Merge branch 'dev-1.1.19' of github.com:WeDataSphere/DataSphereStudio…

… into dev-1.1.19
WeDataSphere · Jan 19, 2024 · 5302cc1 · 5302cc1
2 parents 26f53ae + 0df9b19
commit 5302cc1
Show file tree

Hide file tree

Showing 7 changed files with 44 additions and 13 deletions.
diff --git a/conf/dss-framework-orchestrator-server.properties b/conf/dss-framework-orchestrator-server.properties
@@ -60,7 +60,6 @@ wds.linkis.server.version=v1
 wds.linkis.server.socket.mode=true
 
 wds.linkis.client.flow.adminuser=ws
-wds.linkis.client.flow.author.user.token=WS-AUTH
 
 wds.linkis.server.component.exclude.classes=org.apache.linkis.entranceclient.conf.ClientForEntranceSpringConfiguration,org.apache.linkis.entranceclient.conf.ClientSpringConfiguration
 

diff --git a/...rc/main/java/com/webank/wedatasphere/dss/appconn/manager/impl/AbstractAppConnManager.java b/...rc/main/java/com/webank/wedatasphere/dss/appconn/manager/impl/AbstractAppConnManager.java
@@ -53,13 +53,13 @@ public abstract class AbstractAppConnManager implements AppConnManager {
     private final AppConnLoader appConnLoader = AppConnLoaderFactory.getAppConnLoader();
 
     private final Map<String, AppConn> appConns = new HashMap<>();
-    private boolean isLoaded = false;
+    private volatile boolean isLoaded = false;
     private List<AppConn> appConnList = null;
     AppConnInfoService appConnInfoService;
     private AppConnResourceService appConnResourceService;
     private AppConnRefreshThread appConnRefreshThread;
 
-    private static AppConnManager appConnManager;
+    private static volatile AppConnManager appConnManager;
     private static boolean lazyLoad = false;
 
     public static void setLazyLoad() {
@@ -87,8 +87,8 @@ public static AppConnManager getAppConnManager() {
                 LOGGER.info("The instance of AppConnManager is {}.", appConnManager.getClass().getName());
                 appConnManager.init();
             }
+            return appConnManager;
         }
-        return appConnManager;
     }
 
     @Override

diff --git a/.../com/webank/wedatasphere/dss/apiservice/core/service/impl/ApiServiceQueryServiceImpl.java b/.../com/webank/wedatasphere/dss/apiservice/core/service/impl/ApiServiceQueryServiceImpl.java
@@ -23,10 +23,8 @@
 import com.webank.wedatasphere.dss.apiservice.core.bo.LinkisExecuteResult;
 import com.webank.wedatasphere.dss.apiservice.core.config.ApiServiceConfiguration;
 import com.webank.wedatasphere.dss.apiservice.core.constant.ParamType;
-import com.webank.wedatasphere.dss.apiservice.core.constant.ParamTypeEnum;
 import com.webank.wedatasphere.dss.apiservice.core.constant.RequireEnum;
 import com.webank.wedatasphere.dss.apiservice.core.dao.*;
-import com.webank.wedatasphere.dss.apiservice.core.exception.ApiExecuteException;
 import com.webank.wedatasphere.dss.apiservice.core.exception.ApiServiceQueryException;
 import com.webank.wedatasphere.dss.apiservice.core.execute.ApiServiceExecuteJob;
 import com.webank.wedatasphere.dss.apiservice.core.execute.DefaultApiServiceJob;
@@ -72,6 +70,8 @@
 import java.sql.SQLException;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
 import static java.util.stream.Collectors.toMap;
@@ -80,7 +80,8 @@
 @Service
 public class ApiServiceQueryServiceImpl implements ApiServiceQueryService {
     private static final Logger LOG = LoggerFactory.getLogger(ApiServiceQueryServiceImpl.class);
-
+    private static final Pattern pattern = Pattern.compile("--+");
+    private static final String REPLACEMENT = "\\-";
 
     Map<String, ApiServiceJob> runJobs = new HashMap<>();
 
@@ -215,9 +216,14 @@ public LinkisExecuteResult query(String path,
             }
 
             // 用户请求的参数值注入检查，排除token
-            for(String k: reqParams.keySet()){
+            for(Map.Entry<String, Object> entry: reqParams.entrySet()){
+                String k = entry.getKey();
+                String v = String.valueOf(entry.getValue());
+                if (v.contains("--")){
+                    entry.setValue(replaceSymbol(v));
+                }
                 if(!k.equals(ApiServiceConfiguration.API_SERVICE_TOKEN_KEY.getValue())
-                   && SQLCheckUtil.doParamInjectionCheck(reqParams.get(k).toString())) {
+                   && SQLCheckUtil.doParamInjectionCheck((String) reqParams.get(k))) {
                     // 如果注入直接返回null
                     LOG.warn("用户参数存在非法的关键字{}", reqParams.get(k).toString());
                     return null;
@@ -543,4 +549,21 @@ private static String getRunTypeFromScriptsPath(String scriptsPath) {
         return res;
 
     }
+
+    private static String replaceSymbol(String str) {
+        StringBuffer sb = new StringBuffer();
+        Matcher matcher = pattern.matcher(str);
+        while (matcher.find()){
+            String match = matcher.group();
+            int length = match.length();
+            StringBuilder replacement = new StringBuilder();
+            for (int i = 0; i < length; i++) {
+                replacement.append(REPLACEMENT);
+            }
+            //避免将replacement识别为正则，将替换字符追加到sb中
+            matcher.appendReplacement(sb, Matcher.quoteReplacement(replacement.toString()));
+        }
+        matcher.appendTail(sb);
+        return sb.toString();
+    }
 }
diff --git a/...ava/com/webank/wedatasphere/dss/framework/project/service/impl/DSSProjectServiceImpl.java b/...ava/com/webank/wedatasphere/dss/framework/project/service/impl/DSSProjectServiceImpl.java
@@ -192,6 +192,9 @@ public List<ProjectResponse> getListByParam(ProjectQueryRequest projectRequest)
             String editPriv = projectVo.getId() + KEY_SPLIT + ProjectUserPrivEnum.PRIV_EDIT.getRank()
                     + KEY_SPLIT + projectRequest.getUsername();
 
+            LOGGER.info("user:{} get project privilege info ,workspaceId:{}, projectId:{}, projectName:{}, pusername:{}, editPriv:{}",
+                    projectRequest.getUsername(), projectRequest.getWorkspaceId(), projectVo.getId(), projectVo.getName(), pusername, editPriv);
+
             Map<String, List<String>> userPricMap = new HashMap<>();
             String[] tempstrArr = pusername.split(MODE_SPLIT);
 
@@ -212,6 +215,9 @@ public List<ProjectResponse> getListByParam(ProjectQueryRequest projectRequest)
             projectResponse.setEditUsers(CollectionUtils.isEmpty(editUsers) ? new ArrayList<>() : editUsers.stream().distinct().collect(Collectors.toList()));
             projectResponse.setReleaseUsers(CollectionUtils.isEmpty(releaseUsers) ? new ArrayList<>() : releaseUsers.stream().distinct().collect(Collectors.toList()));
 
+            LOGGER.info("user:{} get project access users info, workspaceId:{}, projectId:{}, projectName:{}, accessUsers:{}, editUsers:{}, releaseUsers:{}",
+                    projectRequest.getUsername(), projectRequest.getWorkspaceId(), projectVo.getId(), projectVo.getName(), accessUsers, editUsers, releaseUsers);
+
             // 用户是否具有编辑权限  编辑权限和创建者都有
             if (!StringUtils.isEmpty(pusername) &&
                     (pusername.contains(editPriv) ||

diff --git a/...m/webank/wedatasphere/dss/linkis/node/execution/conf/LinkisJobExecutionConfiguration.java b/...m/webank/wedatasphere/dss/linkis/node/execution/conf/LinkisJobExecutionConfiguration.java
@@ -61,7 +61,7 @@ public class LinkisJobExecutionConfiguration {
     public final static CommonVars<String> LINKIS_ADMIN_USER = CommonVars.apply("wds.linkis.client.flow.adminuser","ws");
 
 
-    public final static CommonVars<String> LINKIS_AUTHOR_USER_TOKEN = CommonVars.apply("wds.linkis.client.flow.author.user.token","WS-AUTH");
+    public final static CommonVars<String> LINKIS_AUTHOR_USER_TOKEN = CommonVars.apply("wds.linkis.client.flow.author.user.token","admin-kmsnd");
 
     public final static CommonVars<String> LINKIS_JOB_CREATOR = CommonVars.apply("wds.linkis.flow.job.creator","nodeexecution");
 

diff --git a/...va/com/webank/wedatasphere/dss/linkis/node/execution/service/impl/BuildJobActionImpl.java b/...va/com/webank/wedatasphere/dss/linkis/node/execution/service/impl/BuildJobActionImpl.java
@@ -148,15 +148,18 @@ public JobSubmitAction getSubmitAction(Job job) throws LinkisJobExecutionErrorEx
 
         JobSubmitAction.Builder builder = JobSubmitAction.builder()
                 .addExecuteCode(code)
-                .setUser(job.getUser())
                 .addExecuteUser(job.getUser())
                 .setParams(paramMapCopy)
                 .setLabels(labels)
                 .setRuntimeParams(job.getRuntimeParams());
         if (job instanceof LinkisJob) {
+            LinkisJob linkisJob = (LinkisJob) job;
+            builder = builder.setUser(linkisJob.getSubmitUser());
             Map<String, Object> source = new HashMap<>();
-            source.putAll(((LinkisJob) job).getSource());
+            source.putAll(linkisJob.getSource());
             builder = builder.setSource(source);
+        }else{
+            builder = builder.setUser(job.getUser());
         }
         // 将execute接口带来的额外variable参数，带进来  todo check
         Map<String, Object> propMap = new HashMap<>();

diff --git a/plugins/azkaban/linkis-jobtype/src/main/resources/plugin.properties b/plugins/azkaban/linkis-jobtype/src/main/resources/plugin.properties
@@ -16,6 +16,6 @@
 
 wds.linkis.gateway.url.v1=http://127.0.0.1:9001
 wds.linkis.gateway.url.v0=http://127.0.0.1:9001
-wds.linkis.client.flow.author.user.token=WS-AUTH
+wds.linkis.client.flow.author.user.token=admin-kmsnd
 wds.linkis.flow.job.creator=scheduler
 wds.linkis.flow.job.creator.v1=schedulis