tristaZero commented on a change in pull request #10310:
URL: https://github.com/apache/shardingsphere/pull/10310#discussion_r633232134
##########
File path:
shardingsphere-governance/shardingsphere-governance-context/src/main/java/org/apache/shardingsphere/governance/context/metadata/GovernanceMetaDataContexts.java
##########
@@ -225,10 +217,8 @@ public synchronized void renew(final
PropertiesChangedEvent event) {
*/
@Subscribe
public synchronized void renew(final AuthorityChangedEvent event) {
- Collection<ShardingSphereUser> users = new
HashSet<>(getNewUsers(event.getUsers()));
- users.addAll(getModifiedUsers(event.getUsers()));
metaDataContexts = new StandardMetaDataContexts(
- metaDataContexts.getMetaDataMap(),
metaDataContexts.getGlobalRuleMetaData(), metaDataContexts.getExecutorEngine(),
new ShardingSphereUsers(users), metaDataContexts.getProps());
+ metaDataContexts.getMetaDataMap(),
metaDataContexts.getGlobalRuleMetaData(), metaDataContexts.getExecutorEngine(),
metaDataContexts.getProps());
Review comment:
@huanghao495430759 Please look at here, when
`governanceMetaDataContexts` receives `AuthorityChangedEvent`, we need to
recreate `authority rule` instead of copying a `metaDataContexts`.
I will accept @zhujunxxxxx 's change though, the current handling is
incorrect. Please correct it after merged.
##########
File path:
shardingsphere-infra/shardingsphere-infra-authority/shardingsphere-infra-authority-common/src/main/java/org/apache/shardingsphere/authority/checker/AuthorityChecker.java
##########
@@ -56,7 +58,28 @@ public SQLCheckResult check(final SQLStatement sqlStatement,
final List<Object>
// TODO add error msg
return privileges.map(optional -> new
SQLCheckResult(optional.hasPrivileges(Collections.singletonList(getPrivilege(sqlStatement))),
"")).orElseGet(() -> new SQLCheckResult(false, ""));
}
-
+
+ @Override
+ public boolean check(final Grantee grantee, final AuthorityRule
authorityRule) {
+ Optional<ShardingSphereUser> user = authorityRule.findUser(grantee);
+ if (!user.isPresent()) {
+ return false;
+ }
Review comment:
Hey, returen xxx ? :
##########
File path:
shardingsphere-infra/shardingsphere-infra-authority/shardingsphere-infra-authority-common/src/main/java/org/apache/shardingsphere/authority/checker/AuthorityChecker.java
##########
@@ -56,7 +58,28 @@ public SQLCheckResult check(final SQLStatement sqlStatement,
final List<Object>
// TODO add error msg
return privileges.map(optional -> new
SQLCheckResult(optional.hasPrivileges(Collections.singletonList(getPrivilege(sqlStatement))),
"")).orElseGet(() -> new SQLCheckResult(false, ""));
}
-
+
+ @Override
+ public boolean check(final Grantee grantee, final AuthorityRule
authorityRule) {
+ Optional<ShardingSphereUser> user = authorityRule.findUser(grantee);
+ if (!user.isPresent()) {
+ return false;
+ }
+ return true;
+ }
+
+ @Override
+ public boolean check(final Grantee grantee, final BiPredicate<Object,
Object> validate, final Object cipher, final AuthorityRule authorityRule) {
Review comment:
Maybe the first argument of `validate` is possible to be `password`
rather than`grantee`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
