src/main/java/org/apache/rocketmq/dashboard/controller/AclController.java - rocketmq-dashboard - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.rocketmq.dashboard.controller;

 import com.google.common.base.Preconditions;
 import java.util.List;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.rocketmq.common.AclConfig;
 import org.apache.rocketmq.common.PlainAccessConfig;
 import org.apache.rocketmq.dashboard.config.RMQConfigure;
 import org.apache.rocketmq.dashboard.model.User;
 import org.apache.rocketmq.dashboard.model.UserInfo;
 import org.apache.rocketmq.dashboard.model.request.AclRequest;
 import org.apache.rocketmq.dashboard.permisssion.Permission;
 import org.apache.rocketmq.dashboard.service.AclService;
 import org.apache.rocketmq.dashboard.support.JsonResult;
 import org.apache.rocketmq.dashboard.util.WebUtil;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;

 @RestController
 @RequestMapping("/acl")
 @Permission
 public class AclController {

     @Resource
     private AclService aclService;

     @Resource
     private RMQConfigure configure;

     @GetMapping("/enable.query")
     public Object isEnableAcl() {
         return new JsonResult<>(configure.isACLEnabled());
     }

     @GetMapping("/config.query")
     public AclConfig getAclConfig(HttpServletRequest request) {
         if (!configure.isLoginRequired()) {
             return aclService.getAclConfig(false);
         }
         UserInfo userInfo = (UserInfo) WebUtil.getValueFromSession(request, WebUtil.USER_INFO);
         // if user info is null but reach here, must exclude secret key for safety.
         return aclService.getAclConfig(userInfo == null || userInfo.getUser().getType() != User.ADMIN);
     }

     @PostMapping("/add.do")
     public Object addAclConfig(@RequestBody PlainAccessConfig config) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
         aclService.addAclConfig(config);
         return true;
     }

     @PostMapping("/delete.do")
     public Object deleteAclConfig(@RequestBody PlainAccessConfig config) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
         aclService.deleteAclConfig(config);
         return true;
     }

     @PostMapping("/update.do")
     public Object updateAclConfig(@RequestBody PlainAccessConfig config) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
         aclService.updateAclConfig(config);
         return true;
     }

     @PostMapping("/topic/add.do")
     public Object addAclTopicConfig(@RequestBody AclRequest request) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
         Preconditions.checkArgument(CollectionUtils.isNotEmpty(request.getConfig().getTopicPerms()), "topic perms is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getTopicPerm()), "topic perm is null");
         aclService.addOrUpdateAclTopicConfig(request);
         return true;
     }

     @PostMapping("/group/add.do")
     public Object addAclGroupConfig(@RequestBody AclRequest request) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
         Preconditions.checkArgument(CollectionUtils.isNotEmpty(request.getConfig().getGroupPerms()), "group perms is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getGroupPerm()), "group perm is null");
         aclService.addOrUpdateAclGroupConfig(request);
         return true;
     }

     @PostMapping("/perm/delete.do")
     public Object deletePermConfig(@RequestBody AclRequest request) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
         aclService.deletePermConfig(request);
         return true;
     }

     @PostMapping("/sync.do")
     public Object syncConfig(@RequestBody PlainAccessConfig config) {
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
         Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
         aclService.syncData(config);
         return true;
     }

     @PostMapping("/white/list/add.do")
     public Object addWhiteList(@RequestBody List<String> whiteList) {
         Preconditions.checkArgument(CollectionUtils.isNotEmpty(whiteList), "white list is null");
         aclService.addWhiteList(whiteList);
         return true;
     }

     @DeleteMapping("/white/list/delete.do")
     public Object deleteWhiteAddr(@RequestParam String request) {
         aclService.deleteWhiteAddr(request);
         return true;
     }

     @PostMapping("/white/list/sync.do")
     public Object synchronizeWhiteList(@RequestBody List<String> whiteList) {
         Preconditions.checkArgument(CollectionUtils.isNotEmpty(whiteList), "white list is null");
         aclService.synchronizeWhiteList(whiteList);
         return true;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.rocketmq.dashboard.controller;

