Skip to content

Commit

Permalink
CB-4257 validate required features for providers (#2322)
Browse files Browse the repository at this point in the history
* CB-4257 validate required features for providers

* CB-4257 rename types - categories

---------

Co-authored-by: Daria Marutkina <[email protected]>
  • Loading branch information
alexander-skoblikov and dariamarutkina authored Jan 31, 2024
1 parent cd7ffe6 commit 71a6104
Show file tree
Hide file tree
Showing 5 changed files with 181 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,14 @@ public class WebAuthProviderDescriptor extends AbstractDescriptor {
private final Map<SMSubjectType, List<DBPPropertyDescriptor>> metaParameters = new HashMap<>();
private SMAuthProvider<?> instance;
private final DBPImage icon;
private final Map<String, PropertyDescriptor> configurationParameters = new LinkedHashMap<>();
private final Map<String, WebAuthProviderProperty> configurationParameters = new LinkedHashMap<>();
private final List<SMAuthCredentialsProfile> credentialProfiles = new ArrayList<>();
private final boolean configurable;
private final boolean trusted;
private final boolean isPrivate;
private final String[] requiredFeatures;
private final boolean isRequired;
private final String[] types;

public WebAuthProviderDescriptor(IConfigurationElement cfg) {
super(cfg);
Expand All @@ -68,13 +69,9 @@ public WebAuthProviderDescriptor(IConfigurationElement cfg) {
this.isRequired = CommonUtils.toBoolean(cfg.getAttribute("required"));

for (IConfigurationElement cfgElement : cfg.getChildren("configuration")) {
for (IConfigurationElement propGroup : ArrayUtils.safeArray(cfgElement.getChildren(PropertyDescriptor.TAG_PROPERTY_GROUP))) {
String category = propGroup.getAttribute(PropertyDescriptor.ATTR_LABEL);
IConfigurationElement[] propElements = propGroup.getChildren(PropertyDescriptor.TAG_PROPERTY);
for (IConfigurationElement prop : propElements) {
PropertyDescriptor propertyDescriptor = new PropertyDescriptor(category, prop);
configurationParameters.put(CommonUtils.toString(propertyDescriptor.getId()), propertyDescriptor);
}
List<WebAuthProviderProperty> properties = WebAuthProviderRegistry.readProperties(cfgElement);
for (WebAuthProviderProperty property : properties) {
configurationParameters.put(CommonUtils.toString(property.getId()), property);
}
}
for (IConfigurationElement credElement : cfg.getChildren("credentials")) {
Expand All @@ -90,11 +87,10 @@ public WebAuthProviderDescriptor(IConfigurationElement cfg) {
}

String rfList = cfg.getAttribute("requiredFeatures");
if (!CommonUtils.isEmpty(rfList)) {
requiredFeatures = rfList.split(",");
} else {
requiredFeatures = null;
}
requiredFeatures = CommonUtils.isEmpty(rfList) ? null : rfList.split(",");

String typesAttr = cfg.getAttribute("categories");
this.types = CommonUtils.isEmpty(typesAttr) ? new String[0] : typesAttr.split(",");
}

@NotNull
Expand Down Expand Up @@ -130,7 +126,7 @@ public boolean isRequired() {
return isRequired;
}

public List<PropertyDescriptor> getConfigurationParameters() {
public List<WebAuthProviderProperty> getConfigurationParameters() {
return new ArrayList<>(configurationParameters.values());
}

Expand Down Expand Up @@ -198,4 +194,7 @@ public List<DBPPropertyDescriptor> getMetaParameters(SMSubjectType subjectType)
return metaParameters.get(subjectType);
}

public String[] getTypes() {
return types;
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
/*
* DBeaver - Universal Database Manager
* Copyright (C) 2010-2024 DBeaver Corp and others
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.cloudbeaver.registry;

import org.eclipse.core.runtime.IConfigurationElement;
import org.jkiss.code.NotNull;
import org.jkiss.code.Nullable;
import org.jkiss.dbeaver.model.impl.PropertyDescriptor;

public class WebAuthProviderProperty extends PropertyDescriptor {
private final String[] requiredFeatures;
@Nullable
private final String type;

public WebAuthProviderProperty(String category, IConfigurationElement config) {
super(category, config);
String featuresAttr = config.getAttribute("requiredFeatures");
this.requiredFeatures = featuresAttr == null ? new String[0] : featuresAttr.split(",");
this.type = config.getAttribute("type");
}

@NotNull
public String[] getRequiredFeatures() {
return requiredFeatures;
}

@Nullable
public String getType() {
return type;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,9 @@
import org.eclipse.core.runtime.IExtensionRegistry;
import org.eclipse.core.runtime.Platform;
import org.jkiss.dbeaver.Log;
import org.jkiss.dbeaver.model.impl.PropertyDescriptor;
import org.jkiss.dbeaver.registry.RegistryConstants;
import org.jkiss.utils.ArrayUtils;

import java.util.ArrayList;
import java.util.LinkedHashMap;
Expand All @@ -33,6 +35,7 @@ public class WebAuthProviderRegistry {

private static final String TAG_AUTH_PROVIDER = "authProvider"; //$NON-NLS-1$
private static final String TAG_AUTH_PROVIDER_DISABLE = "authProviderDisable"; //$NON-NLS-1$
private static final String TAG_COMMON_PROVIDER_PROPERTIES = "commonProviderProperties"; //$NON-NLS-1$

private static WebAuthProviderRegistry instance = null;

Expand All @@ -45,6 +48,7 @@ public synchronized static WebAuthProviderRegistry getInstance() {
}

private final Map<String, WebAuthProviderDescriptor> authProviders = new LinkedHashMap<>();
private final List<WebCommonAuthProviderPropertyDescriptor> commonProperties = new ArrayList<>();

private WebAuthProviderRegistry() {
}
Expand All @@ -57,6 +61,9 @@ private void loadExtensions(IExtensionRegistry registry) {
if (TAG_AUTH_PROVIDER.equals(ext.getName())) {
WebAuthProviderDescriptor providerDescriptor = new WebAuthProviderDescriptor(ext);
this.authProviders.put(providerDescriptor.getId(), providerDescriptor);
} else if (TAG_COMMON_PROVIDER_PROPERTIES.equals(ext.getName())) {
var commonProperties = new WebCommonAuthProviderPropertyDescriptor(ext);
this.commonProperties.add(commonProperties);
}
}

Expand All @@ -74,6 +81,23 @@ private void loadExtensions(IExtensionRegistry registry) {
}
}

static List<WebAuthProviderProperty> readProperties(IConfigurationElement root) {
List<WebAuthProviderProperty> properties = new ArrayList<>();
for (IConfigurationElement propGroup : ArrayUtils.safeArray(root.getChildren(PropertyDescriptor.TAG_PROPERTY_GROUP))) {
String category = propGroup.getAttribute(PropertyDescriptor.ATTR_LABEL);
IConfigurationElement[] propElements = propGroup.getChildren(PropertyDescriptor.TAG_PROPERTY);
for (IConfigurationElement prop : propElements) {
WebAuthProviderProperty propertyDescriptor = new WebAuthProviderProperty(category, prop);
properties.add(propertyDescriptor);
}
}
return properties;
}

public List<WebCommonAuthProviderPropertyDescriptor> getCommonProperties() {
return commonProperties;
}

public List<WebAuthProviderDescriptor> getAuthProviders() {
return new ArrayList<>(authProviders.values());
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
/*
* DBeaver - Universal Database Manager
* Copyright (C) 2010-2024 DBeaver Corp and others
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.cloudbeaver.registry;

import org.eclipse.core.runtime.IConfigurationElement;
import org.jkiss.code.NotNull;
import org.jkiss.dbeaver.model.impl.AbstractDescriptor;
import org.jkiss.utils.CommonUtils;

import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

public class WebCommonAuthProviderPropertyDescriptor extends AbstractDescriptor {
private final Set<String> supportedProviderCategories = new HashSet<>();
private final Set<String> exclude = new HashSet<>();
@NotNull
private final List<WebAuthProviderProperty> configurationParameters;

public WebCommonAuthProviderPropertyDescriptor(IConfigurationElement cfg) {
super(cfg);
configurationParameters = WebAuthProviderRegistry.readProperties(cfg);
String supportedCategoriesAttr = cfg.getAttribute("supportedProviderCategories");
if (CommonUtils.isNotEmpty(supportedCategoriesAttr)) {
supportedProviderCategories.addAll(Arrays.stream(supportedCategoriesAttr.split(",")).toList());
}

String excludeAttr = cfg.getAttribute("exclude");
if (CommonUtils.isNotEmpty(excludeAttr)) {
exclude.addAll(Arrays.stream(excludeAttr.split(",")).toList());
}
}


@NotNull
public List<WebAuthProviderProperty> getConfigurationParameters() {
return configurationParameters;
}

private boolean supportAllProviders() {
return supportedProviderCategories.isEmpty() && exclude.isEmpty();
}

public boolean isApplicableFor(@NotNull WebAuthProviderDescriptor providerDescriptor) {
if (supportAllProviders()) {
return true;
}
boolean supported = false;
for (String type : providerDescriptor.getTypes()) {
if (exclude.contains(type)) {
return false;
}
if (supportedProviderCategories.contains(type)) {
supported = true;
}
}
return supported;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@
import java.util.*;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;

/**
* Web service implementation
Expand Down Expand Up @@ -404,12 +405,30 @@ public List<WebPropertyInfo> listAuthProviderConfigurationParameters(@NotNull We
if (authProvider == null) {
throw new DBWebException("Invalid provider ID " + providerId);
}
return authProvider.getConfigurationParameters().stream().filter(p -> {
if (p.hasFeature("distributed")) {
return CBApplication.getInstance().isDistributed();
}
return true;
}).map(p -> new WebPropertyInfo(webSession, p)).collect(Collectors.toList());
var application = CBApplication.getInstance();


Stream<WebAuthProviderProperty> commonPropertiesStream = WebAuthProviderRegistry.getInstance()
.getCommonProperties()
.stream()
.filter(commonProperties -> commonProperties.isApplicableFor(authProvider))
.flatMap(commonProperties -> commonProperties.getConfigurationParameters().stream());

return Stream.concat(authProvider.getConfigurationParameters().stream(), commonPropertiesStream)
.filter(p -> {
boolean allFeaturesEnabled = true;
for (String feature : p.getRequiredFeatures()) {
if (feature.equals("distributed")) {
allFeaturesEnabled = CBApplication.getInstance().isDistributed();
} else {
allFeaturesEnabled = application.getAppConfiguration().isFeatureEnabled(feature);
}
if (!allFeaturesEnabled) {
break;
}
}
return allFeaturesEnabled;
}).map(p -> new WebPropertyInfo(webSession, p)).collect(Collectors.toList());
}

@Override
Expand Down

0 comments on commit 71a6104

Please sign in to comment.