Skip to content

Commit b9d0d0a

Browse files
lepdoulepdou
committed
apply consumer token and assign consumer role
1 parent 07cb655 commit b9d0d0a

File tree

13 files changed

+675
-130
lines changed

13 files changed

+675
-130
lines changed

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/repository/ConsumerRepository.java

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,4 +8,7 @@
88
* @author Jason Song(song_s@ctrip.com)
99
*/
1010
public interface ConsumerRepository extends PagingAndSortingRepository<Consumer, Long> {
11+
12+
Consumer findByAppId(String appId);
13+
1114
}

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/repository/ConsumerRoleRepository.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,4 +21,6 @@ public interface ConsumerRoleRepository extends PagingAndSortingRepository<Consu
2121
* find consumer roles by roleId
2222
*/
2323
List<ConsumerRole> findByRoleId(long roleId);
24+
25+
ConsumerRole findByConsumerIdAndRoleId(long consumerId, long roleId);
2426
}

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/repository/ConsumerTokenRepository.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,4 +17,6 @@ public interface ConsumerTokenRepository extends PagingAndSortingRepository<Cons
1717
* @param validDate the date when the token is valid
1818
*/
1919
ConsumerToken findTopByTokenAndExpiresAfter(String token, Date validDate);
20+
21+
ConsumerToken findByConsumerId(Long consumerId);
2022
}

apollo-portal/src/main/java/com/ctrip/framework/apollo/openapi/service/ConsumerService.java

Lines changed: 138 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -6,63 +6,150 @@
66
import com.google.common.base.Strings;
77
import com.google.common.hash.Hashing;
88

9+
import com.ctrip.framework.apollo.common.exception.BadRequestException;
910
import com.ctrip.framework.apollo.openapi.entity.Consumer;
1011
import com.ctrip.framework.apollo.openapi.entity.ConsumerAudit;
12+
import com.ctrip.framework.apollo.openapi.entity.ConsumerRole;
1113
import com.ctrip.framework.apollo.openapi.entity.ConsumerToken;
1214
import com.ctrip.framework.apollo.openapi.repository.ConsumerAuditRepository;
1315
import com.ctrip.framework.apollo.openapi.repository.ConsumerRepository;
16+
import com.ctrip.framework.apollo.openapi.repository.ConsumerRoleRepository;
1417
import com.ctrip.framework.apollo.openapi.repository.ConsumerTokenRepository;
1518
import com.ctrip.framework.apollo.portal.component.config.PortalConfig;
19+
import com.ctrip.framework.apollo.portal.entity.bo.UserInfo;
20+
import com.ctrip.framework.apollo.portal.entity.po.Role;
21+
import com.ctrip.framework.apollo.portal.service.RolePermissionService;
22+
import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
23+
import com.ctrip.framework.apollo.portal.spi.UserService;
24+
import com.ctrip.framework.apollo.portal.util.RoleUtils;
1625

1726
import org.apache.commons.lang.time.FastDateFormat;
1827
import org.springframework.beans.factory.annotation.Autowired;
1928
import org.springframework.stereotype.Service;
2029
import org.springframework.transaction.annotation.Transactional;
2130

31+
import java.util.Arrays;
2232
import java.util.Date;
33+
import java.util.List;
2334

2435
/**
2536
* @author Jason Song(song_s@ctrip.com)
2637
*/
2738
@Service
2839
public class ConsumerService {
29-
static final String TOKEN_SALT_KEY = "consumer.token.salt";
30-
private static final FastDateFormat TIMESTAMP_FORMAT = FastDateFormat.getInstance
31-
("yyyyMMddHHmmss");
40+
41+
private static final FastDateFormat TIMESTAMP_FORMAT = FastDateFormat.getInstance("yyyyMMddHHmmss");
3242
private static final Joiner KEY_JOINER = Joiner.on("|");
43+
44+
@Autowired
45+
private UserInfoHolder userInfoHolder;
3346
@Autowired
3447
private ConsumerTokenRepository consumerTokenRepository;
3548
@Autowired
3649
private ConsumerRepository consumerRepository;
3750
@Autowired
3851
private ConsumerAuditRepository consumerAuditRepository;
3952
@Autowired
53+
private ConsumerRoleRepository consumerRoleRepository;
54+
@Autowired
4055
private PortalConfig portalConfig;
56+
@Autowired
57+
private RolePermissionService rolePermissionService;
58+
@Autowired
59+
private UserService userService;
60+
61+
62+
public Consumer createConsumer(Consumer consumer) {
63+
String appId = consumer.getAppId();
64+
65+
Consumer managedConsumer = consumerRepository.findByAppId(appId);
66+
if (managedConsumer != null) {
67+
throw new BadRequestException("Consumer already exist");
68+
}
69+
70+
String ownerName = consumer.getOwnerName();
71+
UserInfo owner = userService.findByUserId(ownerName);
72+
if (owner == null) {
73+
throw new BadRequestException(String.format("User does not exist. UserId = %s", ownerName));
74+
}
75+
consumer.setOwnerEmail(owner.getEmail());
76+
77+
String operator = userInfoHolder.getUser().getUserId();
78+
consumer.setDataChangeCreatedBy(operator);
79+
consumer.setDataChangeLastModifiedBy(operator);
80+
81+
return consumerRepository.save(consumer);
82+
}
83+
84+
public ConsumerToken generateAndSaveConsumerToken(Consumer consumer, Date expires) {
85+
Preconditions.checkArgument(consumer != null, "Consumer can not be null");
86+
87+
ConsumerToken consumerToken = generateConsumerToken(consumer, expires);
88+
consumerToken.setId(0);
89+
90+
return consumerTokenRepository.save(consumerToken);
91+
}
92+
93+
public ConsumerToken getConsumerTokenByAppId(String appId) {
94+
Consumer consumer = consumerRepository.findByAppId(appId);
95+
if (consumer == null) {
96+
return null;
97+
}
98+
99+
return consumerTokenRepository.findByConsumerId(consumer.getId());
100+
}
41101

42102
public Long getConsumerIdByToken(String token) {
43103
if (Strings.isNullOrEmpty(token)) {
44104
return null;
45105
}
46106
ConsumerToken consumerToken = consumerTokenRepository.findTopByTokenAndExpiresAfter(token,
47-
new Date());
107+
new Date());
48108
return consumerToken == null ? null : consumerToken.getConsumerId();
49109
}
50110

51111
public Consumer getConsumerByConsumerId(long consumerId) {
52112
return consumerRepository.findOne(consumerId);
53113
}
54114

55-
public void generateAndEnrichConsumerToken(ConsumerToken consumerToken) {
56-
Consumer consumer = getConsumerByConsumerId(consumerToken.getConsumerId());
115+
@Transactional
116+
public List<ConsumerRole> assignNamespaceRoleToConsumer(String token, String appId, String namespaceName) {
117+
Long consumerId = getConsumerIdByToken(token);
118+
if (consumerId == null) {
119+
throw new BadRequestException("Token is Illegal");
120+
}
57121

58-
Preconditions.checkState(consumer != null, String.format("Consumer with id: %d not found!",
59-
consumerToken.getConsumerId()));
122+
Role namespaceModifyRole =
123+
rolePermissionService.findRoleByRoleName(RoleUtils.buildModifyNamespaceRoleName(appId, namespaceName));
124+
Role namespaceReleaseRole =
125+
rolePermissionService.findRoleByRoleName(RoleUtils.buildReleaseNamespaceRoleName(appId, namespaceName));
60126

61-
if (consumerToken.getDataChangeCreatedTime() == null) {
62-
consumerToken.setDataChangeCreatedTime(new Date());
127+
if (namespaceModifyRole == null || namespaceReleaseRole == null) {
128+
throw new BadRequestException("Namespace's role does not exist. Please check whether namespace has created.");
63129
}
64-
consumerToken.setToken(generateConsumerToken(consumer.getAppId(), consumerToken
65-
.getDataChangeCreatedTime(), portalConfig.consumerTokenSalt()));
130+
131+
long namespaceModifyRoleId = namespaceModifyRole.getId();
132+
long namespaceReleaseRoleId = namespaceReleaseRole.getId();
133+
134+
ConsumerRole managedModifyRole = consumerRoleRepository.findByConsumerIdAndRoleId(consumerId, namespaceModifyRoleId);
135+
if (managedModifyRole != null) {
136+
throw new BadRequestException("Namespace's role has assigned to consumer.");
137+
}
138+
139+
String operator = userInfoHolder.getUser().getUserId();
140+
141+
ConsumerRole namespaceModifyConsumerRole = createConsumerRole(consumerId, namespaceModifyRoleId, operator);
142+
ConsumerRole namespaceReleaseConsumerRole = createConsumerRole(consumerId, namespaceReleaseRoleId, operator);
143+
144+
ConsumerRole createdModifyConsumerRole = consumerRoleRepository.save(namespaceModifyConsumerRole);
145+
ConsumerRole createdReleaseConsumerRole = consumerRoleRepository.save(namespaceReleaseConsumerRole);
146+
147+
return Arrays.asList(createdModifyConsumerRole, createdReleaseConsumerRole);
148+
}
149+
150+
@Transactional
151+
public void createConsumerAudits(Iterable<ConsumerAudit> consumerAudits) {
152+
consumerAuditRepository.save(consumerAudits);
66153
}
67154

68155
@Transactional
@@ -72,15 +159,50 @@ public ConsumerToken createConsumerToken(ConsumerToken entity) {
72159
return consumerTokenRepository.save(entity);
73160
}
74161

75-
@Transactional
76-
public void createConsumerAudits(Iterable<ConsumerAudit> consumerAudits) {
77-
consumerAuditRepository.save(consumerAudits);
162+
private ConsumerToken generateConsumerToken(Consumer consumer, Date expires) {
163+
long consumerId = consumer.getId();
164+
String createdBy = userInfoHolder.getUser().getUserId();
165+
Date createdTime = new Date();
166+
167+
ConsumerToken consumerToken = new ConsumerToken();
168+
consumerToken.setConsumerId(consumerId);
169+
consumerToken.setExpires(expires);
170+
consumerToken.setDataChangeCreatedBy(createdBy);
171+
consumerToken.setDataChangeCreatedTime(createdTime);
172+
consumerToken.setDataChangeLastModifiedBy(createdBy);
173+
consumerToken.setDataChangeLastModifiedTime(createdTime);
174+
175+
generateAndEnrichToken(consumer, consumerToken);
176+
177+
return consumerToken;
178+
}
179+
180+
void generateAndEnrichToken(Consumer consumer, ConsumerToken consumerToken) {
181+
182+
Preconditions.checkArgument(consumer != null);
183+
184+
if (consumerToken.getDataChangeCreatedTime() == null) {
185+
consumerToken.setDataChangeCreatedTime(new Date());
186+
}
187+
consumerToken.setToken(generateToken(consumer.getAppId(), consumerToken
188+
.getDataChangeCreatedTime(), portalConfig.consumerTokenSalt()));
78189
}
79190

80-
String generateConsumerToken(String consumerAppId, Date generationTime, String
191+
String generateToken(String consumerAppId, Date generationTime, String
81192
consumerTokenSalt) {
82193
return Hashing.sha1().hashString(KEY_JOINER.join(consumerAppId, TIMESTAMP_FORMAT.format
83194
(generationTime), consumerTokenSalt), Charsets.UTF_8).toString();
84195
}
85196

197+
ConsumerRole createConsumerRole(Long consumerId, Long roleId, String operator) {
198+
ConsumerRole consumerRole = new ConsumerRole();
199+
200+
consumerRole.setConsumerId(consumerId);
201+
consumerRole.setRoleId(roleId);
202+
consumerRole.setDataChangeCreatedBy(operator);
203+
consumerRole.setDataChangeLastModifiedBy(operator);
204+
205+
return consumerRole;
206+
}
207+
86208
}

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/ConsumerController.java

Lines changed: 41 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,19 @@
11
package com.ctrip.framework.apollo.portal.controller;
22

3+
import com.ctrip.framework.apollo.common.dto.NamespaceDTO;
4+
import com.ctrip.framework.apollo.common.exception.BadRequestException;
5+
import com.ctrip.framework.apollo.core.utils.StringUtils;
6+
import com.ctrip.framework.apollo.openapi.entity.Consumer;
7+
import com.ctrip.framework.apollo.openapi.entity.ConsumerRole;
38
import com.ctrip.framework.apollo.openapi.entity.ConsumerToken;
49
import com.ctrip.framework.apollo.openapi.service.ConsumerService;
5-
import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
610

711
import org.springframework.beans.factory.annotation.Autowired;
812
import org.springframework.format.annotation.DateTimeFormat;
913
import org.springframework.security.access.prepost.PreAuthorize;
14+
import org.springframework.transaction.annotation.Transactional;
1015
import org.springframework.web.bind.annotation.PathVariable;
16+
import org.springframework.web.bind.annotation.RequestBody;
1117
import org.springframework.web.bind.annotation.RequestMapping;
1218
import org.springframework.web.bind.annotation.RequestMethod;
1319
import org.springframework.web.bind.annotation.RequestParam;
@@ -16,50 +22,60 @@
1622
import java.util.Calendar;
1723
import java.util.Date;
1824
import java.util.GregorianCalendar;
25+
import java.util.List;
1926

2027
/**
2128
* @author Jason Song(song_s@ctrip.com)
2229
*/
2330
@RestController
24-
@RequestMapping("/consumers")
2531
public class ConsumerController {
26-
private static final Date DEFAULT_EXPIRES = new GregorianCalendar(2099, Calendar.JANUARY, 1)
27-
.getTime();
32+
33+
private static final Date DEFAULT_EXPIRES = new GregorianCalendar(2099, Calendar.JANUARY, 1).getTime();
2834

2935
@Autowired
3036
private ConsumerService consumerService;
31-
@Autowired
32-
private UserInfoHolder userInfoHolder;
3337

38+
39+
@Transactional
3440
@PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
35-
@RequestMapping(value = "/{consumerId}/tokens", method = RequestMethod.POST)
36-
public ConsumerToken createConsumerToken(@PathVariable long consumerId,
37-
@RequestParam(value = "expires", required = false)
38-
@DateTimeFormat(pattern = "yyyyMMddHHmmss") Date
39-
expires) {
41+
@RequestMapping(value = "/consumers", method = RequestMethod.POST)
42+
public ConsumerToken createConsumer(@RequestBody Consumer consumer,
43+
@RequestParam(value = "expires", required = false)
44+
@DateTimeFormat(pattern = "yyyyMMddHHmmss") Date
45+
expires) {
46+
47+
if (StringUtils.isContainEmpty(consumer.getAppId(), consumer.getName(),
48+
consumer.getOwnerName(), consumer.getOrgId())) {
49+
throw new BadRequestException("Params(appId、name、ownerName、orgId) can not be empty.");
50+
}
51+
52+
Consumer createdConsumer = consumerService.createConsumer(consumer);
53+
4054
if (expires == null) {
4155
expires = DEFAULT_EXPIRES;
4256
}
4357

44-
ConsumerToken consumerToken = generateConsumerToken(consumerId, expires);
58+
return consumerService.generateAndSaveConsumerToken(createdConsumer, expires);
59+
}
4560

46-
return consumerService.createConsumerToken(consumerToken);
61+
@RequestMapping(value = "/consumers/by-appId", method = RequestMethod.GET)
62+
public ConsumerToken getConsumerTokenByAppId(@RequestParam String appId) {
63+
return consumerService.getConsumerTokenByAppId(appId);
4764
}
4865

49-
private ConsumerToken generateConsumerToken(long consumerId, Date expires) {
50-
String createdBy = userInfoHolder.getUser().getUserId();
51-
Date createdTime = new Date();
66+
@PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
67+
@RequestMapping(value = "/consumers/{token}/assign-role", method = RequestMethod.POST)
68+
public List<ConsumerRole> assignRoleToConsumer(@PathVariable String token, @RequestBody NamespaceDTO namespace) {
5269

53-
ConsumerToken consumerToken = new ConsumerToken();
54-
consumerToken.setConsumerId(consumerId);
55-
consumerToken.setExpires(expires);
56-
consumerToken.setDataChangeCreatedBy(createdBy);
57-
consumerToken.setDataChangeCreatedTime(createdTime);
58-
consumerToken.setDataChangeLastModifiedBy(createdBy);
59-
consumerToken.setDataChangeLastModifiedTime(createdTime);
70+
String appId = namespace.getAppId();
71+
String namespaceName = namespace.getNamespaceName();
6072

61-
consumerService.generateAndEnrichConsumerToken(consumerToken);
73+
if (StringUtils.isContainEmpty(appId, namespaceName)) {
74+
throw new BadRequestException("Params(AppId、NamespaceName) can not be empty.");
75+
}
6276

63-
return consumerToken;
77+
return consumerService.assignNamespaceRoleToConsumer(token, appId, namespaceName);
6478
}
79+
80+
6581
}

0 commit comments

Comments
 (0)