TSK-1757: added configuration name to prevent multiple entries.

2021-11-04 17:34:23 +01:00 · 2021-11-04 17:34:23 +01:00 · 6719cfd231
parent e782b9defa
commit 6719cfd231
10 changed files with 64 additions and 19 deletions
--- a/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql
+++ b/common/taskana-common-data/src/main/resources/sql/clear/clear-db.sql
@ -13,4 +13,5 @@ DELETE FROM CLASSIFICATION;
 DELETE FROM OBJECT_REFERENCE;
 DELETE FROM SCHEDULED_JOB;
 DELETE FROM USER_INFO;
+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
 COMMIT;
--- a/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
+++ b/common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
@ -188,10 +188,13 @@ CREATE TABLE ATTACHMENT(
 );

 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
    CUSTOM_ATTRIBUTES CLOB NULL
 );

+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
+
 CREATE TABLE TASK_COMMENT(
    ID VARCHAR(40) NOT NULL,
    TASK_ID VARCHAR(40) NOT NULL,
--- a/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql
+++ b/common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_4.8.0_to_4.11.0_db2.sql
@ -4,6 +4,10 @@ SET SCHEMA %schemaName%;

 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);

+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
--- a/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
+++ b/common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
@ -307,10 +307,12 @@ CREATE TABLE CLASSIFICATION_HISTORY_EVENT
 );

 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
    CUSTOM_ATTRIBUTES CLOB NULL
 );

+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');

 CREATE TABLE USER_INFO (
    USER_ID                     VARCHAR(32)     NOT NULL,
--- a/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql
+++ b/common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_4.8.0_to_4.11.0_h2.sql
@ -2,6 +2,10 @@

 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);

+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
--- a/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
+++ b/common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
@ -302,10 +302,13 @@ CREATE TABLE CLASSIFICATION_HISTORY_EVENT
 );

 CREATE TABLE CONFIGURATION (
-    ENFORCE_SECURITY BOOLEAN NOT NULL,
+    NAME VARCHAR(8) NOT NULL,
+    ENFORCE_SECURITY BOOLEAN NULL,
    CUSTOM_ATTRIBUTES TEXT NULL
 );

+INSERT INTO CONFIGURATION (NAME) VALUES ('MASTER');
+

 CREATE TABLE USER_INFO (
    USER_ID                     VARCHAR(32)     NOT NULL,
--- a/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql
+++ b/common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_4.8.0_to_4.11.0_postgres.sql
@ -4,6 +4,10 @@ SET search_path = %schemaName%;

 INSERT INTO TASKANA_SCHEMA_VERSION (VERSION, CREATED) VALUES ('4.11.0', CURRENT_TIMESTAMP);

+ALTER TABLE CONFIGURATION ADD COLUMN NAME VARCHAR(8) NOT NULL DEFAULT 'MASTER';
+ALTER TABLE CONFIGURATION ALTER COLUMN ENFORCE_SECURITY DROP NOT NULL;
+ALTER TABLE CONFIGURATION ALTER COLUMN NAME DROP DEFAULT;
+
 UPDATE TASK SET CUSTOM_1 = '' WHERE CUSTOM_1 IS NULL;
 UPDATE TASK SET CUSTOM_2 = '' WHERE CUSTOM_2 IS NULL;
 UPDATE TASK SET CUSTOM_3 = '' WHERE CUSTOM_3 IS NULL;
--- a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationMapper.java
@ -1,17 +1,22 @@
 package pro.taskana.common.internal;

 import java.util.Map;
-import org.apache.ibatis.annotations.Insert;
 import org.apache.ibatis.annotations.Param;
 import org.apache.ibatis.annotations.Select;
 import org.apache.ibatis.annotations.Update;

 public interface ConfigurationMapper {

-  @Select("SELECT ENFORCE_SECURITY FROM CONFIGURATION")
-  Boolean isSecurityEnabled();
+  @Select(
+      "<script> SELECT ENFORCE_SECURITY FROM CONFIGURATION "
+          + "<if test='lockForUpdate == true'>"
+          + "FETCH FIRST ROW ONLY FOR UPDATE "
+          + "<if test=\"_databaseId == 'db2'\">WITH RS USE AND KEEP UPDATE LOCKS </if> "
+          + "</if>"
+          + "</script>")
+  Boolean isSecurityEnabled(boolean lockForUpdate);

-  @Insert("INSERT INTO CONFIGURATION(ENFORCE_SECURITY) VALUES (#{securityEnabled})")
+  @Update("UPDATE CONFIGURATION SET ENFORCE_SECURITY = #{securityEnabled} WHERE NAME = 'MASTER'")
  void setSecurityEnabled(@Param("securityEnabled") boolean securityEnabled);

