diff --git a/Roadmap.txt b/Roadmap.txt index a501c5573..eac97225e 100644 --- a/Roadmap.txt +++ b/Roadmap.txt @@ -20,6 +20,8 @@ 待定: + 修复在已登录状态下打开/login地址会死循环的BUG; + 修复登录超时后打开页面内对话框未处理超时的BUG; 看板图表新增导出数据功能; 共享看板支持设置密码; 看板模板管理功能和内置看板模板; diff --git a/datagear-management/src/main/java/org/datagear/management/service/SchemaGuardService.java b/datagear-management/src/main/java/org/datagear/management/service/SchemaGuardService.java index 445145e7d..67fbcf534 100644 --- a/datagear-management/src/main/java/org/datagear/management/service/SchemaGuardService.java +++ b/datagear-management/src/main/java/org/datagear/management/service/SchemaGuardService.java @@ -7,6 +7,7 @@ package org.datagear.management.service; +import org.datagear.management.domain.Schema; import org.datagear.management.domain.SchemaGuard; /** @@ -17,4 +18,29 @@ */ public interface SchemaGuardService extends EntityService { + /** + * 是否允许创建指定的{@linkplain Schema#getUrl()}。 + *

+ * 实现类应支持{@code *}(表示任意多个字符)匹配规则,例如: + *

+ * + *

+ * 另外,如果没有定义任何{@linkplain SchemaGuard},应返回{@code true}。 + *

+ * + * @param schemaURL + * @return + */ + boolean isPermitted(String schemaUrl); } diff --git a/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaGuardServiceImpl.java b/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaGuardServiceImpl.java index 93ea72b0d..f04303703 100644 --- a/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaGuardServiceImpl.java +++ b/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaGuardServiceImpl.java @@ -7,6 +7,8 @@ package org.datagear.management.service.impl; +import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.Map; @@ -15,6 +17,9 @@ import org.datagear.management.domain.SchemaGuard; import org.datagear.management.service.SchemaGuardService; import org.datagear.management.util.dialect.MbSqlDialect; +import org.datagear.persistence.Query; +import org.datagear.util.AsteriskPatternMatcher; +import org.datagear.util.StringUtil; import org.mybatis.spring.SqlSessionTemplate; /** @@ -28,6 +33,10 @@ public class SchemaGuardServiceImpl extends AbstractMybatisEntityService _schemaGuardListCache = null; + public SchemaGuardServiceImpl() { super(); @@ -43,6 +52,77 @@ public SchemaGuardServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialec super(sqlSessionTemplate, dialect); } + public AsteriskPatternMatcher getAsteriskPatternMatcher() + { + return asteriskPatternMatcher; + } + + public void setAsteriskPatternMatcher(AsteriskPatternMatcher asteriskPatternMatcher) + { + this.asteriskPatternMatcher = asteriskPatternMatcher; + } + + @Override + public boolean isPermitted(String schemaUrl) + { + if (this._schemaGuardListCache == null) + { + List schemaGuards = query("getAll", new Query(), buildParamMap(), true); + SchemaGuard.sortByPriority(schemaGuards); + this._schemaGuardListCache = Collections.unmodifiableList(new ArrayList(schemaGuards)); + } + + // 默认为true,表示允许,比如当没有定义任何SchemaGuard时 + boolean permitted = true; + + for (SchemaGuard schemaGuard : this._schemaGuardListCache) + { + if (!schemaGuard.isEnabled()) + continue; + + String pattern = schemaGuard.getPattern(); + + if(StringUtil.isEmpty(pattern)) + continue; + + if (this.asteriskPatternMatcher.matches(pattern, schemaUrl)) + { + permitted = schemaGuard.isPermitted(); + break; + } + } + + return permitted; + } + + @Override + protected boolean update(SchemaGuard entity, Map params) + { + boolean re = super.update(entity, params); + + this._schemaGuardListCache = null; + + return re; + } + + @Override + protected boolean deleteById(String id, Map params) + { + boolean re = super.deleteById(id, params); + + this._schemaGuardListCache = null; + + return re; + } + + @Override + protected void add(SchemaGuard entity, Map params) + { + super.add(entity, params); + + this._schemaGuardListCache = null; + } + @Override protected List query(String statement, Map params) { diff --git a/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java b/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java index 3d4fea3cb..2d5e219f8 100644 --- a/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java +++ b/datagear-management/src/main/java/org/datagear/management/service/impl/SchemaServiceImpl.java @@ -15,6 +15,7 @@ import org.datagear.management.domain.User; import org.datagear.management.service.AuthorizationService; import org.datagear.management.service.PermissionDeniedException; +import org.datagear.management.service.SchemaGuardService; import org.datagear.management.service.SchemaService; import org.datagear.management.service.UserService; import org.datagear.management.util.dialect.MbSqlDialect; @@ -36,6 +37,8 @@ public class SchemaServiceImpl extends AbstractMybatisDataPermissionEntityServic private UserService userService; + private SchemaGuardService schemaGuardService; + public SchemaServiceImpl() { super(); @@ -43,20 +46,22 @@ public SchemaServiceImpl() public SchemaServiceImpl(SqlSessionFactory sqlSessionFactory, MbSqlDialect dialect, AuthorizationService authorizationService, - DriverEntityManager driverEntityManager, UserService userService) + DriverEntityManager driverEntityManager, UserService userService, SchemaGuardService schemaGuardService) { super(sqlSessionFactory, dialect, authorizationService); this.driverEntityManager = driverEntityManager; this.userService = userService; + this.schemaGuardService = schemaGuardService; } public SchemaServiceImpl(SqlSessionTemplate sqlSessionTemplate, MbSqlDialect dialect, AuthorizationService authorizationService, - DriverEntityManager driverEntityManager, UserService userService) + DriverEntityManager driverEntityManager, UserService userService, SchemaGuardService schemaGuardService) { super(sqlSessionTemplate, dialect, authorizationService); this.driverEntityManager = driverEntityManager; this.userService = userService; + this.schemaGuardService = schemaGuardService; } public DriverEntityManager getDriverEntityManager() @@ -79,6 +84,16 @@ public void setUserService(UserService userService) this.userService = userService; } + public SchemaGuardService getSchemaGuardService() + { + return schemaGuardService; + } + + public void setSchemaGuardService(SchemaGuardService schemaGuardService) + { + this.schemaGuardService = schemaGuardService; + } + @Override public String getResourceType() { @@ -157,8 +172,13 @@ protected void checkInput(Schema entity) */ protected void checkSaveUrlPermission(User user, String url) throws SaveSchemaUrlPermissionDeniedException { - // TODO 新增数据源防护功能,管理员可设置URL白/黑名单,只允许新建名单允许的数据源 - // throw new SaveSchemaUrlPermissionDeniedException(); + if (user.isAdmin()) + return; + + if (this.schemaGuardService.isPermitted(url)) + return; + + throw new SaveSchemaUrlPermissionDeniedException(); } @Override diff --git a/datagear-management/src/main/resources/org/datagear/management/mapper/SchemaGuardMapper.xml b/datagear-management/src/main/resources/org/datagear/management/mapper/SchemaGuardMapper.xml index e9008dc39..743564b40 100644 --- a/datagear-management/src/main/resources/org/datagear/management/mapper/SchemaGuardMapper.xml +++ b/datagear-management/src/main/resources/org/datagear/management/mapper/SchemaGuardMapper.xml @@ -41,6 +41,13 @@ T.${_iq_}id${_iq_} = #{id} + +