All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.kylin.rest.util.ValidateUtil Maven / Gradle / Ivy

There is a newer version: 4.0.4
Show newest version
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
*/

package org.apache.kylin.rest.util;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import java.util.regex.Pattern;

import org.apache.commons.lang.StringUtils;
import org.apache.kylin.common.persistence.AclEntity;
import org.apache.kylin.metadata.MetadataConstants;
import org.apache.kylin.metadata.model.ColumnDesc;
import org.apache.kylin.metadata.model.TableDesc;
import org.apache.kylin.metadata.project.ProjectInstance;
import org.apache.kylin.rest.service.AccessService;
import org.apache.kylin.rest.service.IUserGroupService;
import org.apache.kylin.rest.service.ProjectService;
import org.apache.kylin.rest.service.TableService;
import org.apache.kylin.rest.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.acls.domain.GrantedAuthoritySid;
import org.springframework.security.acls.domain.PrincipalSid;
import org.springframework.security.acls.model.AccessControlEntry;
import org.springframework.security.acls.model.Acl;
import org.springframework.security.acls.model.Sid;
import org.springframework.stereotype.Component;

import org.apache.kylin.shaded.com.google.common.base.Preconditions;

@Component("validateUtil")
public class ValidateUtil {
    private final static Pattern alphaNumUnderscorePattern = Pattern.compile("[a-zA-Z0-9_]+");

    @Autowired
    @Qualifier("tableService")
    private TableService tableService;

    @Autowired
    @Qualifier("projectService")
    private ProjectService projectService;

    @Autowired
    @Qualifier("accessService")
    private AccessService accessService;

    @Autowired
    @Qualifier("userService")
    private UserService userService;

    @Autowired
    @Qualifier("userGroupService")
    private IUserGroupService userGroupService;

    public static boolean isAlphanumericUnderscore(String toCheck) {
        return toCheck != null && alphaNumUnderscorePattern.matcher(toCheck).matches();
    }

    public static String convertStringToBeAlphanumericUnderscore(String toBeConverted) {
        return toBeConverted.replaceAll("[^a-zA-Z0-9_]", "");
    }

    public void checkIdentifiersExists(String name, boolean isPrincipal) throws IOException {
        if (isPrincipal && !userService.userExists(name)) {
            throw new RuntimeException("Operation failed, user:" + name + " not exists, please add first.");
        }
        if (!isPrincipal && !userGroupService.exists(name)) {
            throw new RuntimeException("Operation failed, group:" + name + " not exists, please add first.");
        }
    }

    //Identifiers may be user or user authority(you may call role or group)
    public void validateIdentifiers(String prj, String name, String type) throws IOException {
        Set allIdentifiers = getAllIdentifiersInPrj(prj, type);
        if (!allIdentifiers.contains(name)) {
            throw new RuntimeException("Operation failed, " + type + ":" + name + " not exists in project.");
        }
    }

    //get all users/user authorities that has permission in the project
    public Set getAllIdentifiersInPrj(String project, String type) throws IOException {
        List allSids = getAllSids(project);
        if (type.equalsIgnoreCase(MetadataConstants.TYPE_USER)) {
            return getUsersInPrj(allSids);
        } else {
            return getAuthoritiesInPrj(allSids);
        }
    }

    private Set getAuthoritiesInPrj(List allSids) {
        Set allAuthorities = new TreeSet<>();
        for (Sid sid : allSids) {
            if (sid instanceof GrantedAuthoritySid) {
                allAuthorities.add(((GrantedAuthoritySid) sid).getGrantedAuthority());
            }
        }
        return allAuthorities;
    }

    private Set getUsersInPrj(List allSids) throws IOException {
        Set allUsers = new TreeSet<>();
        for (Sid sid : allSids) {
            if (sid instanceof PrincipalSid) {
                allUsers.add(((PrincipalSid) sid).getPrincipal());
            }
        }
        return allUsers;
    }

    private List getAllSids(String project) {
        List allSids = new ArrayList<>();
        ProjectInstance prj = projectService.getProjectManager().getProject(project);
        AclEntity ae = accessService.getAclEntity("ProjectInstance", prj.getUuid());
        Acl acl = accessService.getAcl(ae);
        if (acl != null && acl.getEntries() != null) {
            for (AccessControlEntry ace : acl.getEntries()) {
                allSids.add(ace.getSid());
            }
        }
        return allSids;
    }

    public void validateTable(String project, String table) throws IOException {
        List tableDescs = tableService.getTableDescByProject(project, false);
        Set tables = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
        for (TableDesc tableDesc : tableDescs) {
            tables.add(tableDesc.getDatabase() + "." + tableDesc.getName());
        }

        if (!tables.contains(table)) {
            throw new RuntimeException("Operation failed, table:" + table + " not exists");
        }
    }

    public void validateColumn(String project, String table, Collection columns) throws IOException {
        Preconditions.checkState(columns != null && !columns.isEmpty());
        Set cols = getAllColumns(project, table);
        for (String c : columns) {
            if (!cols.contains(c)) {
                throw new RuntimeException("Operation failed, column:" + c + " not exists");
            }
        }
    }

    public void validateArgs(String... args) {
        for (String arg : args) {
            Preconditions.checkState(!StringUtils.isEmpty(arg));
        }
    }

    private Set getAllColumns(String project, String table) throws IOException {
        List tableDescByProject = tableService.getTableDescByProject(project, true);
        Set cols = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);

        for (TableDesc tableDesc : tableDescByProject) {
            String tbl = tableDesc.getDatabase() + "." + tableDesc.getName();
            if (tbl.equalsIgnoreCase(table)) {
                for (ColumnDesc column : tableDesc.getColumns()) {
                    cols.add(column.getName());
                }
                break;
            }
        }
        return cols;
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy