exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/BaseQueryRunner.java - drill - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.drill.exec.server.rest;

 import java.util.Map;

 import org.apache.calcite.schema.SchemaPlus;
 import org.apache.calcite.tools.ValidationException;
 import org.apache.drill.common.config.DrillConfig;
 import org.apache.drill.common.exceptions.UserException;
 import org.apache.drill.exec.ExecConstants;
 import org.apache.drill.exec.proto.UserBitShared;
 import org.apache.drill.exec.proto.UserBitShared.QueryId;
 import org.apache.drill.exec.proto.UserBitShared.QueryType;
 import org.apache.drill.exec.proto.UserProtos.QueryResultsMode;
 import org.apache.drill.exec.proto.UserProtos.RunQuery;
 import org.apache.drill.exec.rpc.UserClientConnection;
 import org.apache.drill.exec.rpc.user.InboundImpersonationManager;
 import org.apache.drill.exec.server.options.OptionSet;
 import org.apache.drill.exec.server.options.SessionOptionManager;
 import org.apache.drill.exec.store.SchemaTreeProvider;
 import org.apache.drill.exec.util.ImpersonationUtil;
 import org.apache.drill.exec.work.WorkManager;
 import org.apache.parquet.Strings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 public abstract class BaseQueryRunner {
   private static final Logger logger = LoggerFactory.getLogger(BaseQueryRunner.class);

   protected final WorkManager workManager;
   protected final WebUserConnection webUserConnection;
   private final OptionSet options;
   protected int maxRows;
   protected QueryId queryId;

   public BaseQueryRunner(final WorkManager workManager, final WebUserConnection webUserConnection) {
     this.workManager = workManager;
     this.webUserConnection = webUserConnection;
     this.options = webUserConnection.getSession().getOptions();
     this.maxRows = options.getInt(ExecConstants.QUERY_MAX_ROWS);
   }

   protected void applyUserName(String userName) {
     if (Strings.isNullOrEmpty(userName)) {
       return;
     }

     DrillConfig config = workManager.getContext().getConfig();
     if (!config.getBoolean(ExecConstants.IMPERSONATION_ENABLED)) {
       throw UserException.permissionError()
         .message("User impersonation is not enabled")
         .build(logger);
     }

     String proxyUserName = webUserConnection.getSession().getCredentials().getUserName();
     if (proxyUserName.equals(userName)) {
       // Either the proxy user is impersonating itself, which is a no-op, or
       // the userName on the UserSession has already been modified to be the
       // impersonated user by an earlier request belonging to the same session.
       return;
     }

     InboundImpersonationManager inboundImpersonationManager = new InboundImpersonationManager();
     boolean isAdmin = !config.getBoolean(ExecConstants.USER_AUTHENTICATION_ENABLED) ||
       ImpersonationUtil.hasAdminPrivileges(
           proxyUserName,
           ExecConstants.ADMIN_USERS_VALIDATOR.getAdminUsers(options),
           ExecConstants.ADMIN_USER_GROUPS_VALIDATOR.getAdminUserGroups(options));
     if (isAdmin) {
       // Admin user can impersonate any user they want to (when authentication is disabled, all users are admin)
       webUserConnection.getSession().replaceUserCredentials(
         inboundImpersonationManager,
         UserBitShared.UserCredentials.newBuilder().setUserName(userName).build());
     } else {
       // Check configured impersonation rules to see if this user is allowed to impersonate the given user
       inboundImpersonationManager.replaceUserOnSession(userName, webUserConnection.getSession());
     }
   }

   protected void applyOptions(Map<String, String> options) {
      if (options != null) {
       SessionOptionManager sessionOptionManager = webUserConnection.getSession().getOptions();
       for (Map.Entry<String, String> entry : options.entrySet()) {
         sessionOptionManager.setLocalOption(entry.getKey(), entry.getValue());
       }
     }
   }

   protected void applyDefaultSchema(String defaultSchema) throws ValidationException {
     if (!Strings.isNullOrEmpty(defaultSchema)) {
       SessionOptionManager options = webUserConnection.getSession().getOptions();
       @SuppressWarnings("resource")
       SchemaTreeProvider schemaTreeProvider = new SchemaTreeProvider(workManager.getContext());
       SchemaPlus rootSchema = schemaTreeProvider.createRootSchema(options);
       webUserConnection.getSession().setDefaultSchemaPath(defaultSchema, rootSchema);
     }
   }

   protected void applyRowLimit(int limit) {
     if (limit > 0 && maxRows > 0) {
       maxRows = Math.min(limit, maxRows);
     } else {
       maxRows = Math.max(limit, maxRows);
     }
   }

   protected void startQuery(QueryType queryType, String query, UserClientConnection clientConn) {
     final RunQuery runQuery = RunQuery.newBuilder()
         .setType(queryType)
         .setPlan(query)
         .setResultsMode(QueryResultsMode.STREAM_FULL)
         .setAutolimitRowcount(maxRows)
         .build();