  @Select(
@ -23,6 +28,6 @@ public interface ConfigurationMapper {
          + "</script>")
  Map<String, Object> getAllCustomAttributes(boolean lockForUpdate);

-  @Update("UPDATE CONFIGURATION SET CUSTOM_ATTRIBUTES = #{customAttributes}")
+  @Update("UPDATE CONFIGURATION SET CUSTOM_ATTRIBUTES = #{customAttributes} WHERE NAME = 'MASTER'")
  void setAllCustomAttributes(@Param("customAttributes") Map<String, ?> customAttributes);
 }
--- a/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/common/internal/ConfigurationServiceImpl.java
@ -27,16 +27,10 @@ public class ConfigurationServiceImpl implements ConfigurationService {

  public void checkSecureAccess(boolean securityEnabled) {
    Boolean isSecurityEnabled =
-        internalTaskanaEngine.executeInDatabaseConnection(mapper::isSecurityEnabled);
+        internalTaskanaEngine.executeInDatabaseConnection(() -> mapper.isSecurityEnabled(false));

    if (isSecurityEnabled == null) {
-      if (LOGGER.isDebugEnabled()) {
-        LOGGER.debug("Security-mode is not yet set. Setting security flag to {}", securityEnabled);
-      }
-      mapper.setSecurityEnabled(securityEnabled);
-      if (LOGGER.isDebugEnabled()) {
-        LOGGER.debug("Successfully set security mode to {}", securityEnabled);
-      }
+      initializeSecurityEnabled(securityEnabled);
    } else if (isSecurityEnabled && !securityEnabled) {
      LOGGER.error("Tried to start TASKANA in unsecured mode while secured mode is enforced!");
      throw new SystemException("Secured TASKANA mode is enforced, can't start in unsecured mode");
@ -73,6 +67,25 @@ public class ConfigurationServiceImpl implements ConfigurationService {
    return Optional.ofNullable(getAllCustomAttributes().get(attribute));
  }

+  private void initializeSecurityEnabled(boolean securityEnabled) {
+
+    if (LOGGER.isDebugEnabled()) {
+      LOGGER.debug("Security-mode is not yet set. Setting security flag to {}", securityEnabled);
+    }
+    Boolean isStillSecurityEnabled = mapper.isSecurityEnabled(true);
+    if (isStillSecurityEnabled == null) {
+      mapper.setSecurityEnabled(securityEnabled);
+      isStillSecurityEnabled = Boolean.valueOf(securityEnabled);
+      if (LOGGER.isDebugEnabled()) {
+        LOGGER.debug("Successfully set security mode to {}", securityEnabled);
+      }
+    }
+    if (isStillSecurityEnabled && !securityEnabled) {
+      LOGGER.error("Tried to start TASKANA in unsecured mode while secured mode is enforced!");
+      throw new SystemException("Secured TASKANA mode is enforced, can't start in unsecured mode");
+    }
+  }
+
  private Map<String, Object> generateDefaultCustomAttributes() throws IOException {
    JSONObject jsonObject =
        new JSONObject(
--- a/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/config/TaskanaSecurityConfigAccTest.java
@ -88,13 +88,19 @@ class TaskanaSecurityConfigAccTest {

      String selectSecurityFlagSql =
          String.format(
-              "SELECT ENFORCE_SECURITY FROM %s.CONFIGURATION", DataSourceGenerator.getSchemaName());
+              "SELECT ENFORCE_SECURITY FROM %s.CONFIGURATION WHERE NAME = 'MASTER'",
+              DataSourceGenerator.getSchemaName());

      Statement statement = connection.createStatement();
      ResultSet resultSet = statement.executeQuery(selectSecurityFlagSql);

      if (resultSet.next()) {
-        return resultSet.getBoolean(1);
+        Boolean securityEnabled = resultSet.getBoolean(1);
+        if (resultSet.wasNull()) {
+          return null;
+        } else {
+          return securityEnabled;
+        }
      }
      statement.close();
      return null;
@ -107,7 +113,7 @@ class TaskanaSecurityConfigAccTest {

      String sql =
          String.format(
-              "INSERT INTO %s.CONFIGURATION (ENFORCE_SECURITY) VALUES (%b)",
+              "UPDATE %s.CONFIGURATION SET ENFORCE_SECURITY = %b WHERE NAME = 'MASTER'",
              DataSourceGenerator.getSchemaName(), securityFlag);

      Statement statement = connection.createStatement();