Merge pull request #3043 from actiontech/abnormal_token_status

Abnormal token status

Author: winfredLIN

sqle/api/app.go

@@ -257,7 +257,7 @@ func StartApi(net *gracenet.Net, exitChan chan struct{}, config *config.SqleOpti
 		v1ProjectOpRouter.DELETE("/:project_name/instance_audit_plans/:instance_audit_plan_id/", v1.DeleteInstanceAuditPlan)
 		v1ProjectOpRouter.PUT("/:project_name/instance_audit_plans/:instance_audit_plan_id/", v1.UpdateInstanceAuditPlan)
 		v1ProjectOpRouter.PATCH("/:project_name/instance_audit_plans/:instance_audit_plan_id/", v1.UpdateInstanceAuditPlanStatus)
-		v1ProjectOpRouter.PATCH("/:project_name/instance_audit_plans/:instance_audit_plan_id/token", v1.GenerateAuditPlanToken)
+		v1ProjectOpRouter.PATCH("/:project_name/instance_audit_plans/:instance_audit_plan_id/token", v1.RefreshAuditPlanToken)
 
 		// audit plan; 智能扫描任务
 		v1ProjectOpRouter.DELETE("/:project_name/instance_audit_plans/:instance_audit_plan_id/audit_plans/:audit_plan_id/", v1.DeleteAuditPlanById)

sqle/api/controller/v1/instance_audit_plan.go

@@ -199,9 +199,9 @@ func CreateInstanceAuditPlan(c echo.Context) error {
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
-
 	// generate token , 生成ID后根据ID生成token
-	if err := generateAndUpdateAuditPlanToken(ap, tokenExpire); err != nil {
+	err = HandleAuditPlanToken(ap.GetIDStr())
+	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 
@@ -214,18 +214,60 @@ func CreateInstanceAuditPlan(c echo.Context) error {
 	})
 }
 
-func generateAndUpdateAuditPlanToken(ap *model.InstanceAuditPlan, tokenExpire time.Duration) error {
-	t, err := dmsCommonJwt.GenJwtToken(dmsCommonJwt.WithExpiredTime(tokenExpire), dmsCommonJwt.WithAuditPlanName(utils.Md5(ap.GetIDStr())))
-	if err != nil {
-		return errors.New(errors.DataConflict, err)
-	}
-	err = model.GetStorage().UpdateInstanceAuditPlanByID(ap.ID, map[string]interface{}{"token": t})
+func HandleAuditPlanToken(instanceAuditPlanID string) error {
+	s := model.GetStorage()
+
+	ap, exist, err := s.GetInstanceAuditPlanDetail(instanceAuditPlanID)
 	if err != nil {
 		return err
 	}
+	if !exist {
+		return errors.NewInstanceAuditPlanNotExistErr()
+	}
+
+	return UpdateInstanceAuditPlanToken(ap, tokenExpire)
+}
+
+func UpdateInstanceAuditPlanToken(ap *model.InstanceAuditPlan, tokenExpire time.Duration) error {
+	// 存在scanner依赖的任务类型时候，重新生成token
+	needGenerate := HasScannerTypeSubPlans(ap)
+	// 当前token是否为为空
+	currentTokenEmpty := ap.Token == ""
+
+	var token string
+	var err error
+	if needGenerate {
+		token, err = newAuditPlanToken(ap, tokenExpire)
+		if err != nil {
+			return errors.New(errors.DataConflict, err)
+		}
+	}
+
+	// 1. 添加token: 存在scanner类型任务并且原本token为空
+	// 2. 删除token: 不存在scanner类型任务并且原本token不为空
+	if needGenerate == currentTokenEmpty {
+		return model.GetStorage().UpdateInstanceAuditPlanByID(ap.ID, map[string]interface{}{"token": token})
+	}
 	return nil
 }
 
+func HasScannerTypeSubPlans(ap *model.InstanceAuditPlan) bool {
+	supportedTypes := auditplan.GetSupportedScannerAuditPlanType()
+	for _, plan := range ap.AuditPlans {
+		if _, ok := supportedTypes[plan.Type]; ok {
+			return true
+		}
+	}
+	return false
+}
+
+func newAuditPlanToken(ap *model.InstanceAuditPlan, tokenExpire time.Duration) (string, error) {
+	return dmsCommonJwt.GenJwtToken(
+		dmsCommonJwt.WithExpiredTime(tokenExpire),
+		dmsCommonJwt.WithAuditPlanName(utils.Md5(ap.GetIDStr())),
+	)
+}
+
 // @Summary 删除实例扫描任务
 // @Description delete instance audit plan
 // @Id deleteInstanceAuditPlanV1
@@ -385,6 +427,10 @@ func UpdateInstanceAuditPlan(c echo.Context) error {
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
+	err = HandleAuditPlanToken(instanceAuditPlanID)
+	if err != nil {
+		return controller.JSONBaseErrorReq(c, err)
+	}
 	return controller.JSONBaseErrorReq(c, nil)
 }
 
