Search in sources :

Example 1 with QueryOperationContext

use of org.apache.geode.cache.operations.QueryOperationContext in project geode by apache.

the class Query651 method cmdExecute.

@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
    // Based on MessageType.DESTROY
    // Added by gregp 10/18/05
    serverConnection.setAsTrue(REQUIRES_RESPONSE);
    serverConnection.setAsTrue(REQUIRES_CHUNKED_RESPONSE);
    // Retrieve the data from the message parts
    String queryString = clientMessage.getPart(0).getString();
    long compiledQueryId = 0;
    Object[] queryParams = null;
    try {
        if (clientMessage.getMessageType() == MessageType.QUERY_WITH_PARAMETERS) {
            // Query with parameters supported from 6.6 onwards.
            // Number of parameters.
            int params = clientMessage.getPart(1).getInt();
            // In case of native client there will be extra two parameters at 2 and 3 index.
            int paramStartIndex = 2;
            if (clientMessage.getNumberOfParts() > (1 + /* type */
            1 + /* query string */
            1 + /* params length */
            params)) {
                int timeout = clientMessage.getPart(3).getInt();
                serverConnection.setRequestSpecificTimeout(timeout);
                paramStartIndex = 4;
            }
            // Get the query execution parameters.
            queryParams = new Object[params];
            for (int i = 0; i < queryParams.length; i++) {
                queryParams[i] = clientMessage.getPart(i + paramStartIndex).getObject();
            }
        } else {
            // need to take care while adding new message
            if (clientMessage.getNumberOfParts() == 3) {
                int timeout = clientMessage.getPart(2).getInt();
                serverConnection.setRequestSpecificTimeout(timeout);
            }
        }
    } catch (ClassNotFoundException cne) {
        throw new QueryInvalidException(cne.getMessage() + queryString);
    }
    if (logger.isDebugEnabled()) {
        logger.debug("{}: Received query request from {} queryString: {}{}", serverConnection.getName(), serverConnection.getSocketString(), queryString, (queryParams != null ? (" with num query parameters :" + queryParams.length) : ""));
    }
    try {
        // Create query
        QueryService queryService = serverConnection.getCachedRegionHelper().getCache().getLocalQueryService();
        org.apache.geode.cache.query.Query query = null;
        if (queryParams != null) {
            // Its a compiled query.
            CacheClientNotifier ccn = serverConnection.getAcceptor().getCacheClientNotifier();
            query = ccn.getCompiledQuery(queryString);
            if (query == null) {
                // This is first time the query is seen by this server.
                query = queryService.newQuery(queryString);
                ccn.addCompiledQuery((DefaultQuery) query);
            }
            ccn.getStats().incCompiledQueryUsedCount(1);
            ((DefaultQuery) query).setLastUsed(true);
        } else {
            query = queryService.newQuery(queryString);
        }
        Set regionNames = ((DefaultQuery) query).getRegionsInQuery(queryParams);
        // Authorization check
        QueryOperationContext queryContext = null;
        AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
        if (authzRequest != null) {
            queryContext = authzRequest.queryAuthorize(queryString, regionNames, queryParams);
            String newQueryString = queryContext.getQuery();
            if (queryString != null && !queryString.equals(newQueryString)) {
                query = queryService.newQuery(newQueryString);
                queryString = newQueryString;
                regionNames = queryContext.getRegionNames();
                if (regionNames == null) {
                    regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
                }
            }
        }
        processQueryUsingParams(clientMessage, query, queryString, regionNames, start, null, queryContext, serverConnection, true, queryParams);
    } catch (QueryInvalidException e) {
        throw new QueryInvalidException(e.getMessage() + queryString);
    }
}
Also used : DefaultQuery(org.apache.geode.cache.query.internal.DefaultQuery) Set(java.util.Set) CacheClientNotifier(org.apache.geode.internal.cache.tier.sockets.CacheClientNotifier) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) QueryInvalidException(org.apache.geode.cache.query.QueryInvalidException) QueryOperationContext(org.apache.geode.cache.operations.QueryOperationContext) QueryService(org.apache.geode.cache.query.QueryService)

Example 2 with QueryOperationContext

use of org.apache.geode.cache.operations.QueryOperationContext in project geode by apache.

the class XmlAuthorization method authorizeOperation.

