dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AccessTokenServiceImpl.java - dolphinscheduler - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.dolphinscheduler.api.service.impl;

 import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_CREATE;
 import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_DELETE;
 import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_UPDATE;

 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.exceptions.ServiceException;
 import org.apache.dolphinscheduler.api.service.AccessTokenService;
 import org.apache.dolphinscheduler.api.utils.PageInfo;
 import org.apache.dolphinscheduler.common.enums.AuthorizationType;
 import org.apache.dolphinscheduler.common.enums.UserType;
 import org.apache.dolphinscheduler.common.utils.DateUtils;
 import org.apache.dolphinscheduler.common.utils.EncryptionUtils;
 import org.apache.dolphinscheduler.dao.entity.AccessToken;
 import org.apache.dolphinscheduler.dao.entity.User;
 import org.apache.dolphinscheduler.dao.mapper.AccessTokenMapper;

 import org.apache.commons.lang3.StringUtils;

 import java.util.Date;
 import java.util.List;

 import lombok.extern.slf4j.Slf4j;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;

 /**
  * access token service impl
  */
 @Service
 @Slf4j
 public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTokenService {

     @Autowired
     private AccessTokenMapper accessTokenMapper;

     /**
      * query access token list
      *
      * @param loginUser login user
      * @param searchVal search value
      * @param pageNo    page number
      * @param pageSize  page size
      * @return token list for page number and page size
      */
     @Override
     public PageInfo<AccessToken> queryAccessTokenList(User loginUser, String searchVal, Integer pageNo,
                                                       Integer pageSize) {
         PageInfo<AccessToken> pageInfo = new PageInfo<>(pageNo, pageSize);
         Page<AccessToken> page = new Page<>(pageNo, pageSize);
         int userId = loginUser.getId();
         if (loginUser.getUserType() == UserType.ADMIN_USER) {
             userId = 0;
         }
         IPage<AccessToken> accessTokenList = accessTokenMapper.selectAccessTokenPage(page, searchVal, userId);
         pageInfo.setTotal((int) accessTokenList.getTotal());
         pageInfo.setTotalList(accessTokenList.getRecords());
         return pageInfo;
     }

     /**
      * query access token for specified user
      *
      * @param loginUser login user
      * @param userId    user id
      * @return token list for specified user
      */
     @Override
     public List<AccessToken> queryAccessTokenByUser(User loginUser, Integer userId) {
         // no permission
         if (loginUser.getUserType().equals(UserType.GENERAL_USER) && loginUser.getId() != userId) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }
         userId = loginUser.getUserType().equals(UserType.ADMIN_USER) ? 0 : userId;
         // query access token for specified user
         List<AccessToken> accessTokenList = this.accessTokenMapper.queryAccessTokenByUser(userId);
         return accessTokenList;
     }

     /**
      * create token
      *
      * @param loginUser loginUser
      * @param userId token for user
      * @param expireTime token expire time
      * @param token token string (if it is absent, it will be automatically generated)
      * @return create result code
      */
     @SuppressWarnings("checkstyle:WhitespaceAround")
     @Override
     public AccessToken createToken(User loginUser, int userId, String expireTime, String token) {

         // 1. check permission
         if (!(canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_CREATE)
                 || loginUser.getId() == userId)) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }

         // 2. check if user is existed
         if (userId <= 0) {
             throw new ServiceException(Status.REQUEST_PARAMS_NOT_VALID_ERROR,
                     "User id: " + userId + " should not less than or equals to 0.");
         }

         // 3. generate access token if absent
         if (StringUtils.isBlank(token)) {
             token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
         }

         // 4. persist to the database
         AccessToken accessToken = new AccessToken();
         accessToken.setUserId(userId);
         accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
         accessToken.setToken(token);
         accessToken.setCreateTime(new Date());
         accessToken.setUpdateTime(new Date());

         int insert = accessTokenMapper.insert(accessToken);

         if (insert > 0) {
             return accessToken;
         }
         throw new ServiceException(Status.CREATE_ACCESS_TOKEN_ERROR);
     }

