Skip to content

Commit

Permalink
fix IT
Browse files Browse the repository at this point in the history
  • Loading branch information
@masaimu
saimu.msm authored and masaimu committed Mar 27, 2024
1 parent 670ca89 commit 1f64459
Show file tree
Hide file tree
Showing 9 changed files with 62 additions and 34 deletions.
15 changes: 14 additions & 1 deletion ...home/home-facade/src/main/java/io/holoinsight/server/home/facade/utils/ParaCheckUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@
*/
public class ParaCheckUtil {

private static Pattern PATTERN_SQL =
private static Pattern PATTERN_CN_SQL =
Pattern.compile("^[\\u00b7A-Za-z0-9\\u4e00-\\u9fa5\\u3000-\\u303f\\uFF0C\\-_ ,|:\\.]*$");
private static Pattern PATTERN_SQL =
Pattern.compile("^[\\u00b7A-Za-z0-9\\u4e00-\\u9fa5\\-_ ,|:\\.]*$");
private static Pattern PATTERN_STRICT_SQL =
Pattern.compile("^[\\u00b7A-Za-z0-9\\u4e00-\\u9fa5\\-_,|\\.]*$");

Expand All @@ -45,6 +47,17 @@ public static boolean sqlNameCheck(String param) {
return false;
}

public static boolean sqlCnNameCheck(String param) {
Matcher commonAllowed = PATTERN_CN_SQL.matcher(param);
if (commonAllowed.find()) {
if (!unicodeCheck(param)) {
return false;
}
return true;
}
return false;
}

public static boolean sqlFieldCheck(String param) {
Matcher commonAllowed = PATTERN_STRICT_SQL.matcher(param);
if (commonAllowed.find()) {
Expand Down
3 changes: 0 additions & 3 deletions ...src/main/java/io/holoinsight/server/home/web/controller/AlarmDingDingRobotFacadeImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,6 @@ public class AlarmDingDingRobotFacadeImpl extends BaseFacade {
@Autowired
private UserOpLogService userOpLogService;

@Autowired
private RequestContextAdapter requestContextAdapter;

@LevelAuthorizationAccess(paramConfigs = {"PARAMETER" + ":$!alarmDingDingRobotDTO"},
levelAuthorizationCheckeClass = "io.holoinsight.server.home.web.security.custom.AlarmDingDingRobotFacadeImplChecker")
@PostMapping("/create")
Expand Down
2 changes: 1 addition & 1 deletion ...home-web/src/main/java/io/holoinsight/server/home/web/controller/AlarmRuleFacadeImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ public class AlarmRuleFacadeImpl extends BaseFacade {
@PostMapping("/create")
@ResponseBody
@MonitorScopeAuth(targetType = AuthTargetType.TENANT, needPower = PowerConstants.EDIT)
public JsonResult<Long> save(@RequestBody AlarmRuleDTO alarmRuleDTO) {
public JsonResult<Long> create(@RequestBody AlarmRuleDTO alarmRuleDTO) {
final JsonResult<Long> result = new JsonResult<>();
facadeTemplate.manage(result, new ManageCallback() {
@Override
Expand Down
10 changes: 4 additions & 6 deletions ...main/java/io/holoinsight/server/home/web/security/custom/AlarmBlockFacadeImplChecker.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,12 +149,12 @@ private LevelAuthorizationCheckResult checkAlarmBlockDTO(String methodName,
return failCheckResult("invalid tags %s", alarmBlockDTO.getTags());
}
if (StringUtils.isNotEmpty(alarmBlockDTO.getTenant())
&& StringUtils.equals(alarmBlockDTO.getTenant(), tenant)) {
&& !StringUtils.equals(alarmBlockDTO.getTenant(), tenant)) {
return failCheckResult("invalid tenant %s, real tenant %s", alarmBlockDTO.getTenant(),
tenant);
}
if (StringUtils.isNotEmpty(alarmBlockDTO.getWorkspace())
&& StringUtils.equals(alarmBlockDTO.getWorkspace(), workspace)) {
&& !StringUtils.equals(alarmBlockDTO.getWorkspace(), workspace)) {
return failCheckResult("invalid workspace %s, real workspace %s",
alarmBlockDTO.getWorkspace(), workspace);
}
Expand All @@ -173,8 +173,7 @@ private boolean checkUniqueId(String uniqueId, String tenant, String workspace)
QueryWrapper<AlarmRule> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("rule_type", arr[0]);
queryWrapper.eq("id", Long.parseLong(arr[1]));
queryWrapper.eq("tenant", tenant);
queryWrapper.eq("workspace", workspace);
requestContextAdapter.queryWrapperTenantAdapt(queryWrapper, tenant, workspace);
List<AlarmRule> rules = this.alarmRuleMapper.selectList(queryWrapper);
if (CollectionUtils.isEmpty(rules)) {
return false;
Expand Down Expand Up @@ -204,8 +203,7 @@ private boolean checkTags(String tags) {
public LevelAuthorizationCheckResult checkIdExists(Long id, String tenant, String workspace) {
QueryWrapper<AlarmBlock> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("id", id);
queryWrapper.eq("tenant", tenant);
queryWrapper.eq("workspace", workspace);
this.requestContextAdapter.queryWrapperTenantAdapt(queryWrapper, tenant, workspace);
List<AlarmBlock> exist = this.alarmBlockMapper.selectList(queryWrapper);
if (CollectionUtils.isEmpty(exist)) {
return failCheckResult("fail to check id for no existed %d %s %s", id, tenant, workspace);
Expand Down
2 changes: 1 addition & 1 deletion ...a/io/holoinsight/server/home/web/security/custom/AlarmDingDingRobotFacadeImplChecker.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ private LevelAuthorizationCheckResult checkAlarmDingDingRobotDTO(String methodNa
dto.getModifier());
}

if (StringUtils.isNotEmpty(dto.getGroupName()) && !checkSqlField(dto.getGroupName())) {
if (StringUtils.isNotEmpty(dto.getGroupName()) && !checkSqlName(dto.getGroupName())) {
return failCheckResult("fail to check %s for invalid group name %s", methodName,
dto.getGroupName());
}
Expand Down
25 changes: 15 additions & 10 deletions ...va/io/holoinsight/server/home/web/security/custom/AlarmRuleLevelAuthorizationChecker.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import static io.holoinsight.server.home.facade.utils.ParaCheckUtil.sqlCnNameCheck;
import static io.holoinsight.server.home.web.security.LevelAuthorizationCheckResult.failCheckResult;
import static io.holoinsight.server.home.web.security.LevelAuthorizationCheckResult.successCheckResult;

Expand Down Expand Up @@ -258,7 +259,7 @@ private LevelAuthorizationCheckResult checkAlarmRuleDTO(String methodName,
}

if (StringUtils.isNotEmpty(alarmRuleDTO.getRuleDescribe())
&& !checkSqlName(alarmRuleDTO.getRuleDescribe())) {
&& !sqlCnNameCheck(alarmRuleDTO.getRuleDescribe())) {
return failCheckResult(
"invalid ruleDescribe %s, please use a-z A-Z 0-9 Chinese - _ , . : spaces ",
alarmRuleDTO.getRuleDescribe());
Expand Down Expand Up @@ -415,10 +416,12 @@ private LevelAuthorizationCheckResult checkDatasources(List<DataSource> datasour
return checkResult;
}
}
if (!CollectionUtils.isEmpty(dataSource.getGroupBy())
&& !checkGroupBy(dataSource.getMetric(), dataSource.getGroupBy())) {
return failCheckResult("fail to check groupBy %s for metric %s",
J.toJson(dataSource.getGroupBy()), dataSource.getMetric());
if (!CollectionUtils.isEmpty(dataSource.getGroupBy())) {
LevelAuthorizationCheckResult checkResult =
checkGroupBy(dataSource.getMetric(), dataSource.getGroupBy());
if (!checkResult.isSuccess()) {
return checkResult;
}
}
if (StringUtils.isNotEmpty(dataSource.getDownsample())
&& !checkDownsample(dataSource.getDownsample())) {
Expand Down Expand Up @@ -446,15 +449,18 @@ private boolean checkDownsample(String downsample) {
return matcher.matches();
}

private boolean checkGroupBy(String metric, List<String> groupBys) {
private LevelAuthorizationCheckResult checkGroupBy(String metric, List<String> groupBys) {
MetricInfo metricInfo = apiSecurityService.getMetricInfo(metric);
if (metricInfo == null) {
return failCheckResult("metricInfo is null for metric %s", metric);
}
List<String> tags = J.toList(metricInfo.getTags());
for (String groupBy : groupBys) {
if (!tags.contains(groupBy)) {
return false;
return failCheckResult("groupby %s cannot be found in %s", groupBy, metricInfo.getTags());
}
}
return true;
return successCheckResult();
}

private LevelAuthorizationCheckResult checkCompareConfigs(List<CompareConfig> compareConfigs) {
Expand Down Expand Up @@ -612,8 +618,7 @@ private boolean checkAlertTemplateUuid(String alertTemplateUuid, String tenant,
public LevelAuthorizationCheckResult checkIdExists(Long id, String tenant, String workspace) {
QueryWrapper<AlarmRule> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("id", id);
queryWrapper.eq("tenant", tenant);
queryWrapper.eq("workspace", workspace);
this.requestContextAdapter.queryWrapperTenantAdapt(queryWrapper, tenant, workspace);
List<AlarmRule> exist = this.alarmRuleMapper.selectList(queryWrapper);
if (CollectionUtils.isEmpty(exist)) {
return failCheckResult("fail to check id for no existed %s %s %s", id, tenant, workspace);
Expand Down
18 changes: 11 additions & 7 deletions test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/AlarmBlockFacadeIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import org.junit.jupiter.api.Order;
import org.junit.jupiter.api.Test;

import java.util.Date;
import java.util.Map;
import java.util.Stack;
import java.util.function.Supplier;
Expand Down Expand Up @@ -60,15 +61,15 @@ public void test_alarm_block_create() {
@Test
public void test_alarm_block_update() {
AlarmBlockDTO item = new AlarmBlockDTO();
uniqueId = uniqueId + "0";
item.setId(id);
item.setTenant(tenant);
item.setUniqueId(uniqueId);
item.setTags("{}");

given() //
.body(new JSONObject(J.toMap(J.toJson(item)))) //
.when() //
.post("/webapi/alarmBlock/update") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", NOT_NULL); //
Expand All @@ -86,28 +87,30 @@ public void test_custom_plugin_delete() {
given() //
.pathParam("id", id) //
.when() //
.delete("/webapi/alarmBlock/delete/{id}").then() //
.delete("/webapi/alarmBlock/delete/{id}") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", IS_TRUE); //
Response response = queryById.get();
System.out.println(response.body().print());
response //
.then() //
.body("success", IS_TRUE) //
.body("data", IS_NULL); //
.body("success", IS_FALSE); //
}

@Order(4)
@Test
public void test_custom_plugin_pageQuery() {
Stack<Long> ids = new Stack<>();
AlarmBlockDTO item = new AlarmBlockDTO();
item.setUniqueId(uniqueId);
item.setTenant(tenant);
for (int i = 0; i < 10; i++) {
Long id = ((Number) given() //
.body(new JSONObject(J.toMap(J.toJson(item)))) //
.when() //
.post("/webapi/alarmBlock/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.extract() //
Expand All @@ -116,7 +119,7 @@ public void test_custom_plugin_pageQuery() {
}

AlarmBlockDTO condition = new AlarmBlockDTO();
condition.setUniqueId(uniqueId);
condition.setTenant(tenant);
MonitorPageRequest<AlarmBlockDTO> pageRequest = new MonitorPageRequest<>();
pageRequest.setTarget(condition);
pageRequest.setPageNum(0);
Expand All @@ -125,6 +128,7 @@ public void test_custom_plugin_pageQuery() {
.body(new JSONObject(J.toMap(J.toJson(pageRequest)))) //
.when() //
.post("/webapi/alarmBlock/pageQuery") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.root("data")
Expand Down
2 changes: 2 additions & 0 deletions test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/AlertDingDingRobotIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ public void test_rule_create() {
.body(new JSONObject(J.toMap(J.toJson(item)))) //
.when() //
.post("/webapi/alarmDingDingRobot/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.extract() //
Expand Down Expand Up @@ -80,6 +81,7 @@ public void test_rule_update() {
.body(new JSONObject(J.toMap(J.toJson(item)))) //
.when() //
.post("/webapi/alarmDingDingRobot/update") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", IS_TRUE); //
Expand Down
19 changes: 14 additions & 5 deletions test/server-e2e-test/src/main/java/io/holoinsight/server/test/it/AlertRuleIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ public void test_rule_create() {
.body(new JSONObject(J.toMap(J.toJson(alarmRuleDTO)))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", Matchers.any(Number.class)) //
Expand Down Expand Up @@ -114,6 +115,7 @@ public void test_triggerContent() {
.body(new JSONObject(J.toMap(J.toJson(alarmRuleDTO)))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", Matchers.any(Number.class)) //
Expand Down Expand Up @@ -157,9 +159,10 @@ public void test_check_rule_name() {
.body(new JSONObject(J.toMap(J.toJson(alarmRuleDTO)))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_FALSE) //
.body("message", startsWith("API_SECURITY"));
.body("message", startsWith("SecurityCheckFailed"));

invalidRuleName = name + "<a href=http://www.baidu.com>点击查看详情</a>";
alarmRuleDTO = new AlarmRuleDTO();
Expand All @@ -170,9 +173,10 @@ public void test_check_rule_name() {
.body(new JSONObject(J.toMap(J.toJson(alarmRuleDTO)))) //
.when() //
.post("/webapi/alarmRule/update") //
.prettyPeek() //
.then() //
.body("success", IS_FALSE) //
.body("message", startsWith("API_SECURITY"));
.body("message", startsWith("SecurityCheckFailed"));
Response response = queryAlertRule.get();
System.out.println(response.body().print());
response //
Expand All @@ -194,6 +198,7 @@ public void test_rule_update() {
.body(new JSONObject(J.toMap(J.toJson(alarmRuleDTO)))) //
.when() //
.post("/webapi/alarmRule/update") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", IS_TRUE);
Expand All @@ -216,8 +221,7 @@ public void test_rule_delete() {
System.out.println(response.body().print());
response //
.then() //
.body("success", IS_TRUE) //
.body("data", IS_NULL);
.body("success", IS_FALSE);
}

@Order(6)
Expand All @@ -229,6 +233,7 @@ public void test_rule_pageQuery() {
.body(new JSONObject(J.toMap(J.toJson(buildAlarmRule("hit_rule_" + i))))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.extract() //
Expand All @@ -240,6 +245,7 @@ public void test_rule_pageQuery() {
.body(new JSONObject(J.toMap(J.toJson(buildAlarmRule("miss_rule_" + i))))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE);
}
Expand All @@ -253,6 +259,7 @@ public void test_rule_pageQuery() {
.body(new JSONObject(J.toMap(J.toJson(pageRequest)))) //
.when() //
.post("/webapi/alarmRule/pageQuery") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.root("data")
Expand All @@ -274,6 +281,7 @@ public void test_alert_calculate() {
.body(new JSONObject(J.toMap(J.toJson(buildAlarmRule("notification"))))) //
.when() //
.post("/webapi/alarmRule/create") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.body("data", Matchers.any(Number.class)) //
Expand Down Expand Up @@ -310,6 +318,7 @@ public void test_alert_calculate() {
.body(new JSONObject(J.toMap(J.toJson(detailPageRequest)))) //
.when() //
.post("/webapi/alarmHistoryDetail/countTrend") //
.prettyPeek() //
.then() //
.body("success", IS_TRUE) //
.root("data") //
Expand Down Expand Up @@ -415,7 +424,7 @@ private DataSource buildDataSource() {
dataSource.setName("a");
dataSource.setAggregator("avg");
dataSource.setDownsample("1m-avg");
dataSource.setGroupBy(Arrays.asList("hostname"));
// dataSource.setGroupBy(Arrays.asList("hostname"));
dataSource.setFilters(Collections.singletonList(filter));
return dataSource;
}
Expand Down

0 comments on commit 1f64459

Please sign in to comment.