Merge pull request #8 from Ahoo-Wang/rbac

add support Role-based access control(RBAC)

README.md

@@ -34,7 +34,7 @@ between process cache and Redis.
 > Kotlin DSL
 
 ``` kotlin
-    val coskyVersion = "1.1.12";
+    val coskyVersion = "1.2.0";
     implementation("me.ahoo.cosky:spring-cloud-starter-cosky-config:${coskyVersion}")
     implementation("me.ahoo.cosky:spring-cloud-starter-cosky-discovery:${coskyVersion}")
     implementation("org.springframework.cloud:spring-cloud-starter-loadbalancer:3.0.3")
@@ -52,7 +52,7 @@ between process cache and Redis.
     <modelVersion>4.0.0</modelVersion>
     <artifactId>demo</artifactId>
     <properties>
-        <cosky.version>1.1.12</cosky.version>
+        <cosky.version>1.2.0</cosky.version>
     </properties>
 
     <dependencies>
@@ -101,30 +101,21 @@ logging:
 
 #### Option 1：Download the executable file
 
-> Download [cosky-rest-api-server](https://github.com/Ahoo-Wang/cosky/releases/download/1.1.12/cosky-rest-api-1.1.12.tar)
+> Download [cosky-rest-api-server](https://github.com/Ahoo-Wang/cosky/releases/download/1.2.0/cosky-rest-api-1.2.0.tar)
 
-> tar *cosky-rest-api-1.1.12.tar*
+> tar *cosky-rest-api-1.2.0.tar*
 
 ```shell
-cd cosky-rest-api-1.1.12
-# Working directory: cosky-rest-api-1.1.12
+cd cosky-rest-api-1.2.0
+# Working directory: cosky-rest-api-1.2.0
 bin/cosky-rest-api --server.port=8080 --cosky.redis.uri=redis://localhost:6379
 ```
 
 #### Option 2：Run On Docker
 
 ```shell
-docker pull ahoowang/cosky-rest-api:1.1.12
-docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.1.12
-```
-
-##### MacBook Pro (M1)
-
-> Please use *ahoowang/cosky-rest-api:1.1.12-armv7*
-
-```shell
-docker pull ahoowang/cosky-rest-api:1.1.12-armv7
-docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.1.12-armv7
+docker pull ahoowang/cosky-rest-api:1.2.0
+docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.2.0
 ```
 
 #### Option 3：Run On Kubernetes
@@ -152,7 +143,7 @@ spec:
               value: standalone
             - name: COSKY_REDIS_URI
               value: redis://redis-uri:6379
-          image: ahoowang/cosky-rest-api:1.1.12
+          image: ahoowang/cosky-rest-api:1.2.0
           name: cosky-rest-api
           ports:
             - containerPort: 8080
@@ -196,6 +187,34 @@ spec:
 
 ![dashboard-dashboard](./docs/dashboard-dashboard.png)
 
+### Role-based access control(RBAC)
+
+- cosky: Reserved username, super user, with the highest authority. When the application is launched for the first time, the super user (cosky) password will be initialized and printed on the console. Don't worry if you forget your password, you can configure `enforce-init-super-user: true`, *CoSky* will help you reinitialize the password and print it on the console.
+
+```log
+---------------- ****** CoSky -  init super user:[cosky] password:[6TrmOux4Oj] ****** ----------------
+```
+
+- admin: Reserved roles, super administrator roles, have all permissions, a user can be bound to multiple roles, and a role can be bound to multiple resource operation permissions.
+- Permission control granularity is namespace, read and write operations
+
+#### Role Permissions
+
+![dashboard-role](./docs/dashboard-role.png)
+
+##### Add Role
+
+![dashboard-role-add](./docs/dashboard-role-add.png)
+
+#### User Management
+
+![dashboard-user](./docs/dashboard-user.png)
+
+##### Add User
+
+![dashboard-user-add](./docs/dashboard-user-add.png)
+
+
 #### Namespace
 
 ![dashboard-namespace](./docs/dashboard-namespace.png)
@@ -286,21 +305,10 @@ spec:
 ``` shell
 gradle cosky-config:jmh
 # or
-java -jar cosky-config/build/libs/cosky-config-1.1.12-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
+java -jar cosky-config/build/libs/cosky-config-1.2.0-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
 ```
 
 ```
-# JMH version: 1.29
-# VM version: JDK 11.1.121, OpenJDK 64-Bit Server VM, 11.1.121+9-LTS
-# VM invoker: /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home/bin/java
-# VM options: -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/Users/ahoo/cosky/cosky-config/build/tmp/jmh -Duser.country=CN -Duser.language=zh -Duser.variant
-# Blackhole mode: full + dont-inline hint
-# Warmup: 1 iterations, 10 s each
-# Measurement: 1 iterations, 10 s each
-# Timeout: 10 min per iteration
-# Threads: 50 threads, will synchronize iterations
-# Benchmark mode: Throughput, ops/time
-
 Benchmark                                          Mode  Cnt          Score   Error  Units
 ConsistencyRedisConfigServiceBenchmark.getConfig  thrpt       256733987.827          ops/s
 RedisConfigServiceBenchmark.getConfig             thrpt          241787.679          ops/s
@@ -312,21 +320,10 @@ RedisConfigServiceBenchmark.setConfig             thrpt          140461.112
 ``` shell
 gradle cosky-discovery:jmh
 # or
-java -jar cosky-discovery/build/libs/cosky-discovery-1.1.12-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
+java -jar cosky-discovery/build/libs/cosky-discovery-1.2.0-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
 ```
 
 ```
-# JMH version: 1.29
-# VM version: JDK 11.1.121, OpenJDK 64-Bit Server VM, 11.1.121+9-LTS
-# VM invoker: /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home/bin/java
-# VM options: -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/Users/ahoo/cosky/cosky-discovery/build/tmp/jmh -Duser.country=CN -Duser.language=zh -Duser.variant
-# Blackhole mode: full + dont-inline hint
-# Warmup: 1 iterations, 10 s each
-# Measurement: 1 iterations, 10 s each
-# Timeout: 10 min per iteration
-# Threads: 50 threads, will synchronize iterations
-# Benchmark mode: Throughput, ops/time
-
 Benchmark                                                Mode  Cnt          Score   Error  Units
 ConsistencyRedisServiceDiscoveryBenchmark.getInstances  thrpt        76621729.048          ops/s
 ConsistencyRedisServiceDiscoveryBenchmark.getServices   thrpt       455760632.346          ops/s

README.zh-CN.md

@@ -33,7 +33,7 @@
 > Kotlin DSL
 
 ``` kotlin
-    val coskyVersion = "1.1.12";
+    val coskyVersion = "1.2.0";
     implementation("me.ahoo.cosky:spring-cloud-starter-cosky-config:${coskyVersion}")
     implementation("me.ahoo.cosky:spring-cloud-starter-cosky-discovery:${coskyVersion}")
     implementation("org.springframework.cloud:spring-cloud-starter-loadbalancer:3.0.3")
@@ -51,7 +51,7 @@
   <modelVersion>4.0.0</modelVersion>
   <artifactId>demo</artifactId>
   <properties>
-    <cosky.version>1.1.12</cosky.version>
+    <cosky.version>1.2.0</cosky.version>
   </properties>
 
   <dependencies>
@@ -100,30 +100,21 @@ logging:
 
 #### 方式一：下载可执行文件
 
-> 下载 [rest-api-server](https://github.com/Ahoo-Wang/cosky/releases/download/1.1.12/cosky-rest-api-1.1.12.tar)
+> 下载 [rest-api-server](https://github.com/Ahoo-Wang/cosky/releases/download/1.2.0/cosky-rest-api-1.2.0.tar)
 
-> 解压 *cosky-rest-api-1.1.12.tar*
+> 解压 *cosky-rest-api-1.2.0.tar*
 
 ```shell
-cd cosky-rest-api-1.1.12
-# 工作目录: cosky-rest-api-1.1.12
+cd cosky-rest-api-1.2.0
+# 工作目录: cosky-rest-api-1.2.0
 bin/cosky-rest-api --server.port=8080 --cosky.redis.uri=redis://localhost:6379
 ```
 
 #### 方式二：在 Docker 中运行
 
 ```shell
-docker pull ahoowang/cosky-rest-api:1.1.12
-docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.1.12
-```
-
-##### MacBook Pro (M1)
-
-> 请使用 *ahoowang/cosky-rest-api:1.1.12-armv7*
-
-```shell
-docker pull ahoowang/cosky-rest-api:1.1.12-armv7
-docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.1.12-armv7
+docker pull ahoowang/cosky-rest-api:1.2.0
+docker run --name cosky-rest-api -d -p 8080:8080 --link redis -e COSKY_REDIS_URI=redis://redis:6379  ahoowang/cosky-rest-api:1.2.0
 ```
 