/**
   * Return true if the given operation is allowed for the cache/region.
   * 
   * This looks up the cached permissions of the principal in the map for the provided region name.
   * If none are found then the global permissions with empty region name are looked up. The
   * operation is allowed if it is found this permission list.
   * 
   * @param regionName When null then it indicates a cache-level operation, else the name of the
   *        region for the operation.
   * @param context the data required by the operation
   * 
   * @return true if the operation is authorized and false otherwise
   */
@Override
public boolean authorizeOperation(String regionName, final OperationContext context) {
    Map<OperationCode, FunctionSecurityPrmsHolder> operationMap;
    // Check GET permissions for updates from server to client
    if (context.isClientUpdate()) {
        operationMap = this.allowedOps.get(regionName);
        if (operationMap == null && regionName.length() > 0) {
            operationMap = this.allowedOps.get(EMPTY_VALUE);
        }
        if (operationMap != null) {
            return operationMap.containsKey(OperationCode.GET);
        }
        return false;
    }
    OperationCode opCode = context.getOperationCode();
    if (opCode.isQuery() || opCode.isExecuteCQ() || opCode.isCloseCQ() || opCode.isStopCQ()) {
        // First check if cache-level permission has been provided
        operationMap = this.allowedOps.get(EMPTY_VALUE);
        boolean globalPermission = (operationMap != null && operationMap.containsKey(opCode));
        Set<String> regionNames = ((QueryOperationContext) context).getRegionNames();
        if (regionNames == null || regionNames.size() == 0) {
            return globalPermission;
        }
        for (String r : regionNames) {
            regionName = normalizeRegionName(r);
            operationMap = this.allowedOps.get(regionName);
            if (operationMap == null) {
                if (!globalPermission) {
                    return false;
                }
            } else if (!operationMap.containsKey(opCode)) {
                return false;
            }
        }
        return true;
    }
    final String normalizedRegionName = normalizeRegionName(regionName);
    operationMap = this.allowedOps.get(normalizedRegionName);
    if (operationMap == null && normalizedRegionName.length() > 0) {
        operationMap = this.allowedOps.get(EMPTY_VALUE);
    }
    if (operationMap != null) {
        if (context.getOperationCode() != OperationCode.EXECUTE_FUNCTION) {
            return operationMap.containsKey(context.getOperationCode());
        } else {
            if (!operationMap.containsKey(context.getOperationCode())) {
                return false;
            } else {
                if (!context.isPostOperation()) {
                    FunctionSecurityPrmsHolder functionParameter = operationMap.get(context.getOperationCode());
                    ExecuteFunctionOperationContext functionContext = (ExecuteFunctionOperationContext) context;
                    // OnRegion execution
                    if (functionContext.getRegionName() != null) {
                        if (functionParameter.isOptimizeForWrite() != null && functionParameter.isOptimizeForWrite().booleanValue() != functionContext.isOptimizeForWrite()) {
                            return false;
                        }
                        if (functionParameter.getFunctionIds() != null && !functionParameter.getFunctionIds().contains(functionContext.getFunctionId())) {
                            return false;
                        }
                        if (functionParameter.getKeySet() != null && functionContext.getKeySet() != null) {
                            if (functionContext.getKeySet().containsAll(functionParameter.getKeySet())) {
                                return false;
                            }
                        }
                        return true;
                    } else {
                        // On Server execution
                        if (functionParameter.getFunctionIds() != null && !functionParameter.getFunctionIds().contains(functionContext.getFunctionId())) {
                            return false;
                        }
                        return true;
                    }
                } else {
                    ExecuteFunctionOperationContext functionContext = (ExecuteFunctionOperationContext) context;
                    FunctionSecurityPrmsHolder functionParameter = operationMap.get(context.getOperationCode());
                    if (functionContext.getRegionName() != null) {
                        if (functionContext.getResult() instanceof ArrayList && functionParameter.getKeySet() != null) {
                            ArrayList<String> resultList = (ArrayList) functionContext.getResult();
                            Set<String> nonAllowedKeys = functionParameter.getKeySet();
                            if (resultList.containsAll(nonAllowedKeys)) {
                                return false;
                            }
                        }
                        return true;
                    } else {
                        ArrayList<String> resultList = (ArrayList) functionContext.getResult();
                        final String inSecureItem = "Insecure item";
                        if (resultList.contains(inSecureItem)) {
                            return false;
                        }
                        return true;
                    }
                }
            }
        }
    }
    return false;
}
Also used : ExecuteFunctionOperationContext(org.apache.geode.cache.operations.ExecuteFunctionOperationContext) OperationCode(org.apache.geode.cache.operations.OperationContext.OperationCode) ArrayList(java.util.ArrayList) QueryOperationContext(org.apache.geode.cache.operations.QueryOperationContext)

Example 3 with QueryOperationContext

use of org.apache.geode.cache.operations.QueryOperationContext in project geode by apache.

the class Query method cmdExecute.

@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException, InterruptedException {
    // Based on MessageType.DESTROY
    // Added by gregp 10/18/05
    serverConnection.setAsTrue(REQUIRES_RESPONSE);
    serverConnection.setAsTrue(REQUIRES_CHUNKED_RESPONSE);
    // Retrieve the data from the message parts
    String queryString = clientMessage.getPart(0).getString();
    if (clientMessage.getNumberOfParts() == 3) {
        int timeout = clientMessage.getPart(2).getInt();
        serverConnection.setRequestSpecificTimeout(timeout);
    }
    if (logger.isDebugEnabled()) {
        logger.debug("{}: Received query request from {} queryString: {}", serverConnection.getName(), serverConnection.getSocketString(), queryString);
    }
    try {
        // Create query
        QueryService queryService = serverConnection.getCachedRegionHelper().getCache().getLocalQueryService();
        org.apache.geode.cache.query.Query query = queryService.newQuery(queryString);
        Set regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
        // Authorization check
        QueryOperationContext queryContext = null;
        AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
        if (authzRequest != null) {
            queryContext = authzRequest.queryAuthorize(queryString, regionNames);
            String newQueryString = queryContext.getQuery();
            if (queryString != null && !queryString.equals(newQueryString)) {
                query = queryService.newQuery(newQueryString);
                queryString = newQueryString;
                regionNames = queryContext.getRegionNames();
                if (regionNames == null) {
                    regionNames = ((DefaultQuery) query).getRegionsInQuery(null);
                }
            }
        }
        processQuery(clientMessage, query, queryString, regionNames, start, null, queryContext, serverConnection, true);
    } catch (QueryInvalidException e) {
        throw new QueryInvalidException(e.getMessage() + queryString);
    } catch (QueryExecutionLowMemoryException e) {
        writeQueryResponseException(clientMessage, e, serverConnection);
    }
}
Also used : Set(java.util.Set) DefaultQuery(org.apache.geode.cache.query.internal.DefaultQuery) AuthorizeRequest(org.apache.geode.internal.security.AuthorizeRequest) QueryExecutionLowMemoryException(org.apache.geode.cache.query.QueryExecutionLowMemoryException) QueryInvalidException(org.apache.geode.cache.query.QueryInvalidException) QueryOperationContext(org.apache.geode.cache.operations.QueryOperationContext) QueryService(org.apache.geode.cache.query.QueryService)

Aggregations

QueryOperationContext (org.apache.geode.cache.operations.QueryOperationContext)3 Set (java.util.Set)2 QueryInvalidException (org.apache.geode.cache.query.QueryInvalidException)2 QueryService (org.apache.geode.cache.query.QueryService)2 DefaultQuery (org.apache.geode.cache.query.internal.DefaultQuery)2 AuthorizeRequest (org.apache.geode.internal.security.AuthorizeRequest)2 ArrayList (java.util.ArrayList)1 ExecuteFunctionOperationContext (org.apache.geode.cache.operations.ExecuteFunctionOperationContext)1 OperationCode (org.apache.geode.cache.operations.OperationContext.OperationCode)1 QueryExecutionLowMemoryException (org.apache.geode.cache.query.QueryExecutionLowMemoryException)1 CacheClientNotifier (org.apache.geode.internal.cache.tier.sockets.CacheClientNotifier)1