org.apache.dolphinscheduler.api.service.impl.AccessTokenServiceImpl Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.dolphinscheduler.api.service.impl;
import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_CREATE;
import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_DELETE;
import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_UPDATE;
import org.apache.dolphinscheduler.api.enums.Status;
import org.apache.dolphinscheduler.api.service.AccessTokenService;
import org.apache.dolphinscheduler.api.utils.PageInfo;
import org.apache.dolphinscheduler.api.utils.Result;
import org.apache.dolphinscheduler.common.constants.Constants;
import org.apache.dolphinscheduler.common.enums.AuthorizationType;
import org.apache.dolphinscheduler.common.enums.UserType;
import org.apache.dolphinscheduler.common.utils.DateUtils;
import org.apache.dolphinscheduler.common.utils.EncryptionUtils;
import org.apache.dolphinscheduler.dao.entity.AccessToken;
import org.apache.dolphinscheduler.dao.entity.User;
import org.apache.dolphinscheduler.dao.mapper.AccessTokenMapper;
import org.apache.commons.lang3.StringUtils;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
/**
* access token service impl
*/
@Service
public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTokenService {
private static final Logger logger = LoggerFactory.getLogger(AccessTokenServiceImpl.class);
@Autowired
private AccessTokenMapper accessTokenMapper;
/**
* query access token list
*
* @param loginUser login user
* @param searchVal search value
* @param pageNo page number
* @param pageSize page size
* @return token list for page number and page size
*/
@Override
public Result queryAccessTokenList(User loginUser, String searchVal, Integer pageNo, Integer pageSize) {
Result result = new Result();
PageInfo pageInfo = new PageInfo<>(pageNo, pageSize);
Page page = new Page<>(pageNo, pageSize);
int userId = loginUser.getId();
if (loginUser.getUserType() == UserType.ADMIN_USER) {
userId = 0;
}
IPage accessTokenList = accessTokenMapper.selectAccessTokenPage(page, searchVal, userId);
pageInfo.setTotal((int) accessTokenList.getTotal());
pageInfo.setTotalList(accessTokenList.getRecords());
result.setData(pageInfo);
putMsg(result, Status.SUCCESS);
return result;
}
/**
* query access token for specified user
*
* @param loginUser login user
* @param userId user id
* @return token list for specified user
*/
@Override
public Map queryAccessTokenByUser(User loginUser, Integer userId) {
Map result = new HashMap<>();
result.put(Constants.STATUS, false);
// no permission
if (loginUser.getUserType().equals(UserType.GENERAL_USER) && loginUser.getId() != userId) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
userId = loginUser.getUserType().equals(UserType.ADMIN_USER) ? 0 : userId;
// query access token for specified user
List accessTokenList = this.accessTokenMapper.queryAccessTokenByUser(userId);
result.put(Constants.DATA_LIST, accessTokenList);
this.putMsg(result, Status.SUCCESS);
return result;
}
/**
* create token
*
* @param loginUser loginUser
* @param userId token for user
* @param expireTime token expire time
* @param token token string (if it is absent, it will be automatically generated)
* @return create result code
*/
@SuppressWarnings("checkstyle:WhitespaceAround")
@Override
public Result createToken(User loginUser, int userId, String expireTime, String token) {
Result result = new Result();
// 1. check permission
if (!(canOperatorPermissions(loginUser,null, AuthorizationType.ACCESS_TOKEN,ACCESS_TOKEN_CREATE) || loginUser.getId() == userId)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
// 2. check if user is existed
if (userId <= 0) {
String errorMsg = "User id should not less than or equals to 0.";
logger.error(errorMsg);
putMsg(result, Status.REQUEST_PARAMS_NOT_VALID_ERROR, errorMsg);
return result;
}
// 3. generate access token if absent
if (StringUtils.isBlank(token)) {
token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
}
// 4. persist to the database
AccessToken accessToken = new AccessToken();
accessToken.setUserId(userId);
accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
accessToken.setToken(token);
accessToken.setCreateTime(new Date());
accessToken.setUpdateTime(new Date());
int insert = accessTokenMapper.insert(accessToken);
if (insert > 0) {
result.setData(accessToken);
putMsg(result, Status.SUCCESS);
} else {
putMsg(result, Status.CREATE_ACCESS_TOKEN_ERROR);
}
return result;
}
/**
* generate token
*
* @param loginUser
* @param userId token for user
* @param expireTime token expire time
* @return token string
*/
@Override
public Map generateToken(User loginUser, int userId, String expireTime) {
Map result = new HashMap<>();
String token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
result.put(Constants.DATA_LIST, token);
putMsg(result, Status.SUCCESS);
return result;
}
/**
* delete access token
*
* @param loginUser login user
* @param id token id
* @return delete result code
*/
@Override
public Map delAccessTokenById(User loginUser, int id) {
Map result = new HashMap<>();
if (!canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN,ACCESS_TOKEN_DELETE)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
AccessToken accessToken = accessTokenMapper.selectById(id);
if (accessToken == null) {
logger.error("access token not exist, access token id {}", id);
putMsg(result, Status.ACCESS_TOKEN_NOT_EXIST);
return result;
}
// admin can operate all, non-admin can operate their own
if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
accessTokenMapper.deleteById(id);
putMsg(result, Status.SUCCESS);
return result;
}
/**
* update token by id
*
* @param id token id
* @param userId token for user
* @param expireTime token expire time
* @param token token string (if it is absent, it will be automatically generated)
* @return updated access token entity
*/
@Override
public Map updateToken(User loginUser, int id, int userId, String expireTime, String token) {
Map result = new HashMap<>();
// 1. check permission
if (!canOperatorPermissions(loginUser, null,AuthorizationType.ACCESS_TOKEN,ACCESS_TOKEN_UPDATE)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
// 2. check if token is existed
AccessToken accessToken = accessTokenMapper.selectById(id);
if (accessToken == null) {
logger.error("access token not exist, access token id {}", id);
putMsg(result, Status.ACCESS_TOKEN_NOT_EXIST);
return result;
}
// admin can operate all, non-admin can operate their own
if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
putMsg(result, Status.USER_NO_OPERATION_PERM);
return result;
}
// 3. generate access token if absent
if (StringUtils.isBlank(token)) {
token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
}
// 4. persist to the database
accessToken.setUserId(userId);
accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
accessToken.setToken(token);
accessToken.setUpdateTime(new Date());
accessTokenMapper.updateById(accessToken);
result.put(Constants.DATA_LIST, accessToken);
putMsg(result, Status.SUCCESS);
return result;
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy