From 14343864bf5b840cc297365463300896dcb1ef96 Mon Sep 17 00:00:00 2001
From: ouyangyewei <ouyangyewei@foxmail.com>
Date: Tue, 14 Dec 2021 17:54:35 +0800
Subject: [PATCH] to feature 7401 (#7404)

Co-authored-by: ouyangyewei <yewei.oyyw@alibaba-inc.com>
---
 .../api/controller/AccessTokenController.java | 11 +++++++---
 .../api/service/AccessTokenService.java       |  2 +-
 .../service/impl/AccessTokenServiceImpl.java  | 13 ++++++++++--
 .../main/resources/i18n/messages.properties   |  4 +++-
 .../resources/i18n/messages_en_US.properties  |  4 +++-
 .../resources/i18n/messages_zh_CN.properties  |  4 +++-
 .../controller/AccessTokenControllerTest.java | 20 +++++++++++++++++++
 .../api/service/AccessTokenServiceTest.java   |  7 ++++++-
 8 files changed, 55 insertions(+), 10 deletions(-)

diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/AccessTokenController.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/AccessTokenController.java
index 202194b028..c60e35da48 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/AccessTokenController.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/controller/AccessTokenController.java
@@ -71,10 +71,15 @@ public class AccessTokenController extends BaseController {
      * @param loginUser login user
      * @param userId token for user id
      * @param expireTime expire time for the token
-     * @param token token
+     * @param token token string (if it is absent, it will be automatically generated)
      * @return create result state code
      */
-    @ApiIgnore
+    @ApiOperation(value = "createToken", notes = "CREATE_TOKEN_NOTES")
+    @ApiImplicitParams({
+        @ApiImplicitParam(name = "userId", value = "USER_ID", required = true, dataType = "Int"),
+        @ApiImplicitParam(name = "expireTime", value = "EXPIRE_TIME", required = true, dataType = "String", example = "2021-12-31 00:00:00"),
+        @ApiImplicitParam(name = "token", value = "TOKEN", required = false, dataType = "String", example = "xxxx")
+    })
     @PostMapping()
     @ResponseStatus(HttpStatus.CREATED)
     @ApiException(CREATE_ACCESS_TOKEN_ERROR)
@@ -82,7 +87,7 @@ public class AccessTokenController extends BaseController {
     public Result createToken(@ApiIgnore @RequestAttribute(value = Constants.SESSION_USER) User loginUser,
                               @RequestParam(value = "userId") int userId,
                               @RequestParam(value = "expireTime") String expireTime,
-                              @RequestParam(value = "token") String token) {
+                              @RequestParam(value = "token", required = false) String token) {
 
         Map<String, Object> result = accessTokenService.createToken(loginUser, userId, expireTime, token);
         return returnDataList(result);
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
index b3e14eeee4..ca3c4a89fe 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/AccessTokenService.java
@@ -52,7 +52,7 @@ public interface AccessTokenService {
      *
      * @param userId token for user
      * @param expireTime token expire time
-     * @param token token string
+     * @param token token string (if it is absent, it will be automatically generated)
      * @return create result code
      */
     Map<String, Object> createToken(User loginUser, int userId, String expireTime, String token);
diff --git a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AccessTokenServiceImpl.java b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AccessTokenServiceImpl.java
index f5e434a163..6cf4937ab7 100644
--- a/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AccessTokenServiceImpl.java
+++ b/dolphinscheduler-api/src/main/java/org/apache/dolphinscheduler/api/service/impl/AccessTokenServiceImpl.java
@@ -17,6 +17,7 @@
 
 package org.apache.dolphinscheduler.api.service.impl;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.dolphinscheduler.api.enums.Status;
 import org.apache.dolphinscheduler.api.service.AccessTokenService;
 import org.apache.dolphinscheduler.api.utils.PageInfo;
@@ -108,7 +109,7 @@ public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTok
      *
      * @param userId token for user
      * @param expireTime token expire time
-     * @param token token string
+     * @param token token string (if it is absent, it will be automatically generated)
      * @return create result code
      */
     @SuppressWarnings("checkstyle:WhitespaceAround")
@@ -116,14 +117,23 @@ public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTok
     public Map<String, Object> createToken(User loginUser, int userId, String expireTime, String token) {
         Map<String, Object> result = new HashMap<>();
 
+        // 1. check permission
         if (!hasPerm(loginUser,userId)) {
             putMsg(result, Status.USER_NO_OPERATION_PERM);
             return result;
         }
 
+        // 2. check if user is existed
         if (userId <= 0) {
             throw new IllegalArgumentException("User id should not less than or equals to 0.");
         }
+
+        // 3. generate access token if absent
+        if (StringUtils.isBlank(token)) {
+            token = EncryptionUtils.getMd5(userId + expireTime + System.currentTimeMillis());
+        }
+
+        // 4. persist to the database
         AccessToken accessToken = new AccessToken();
         accessToken.setUserId(userId);
         accessToken.setExpireTime(DateUtils.stringToDate(expireTime));
@@ -131,7 +141,6 @@ public class AccessTokenServiceImpl extends BaseServiceImpl implements AccessTok
         accessToken.setCreateTime(new Date());
         accessToken.setUpdateTime(new Date());
 
