Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ISSUE #1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. #1149

Merged
merged 7 commits into from
Apr 27, 2019

Conversation

zongtanghu
Copy link
Contributor

@zongtanghu zongtanghu commented Apr 10, 2019

What is the purpose of the change

(1)Move the getAclRPCHook funtion to the Acl module.
(2)Optimize some codes.

Brief changelog

(1)I have writes some test cases for my optimize codes.

Verifying this change

(1)Move the getAclRPCHook funtion to the Acl module.
(2)Optimize some codes.

Follow this checklist to help us incorporate your contribution quickly and easily. Notice, it would be helpful if you could finish the following 5 checklist(the last one is not necessary)before request the community to review your PR.

  • Make sure there is a Github issue filed for the change (usually before you start working on it). Trivial changes like typos do not require a Github issue. Your pull request should address just this issue, without pulling in other changes - one PR resolves one issue.
  • Format the pull request title like [ISSUE #123] Fix UnknownException when host config not exist. Each commit in the pull request should have a meaningful subject line and body.
  • Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
  • Write necessary unit-test(over 80% coverage) to verify your logic correction, more mock a little better when cross module dependency exist. If the new feature or significant change is committed, please remember to add integration-test in test module.
  • Run mvn -B clean apache-rat:check findbugs:findbugs checkstyle:checkstyle to make sure basic checks pass. Run mvn clean install -DskipITs to make sure unit-test pass. Run mvn clean test-compile failsafe:integration-test to make sure integration-test pass.
  • If this contribution is large, please file an Apache Individual Contributor License Agreement.

… copy the tool.yml file to their related fold and AclEnable flag is closed.
@zongtanghu zongtanghu requested a review from dongeforever April 10, 2019 07:18
@coveralls
Copy link

coveralls commented Apr 10, 2019

Coverage Status

Coverage increased (+0.0003%) to 49.416% when pulling 30f6ee4 on zongtanghu:develop into 29438a1 on apache:develop.

@zongtanghu zongtanghu added this to the 4.6.0 milestone Apr 10, 2019
@zongtanghu zongtanghu changed the title [issue#1078]optimize codes for issue that the User can't use mqadmin command normally. [issue##1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. Apr 10, 2019
}

accessResource.setRequestCode(request.getCode());
accessResource.setAccessKey(request.getExtFields().get(SessionCredentials.ACCESS_KEY));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setRequestCode at first

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay,I will adjust my codes.

… aclEnable and use Master/Slave or Dledger the same time.
JSONObject.class);
} catch (Exception e) {
e.printStackTrace();
return null;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use logger instead of print

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay,I will adjust my codes in this pr again.

if (request.getExtFields() == null) {
throw new AclException("request's extFields value is null");
//If request's extFields is null,then return accessResource directly(users can use whiteAddress pattern)
return accessResource;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is vulnerable to return fast here, for it may miss something if adding some logic after the return, the "accessResource.setRequestCode(request.getCode())" is the case, but not the only case.
As the following code relies on that the getExtFields is not null, then use if statement is suggested, just as:
if (request.getExtFields() != null) {
accessResource.setAccessKey(request.getExtFields().get(SessionCredentials.ACCESS_KEY));
XXX
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay,I will return the variable later in my next commits.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, @dongeforever I return back my pr's codes to original ones.



(2)如果ACL与高可用部署(多副本Dledger架构)同时启用,由于出现节点宕机时,Dledger Group组内会自动选主,那么就需要将Dledger Group组
内所有Broker节点的plain_acl.yml配置文件的白名单设置所有Broker节点的ip地址。
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remind the user to notice the bug denoted by this PR?
Currently, it is not ok even though configuring the white IP.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay.I write this notice.

…an't open the aclEnable and use Master/Slave or Dledger the same time.
@zongtanghu zongtanghu changed the title [issue##1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. Apr 11, 2019
…an't open the aclEnable and use Master/Slave or Dledger the same time.
@vongosling vongosling changed the title [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. [ISSUE #1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time. Apr 12, 2019
Copy link
Contributor

@wlliqipeng wlliqipeng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@@ -75,8 +75,10 @@ Broker端对权限的校验逻辑主要分为以下几步:
## 5. 热加载修改后权限控制定义
RocketrMQ的权限控制存储的默认实现是基于yml配置文件。用户可以动态修改权限控制定义的属性,而不需重新启动Broker服务节点。
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

RocketrMQ ?

@Liberxue
Copy link

Liberxue commented Jun 14, 2019

/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/bin/java -Xms2g -Xmx2g -Xmn1g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m "-javaagent:/Applications/IntelliJ IDEA.app/Contents/lib/idea_rt.jar=50130:/Applications/IntelliJ IDEA.app/Contents/bin" -Dfile.encoding=UTF-8 -classpath /Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/charsets.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/deploy.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/cldrdata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/dnsns.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/jaccess.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/jfxrt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/localedata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/nashorn.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunec.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunjce_provider.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunpkcs11.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/zipfs.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/javaws.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jce.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jfr.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jfxswt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jsse.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/management-agent.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/plugin.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/resources.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/rt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/ant-javafx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/dt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/javafx-mx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/jconsole.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/packager.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/sa-jdi.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/tools.jar:/Users/liberxue/Documents/Code/java/rocketmq/broker/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/common/target/classes:/Users/liberxue/.m2/repository/org/apache/commons/commons-lang3/3.4/commons-lang3-3.4.jar:/Users/liberxue/Documents/Code/java/rocketmq/store/target/classes:/Users/liberxue/.m2/repository/io/openmessaging/storage/dledger/0.1/dledger-0.1.jar:/Users/liberxue/.m2/repository/com/beust/jcommander/1.72/jcommander-1.72.jar:/Users/liberxue/.m2/repository/net/java/dev/jna/jna/4.2.2/jna-4.2.2.jar:/Users/liberxue/Documents/Code/java/rocketmq/remoting/target/classes:/Users/liberxue/.m2/repository/io/netty/netty-all/4.0.42.Final/netty-all-4.0.42.Final.jar:/Users/liberxue/Documents/Code/java/rocketmq/logging/target/classes:/Users/liberxue/.m2/repository/io/netty/netty-tcnative-boringssl-static/1.1.33.Fork26/netty-tcnative-boringssl-static-1.1.33.Fork26.jar:/Users/liberxue/Documents/Code/java/rocketmq/client/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/srvutil/target/classes:/Users/liberxue/.m2/repository/commons-cli/commons-cli/1.2/commons-cli-1.2.jar:/Users/liberxue/.m2/repository/com/google/guava/guava/19.0/guava-19.0.jar:/Users/liberxue/Documents/Code/java/rocketmq/filter/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/acl/target/classes:/Users/liberxue/.m2/repository/org/yaml/snakeyaml/1.19/snakeyaml-1.19.jar:/Users/liberxue/.m2/repository/commons-codec/commons-codec/1.9/commons-codec-1.9.jar:/Users/liberxue/.m2/repository/ch/qos/logback/logback-classic/1.0.13/logback-classic-1.0.13.jar:/Users/liberxue/.m2/repository/ch/qos/logback/logback-core/1.0.13/logback-core-1.0.13.jar:/Users/liberxue/.m2/repository/com/alibaba/fastjson/1.2.51/fastjson-1.2.51.jar:/Users/liberxue/.m2/repository/org/javassist/javassist/3.20.0-GA/javassist-3.20.0-GA.jar:/Users/liberxue/.m2/repository/org/slf4j/slf4j-api/1.7.7/slf4j-api-1.7.7.jar org.apache.rocketmq.broker.BrokerStartup -c /Users/liberxue/Documents/Code/java/rocketmq/distribution/target/rocketmq-4.5.1/rocketmq-4.5.1/conf/dledger/broker-n0.conf
java.lang.ClassCastException: java.lang.Class cannot be cast to org.apache.rocketmq.acl.AccessValidator
	at org.apache.rocketmq.broker.BrokerController.initialAcl(BrokerController.java:503)
	at org.apache.rocketmq.broker.BrokerController.initialize(BrokerController.java:470)
	at org.apache.rocketmq.broker.BrokerStartup.createBrokerController(BrokerStartup.java:231)
	at org.apache.rocketmq.broker.BrokerStartup.main(BrokerStartup.java:64)

rocketmq version

4.5.1 commit 40c255d (HEAD -> master, origin/master, origin/HEAD)

rocketmq start model Dlegeer

#debug initialAcl
image

@zongtanghu
Copy link
Contributor Author

/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/bin/java -Xms2g -Xmx2g -Xmn1g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m "-javaagent:/Applications/IntelliJ IDEA.app/Contents/lib/idea_rt.jar=50130:/Applications/IntelliJ IDEA.app/Contents/bin" -Dfile.encoding=UTF-8 -classpath /Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/charsets.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/deploy.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/cldrdata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/dnsns.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/jaccess.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/jfxrt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/localedata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/nashorn.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunec.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunjce_provider.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/sunpkcs11.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/ext/zipfs.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/javaws.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jce.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jfr.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jfxswt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/jsse.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/management-agent.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/plugin.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/resources.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/jre/lib/rt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/ant-javafx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/dt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/javafx-mx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/jconsole.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/packager.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/sa-jdi.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_181.jdk/Contents/Home/lib/tools.jar:/Users/liberxue/Documents/Code/java/rocketmq/broker/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/common/target/classes:/Users/liberxue/.m2/repository/org/apache/commons/commons-lang3/3.4/commons-lang3-3.4.jar:/Users/liberxue/Documents/Code/java/rocketmq/store/target/classes:/Users/liberxue/.m2/repository/io/openmessaging/storage/dledger/0.1/dledger-0.1.jar:/Users/liberxue/.m2/repository/com/beust/jcommander/1.72/jcommander-1.72.jar:/Users/liberxue/.m2/repository/net/java/dev/jna/jna/4.2.2/jna-4.2.2.jar:/Users/liberxue/Documents/Code/java/rocketmq/remoting/target/classes:/Users/liberxue/.m2/repository/io/netty/netty-all/4.0.42.Final/netty-all-4.0.42.Final.jar:/Users/liberxue/Documents/Code/java/rocketmq/logging/target/classes:/Users/liberxue/.m2/repository/io/netty/netty-tcnative-boringssl-static/1.1.33.Fork26/netty-tcnative-boringssl-static-1.1.33.Fork26.jar:/Users/liberxue/Documents/Code/java/rocketmq/client/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/srvutil/target/classes:/Users/liberxue/.m2/repository/commons-cli/commons-cli/1.2/commons-cli-1.2.jar:/Users/liberxue/.m2/repository/com/google/guava/guava/19.0/guava-19.0.jar:/Users/liberxue/Documents/Code/java/rocketmq/filter/target/classes:/Users/liberxue/Documents/Code/java/rocketmq/acl/target/classes:/Users/liberxue/.m2/repository/org/yaml/snakeyaml/1.19/snakeyaml-1.19.jar:/Users/liberxue/.m2/repository/commons-codec/commons-codec/1.9/commons-codec-1.9.jar:/Users/liberxue/.m2/repository/ch/qos/logback/logback-classic/1.0.13/logback-classic-1.0.13.jar:/Users/liberxue/.m2/repository/ch/qos/logback/logback-core/1.0.13/logback-core-1.0.13.jar:/Users/liberxue/.m2/repository/com/alibaba/fastjson/1.2.51/fastjson-1.2.51.jar:/Users/liberxue/.m2/repository/org/javassist/javassist/3.20.0-GA/javassist-3.20.0-GA.jar:/Users/liberxue/.m2/repository/org/slf4j/slf4j-api/1.7.7/slf4j-api-1.7.7.jar org.apache.rocketmq.broker.BrokerStartup -c /Users/liberxue/Documents/Code/java/rocketmq/distribution/target/rocketmq-4.5.1/rocketmq-4.5.1/conf/dledger/broker-n0.conf
java.lang.ClassCastException: java.lang.Class cannot be cast to org.apache.rocketmq.acl.AccessValidator
	at org.apache.rocketmq.broker.BrokerController.initialAcl(BrokerController.java:503)
	at org.apache.rocketmq.broker.BrokerController.initialize(BrokerController.java:470)
	at org.apache.rocketmq.broker.BrokerStartup.createBrokerController(BrokerStartup.java:231)
	at org.apache.rocketmq.broker.BrokerStartup.main(BrokerStartup.java:64)

rocketmq version

4.5.1 commit 40c255d (HEAD -> master, origin/master, origin/HEAD)

rocketmq start model Dlegeer

#debug initialAcl
image

Hi,you could have a try for using rocketmq 4.5.1 version.And you can tell use the steps to show you issue again.

JiaMingLiu93 pushed a commit to JiaMingLiu93/rocketmq that referenced this pull request May 28, 2020
… and enableDLegerCommitLog flag at the same time. (apache#1149)

* [issue#1078]fix User can't use mqadmin command normally if they don't copy the tool.yml file to their related fold and AclEnable flag is closed.

* [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time.

* [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time.

* [issue#1147]Add the restriction of Acl in the acl's user guide.

* [issue#1147]Adjust some codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.

* [issue#1147]Adjust and optimize some codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.

* [issue#1147]return back for original codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.
pulllock pushed a commit to pulllock/rocketmq that referenced this pull request Oct 19, 2023
… and enableDLegerCommitLog flag at the same time. (apache#1149)

* [issue#1078]fix User can't use mqadmin command normally if they don't copy the tool.yml file to their related fold and AclEnable flag is closed.

* [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time.

* [issue#1147]Broker will report Exception if open the aclEnable and enableDLegerCommitLog flag at the same time.

* [issue#1147]Add the restriction of Acl in the acl's user guide.

* [issue#1147]Adjust some codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.

* [issue#1147]Adjust and optimize some codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.

* [issue#1147]return back for original codes for acl issue that users can't open the aclEnable and use Master/Slave or Dledger the same time.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants