.values()) {
if (dn.getDbPool().getHostName().equals(hostName)) {
dnSchemas.add(dn.getDatabase());
}
}
dbPool.setSchemas(dnSchemas.toArray(new String[dnSchemas.size()]));
// 获取 data host
String dnIndex = DnPropertyUtil.loadDnIndexProps().getProperty(dbPool.getHostName(), "0");
if (!"0".equals(dnIndex)) {
LOGGER.info("init datahost: " + dbPool.getHostName() + " to use datasource index:" + dnIndex);
}
dbPool.init(Integer.valueOf(dnIndex));
if (!dbPool.isInitSuccess()) {
isReloadStatusOK = false;
break;
}
}
/**
* TODO: 确认初始化情况
*
* 新的 dataHosts 是否初始化成功
*/
if (isReloadStatusOK) {
/**
* 2.3、 在老的配置上,应用新的配置,开始准备承接任务
*/
config.reload(newUsers, newSchemas, newDataNodes, newDataHosts, newCluster, newFirewall, true);
/**
* 2.4、 处理旧的资源
*/
LOGGER.warn("1、clear old backend connection(size): " + NIOProcessor.backends_old.size());
// 清除前一次 reload 转移出去的 old Cons
Iterator<BackendConnection> iter = NIOProcessor.backends_old.iterator();
while (iter.hasNext()) {
BackendConnection con = iter.next();
con.close("clear old datasources");
iter.remove();
}
Map<String, PhysicalDBPool> oldDataHosts = config.getBackupDataHosts();
for (PhysicalDBPool dbPool : oldDataHosts.values()) {
dbPool.stopHeartbeat();
// 提取数据源下的所有连接
for (PhysicalDatasource ds : dbPool.getAllDataSources()) {
//
for (NIOProcessor processor : MycatServer.getInstance().getProcessors()) {
for (BackendConnection con : processor.getBackends().values()) {
if (con instanceof MySQLConnection) {
MySQLConnection mysqlCon = (MySQLConnection) con;
if (mysqlCon.getPool() == ds) {
NIOProcessor.backends_old.add(con);
}
} else if (con instanceof JDBCConnection) {
JDBCConnection jdbcCon = (JDBCConnection) con;
if (jdbcCon.getPool() == ds) {
NIOProcessor.backends_old.add(con);
}
}
}
}
}
}
LOGGER.warn("2、to be recycled old backend connection(size): " + NIOProcessor.backends_old.size());
// 清理缓存
MycatServer.getInstance().getCacheService().clearCache();
MycatServer.getInstance().initRuleData();
return true;
} else {
// 如果重载不成功,则清理已初始化的资源。
LOGGER.warn("reload failed, clear previously created datasources ");
for (PhysicalDBPool dbPool : newDataHosts.values()) {
dbPool.clearDataSources("reload config");
dbPool.stopHeartbeat();
}
return false;
}
}
Aggregations