 #### 方式三：在 Kubernetes 中运行
@@ -151,7 +142,7 @@ spec:
               value: standalone
             - name: COSKY_REDIS_URI
               value: redis://redis-uri:6379
-          image: ahoowang/cosky-rest-api:1.1.12
+          image: ahoowang/cosky-rest-api:1.2.0
           name: cosky-rest-api
           ports:
             - containerPort: 8080
@@ -195,6 +186,33 @@ spec:
 
 ![dashboard-dashboard](./docs/dashboard-dashboard.png)
 
+### 基于角色的访问控制(RBAC)
+
+- cosky: 保留用户名，超级用户，拥有最高权限。应用首次启动时会初始化超级用户(*cosky*)的密码，并打印在控制台。忘记密码也不用担心，可以通过配置 `enforce-init-super-user: true`，*CoSky* 会帮助你重新初始化密码并打印在控制台。
+
+```log
+---------------- ****** CoSky -  init super user:[cosky] password:[6TrmOux4Oj] ****** ----------------
+```
+
+- admin: 保留角色，超级管理员角色，拥有所有权限，一个用户可以绑定多个角色，一个角色可以绑定多个资源操作权限。
+- 权限控制粒度为命名空间，读写操作
+
+#### 角色权限
+
+![dashboard-role](./docs/dashboard-role.png)
+
+##### 添加角色
+
+![dashboard-role-add](./docs/dashboard-role-add.png)
+
+#### 用户管理
+
+![dashboard-user](./docs/dashboard-user.png)
+
+##### 添加用户
+
+![dashboard-user-add](./docs/dashboard-user-add.png)
+
 #### 命名空间管理
 
 ![dashboard-namespace](./docs/dashboard-namespace.png)
@@ -285,21 +303,10 @@ spec:
 ``` shell
 gradle cosky-config:jmh
 # or
-java -jar cosky-config/build/libs/cosky-config-1.1.12-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
+java -jar cosky-config/build/libs/cosky-config-1.2.0-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
 ```
 
 ```
-# JMH version: 1.29
-# VM version: JDK 11.1.121, OpenJDK 64-Bit Server VM, 11.1.121+9-LTS
-# VM invoker: /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home/bin/java
-# VM options: -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/Users/ahoo/cosky/config/build/tmp/jmh -Duser.country=CN -Duser.language=zh -Duser.variant
-# Blackhole mode: full + dont-inline hint
-# Warmup: 1 iterations, 10 s each
-# Measurement: 1 iterations, 10 s each
-# Timeout: 10 min per iteration
-# Threads: 50 threads, will synchronize iterations
-# Benchmark mode: Throughput, ops/time
-
 Benchmark                                          Mode  Cnt          Score   Error  Units
 ConsistencyRedisConfigServiceBenchmark.getConfig  thrpt       256733987.827          ops/s
 RedisConfigServiceBenchmark.getConfig             thrpt          241787.679          ops/s
@@ -311,21 +318,10 @@ RedisConfigServiceBenchmark.setConfig             thrpt          140461.112
 ``` shell
 gradle cosky-discovery:jmh
 # or
-java -jar cosky-discovery/build/libs/cosky-discovery-1.1.12-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
+java -jar cosky-discovery/build/libs/cosky-discovery-1.2.0-jmh.jar -bm thrpt -t 25 -wi 1 -rf json -f 1
 ```
 
 ```
-# JMH version: 1.29
-# VM version: JDK 11.1.121, OpenJDK 64-Bit Server VM, 11.1.121+9-LTS
-# VM invoker: /Library/Java/JavaVirtualMachines/zulu-11.jdk/Contents/Home/bin/java
-# VM options: -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/Users/ahoo/cosky/discovery/build/tmp/jmh -Duser.country=CN -Duser.language=zh -Duser.variant
-# Blackhole mode: full + dont-inline hint
-# Warmup: 1 iterations, 10 s each
-# Measurement: 1 iterations, 10 s each
-# Timeout: 10 min per iteration
-# Threads: 50 threads, will synchronize iterations
-# Benchmark mode: Throughput, ops/time
-
 Benchmark                                                Mode  Cnt          Score   Error  Units
 ConsistencyRedisServiceDiscoveryBenchmark.getInstances  thrpt        76621729.048          ops/s
 ConsistencyRedisServiceDiscoveryBenchmark.getServices   thrpt       455760632.346          ops/s

build.gradle.kts

@@ -50,6 +50,8 @@ ext {
     set("commonsIOVersion", "2.10.0")
     set("springfoxVersion", "3.0.0")
     set("metricsVersion", "4.2.0")
+    set("jjwtVersion", "0.11.2")
+    set("cosIdVersion", "1.3.1")
     set("libraryProjects", libraryProjects)
 }
 

cosky-config/src/main/java/me/ahoo/cosky/config/ConfigKeyGenerator.java

@@ -15,7 +15,7 @@
 
 import com.google.common.base.Strings;
 import lombok.var;
-import me.ahoo.cosky.core.Consts;
+import me.ahoo.cosky.core.CoSky;
 
 /**
  * @author ahoo wang
@@ -80,7 +80,7 @@ public static String getConfigKey(String namespace, String configId) {
     }
 
     public static NamespacedConfigId getConfigIdOfKey(String configKey) {
-        var firstSplitIdx = configKey.indexOf(Consts.KEY_SEPARATOR);
+        var firstSplitIdx = configKey.indexOf(CoSky.KEY_SEPARATOR);
         var namespace = configKey.substring(0, firstSplitIdx);
         var configKeyPrefix = Strings.lenientFormat(configKeyPrefixFormat, namespace);
         var configId = configKey.substring(configKeyPrefix.length());
@@ -90,7 +90,7 @@ public static NamespacedConfigId getConfigIdOfKey(String configKey) {
     public static ConfigVersion getConfigVersionOfHistoryKey(String namespace, String configHistoryKey) {
         var configHistoryKeyPrefix = Strings.lenientFormat(configHistoryKeyPrefixFormat, namespace);
         var configIdWithVersion = configHistoryKey.substring(configHistoryKeyPrefix.length());
-        var configIdWithVersionSplit = configIdWithVersion.split(Consts.KEY_SEPARATOR);
+        var configIdWithVersionSplit = configIdWithVersion.split(CoSky.KEY_SEPARATOR);
         if (configIdWithVersionSplit.length != 2) {
             throw new IllegalArgumentException(Strings.lenientFormat("configHistoryKey:[%s] format error.", configHistoryKey));
         }

cosky-core/src/main/java/me/ahoo/cosky/core/Consts.java → cosky-core/src/main/java/me/ahoo/cosky/core/CoSky.java

@@ -16,7 +16,7 @@
 /**
  * @author ahoo wang
  */
-public interface Consts {
+public interface CoSky {
     String COSKY = "cosky";
     String KEY_SEPARATOR = ":";
 }

cosky-core/src/main/java/me/ahoo/cosky/core/Namespaced.java

@@ -17,8 +17,8 @@
  * @author ahoo wang
  */
 public interface Namespaced {
-    String DEFAULT = Consts.COSKY + "-{default}";
-    String SYSTEM = Consts.COSKY + "-{system}";
+    String DEFAULT = CoSky.COSKY + "-{default}";
+    String SYSTEM = CoSky.COSKY + "-{system}";
 
     /**
      * 获取当前上下文的命名空间

cosky-core/src/main/java/me/ahoo/cosky/core/NamespacedContext.java

@@ -21,7 +21,7 @@ public interface NamespacedContext extends Namespaced {
     /**
      * 全局命名空间上下文
      */
-    NamespacedContext GLOBAL = of(Consts.COSKY);
+    NamespacedContext GLOBAL = of(CoSky.COSKY);
 
     /**
      * 设置当前上下文的命名空间

cosky-core/src/main/java/me/ahoo/cosky/core/redis/RedisConnection.java

@@ -15,24 +15,35 @@
 
 import io.lettuce.core.api.StatefulConnection;
 import io.lettuce.core.cluster.api.async.RedisClusterAsyncCommands;
+import io.lettuce.core.cluster.api.sync.RedisClusterCommands;
 
 
 /**
  * @author ahoo wang
  */
 public class RedisConnection implements AutoCloseable {
     private StatefulConnection<String, String> connection;
+    private RedisClusterCommands<String, String> syncCommands;
     private RedisClusterAsyncCommands<String, String> asyncCommands;
 
-    public RedisConnection(StatefulConnection<String, String> connection, RedisClusterAsyncCommands<String, String> asyncCommands) {
+    public RedisConnection(StatefulConnection<String, String> connection
+            , RedisClusterCommands<String, String> syncCommands
+            , RedisClusterAsyncCommands<String, String> asyncCommands
+
+    ) {
         this.connection = connection;
+        this.syncCommands = syncCommands;
         this.asyncCommands = asyncCommands;
     }
 
     public StatefulConnection<String, String> getConnection() {
         return connection;
     }
 
+    public RedisClusterCommands<String, String> getSyncCommands() {
+        return syncCommands;
+    }
+
     public RedisClusterAsyncCommands<String, String> getAsyncCommands() {
         return asyncCommands;
     }