     /**
      * generate token
      *
      * @param loginUser
      * @param userId     token for user
      * @param expireTime token expire time
      * @return token string
      */
     @Override
     public String generateToken(User loginUser, int userId, String expireTime) {
         return EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
     }

     /**
      * delete access token
      *
      * @param loginUser login user
      * @param id        token id
      * @return delete result code
      */
     @Override
     public void deleteAccessTokenById(User loginUser, int id) {
         if (!canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_DELETE)) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }

         AccessToken accessToken = accessTokenMapper.selectById(id);
         if (accessToken == null) {
             throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
         }

         // admin can operate all, non-admin can operate their own
         if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }
         accessTokenMapper.deleteById(id);
     }

     /**
      * update token by id
      *
      * @param id         token id
      * @param userId     token for user
      * @param expireTime token expire time
      * @param token      token string (if it is absent, it will be automatically generated)
      * @return updated access token entity
      */
     @Override
     public AccessToken updateToken(User loginUser, int id, int userId, String expireTime, String token) {

         // 1. check permission
         if (!canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_UPDATE)) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }

         // 2. check if token is existed
         AccessToken accessToken = accessTokenMapper.selectById(id);
         if (accessToken == null) {
             log.error("Access token does not exist, accessTokenId:{}.", id);
             throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
         }
         // admin can operate all, non-admin can operate their own
         if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
             throw new ServiceException(Status.USER_NO_OPERATION_PERM);
         }

         // 3. generate access token if absent
         if (StringUtils.isBlank(token)) {
             token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
         }

         // 4. persist to the database
         accessToken.setUserId(userId);
         accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
         accessToken.setToken(token);
         accessToken.setUpdateTime(new Date());

         int i = accessTokenMapper.updateById(accessToken);
         if (i <= 0) {
             throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
         }
         return accessToken;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.dolphinscheduler.api.service.impl;

	import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_CREATE;
	import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_DELETE;
	import static org.apache.dolphinscheduler.api.constants.ApiFuncIdentificationConstant.ACCESS_TOKEN_UPDATE;

	import org.apache.dolphinscheduler.api.enums.Status;
	import org.apache.dolphinscheduler.api.exceptions.ServiceException;
	import org.apache.dolphinscheduler.api.service.AccessTokenService;
	import org.apache.dolphinscheduler.api.utils.PageInfo;
	import org.apache.dolphinscheduler.common.enums.AuthorizationType;
	import org.apache.dolphinscheduler.common.enums.UserType;
	import org.apache.dolphinscheduler.common.utils.DateUtils;
	import org.apache.dolphinscheduler.common.utils.EncryptionUtils;
	import org.apache.dolphinscheduler.dao.entity.AccessToken;
	import org.apache.dolphinscheduler.dao.entity.User;
	import org.apache.dolphinscheduler.dao.mapper.AccessTokenMapper;

	import org.apache.commons.lang3.StringUtils;

	import java.util.Date;
	import java.util.List;

	import lombok.extern.slf4j.Slf4j;

	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.stereotype.Service;

	import com.baomidou.mybatisplus.core.metadata.IPage;
	import com.baomidou.mybatisplus.extension.plugins.pagination.Page;

	/**
	* access token service impl
	*/
	@Service
	@Slf4j
	public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTokenService {

	@Autowired
	private AccessTokenMapper accessTokenMapper;

	/**
	* query access token list
	*
	* @param loginUser login user
	* @param searchVal search value
	* @param pageNo page number
	* @param pageSize page size
	* @return token list for page number and page size
	*/
	@Override
	public PageInfo<AccessToken> queryAccessTokenList(User loginUser, String searchVal, Integer pageNo,
	Integer pageSize) {
	PageInfo<AccessToken> pageInfo = new PageInfo<>(pageNo, pageSize);
	Page<AccessToken> page = new Page<>(pageNo, pageSize);
	int userId = loginUser.getId();
	if (loginUser.getUserType() == UserType.ADMIN_USER) {
	userId = 0;
	}
	IPage<AccessToken> accessTokenList = accessTokenMapper.selectAccessTokenPage(page, searchVal, userId);
	pageInfo.setTotal((int) accessTokenList.getTotal());
	pageInfo.setTotalList(accessTokenList.getRecords());
	return pageInfo;
	}

	/**
	* query access token for specified user
	*
	* @param loginUser login user
	* @param userId user id
	* @return token list for specified user
	*/
	@Override
	public List<AccessToken> queryAccessTokenByUser(User loginUser, Integer userId) {
	// no permission
	if (loginUser.getUserType().equals(UserType.GENERAL_USER) && loginUser.getId() != userId) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}
	userId = loginUser.getUserType().equals(UserType.ADMIN_USER) ? 0 : userId;
	// query access token for specified user
	List<AccessToken> accessTokenList = this.accessTokenMapper.queryAccessTokenByUser(userId);
	return accessTokenList;
	}

	/**
	* create token
	*
	* @param loginUser loginUser
	* @param userId token for user
	* @param expireTime token expire time
	* @param token token string (if it is absent, it will be automatically generated)
	* @return create result code
	*/
	@SuppressWarnings("checkstyle:WhitespaceAround")
	@Override
	public AccessToken createToken(User loginUser, int userId, String expireTime, String token) {

	// 1. check permission
	if (!(canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_CREATE)
	\|\| loginUser.getId() == userId)) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}

	// 2. check if user is existed
	if (userId <= 0) {
	throw new ServiceException(Status.REQUEST_PARAMS_NOT_VALID_ERROR,
	"User id: " + userId + " should not less than or equals to 0.");
	}

	// 3. generate access token if absent
	if (StringUtils.isBlank(token)) {
	token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
	}

	// 4. persist to the database
	AccessToken accessToken = new AccessToken();
	accessToken.setUserId(userId);
	accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
	accessToken.setToken(token);
	accessToken.setCreateTime(new Date());
	accessToken.setUpdateTime(new Date());

	int insert = accessTokenMapper.insert(accessToken);

	if (insert > 0) {
	return accessToken;
	}
	throw new ServiceException(Status.CREATE_ACCESS_TOKEN_ERROR);
	}

	/**
	* generate token
	*
	* @param loginUser
	* @param userId token for user
	* @param expireTime token expire time
	* @return token string
	*/
	@Override
	public String generateToken(User loginUser, int userId, String expireTime) {
	return EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
	}

	/**
	* delete access token
	*
	* @param loginUser login user
	* @param id token id
	* @return delete result code
	*/
	@Override
	public void deleteAccessTokenById(User loginUser, int id) {
	if (!canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_DELETE)) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}

	AccessToken accessToken = accessTokenMapper.selectById(id);
	if (accessToken == null) {
	throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
	}

	// admin can operate all, non-admin can operate their own
	if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}
	accessTokenMapper.deleteById(id);
	}

	/**
	* update token by id
	*
	* @param id token id
	* @param userId token for user
	* @param expireTime token expire time
	* @param token token string (if it is absent, it will be automatically generated)
	* @return updated access token entity
	*/
	@Override
	public AccessToken updateToken(User loginUser, int id, int userId, String expireTime, String token) {

	// 1. check permission
	if (!canOperatorPermissions(loginUser, null, AuthorizationType.ACCESS_TOKEN, ACCESS_TOKEN_UPDATE)) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}

	// 2. check if token is existed
	AccessToken accessToken = accessTokenMapper.selectById(id);
	if (accessToken == null) {
	log.error("Access token does not exist, accessTokenId:{}.", id);
	throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
	}
	// admin can operate all, non-admin can operate their own
	if (accessToken.getUserId() != loginUser.getId() && !loginUser.getUserType().equals(UserType.ADMIN_USER)) {
	throw new ServiceException(Status.USER_NO_OPERATION_PERM);
	}

	// 3. generate access token if absent
	if (StringUtils.isBlank(token)) {
	token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
	}

	// 4. persist to the database
	accessToken.setUserId(userId);
	accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
	accessToken.setToken(token);
	accessToken.setUpdateTime(new Date());

	int i = accessTokenMapper.updateById(accessToken);
	if (i <= 0) {
	throw new ServiceException(Status.ACCESS_TOKEN_NOT_EXIST, id);
	}
	return accessToken;
	}
	}