	import com.google.common.base.Preconditions;
	import java.util.List;
	import javax.annotation.Resource;
	import javax.servlet.http.HttpServletRequest;
	import org.apache.commons.collections.CollectionUtils;
	import org.apache.commons.lang3.StringUtils;
	import org.apache.rocketmq.common.AclConfig;
	import org.apache.rocketmq.common.PlainAccessConfig;
	import org.apache.rocketmq.dashboard.config.RMQConfigure;
	import org.apache.rocketmq.dashboard.model.User;
	import org.apache.rocketmq.dashboard.model.UserInfo;
	import org.apache.rocketmq.dashboard.model.request.AclRequest;
	import org.apache.rocketmq.dashboard.permisssion.Permission;
	import org.apache.rocketmq.dashboard.service.AclService;
	import org.apache.rocketmq.dashboard.support.JsonResult;
	import org.apache.rocketmq.dashboard.util.WebUtil;
	import org.springframework.web.bind.annotation.DeleteMapping;
	import org.springframework.web.bind.annotation.GetMapping;
	import org.springframework.web.bind.annotation.PostMapping;
	import org.springframework.web.bind.annotation.RequestBody;
	import org.springframework.web.bind.annotation.RequestMapping;
	import org.springframework.web.bind.annotation.RequestParam;
	import org.springframework.web.bind.annotation.RestController;

	@RestController
	@RequestMapping("/acl")
	@Permission
	public class AclController {

	@Resource
	private AclService aclService;

	@Resource
	private RMQConfigure configure;

	@GetMapping("/enable.query")
	public Object isEnableAcl() {
	return new JsonResult<>(configure.isACLEnabled());
	}

	@GetMapping("/config.query")
	public AclConfig getAclConfig(HttpServletRequest request) {
	if (!configure.isLoginRequired()) {
	return aclService.getAclConfig(false);
	}
	UserInfo userInfo = (UserInfo) WebUtil.getValueFromSession(request, WebUtil.USER_INFO);
	// if user info is null but reach here, must exclude secret key for safety.
	return aclService.getAclConfig(userInfo == null \|\| userInfo.getUser().getType() != User.ADMIN);
	}

	@PostMapping("/add.do")
	public Object addAclConfig(@RequestBody PlainAccessConfig config) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
	aclService.addAclConfig(config);
	return true;
	}

	@PostMapping("/delete.do")
	public Object deleteAclConfig(@RequestBody PlainAccessConfig config) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
	aclService.deleteAclConfig(config);
	return true;
	}

	@PostMapping("/update.do")
	public Object updateAclConfig(@RequestBody PlainAccessConfig config) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
	aclService.updateAclConfig(config);
	return true;
	}

	@PostMapping("/topic/add.do")
	public Object addAclTopicConfig(@RequestBody AclRequest request) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
	Preconditions.checkArgument(CollectionUtils.isNotEmpty(request.getConfig().getTopicPerms()), "topic perms is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getTopicPerm()), "topic perm is null");
	aclService.addOrUpdateAclTopicConfig(request);
	return true;
	}

	@PostMapping("/group/add.do")
	public Object addAclGroupConfig(@RequestBody AclRequest request) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
	Preconditions.checkArgument(CollectionUtils.isNotEmpty(request.getConfig().getGroupPerms()), "group perms is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getGroupPerm()), "group perm is null");
	aclService.addOrUpdateAclGroupConfig(request);
	return true;
	}

	@PostMapping("/perm/delete.do")
	public Object deletePermConfig(@RequestBody AclRequest request) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getAccessKey()), "accessKey is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(request.getConfig().getSecretKey()), "secretKey is null");
	aclService.deletePermConfig(request);
	return true;
	}

	@PostMapping("/sync.do")
	public Object syncConfig(@RequestBody PlainAccessConfig config) {
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getAccessKey()), "accessKey is null");
	Preconditions.checkArgument(StringUtils.isNotEmpty(config.getSecretKey()), "secretKey is null");
	aclService.syncData(config);
	return true;
	}

	@PostMapping("/white/list/add.do")
	public Object addWhiteList(@RequestBody List<String> whiteList) {
	Preconditions.checkArgument(CollectionUtils.isNotEmpty(whiteList), "white list is null");
	aclService.addWhiteList(whiteList);
	return true;
	}

	@DeleteMapping("/white/list/delete.do")
	public Object deleteWhiteAddr(@RequestParam String request) {
	aclService.deleteWhiteAddr(request);
	return true;
	}

	@PostMapping("/white/list/sync.do")
	public Object synchronizeWhiteList(@RequestBody List<String> whiteList) {
	Preconditions.checkArgument(CollectionUtils.isNotEmpty(whiteList), "white list is null");
	aclService.synchronizeWhiteList(whiteList);
	return true;
	}
	}