@@ -760,6 +806,10 @@ func DeleteAuditPlanById(c echo.Context) error {
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
+	err = HandleAuditPlanToken(instanceAuditPlanID)
+	if err != nil {
+		return controller.JSONBaseErrorReq(c, err)
+	}
 	return controller.JSONBaseErrorReq(c, nil)
 }
 
@@ -1298,22 +1348,22 @@ func AuditPlanTriggerSqlAudit(c echo.Context) error {
 	return controller.JSONBaseErrorReq(c, nil)
 }
 
-type GenerateAuditPlanTokenReqV1 struct {
+type RefreshAuditPlanTokenReqV1 struct {
 	ExpiresInDays *int `json:"expires_in_days"`
 }
 
-// @Summary 生成扫描任务token
-// @Description generate audit plan token
-// @Id generateAuditPlanTokenV1
+// @Summary 重置扫描任务token
+// @Description refresh audit plan token
+// @Id refreshAuditPlanTokenV1
 // @Tags instance_audit_plan
 // @Security ApiKeyAuth
-// @param audit_plan body v1.GenerateAuditPlanTokenReqV1 false "update instance audit plan token"
+// @param audit_plan body v1.RefreshAuditPlanTokenReqV1 false "update instance audit plan token"
 // @Param project_name path string true "project name"
 // @Param instance_audit_plan_id path string true "instance audit plan id"
 // @Success 200 {object} controller.BaseRes
 // @router /v1/projects/{project_name}/instance_audit_plans/{instance_audit_plan_id}/token [patch]
-func GenerateAuditPlanToken(c echo.Context) error {
-	req := new(GenerateAuditPlanTokenReqV1)
+func RefreshAuditPlanToken(c echo.Context) error {
+	req := new(RefreshAuditPlanTokenReqV1)
 	if err := controller.BindAndValidateReq(c, req); err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
@@ -1338,9 +1388,22 @@ func GenerateAuditPlanToken(c echo.Context) error {
 			expireDuration = time.Duration(expiresInDays) * 24 * time.Hour
 		}
 	}
-	err = generateAndUpdateAuditPlanToken(instanceAuditPlan, expireDuration)
+
+	err = RefreshInstanceAuditPlanToken(instanceAuditPlan, expireDuration)
 	if err != nil {
 		return controller.JSONBaseErrorReq(c, err)
 	}
 	return controller.JSONBaseErrorReq(c, nil)
 }
+
+func RefreshInstanceAuditPlanToken(ap *model.InstanceAuditPlan, tokenExpire time.Duration) error {
+	var token string
+	var err error
+	if HasScannerTypeSubPlans(ap) {
+		token, err = newAuditPlanToken(ap, tokenExpire)
+		if err != nil {
+			return errors.New(errors.DataConflict, err)
+		}
+	}
+	return model.GetStorage().UpdateInstanceAuditPlanByID(ap.ID, map[string]interface{}{"token": token})
+}

sqle/api/controller/v1/sql_manage.go

@@ -547,6 +547,8 @@ type GetAbnormalAuditPlanInstancesResp struct {
 type AbnormalAuditPlanInstance struct {
 	InstanceName        string `json:"instance_name" example:"MySQL"`
 	InstanceAuditPlanID uint   `json:"instance_audit_plan_id"`
+	AbnormalStatusCode  uint   `json:"abnormal_status_code"`
+	TokenEXP            int64  `json:"token_exp" example:"1747129752"`
 }
 
 // GetAbnormalInstanceAuditPlans get the instance of audit plan execution abnormal

sqle/docs/docs.go

@@ -3843,19 +3843,19 @@ var doc = `{
                         "ApiKeyAuth": []
                     }
                 ],
-                "description": "generate audit plan token",
+                "description": "refresh audit plan token",
                 "tags": [
                     "instance_audit_plan"
                 ],
-                "summary": "生成扫描任务token",
-                "operationId": "generateAuditPlanTokenV1",
+                "summary": "重置扫描任务token",
+                "operationId": "refreshAuditPlanTokenV1",
                 "parameters": [
                     {
                         "description": "update instance audit plan token",
                         "name": "audit_plan",
                         "in": "body",
                         "schema": {
-                            "$ref": "#/definitions/v1.GenerateAuditPlanTokenReqV1"
+                            "$ref": "#/definitions/v1.RefreshAuditPlanTokenReqV1"
                         }
                     },
                     {
@@ -12409,12 +12409,19 @@ var doc = `{
         "v1.AbnormalAuditPlanInstance": {
             "type": "object",
             "properties": {
+                "abnormal_status_code": {
+                    "type": "integer"
+                },
                 "instance_audit_plan_id": {
                     "type": "integer"
                 },
                 "instance_name": {
                     "type": "string",
                     "example": "MySQL"
+                },
+                "token_exp": {
+                    "type": "integer",
+                    "example": 1747129752
                 }
             }
         },
@@ -14560,14 +14567,6 @@ var doc = `{
                 }
             }
         },
-        "v1.GenerateAuditPlanTokenReqV1": {
-            "type": "object",
-            "properties": {
-                "expires_in_days": {
-                    "type": "integer"
-                }
-            }
-        },
         "v1.GetAbnormalAuditPlanInstancesResp": {
             "type": "object",
             "properties": {
@@ -17876,6 +17875,14 @@ var doc = `{
                 }
             }
         },
+        "v1.RefreshAuditPlanTokenReqV1": {
+            "type": "object",
+            "properties": {
+                "expires_in_days": {
+                    "type": "integer"
+                }
+            }
+        },
         "v1.RejectWorkflowReqV1": {
             "type": "object",
             "properties": {

sqle/docs/swagger.json

@@ -3827,19 +3827,19 @@
                         "ApiKeyAuth": []
                     }
                 ],
-                "description": "generate audit plan token",
+                "description": "refresh audit plan token",
                 "tags": [
                     "instance_audit_plan"
                 ],
-                "summary": "生成扫描任务token",
-                "operationId": "generateAuditPlanTokenV1",
+                "summary": "重置扫描任务token",
+                "operationId": "refreshAuditPlanTokenV1",
                 "parameters": [
                     {
                         "description": "update instance audit plan token",
                         "name": "audit_plan",
                         "in": "body",
                         "schema": {
-                            "$ref": "#/definitions/v1.GenerateAuditPlanTokenReqV1"
+                            "$ref": "#/definitions/v1.RefreshAuditPlanTokenReqV1"
                         }
                     },
                     {
@@ -12393,12 +12393,19 @@
         "v1.AbnormalAuditPlanInstance": {
             "type": "object",
             "properties": {
+                "abnormal_status_code": {
+                    "type": "integer"
+                },
                 "instance_audit_plan_id": {
                     "type": "integer"
                 },
                 "instance_name": {
                     "type": "string",
                     "example": "MySQL"
+                },
+                "token_exp": {
+                    "type": "integer",
+                    "example": 1747129752
                 }
             }
         },
@@ -14544,14 +14551,6 @@
                 }
             }
         },
-        "v1.GenerateAuditPlanTokenReqV1": {
-            "type": "object",
-            "properties": {
-                "expires_in_days": {
-                    "type": "integer"
-                }
-            }
-        },
         "v1.GetAbnormalAuditPlanInstancesResp": {
             "type": "object",
             "properties": {
@@ -17860,6 +17859,14 @@
                 }
             }
         },
+        "v1.RefreshAuditPlanTokenReqV1": {
+            "type": "object",
+            "properties": {
+                "expires_in_days": {
+                    "type": "integer"
+                }
+            }
+        },
         "v1.RejectWorkflowReqV1": {
             "type": "object",
             "properties": {

sqle/docs/swagger.yaml

@@ -36,11 +36,16 @@ definitions:
     type: object
   v1.AbnormalAuditPlanInstance:
     properties:
+      abnormal_status_code:
+        type: integer
       instance_audit_plan_id:
         type: integer
       instance_name:
         example: MySQL
         type: string
+      token_exp:
+        example: 1747129752
+        type: integer
     type: object
   v1.AffectRows:
     properties:
@@ -1505,11 +1510,6 @@ definitions:
           $ref: '#/definitions/v1.DatabaseSchemaObject'
         type: array
     type: object
-  v1.GenerateAuditPlanTokenReqV1:
-    properties:
-      expires_in_days:
-        type: integer
-    type: object
   v1.GetAbnormalAuditPlanInstancesResp:
     properties:
       code:
@@ -3782,6 +3782,11 @@ definitions:
       value:
         type: string
     type: object
+  v1.RefreshAuditPlanTokenReqV1:
+    properties:
+      expires_in_days:
+        type: integer
+    type: object
   v1.RejectWorkflowReqV1:
     properties:
       reason:
@@ -9304,14 +9309,14 @@ paths:
       - instance_audit_plan
   /v1/projects/{project_name}/instance_audit_plans/{instance_audit_plan_id}/token:
     patch:
-      description: generate audit plan token
-      operationId: generateAuditPlanTokenV1
+      description: refresh audit plan token
+      operationId: refreshAuditPlanTokenV1
       parameters:
       - description: update instance audit plan token
         in: body
         name: audit_plan
         schema:
-          $ref: '#/definitions/v1.GenerateAuditPlanTokenReqV1'
+          $ref: '#/definitions/v1.RefreshAuditPlanTokenReqV1'
       - description: project name
         in: path
         name: project_name
@@ -9329,7 +9334,7 @@ paths:
             $ref: '#/definitions/controller.BaseRes'
       security:
       - ApiKeyAuth: []
-      summary: 生成扫描任务token
+      summary: 重置扫描任务token
       tags:
       - instance_audit_plan
   /v1/projects/{project_name}/instance_tips: