sandynz commented on code in PR #23627:
URL: https://github.com/apache/shardingsphere/pull/23627#discussion_r1073232044
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
Review Comment:
It's better not use `CDCResponseErrorCode.SERVER_ERROR` when username or
password incorrect
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
+
+ private void checkPrivileges(final Grantee grantee, final String
currentDatabase) {
+ if (null == grantee) {
return;
}
Review Comment:
1, When `grantee` is null?
2, When `grantee` is null, why not throw exception
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -79,27 +85,40 @@ public void channelInactive(final ChannelHandlerContext
ctx) {
ctx.channel().attr(CONNECTION_CONTEXT_KEY).set(null);
}
+ @Override
+ public void exceptionCaught(final ChannelHandlerContext ctx, final
Throwable cause) {
Review Comment:
It's better to clean `status` and `currentUser` in `CDCConnectionContext`
when exception occur
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
Review Comment:
Try `findSingleRule` to simplify code
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
+
+ private void checkPrivileges(final Grantee grantee, final String
currentDatabase) {
+ if (null == grantee) {
return;
}
- ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
+ ShardingSpherePreconditions.checkState(authorityRule.isPresent(), ()
-> new SQLCheckException("Not find authority rule"));
+ Optional<ShardingSpherePrivileges> privileges =
authorityRule.get().findPrivileges(grantee);
+ ShardingSpherePreconditions.checkState(privileges.isPresent(), () ->
new SQLCheckException(String.format("Access denied for user '%s'@'%s'",
grantee.getUsername(), grantee.getHostname())));
Review Comment:
`orElseThrow` could be used to simplify code, and also remove Optional for
`privileges`
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -164,22 +201,27 @@ private void processStartSubscription(final
ChannelHandlerContext ctx, final CDC
.addListener(ChannelFutureListener.CLOSE);
return;
}
+ checkPrivileges(connectionContext.getCurrentUser().getGrantee(),
startSubscriptionRequest.getDatabase());
CDCResponse response = backendHandler.startSubscription(request,
ctx.channel(), connectionContext);
ctx.writeAndFlush(response);
}
- private void stopStartSubscription(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
+ private void processStopSubscription(final ChannelHandlerContext ctx,
final CDCRequest request, final CDCConnectionContext connectionContext) {
+ StopSubscriptionRequest stopSubscriptionRequest =
request.getStopSubscription();
+ checkPrivileges(connectionContext.getCurrentUser().getGrantee(),
stopSubscriptionRequest.getDatabase());
backendHandler.stopSubscription(connectionContext.getJobId());
connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
}
- private void dropStartSubscription(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
+ private void processDropSubscription(final ChannelHandlerContext ctx,
final CDCRequest request, final CDCConnectionContext connectionContext) {
+ DropSubscriptionRequest dropSubscriptionRequest =
request.getDropSubscription();
+ checkPrivileges(connectionContext.getCurrentUser().getGrantee(),
dropSubscriptionRequest.getDatabase());
try {
backendHandler.dropSubscription(connectionContext.getJobId());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
} catch (final SQLException ex) {
-
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, ex.getMessage()));
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR,
ex.getMessage())).addListener(ChannelFutureListener.CLOSE);
}
Review Comment:
Is it necessary to close connection when internal exception occur when drop
subscription
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
+
+ private void checkPrivileges(final Grantee grantee, final String
currentDatabase) {
+ if (null == grantee) {
return;
}
- ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
+ ShardingSpherePreconditions.checkState(authorityRule.isPresent(), ()
-> new SQLCheckException("Not find authority rule"));
+ Optional<ShardingSpherePrivileges> privileges =
authorityRule.get().findPrivileges(grantee);
+ ShardingSpherePreconditions.checkState(privileges.isPresent(), () ->
new SQLCheckException(String.format("Access denied for user '%s'@'%s'",
grantee.getUsername(), grantee.getHostname())));
+ ShardingSpherePreconditions.checkState(null == currentDatabase ||
privileges.filter(optional ->
optional.hasPrivileges(currentDatabase)).isPresent(),
+ () -> new SQLCheckException(String.format("Unknown database
'%s'", currentDatabase)));
Review Comment:
1, When `currentDatabase` is null?
Could `database` field be null in protobuf protocol request?
2, When `currentDatabase` is null, no any privilege is checked, is it
expected?
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
+
+ private void checkPrivileges(final Grantee grantee, final String
currentDatabase) {
Review Comment:
database name should be case-insensitive in ShardingSphere, it might cause
issue in DatabasePermittedPrivileges
##########
proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java:
##########
@@ -109,33 +128,50 @@ public void channelRead(final ChannelHandlerContext ctx,
final Object msg) {
}
}
- private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request) {
+ private void processLogin(final ChannelHandlerContext ctx, final
CDCRequest request, final CDCConnectionContext connectionContext) {
if (!request.hasLogin() || !request.getLogin().hasBasicBody()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.ILLEGAL_REQUEST_ERROR, "Miss login request
body")).addListener(ChannelFutureListener.CLOSE);
return;
}
BasicBody body = request.getLogin().getBasicBody();
- Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
- Optional<AuthorityRule> authorityRule =
globalRules.stream().filter(rule -> rule instanceof AuthorityRule).map(rule ->
(AuthorityRule) rule).findFirst();
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
if (!authorityRule.isPresent()) {
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Not find authority
rule")).addListener(ChannelFutureListener.CLOSE);
return;
}
Optional<ShardingSphereUser> user = authorityRule.get().findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
-
ctx.channel().attr(CONNECTION_CONTEXT_KEY).get().setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setStatus(CDCConnectionStatus.LOGGED_IN);
+ connectionContext.setCurrentUser(user.get());
ctx.writeAndFlush(CDCResponseGenerator.succeedBuilder(request.getRequestId()).build());
+ } else {
+
ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ }
+ }
+
+ private Optional<AuthorityRule> findAuthorityRule() {
+ Collection<ShardingSphereRule> globalRules =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules();
+ return globalRules.stream().filter(rule -> rule instanceof
AuthorityRule).map(rule -> (AuthorityRule) rule).findFirst();
+ }
+
+ private void checkPrivileges(final Grantee grantee, final String
currentDatabase) {
+ if (null == grantee) {
return;
}
- ctx.writeAndFlush(CDCResponseGenerator.failed(request.getRequestId(),
CDCResponseErrorCode.SERVER_ERROR, "Incorrect username or
password")).addListener(ChannelFutureListener.CLOSE);
+ Optional<AuthorityRule> authorityRule = findAuthorityRule();
+ ShardingSpherePreconditions.checkState(authorityRule.isPresent(), ()
-> new SQLCheckException("Not find authority rule"));
Review Comment:
Is there better exception for privilege check but not SQLCheckException
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
