Skip to content

Commit a590087

Browse files
authored
realize that data sets, data cleaning, and knowledge bases are isolated according to the creator, and operators are not isolated. (#268)
* feature: add filters for token verification and user context settings * fix: fix the bug of frontend * feature: add user filtering when querying and user information settings when writing to mybatis * feature: realize that data sets, data cleaning, and knowledge bases are isolated according to the creator, and operators are not isolated. * feature: system does not allow registration * fix: fixed the bug that failed when exporting the data set of synthetic results * feature: realize that annotation, collection, evaluation and synthesis are isolated according to the creator, and operators are not isolated. * fix: fix some data isolation related bugs. * feature: add DATAMATE_JWT_ENABLE env. * feature: add DATAMATE_JWT_ENABLE env for k8s. * fix: the new t_operator_release ignores data isolation.
1 parent 3963998 commit a590087

File tree

51 files changed

+769
-440
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

51 files changed

+769
-440
lines changed

backend/api-gateway/src/main/java/com/datamate/gateway/common/filter/UserContextFilter.java renamed to backend/api-gateway/src/main/java/com/datamate/gateway/common/filter/AuthFilter.java

Lines changed: 19 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
import com.fasterxml.jackson.databind.ObjectMapper;
88
import lombok.RequiredArgsConstructor;
99
import lombok.extern.slf4j.Slf4j;
10+
import org.apache.commons.lang3.StringUtils;
1011
import org.springframework.beans.factory.annotation.Value;
1112
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
1213
import org.springframework.cloud.gateway.filter.GlobalFilter;
@@ -22,17 +23,19 @@
2223
import java.nio.charset.StandardCharsets;
2324

2425
/**
25-
* 用户信息过滤器
26+
* 鉴权过滤器
2627
*
2728
*/
2829
@Slf4j
2930
@Component
3031
@RequiredArgsConstructor
31-
public class UserContextFilter implements GlobalFilter {
32+
public class AuthFilter implements GlobalFilter {
3233
private static final String AUTH_HEADER = "Authorization";
3334

3435
private static final String TOKEN_PREFIX = "Bearer ";
3536

37+
private static final String USER_HEADER = "User";
38+
3639
private final UserService userService;
3740

3841
@Value("${datamate.jwt.enable:false}")
@@ -55,10 +58,22 @@ public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
5558
return sendUnauthorizedResponse(exchange);
5659
}
5760
String token = authHeader.substring(TOKEN_PREFIX.length());
58-
if (!userService.validateToken(token)) {
61+
String user = userService.validateToken(token);
62+
if (StringUtils.isBlank(user)) {
5963
return sendUnauthorizedResponse(exchange);
6064
}
61-
return chain.filter(exchange);
65+
// 4. 创建新的请求
66+
ServerHttpRequest mutatedRequest = request.mutate()
67+
.headers(httpHeaders -> {
68+
// 或者直接操作headers
69+
httpHeaders.add(USER_HEADER, user);
70+
})
71+
.build();
72+
// 5. 使用新的请求创建新的exchange
73+
ServerWebExchange mutatedExchange = exchange.mutate()
74+
.request(mutatedRequest)
75+
.build();
76+
return chain.filter(mutatedExchange);
6277
} catch (Exception e) {
6378
log.error("get current user info error", e);
6479
return sendUnauthorizedResponse(exchange);

backend/api-gateway/src/main/java/com/datamate/gateway/domain/service/UserService.java

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -3,9 +3,7 @@
33
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
44
import com.datamate.gateway.domain.entity.User;
55
import com.datamate.gateway.domain.repository.UserRepository;
6-
import io.jsonwebtoken.JwtException;
7-
import io.jsonwebtoken.Jwts;
8-
import io.jsonwebtoken.SignatureAlgorithm;
6+
import io.jsonwebtoken.*;
97
import io.jsonwebtoken.security.Keys;
108
import lombok.RequiredArgsConstructor;
119
import org.springframework.beans.factory.annotation.Value;
@@ -26,6 +24,8 @@
2624
@Service
2725
@RequiredArgsConstructor
2826
public class UserService {
27+
private static final String SYSTEM_USER = "system";
28+
2929
private final UserRepository userRepository;
3030

3131
@Value("${datamate.jwt.expiration-seconds:3600}")
@@ -70,12 +70,12 @@ private String generateToken(User user) {
7070
.compact();
7171
}
7272

73-
public boolean validateToken(String token) {
73+
public String validateToken(String token) {
7474
try {
75-
Jwts.parser().setSigningKey(secret.getBytes()).parseClaimsJws(token);
76-
return true;
75+
Jws<Claims> claimsJws = Jwts.parserBuilder().setSigningKey(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8))).build().parseClaimsJws(token);
76+
return claimsJws.getBody().getSubject();
7777
} catch (JwtException | IllegalArgumentException ex) {
78-
return false;
78+
return null;
7979
}
8080
}
8181

@@ -89,7 +89,7 @@ public Optional<User> register(RegisterRequest registerRequest) {
8989
// Check if username already exists
9090
LambdaQueryWrapper<User> usernameQuery = new LambdaQueryWrapper<>();
9191
usernameQuery.eq(User::getUsername, registerRequest.getUsername());
92-
if (userRepository.getOne(usernameQuery) != null) {
92+
if (userRepository.getOne(usernameQuery) != null || SYSTEM_USER.equals(registerRequest.getUsername())) {
9393
return Optional.empty();
9494
}
9595

backend/services/data-cleaning-service/src/main/java/com/datamate/cleaning/domain/model/entity/CleaningTask.java

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.baomidou.mybatisplus.annotation.TableName;
44
import com.datamate.cleaning.common.enums.CleaningTaskStatusEnum;
5+
import com.datamate.common.domain.model.base.BaseEntity;
56
import lombok.Getter;
67
import lombok.Setter;
78

@@ -14,9 +15,7 @@
1415
@Getter
1516
@Setter
1617
@TableName(value = "t_clean_task", autoResultMap = true)
17-
public class CleaningTask {
18-
private String id;
19-
18+
public class CleaningTask extends BaseEntity<String> {
2019
private String name;
2120

2221
private String description;
@@ -37,8 +36,6 @@ public class CleaningTask {
3736

3837
private Integer fileCount;
3938

40-
private LocalDateTime createdAt;
41-
4239
private LocalDateTime startedAt;
4340

4441
private LocalDateTime finishedAt;

backend/services/data-cleaning-service/src/main/java/com/datamate/cleaning/infrastructure/persistence/mapper/CleaningResultMapper.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,10 @@
22

33
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
44
import com.datamate.cleaning.domain.model.entity.CleaningResult;
5+
import com.datamate.common.infrastructure.config.IgnoreDataScopeAnnotation;
56
import org.apache.ibatis.annotations.Mapper;
67

78
@Mapper
9+
@IgnoreDataScopeAnnotation
810
public interface CleaningResultMapper extends BaseMapper<CleaningResult> {
911
}

backend/services/data-cleaning-service/src/main/java/com/datamate/cleaning/infrastructure/persistence/mapper/CleaningTemplateMapper.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,15 @@
55
import com.baomidou.mybatisplus.core.toolkit.Constants;
66
import com.datamate.cleaning.domain.model.entity.TemplateWithInstance;
77
import com.datamate.cleaning.domain.model.entity.CleaningTemplate;
8+
import com.datamate.common.infrastructure.config.IgnoreDataScopeAnnotation;
89
import org.apache.ibatis.annotations.Mapper;
910
import org.apache.ibatis.annotations.Param;
1011
import org.apache.ibatis.annotations.Select;
1112

1213
import java.util.List;
1314

1415
@Mapper
16+
@IgnoreDataScopeAnnotation
1517
public interface CleaningTemplateMapper extends BaseMapper<CleaningTemplate> {
1618
@Select("SELECT t.id AS id, name, description, created_at, updated_at, created_by, operator_id, op_index, " +
1719
"settings_override FROM t_clean_template t LEFT JOIN t_operator_instance o ON t.id = o.instance_id " +

backend/services/data-cleaning-service/src/main/java/com/datamate/cleaning/infrastructure/persistence/mapper/OperatorInstanceMapper.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
44
import com.datamate.cleaning.domain.model.entity.OperatorInstance;
5+
import com.datamate.common.infrastructure.config.IgnoreDataScopeAnnotation;
56
import com.datamate.operator.domain.model.OperatorView;
67
import org.apache.ibatis.annotations.Mapper;
78
import org.apache.ibatis.annotations.Select;
@@ -10,6 +11,7 @@
1011

1112

1213
@Mapper
14+
@IgnoreDataScopeAnnotation
1315
public interface OperatorInstanceMapper extends BaseMapper<OperatorInstance> {
1416
@Select("SELECT o.operator_id as id, o.operator_name as name, o.description, o.version, o.inputs, o.outputs, " +
1517
"o.runtime, o.settings, o.created_at, o.updated_at, " +

backend/services/data-management-service/src/main/java/com/datamate/datamanagement/application/DatasetApplicationService.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -244,7 +244,7 @@ public AllDatasetStatisticsResponse getAllDatasetStatistics() {
244244
public void processDataSourceAsync(String datasetId, String dataSourceId) {
245245
try {
246246
log.info("Initiating data source file scanning, dataset ID: {}, collection task ID: {}", datasetId, dataSourceId);
247-
List<String> filePaths = getFilePaths(dataSourceId);
247+
List<String> filePaths = getFilePaths(dataSourceId, datasetRepository.getById(datasetId));
248248
if (CollectionUtils.isEmpty(filePaths)) {
249249
return;
250250
}
@@ -255,8 +255,8 @@ public void processDataSourceAsync(String datasetId, String dataSourceId) {
255255
}
256256
}
257257

258-
private List<String> getFilePaths(String dataSourceId) {
259-
CollectionTaskDetailResponse taskDetail = collectionTaskClient.getTaskDetail(dataSourceId).getData();
258+
private List<String> getFilePaths(String dataSourceId, Dataset dataset) {
259+
CollectionTaskDetailResponse taskDetail = collectionTaskClient.getTaskDetail(dataSourceId, dataset.getCreatedBy()).getData();
260260
if (taskDetail == null) {
261261
log.warn("Fail to get collection task detail, task ID: {}", dataSourceId);
262262
return Collections.emptyList();

backend/services/data-management-service/src/main/java/com/datamate/datamanagement/application/DatasetFileApplicationService.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ public PagedResponse<DatasetFile> getDatasetFilesWithDirectory(String datasetId,
137137

138138
return new PagedResponse<>(page, size, total, totalPages, datasetFiles);
139139
} catch (IOException e) {
140-
log.error("list dataset path error", e);
140+
log.warn("list dataset path error");
141141
return PagedResponse.of(new Page<>(page, size));
142142
}
143143
}

backend/services/data-management-service/src/main/java/com/datamate/datamanagement/infrastructure/client/CollectionTaskClient.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import org.springframework.cloud.openfeign.FeignClient;
66
import org.springframework.web.bind.annotation.GetMapping;
77
import org.springframework.web.bind.annotation.PathVariable;
8+
import org.springframework.web.bind.annotation.RequestHeader;
89

910
/**
1011
* 数据归集服务 Feign Client
@@ -18,5 +19,5 @@ public interface CollectionTaskClient {
1819
* @return 任务详情
1920
*/
2021
@GetMapping("/api/data-collection/tasks/{id}")
21-
Response<CollectionTaskDetailResponse> getTaskDetail(@PathVariable("id") String taskId);
22+
Response<CollectionTaskDetailResponse> getTaskDetail(@PathVariable("id") String taskId, @RequestHeader("User") String authorization);
2223
}

backend/services/data-management-service/src/main/java/com/datamate/datamanagement/infrastructure/persistence/mapper/DatasetFileMapper.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package com.datamate.datamanagement.infrastructure.persistence.mapper;
22

33
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
4+
import com.datamate.common.infrastructure.config.IgnoreDataScopeAnnotation;
45
import com.datamate.datamanagement.domain.model.dataset.DatasetFile;
56
import org.apache.ibatis.annotations.Mapper;
67
import org.apache.ibatis.annotations.Param;
@@ -9,6 +10,7 @@
910
import java.util.List;
1011

1112
@Mapper
13+
@IgnoreDataScopeAnnotation
1214
public interface DatasetFileMapper extends BaseMapper<DatasetFile> {
1315
DatasetFile findById(@Param("id") String id);
1416
List<DatasetFile> findByDatasetId(@Param("datasetId") String datasetId, RowBounds rowBounds);

0 commit comments

Comments
 (0)