     // Submit user query to Drillbit work queue.
     queryId = workManager.getUserWorker().submitWork(clientConn, runQuery);
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.drill.exec.server.rest;

	import java.util.Map;

	import org.apache.calcite.schema.SchemaPlus;
	import org.apache.calcite.tools.ValidationException;
	import org.apache.drill.common.config.DrillConfig;
	import org.apache.drill.common.exceptions.UserException;
	import org.apache.drill.exec.ExecConstants;
	import org.apache.drill.exec.proto.UserBitShared;
	import org.apache.drill.exec.proto.UserBitShared.QueryId;
	import org.apache.drill.exec.proto.UserBitShared.QueryType;
	import org.apache.drill.exec.proto.UserProtos.QueryResultsMode;
	import org.apache.drill.exec.proto.UserProtos.RunQuery;
	import org.apache.drill.exec.rpc.UserClientConnection;
	import org.apache.drill.exec.rpc.user.InboundImpersonationManager;
	import org.apache.drill.exec.server.options.OptionSet;
	import org.apache.drill.exec.server.options.SessionOptionManager;
	import org.apache.drill.exec.store.SchemaTreeProvider;
	import org.apache.drill.exec.util.ImpersonationUtil;
	import org.apache.drill.exec.work.WorkManager;
	import org.apache.parquet.Strings;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	public abstract class BaseQueryRunner {
	private static final Logger logger = LoggerFactory.getLogger(BaseQueryRunner.class);

	protected final WorkManager workManager;
	protected final WebUserConnection webUserConnection;
	private final OptionSet options;
	protected int maxRows;
	protected QueryId queryId;

	public BaseQueryRunner(final WorkManager workManager, final WebUserConnection webUserConnection) {
	this.workManager = workManager;
	this.webUserConnection = webUserConnection;
	this.options = webUserConnection.getSession().getOptions();
	this.maxRows = options.getInt(ExecConstants.QUERY_MAX_ROWS);
	}

	protected void applyUserName(String userName) {
	if (Strings.isNullOrEmpty(userName)) {
	return;
	}

	DrillConfig config = workManager.getContext().getConfig();
	if (!config.getBoolean(ExecConstants.IMPERSONATION_ENABLED)) {
	throw UserException.permissionError()
	.message("User impersonation is not enabled")
	.build(logger);
	}

	String proxyUserName = webUserConnection.getSession().getCredentials().getUserName();
	if (proxyUserName.equals(userName)) {
	// Either the proxy user is impersonating itself, which is a no-op, or
	// the userName on the UserSession has already been modified to be the
	// impersonated user by an earlier request belonging to the same session.
	return;
	}

	InboundImpersonationManager inboundImpersonationManager = new InboundImpersonationManager();
	boolean isAdmin = !config.getBoolean(ExecConstants.USER_AUTHENTICATION_ENABLED) \|\|
	ImpersonationUtil.hasAdminPrivileges(
	proxyUserName,
	ExecConstants.ADMIN_USERS_VALIDATOR.getAdminUsers(options),
	ExecConstants.ADMIN_USER_GROUPS_VALIDATOR.getAdminUserGroups(options));
	if (isAdmin) {
	// Admin user can impersonate any user they want to (when authentication is disabled, all users are admin)
	webUserConnection.getSession().replaceUserCredentials(
	inboundImpersonationManager,
	UserBitShared.UserCredentials.newBuilder().setUserName(userName).build());
	} else {
	// Check configured impersonation rules to see if this user is allowed to impersonate the given user
	inboundImpersonationManager.replaceUserOnSession(userName, webUserConnection.getSession());
	}
	}

	protected void applyOptions(Map<String, String> options) {
	if (options != null) {
	SessionOptionManager sessionOptionManager = webUserConnection.getSession().getOptions();
	for (Map.Entry<String, String> entry : options.entrySet()) {
	sessionOptionManager.setLocalOption(entry.getKey(), entry.getValue());
	}
	}
	}

	protected void applyDefaultSchema(String defaultSchema) throws ValidationException {
	if (!Strings.isNullOrEmpty(defaultSchema)) {
	SessionOptionManager options = webUserConnection.getSession().getOptions();
	@SuppressWarnings("resource")
	SchemaTreeProvider schemaTreeProvider = new SchemaTreeProvider(workManager.getContext());
	SchemaPlus rootSchema = schemaTreeProvider.createRootSchema(options);
	webUserConnection.getSession().setDefaultSchemaPath(defaultSchema, rootSchema);
	}
	}

	protected void applyRowLimit(int limit) {
	if (limit > 0 && maxRows > 0) {
	maxRows = Math.min(limit, maxRows);
	} else {
	maxRows = Math.max(limit, maxRows);
	}
	}

	protected void startQuery(QueryType queryType, String query, UserClientConnection clientConn) {
	final RunQuery runQuery = RunQuery.newBuilder()
	.setType(queryType)
	.setPlan(query)
	.setResultsMode(QueryResultsMode.STREAM_FULL)
	.setAutolimitRowcount(maxRows)
	.build();

	// Submit user query to Drillbit work queue.
	queryId = workManager.getUserWorker().submitWork(clientConn, runQuery);
	}
	}