-        // insert
         int insert = accessTokenMapper.insert(accessToken);
 
         if (insert > 0) {
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages.properties b/dolphinscheduler-api/src/main/resources/i18n/messages.properties
index b5b127be54..3aaa3f33eb 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages.properties
@@ -143,7 +143,9 @@ QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project
 QUERY_AUTHORIZED_USER_NOTES=query authorized user
 TASK_RECORD_TAG=task record related operation
 QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging 
-CREATE_TOKEN_NOTES=create token ，note: please login first
+CREATE_TOKEN_NOTES=create access token for specified user
+TOKEN=access token string, it will be automatically generated when it absent
+EXPIRE_TIME=expire time for the token
 QUERY_ACCESS_TOKEN_LIST_NOTES=query access token list paging
 QUERY_ACCESS_TOKEN_BY_USER_NOTES=query access token for specified user
 SCHEDULE=schedule
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
index 3fa384e494..cf5df23639 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages_en_US.properties
@@ -159,7 +159,9 @@ QUERY_AUTHORIZED_PROJECT_NOTES=query authorized project
 QUERY_AUTHORIZED_USER_NOTES=query authorized user
 TASK_RECORD_TAG=task record related operation
 QUERY_TASK_RECORD_LIST_PAGING_NOTES=query task record list paging 
-CREATE_TOKEN_NOTES=create token ，note: please login first
+CREATE_TOKEN_NOTES=create access token for specified user
+TOKEN=access token string, it will be automatically generated when it absent
+EXPIRE_TIME=expire time for the token
 QUERY_ACCESS_TOKEN_LIST_NOTES=query access token list paging
 QUERY_ACCESS_TOKEN_BY_USER_NOTES=query access token for specified user
 SCHEDULE=schedule
diff --git a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
index e18cdf3395..8398ff2ca9 100644
--- a/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
+++ b/dolphinscheduler-api/src/main/resources/i18n/messages_zh_CN.properties
@@ -148,7 +148,9 @@ QUERY_AUTHORIZED_PROJECT_NOTES=查询授权项目
 QUERY_AUTHORIZED_USER_NOTES=查询拥有项目授权的用户
 TASK_RECORD_TAG=任务记录相关操作
 QUERY_TASK_RECORD_LIST_PAGING_NOTES=分页查询任务记录列表
-CREATE_TOKEN_NOTES=创建token，注意需要先登录
+CREATE_TOKEN_NOTES=为指定用户创建安全令牌
+TOKEN=安全令牌字符串，若未显式指定将会自动生成
+EXPIRE_TIME=安全令牌的过期时间
 QUERY_ACCESS_TOKEN_LIST_NOTES=分页查询access token列表
 QUERY_ACCESS_TOKEN_BY_USER_NOTES=查询指定用户的access token
 SCHEDULE=定时
diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AccessTokenControllerTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AccessTokenControllerTest.java
index b77c7ab228..783b888ace 100644
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AccessTokenControllerTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/controller/AccessTokenControllerTest.java
@@ -60,6 +60,26 @@ public class AccessTokenControllerTest extends AbstractControllerTest {
         logger.info(mvcResult.getResponse().getContentAsString());
     }
 
+    @Test
+    public void testCreateTokenWhenTokenAbsent() throws Exception {
+        MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
+        paramsMap.add("userId", "4");
+        paramsMap.add("expireTime", "2019-12-18 00:00:00");
+        paramsMap.add("token", null);
+
+        MvcResult mvcResult = this.mockMvc
+                .perform(post("/access-tokens")
+                .header("sessionId", this.sessionId)
+                .params(paramsMap))
+                .andExpect(status().isCreated())
+                .andExpect(content().contentType(MediaType.APPLICATION_JSON))
+                .andReturn();
+
+        Result result = JSONUtils.parseObject(mvcResult.getResponse().getContentAsString(), Result.class);
+        Assert.assertEquals(Status.SUCCESS.getCode(), result.getCode().intValue());
+        logger.info(mvcResult.getResponse().getContentAsString());
+    }
+
     @Test
     public void testExceptionHandler() throws Exception {
         MultiValueMap<String, String> paramsMap = new LinkedMultiValueMap<>();
diff --git a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java
index 8f8554f97e..eb002f408f 100644
--- a/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java
+++ b/dolphinscheduler-api/src/test/java/org/apache/dolphinscheduler/api/service/AccessTokenServiceTest.java
@@ -102,11 +102,16 @@ public class AccessTokenServiceTest {
 
     @Test
     public void testCreateToken() {
-
+        // Given Token
         when(accessTokenMapper.insert(any(AccessToken.class))).thenReturn(2);
         Map<String, Object> result = accessTokenService.createToken(getLoginUser(), 1, getDate(), "AccessTokenServiceTest");
         logger.info(result.toString());
         Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
+
+        // Token is absent
+        result = this.accessTokenService.createToken(getLoginUser(), 1, getDate(), null);
+        logger.info(result.toString());
+        Assert.assertEquals(Status.SUCCESS, result.get(Constants.STATUS));
     }
 
     @Test