From 4d82d1338d4201708e4f394b8e01cd6edf3058ae Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Sat, 11 May 2024 14:22:54 +0800 Subject: [PATCH 1/6] [fix](user manager) Add rwlock for userManager fix ``` 2024-05-10 14:33:55,005 mysql-nio-pool-67 ERROR An exception occurred processing Appender Sys java.util.ConcurrentModificationException at java.base/java.util.HashMap$HashIterator.nextNode(HashMap.java:1597) at java.base/java.util.HashMap$EntryIterator.next(HashMap.java:1630) at java.base/java.util.HashMap$EntryIterator.next(HashMap.java:1628) at org.apache.logging.log4j.message.ParameterFormatter.appendMap(ParameterFormatter.java:581) at org.apache.logging.log4j.message.ParameterFormatter.appendPotentiallyRecursiveValue(ParameterFormatter.java:512) at org.apache.logging.log4j.message.ParameterFormatter.recursiveDeepToString(ParameterFormatter.java:477) at org.apache.logging.log4j.message.ParameterFormatter.recursiveDeepToString(ParameterFormatter.java:448) at org.apache.logging.log4j.message.ParameterFormatter.formatMessage2(ParameterFormatter.java:191) at org.apache.logging.log4j.message.ParameterizedMessage.formatTo(ParameterizedMessage.java:227) at org.apache.logging.log4j.core.pattern.MessagePatternConverter$SimpleMessagePatternConverter.format(MessagePatternConverter.java:121) at org.apache.logging.log4j.core.layout.PatternLayout$NoFormatPatternSerializer.toSerializable(PatternLayout.java:342) at org.apache.logging.log4j.core.layout.PatternLayout.toText(PatternLayout.java:240) at org.apache.logging.log4j.core.layout.PatternLayout.encode(PatternLayout.java:225) at org.apache.logging.log4j.core.layout.PatternLayout.encode(PatternLayout.java:59) at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.directEncodeEvent(AbstractOutputStreamAppender.java:215) at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.tryAppend(AbstractOutputStreamAppender.java:208) at org.apache.logging.log4j.core.appender.AbstractOutputStreamAppender.append(AbstractOutputStreamAppender.java:199) at org.apache.logging.log4j.core.appender.RollingFileAppender.append(RollingFileAppender.java:301) at org.apache.logging.log4j.core.config.AppenderControl.tryCallAppender(AppenderControl.java:161) at org.apache.logging.log4j.core.config.AppenderControl.callAppender0(AppenderControl.java:134) at org.apache.logging.log4j.core.config.AppenderControl.callAppenderPreventRecursion(AppenderControl.java:125) at org.apache.logging.log4j.core.config.AppenderControl.callAppender(AppenderControl.java:89) at org.apache.logging.log4j.core.config.LoggerConfig.callAppenders(LoggerConfig.java:675) at org.apache.logging.log4j.core.config.LoggerConfig.processLogEvent(LoggerConfig.java:633) at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:616) at org.apache.logging.log4j.core.config.LoggerConfig.log(LoggerConfig.java:552) at org.apache.logging.log4j.core.config.AwaitCompletionReliabilityStrategy.log(AwaitCompletionReliabilityStrategy.java:82) at org.apache.logging.log4j.core.Logger.log(Logger.java:161) at org.apache.logging.log4j.spi.AbstractLogger.tryLogMessage(AbstractLogger.java:2205) at org.apache.logging.log4j.spi.AbstractLogger.logMessageTrackRecursion(AbstractLogger.java:2159) at org.apache.logging.log4j.spi.AbstractLogger.logMessageSafely(AbstractLogger.java:2142) at org.apache.logging.log4j.spi.AbstractLogger.logMessage(AbstractLogger.java:2040) at org.apache.logging.log4j.spi.AbstractLogger.logIfEnabled(AbstractLogger.java:1907) at org.apache.logging.log4j.spi.AbstractLogger.warn(AbstractLogger.java:2789) at org.apache.doris.mysql.privilege.UserManager.getUserId(UserManager.java:348) at org.apache.doris.mysql.privilege.Auth.getUserId(Auth.java:1950) at org.apache.doris.analysis.CreateUserStmt.(CreateUserStmt.java:94) at org.apache.doris.analysis.CUP$SqlParser$actions.case209(SqlParser.java:51399) at org.apache.doris.analysis.CUP$SqlParser$actions.CUP$SqlParser$do_action(SqlParser.java:19433) at org.apache.doris.analysis.SqlParser.do_action(SqlParser.java:2972) at java_cup.runtime.lr_parser.parse(lr_parser.java:584) at org.apache.doris.common.util.SqlParserUtils.getMultiStmts(SqlParserUtils.java:60) at org.apache.doris.qe.ConnectProcessor.parse(ConnectProcessor.java:516) at org.apache.doris.qe.ConnectProcessor.executeQuery(ConnectProcessor.java:296) at org.apache.doris.qe.ConnectProcessor.handleQuery(ConnectProcessor.java:232) at org.apache.doris.qe.MysqlConnectProcessor.handleQuery(MysqlConnectProcessor.java:177) ``` --- .../doris/mysql/privilege/UserManager.java | 296 +++++++++++------- 1 file changed, 191 insertions(+), 105 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index 9213654b0e0cba..8c401d034f91d5 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -33,6 +33,7 @@ import org.apache.doris.persist.gson.GsonUtils; import com.google.common.base.Preconditions; +import com.google.common.collect.ImmutableMap; import com.google.common.collect.Lists; import com.google.common.collect.Maps; import com.google.gson.annotations.SerializedName; @@ -44,39 +45,58 @@ import java.io.DataInput; import java.io.DataOutput; import java.io.IOException; +import java.util.ArrayList; import java.util.Collections; +import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; import java.util.Set; +import java.util.concurrent.locks.Lock; +import java.util.concurrent.locks.ReadWriteLock; +import java.util.concurrent.locks.ReentrantReadWriteLock; public class UserManager implements Writable, GsonPostProcessable { public static final String ANY_HOST = "%"; private static final Logger LOG = LogManager.getLogger(UserManager.class); - // Concurrency control is delegated by Auth, so not concurrentMap + + private static final ReadWriteLock rwlock = new ReentrantReadWriteLock(); + private static final Lock rlock = rwlock.readLock(); + private static final Lock wlock = rwlock.writeLock(); + // One name may have multiple User,because host can be different @SerializedName(value = "nameToUsers") - private Map> nameToUsers = Maps.newHashMap(); + private Map> nameToUsers = Maps.newConcurrentMap(); public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDomain) { - List users = nameToUsers.get(userIdentity.getQualifiedUser()); - if (CollectionUtils.isEmpty(users)) { - return false; - } - for (User user : users) { - if (user.getUserIdentity().getHost().equalsIgnoreCase(userIdentity.getHost())) { - if (includeByDomain || !user.isSetByDomainResolver()) { - return true; + rlock.lock(); + try { + List users = nameToUsers.get(userIdentity.getQualifiedUser()); + if (CollectionUtils.isEmpty(users)) { + return false; + } + for (User user : users) { + if (user.getUserIdentity().getHost().equalsIgnoreCase(userIdentity.getHost())) { + if (includeByDomain || !user.isSetByDomainResolver()) { + return true; + } } } + return false; + } finally { + rlock.unlock(); } - return false; } public List getUserByName(String name) { - List users = nameToUsers.get(name); - return users == null ? Collections.EMPTY_LIST : users; + rlock.lock(); + try { + List users = nameToUsers.get(name); + return users == null ? Collections.EMPTY_LIST : users; + } finally { + rlock.unlock(); + } } public void checkPassword(String remoteUser, String remoteHost, byte[] remotePasswd, byte[] randomString, @@ -92,10 +112,16 @@ public void checkPlainPassword(String remoteUser, String remoteHost, String remo private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] remotePasswd, byte[] randomString, String remotePasswdStr, List currentUser, boolean plain) throws AuthenticationException { PasswordPolicyManager passwdPolicyMgr = Env.getCurrentEnv().getAuth().getPasswdPolicyManager(); - List users = nameToUsers.get(remoteUser); - if (CollectionUtils.isEmpty(users)) { - throw new AuthenticationException(ErrorCode.ERR_ACCESS_DENIED_ERROR, remoteUser + "@" + remoteHost, + List users = new ArrayList<>(); + rlock.lock(); + try { + users = nameToUsers.get(remoteUser); + if (CollectionUtils.isEmpty(users)) { + throw new AuthenticationException(ErrorCode.ERR_ACCESS_DENIED_ERROR, remoteUser + "@" + remoteHost, "YES"); + } + } finally { + rlock.unlock(); } for (User user : users) { @@ -131,13 +157,19 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] public List getUserIdentityUncheckPasswd(String remoteUser, String remoteHost) { List userIdentities = Lists.newArrayList(); - List users = nameToUsers.getOrDefault(remoteUser, Lists.newArrayList()); - for (User user : users) { - if (!user.getUserIdentity().isDomain() && (user.isAnyHost() || user.getHostPattern().match(remoteHost))) { - userIdentities.add(user.getUserIdentity()); + rlock.lock(); + try { + List users = nameToUsers.getOrDefault(remoteUser, Lists.newArrayList()); + for (User user : users) { + if (!user.getUserIdentity().isDomain() + && (user.isAnyHost() || user.getHostPattern().match(remoteHost))) { + userIdentities.add(user.getUserIdentity()); + } } + return userIdentities; + } finally { + rlock.unlock(); } - return userIdentities; } private String hasRemotePasswd(boolean plain, byte[] remotePasswd) { @@ -163,23 +195,27 @@ private boolean comparePassword(Password curUserPassword, byte[] remotePasswd, public void clearEntriesSetByResolver() { - Iterator>> iterator = nameToUsers.entrySet().iterator(); - while (iterator.hasNext()) { - Entry> next = iterator.next(); - Iterator iter = next.getValue().iterator(); - while (iter.hasNext()) { - User user = iter.next(); - if (user.isSetByDomainResolver()) { - iter.remove(); + wlock.lock(); + try { + Iterator>> iterator = nameToUsers.entrySet().iterator(); + while (iterator.hasNext()) { + Entry> next = iterator.next(); + Iterator iter = next.getValue().iterator(); + while (iter.hasNext()) { + User user = iter.next(); + if (user.isSetByDomainResolver()) { + iter.remove(); + } + } + if (CollectionUtils.isEmpty(next.getValue())) { + iterator.remove(); + } else { + Collections.sort(next.getValue()); } } - if (CollectionUtils.isEmpty(next.getValue())) { - iterator.remove(); - } else { - Collections.sort(next.getValue()); - } + } finally { + wlock.unlock(); } - } public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUserIdent, boolean setByResolver, @@ -202,53 +238,73 @@ public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUs PatternMatcher hostPattern = PatternMatcher .createMysqlPattern(userIdent.getHost(), CaseSensibility.HOST.getCaseSensibility()); User user = new User(userIdent, pwd, setByResolver, domainUserIdent, hostPattern, comment); - List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); - if (CollectionUtils.isEmpty(nameToLists)) { - nameToLists = Lists.newArrayList(user); - nameToUsers.put(userIdent.getQualifiedUser(), nameToLists); - } else { - nameToLists.add(user); - Collections.sort(nameToLists); + wlock.lock(); + try { + List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); + if (CollectionUtils.isEmpty(nameToLists)) { + nameToLists = Lists.newArrayList(user); + nameToUsers.put(userIdent.getQualifiedUser(), nameToLists); + } else { + nameToLists.add(user); + Collections.sort(nameToLists); + } + return user; + } finally { + wlock.unlock(); } - return user; } public User getUserByUserIdentity(UserIdentity userIdent) { - List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); - if (CollectionUtils.isEmpty(nameToLists)) { - return null; - } - Iterator iter = nameToLists.iterator(); - while (iter.hasNext()) { - User user = iter.next(); - if (user.getUserIdentity().equals(userIdent)) { - return user; + rlock.lock(); + try { + List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); + if (CollectionUtils.isEmpty(nameToLists)) { + return null; } + Iterator iter = nameToLists.iterator(); + while (iter.hasNext()) { + User user = iter.next(); + if (user.getUserIdentity().equals(userIdent)) { + return user; + } + } + return null; + } finally { + rlock.lock(); } - return null; } public void removeUser(UserIdentity userIdent) { - List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); - if (CollectionUtils.isEmpty(nameToLists)) { - return; - } - Iterator iter = nameToLists.iterator(); - while (iter.hasNext()) { - User user = iter.next(); - if (user.getUserIdentity().equals(userIdent)) { - iter.remove(); + wlock.lock(); + try { + List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); + if (CollectionUtils.isEmpty(nameToLists)) { + return; } - } - if (CollectionUtils.isEmpty(nameToLists)) { - nameToUsers.remove(userIdent.getQualifiedUser()); - } else { - Collections.sort(nameToLists); + Iterator iter = nameToLists.iterator(); + while (iter.hasNext()) { + User user = iter.next(); + if (user.getUserIdentity().equals(userIdent)) { + iter.remove(); + } + } + if (CollectionUtils.isEmpty(nameToLists)) { + nameToUsers.remove(userIdent.getQualifiedUser()); + } else { + Collections.sort(nameToLists); + } + } finally { + wlock.unlock(); } } public Map> getNameToUsers() { - return nameToUsers; + rlock.lock(); + try { + return ImmutableMap.copyOf(nameToUsers); + } finally { + rlock.unlock(); + } } public void setPassword(UserIdentity userIdentity, byte[] password, boolean errOnNonExist) throws DdlException { @@ -263,12 +319,17 @@ public void setPassword(UserIdentity userIdentity, byte[] password, boolean errO } public void getAllDomains(Set allDomains) { - for (Entry> entry : nameToUsers.entrySet()) { - for (User user : entry.getValue()) { - if (user.getUserIdentity().isDomain()) { - allDomains.add(user.getUserIdentity().getHost()); + rlock.lock(); + try { + for (Entry> entry : nameToUsers.entrySet()) { + for (User user : entry.getValue()) { + if (user.getUserIdentity().isDomain()) { + allDomains.add(user.getUserIdentity().getHost()); + } } } + } finally { + rlock.unlock(); } } @@ -276,25 +337,30 @@ public void getAllDomains(Set allDomains) { // it will only modify password entry of these resolved IPs. All other privileges are binded // to the domain, so no need to modify. public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPsMap) { - for (Entry> userEntry : nameToUsers.entrySet()) { - for (Map.Entry> entry : resolvedIPsMap.entrySet()) { - User domainUser = getDomainUser(userEntry.getValue(), entry.getKey()); - if (domainUser == null) { - continue; - } - // this user ident will be saved along with each resolved "IP" user ident, so that when checking - // password, this "domain" user ident will be returned as "current user". - for (String newIP : entry.getValue()) { - UserIdentity userIdent = UserIdentity.createAnalyzedUserIdentWithIp(userEntry.getKey(), newIP); - byte[] password = domainUser.getPassword().getPassword(); - Preconditions.checkNotNull(password, entry.getKey()); - try { - createUser(userIdent, password, domainUser.getUserIdentity(), true, ""); - } catch (PatternMatcherException e) { - LOG.info("failed to create user for user ident: {}, {}", userIdent, e.getMessage()); + rlock.lock(); + try { + for (Entry> userEntry : nameToUsers.entrySet()) { + for (Map.Entry> entry : resolvedIPsMap.entrySet()) { + User domainUser = getDomainUser(userEntry.getValue(), entry.getKey()); + if (domainUser == null) { + continue; + } + // this user ident will be saved along with each resolved "IP" user ident, so that when checking + // password, this "domain" user ident will be returned as "current user". + for (String newIP : entry.getValue()) { + UserIdentity userIdent = UserIdentity.createAnalyzedUserIdentWithIp(userEntry.getKey(), newIP); + byte[] password = domainUser.getPassword().getPassword(); + Preconditions.checkNotNull(password, entry.getKey()); + try { + createUser(userIdent, password, domainUser.getUserIdentity(), true, ""); + } catch (PatternMatcherException e) { + LOG.info("failed to create user for user ident: {}, {}", userIdent, e.getMessage()); + } } } } + } finally { + rlock.unlock(); } } @@ -309,7 +375,12 @@ private User getDomainUser(List users, String domain) { @Override public String toString() { - return nameToUsers.toString(); + rlock.lock(); + try { + return nameToUsers.toString(); + } finally { + rlock.unlock(); + } } @Override @@ -326,11 +397,16 @@ public static UserManager read(DataInput in) throws IOException { // should be removed after version 3.0 private void removeClusterPrefix() { Map> newNameToUsers = Maps.newHashMap(); - for (Entry> entry : nameToUsers.entrySet()) { - String user = entry.getKey(); - newNameToUsers.put(ClusterNamespace.getNameFromFullName(user), entry.getValue()); + wlock.lock(); + try { + for (Entry> entry : nameToUsers.entrySet()) { + String user = entry.getKey(); + newNameToUsers.put(ClusterNamespace.getNameFromFullName(user), entry.getValue()); + } + this.nameToUsers = newNameToUsers; + } finally { + wlock.unlock(); } - this.nameToUsers = newNameToUsers; } @Override @@ -340,22 +416,32 @@ public void gsonPostProcess() throws IOException { // ====== CLOUD ====== public Set getAllUsers() { - return nameToUsers.keySet(); + rlock.lock(); + try { + return new HashSet<>(nameToUsers.keySet()); + } finally { + rlock.unlock(); + } } public String getUserId(String userName) { - if (!nameToUsers.containsKey(userName)) { - LOG.warn("can't find userName {} 's userId, nameToUsers {}", userName, nameToUsers); - return ""; - } - List users = nameToUsers.get(userName); - if (users.isEmpty()) { - LOG.warn("userName {} empty users in map {}", userName, nameToUsers); + rlock.lock(); + try { + if (!nameToUsers.containsKey(userName)) { + LOG.warn("can't find userName {} 's userId, nameToUsers {}", userName, nameToUsers); + return ""; + } + List users = nameToUsers.get(userName); + if (users.isEmpty()) { + LOG.warn("userName {} empty users in map {}", userName, nameToUsers); + } + // here, all the users has same userid, just return one + String userId = users.stream().map(User::getUserId).filter(Strings::isNotEmpty).findFirst().orElse(""); + LOG.debug("userName {}, userId {}, map {}", userName, userId, nameToUsers); + return userId; + } finally { + rlock.unlock(); } - // here, all the users has same userid, just return one - String userId = users.stream().map(User::getUserId).filter(Strings::isNotEmpty).findFirst().orElse(""); - LOG.debug("userName {}, userId {}, map {}", userName, userId, nameToUsers); - return userId; } // ====== CLOUD ===== From a41751fe5adce5e7ec1bb41e144b207a3f51a9c3 Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Mon, 13 May 2024 15:31:04 +0800 Subject: [PATCH 2/6] add log --- .../doris/mysql/privilege/UserManager.java | 79 +++++++++++++------ 1 file changed, 57 insertions(+), 22 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index 8c401d034f91d5..7ce4a4ac38a377 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -28,6 +28,7 @@ import org.apache.doris.common.PatternMatcherException; import org.apache.doris.common.io.Text; import org.apache.doris.common.io.Writable; +import org.apache.doris.common.util.QueryableReentrantReadWriteLock; import org.apache.doris.mysql.MysqlPassword; import org.apache.doris.persist.gson.GsonPostProcessable; import org.apache.doris.persist.gson.GsonUtils; @@ -54,22 +55,21 @@ import java.util.Map.Entry; import java.util.Set; import java.util.concurrent.locks.Lock; -import java.util.concurrent.locks.ReadWriteLock; -import java.util.concurrent.locks.ReentrantReadWriteLock; public class UserManager implements Writable, GsonPostProcessable { public static final String ANY_HOST = "%"; private static final Logger LOG = LogManager.getLogger(UserManager.class); - private static final ReadWriteLock rwlock = new ReentrantReadWriteLock(); - private static final Lock rlock = rwlock.readLock(); - private static final Lock wlock = rwlock.writeLock(); + private static final QueryableReentrantReadWriteLock rwLock = new QueryableReentrantReadWriteLock(false); + private static final Lock rlock = rwLock.readLock(); + private static final Lock wlock = rwLock.writeLock(); // One name may have multiple User,because host can be different @SerializedName(value = "nameToUsers") private Map> nameToUsers = Maps.newConcurrentMap(); public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDomain) { + LOG.info("dx test before rlock userIdentityExist {}", rwLock.getOwner()); rlock.lock(); try { List users = nameToUsers.get(userIdentity.getQualifiedUser()); @@ -86,16 +86,19 @@ public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDom return false; } finally { rlock.unlock(); + LOG.info("dx test after rlock userIdentityExist"); } } public List getUserByName(String name) { + LOG.info("dx test before rlock getUserByName {}", rwLock.getOwner()); rlock.lock(); try { List users = nameToUsers.get(name); return users == null ? Collections.EMPTY_LIST : users; } finally { rlock.unlock(); + LOG.info("dx test after rlock getUserByName {}", rwLock.getOwner()); } } @@ -113,6 +116,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] String remotePasswdStr, List currentUser, boolean plain) throws AuthenticationException { PasswordPolicyManager passwdPolicyMgr = Env.getCurrentEnv().getAuth().getPasswdPolicyManager(); List users = new ArrayList<>(); + LOG.info("dx test before rlock checkPasswordInternal {}", rwLock.getOwner()); rlock.lock(); try { users = nameToUsers.get(remoteUser); @@ -122,6 +126,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] } } finally { rlock.unlock(); + LOG.info("dx test after rlock checkPasswordInternal {}", rwLock.getOwner()); } for (User user : users) { @@ -157,6 +162,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] public List getUserIdentityUncheckPasswd(String remoteUser, String remoteHost) { List userIdentities = Lists.newArrayList(); + LOG.info("dx test before rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); rlock.lock(); try { List users = nameToUsers.getOrDefault(remoteUser, Lists.newArrayList()); @@ -169,6 +175,7 @@ public List getUserIdentityUncheckPasswd(String remoteUser, String return userIdentities; } finally { rlock.unlock(); + LOG.info("dx test after rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); } } @@ -195,6 +202,7 @@ private boolean comparePassword(Password curUserPassword, byte[] remotePasswd, public void clearEntriesSetByResolver() { + LOG.info("dx test before wlock clearEntriesSetByResolver {}", rwLock.getOwner()); wlock.lock(); try { Iterator>> iterator = nameToUsers.entrySet().iterator(); @@ -215,11 +223,24 @@ public void clearEntriesSetByResolver() { } } finally { wlock.unlock(); + LOG.info("dx test after wlock clearEntriesSetByResolver {}", rwLock.getOwner()); } } public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUserIdent, boolean setByResolver, - String comment) + String comment) throws PatternMatcherException { + LOG.info("dx test before wlock createUser {}", rwLock.getOwner()); + wlock.lock(); + try { + return createUserWithoutLock(userIdent, pwd, domainUserIdent, setByResolver, comment); + } finally { + wlock.unlock(); + LOG.info("dx test after wlock createUser {}", rwLock.getOwner()); + } + } + + public User createUserWithoutLock(UserIdentity userIdent, byte[] pwd, UserIdentity domainUserIdent, + boolean setByResolver, String comment) throws PatternMatcherException { if (userIdentityExist(userIdent, true)) { User userByUserIdentity = getUserByUserIdentity(userIdent); @@ -238,23 +259,20 @@ public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUs PatternMatcher hostPattern = PatternMatcher .createMysqlPattern(userIdent.getHost(), CaseSensibility.HOST.getCaseSensibility()); User user = new User(userIdent, pwd, setByResolver, domainUserIdent, hostPattern, comment); - wlock.lock(); - try { - List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); - if (CollectionUtils.isEmpty(nameToLists)) { - nameToLists = Lists.newArrayList(user); - nameToUsers.put(userIdent.getQualifiedUser(), nameToLists); - } else { - nameToLists.add(user); - Collections.sort(nameToLists); - } - return user; - } finally { - wlock.unlock(); + List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); + if (CollectionUtils.isEmpty(nameToLists)) { + nameToLists = Lists.newArrayList(user); + nameToUsers.put(userIdent.getQualifiedUser(), nameToLists); + } else { + nameToLists.add(user); + Collections.sort(nameToLists); } + return user; + } public User getUserByUserIdentity(UserIdentity userIdent) { + LOG.info("dx test before wlock getUserByUserIdentity {}", rwLock.getOwner()); rlock.lock(); try { List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); @@ -271,10 +289,12 @@ public User getUserByUserIdentity(UserIdentity userIdent) { return null; } finally { rlock.lock(); + LOG.info("dx test after wlock getUserByUserIdentity {}", rwLock.getOwner()); } } public void removeUser(UserIdentity userIdent) { + LOG.info("dx test before wlock removeUser {}", rwLock.getOwner()); wlock.lock(); try { List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); @@ -295,15 +315,18 @@ public void removeUser(UserIdentity userIdent) { } } finally { wlock.unlock(); + LOG.info("dx test after wlock removeUser {}", rwLock.getOwner()); } } public Map> getNameToUsers() { + LOG.info("dx test before rlock getNameToUsers {}", rwLock.getOwner()); rlock.lock(); try { return ImmutableMap.copyOf(nameToUsers); } finally { rlock.unlock(); + LOG.info("dx test after rlock getNameToUsers {}", rwLock.getOwner()); } } @@ -319,6 +342,7 @@ public void setPassword(UserIdentity userIdentity, byte[] password, boolean errO } public void getAllDomains(Set allDomains) { + LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); rlock.lock(); try { for (Entry> entry : nameToUsers.entrySet()) { @@ -329,6 +353,7 @@ public void getAllDomains(Set allDomains) { } } } finally { + LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); rlock.unlock(); } } @@ -337,7 +362,8 @@ public void getAllDomains(Set allDomains) { // it will only modify password entry of these resolved IPs. All other privileges are binded // to the domain, so no need to modify. public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPsMap) { - rlock.lock(); + LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); + wlock.lock(); try { for (Entry> userEntry : nameToUsers.entrySet()) { for (Map.Entry> entry : resolvedIPsMap.entrySet()) { @@ -352,7 +378,7 @@ public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPs byte[] password = domainUser.getPassword().getPassword(); Preconditions.checkNotNull(password, entry.getKey()); try { - createUser(userIdent, password, domainUser.getUserIdentity(), true, ""); + createUserWithoutLock(userIdent, password, domainUser.getUserIdentity(), true, ""); } catch (PatternMatcherException e) { LOG.info("failed to create user for user ident: {}, {}", userIdent, e.getMessage()); } @@ -360,7 +386,8 @@ public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPs } } } finally { - rlock.unlock(); + wlock.unlock(); + LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); } } @@ -375,11 +402,13 @@ private User getDomainUser(List users, String domain) { @Override public String toString() { + LOG.info("dx test before rlock toString {}", rwLock.getOwner()); rlock.lock(); try { return nameToUsers.toString(); } finally { rlock.unlock(); + LOG.info("dx test before rlock toString {}", rwLock.getOwner()); } } @@ -397,6 +426,7 @@ public static UserManager read(DataInput in) throws IOException { // should be removed after version 3.0 private void removeClusterPrefix() { Map> newNameToUsers = Maps.newHashMap(); + LOG.info("dx test before wlock removeClusterPrefix {}", rwLock.getOwner()); wlock.lock(); try { for (Entry> entry : nameToUsers.entrySet()) { @@ -406,6 +436,7 @@ private void removeClusterPrefix() { this.nameToUsers = newNameToUsers; } finally { wlock.unlock(); + LOG.info("dx test after wlock removeClusterPrefix {}", rwLock.getOwner()); } } @@ -416,15 +447,18 @@ public void gsonPostProcess() throws IOException { // ====== CLOUD ====== public Set getAllUsers() { + LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); rlock.lock(); try { return new HashSet<>(nameToUsers.keySet()); } finally { rlock.unlock(); + LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); } } public String getUserId(String userName) { + LOG.info("dx test before rlock getUserId {}", rwLock.getOwner()); rlock.lock(); try { if (!nameToUsers.containsKey(userName)) { @@ -441,6 +475,7 @@ public String getUserId(String userName) { return userId; } finally { rlock.unlock(); + LOG.info("dx test after rlock getUserId {}", rwLock.getOwner()); } } From 88fa9ddd061c92d2867570fe5f3f3ab1d9e49dc9 Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Mon, 13 May 2024 15:52:44 +0800 Subject: [PATCH 3/6] log --- .../doris/mysql/privilege/UserManager.java | 42 ++++++++++++------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index 7ce4a4ac38a377..e45d153c53cd0a 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -71,6 +71,7 @@ public class UserManager implements Writable, GsonPostProcessable { public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDomain) { LOG.info("dx test before rlock userIdentityExist {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock userIdentityExist {}", rwLock.getOwner()); try { List users = nameToUsers.get(userIdentity.getQualifiedUser()); if (CollectionUtils.isEmpty(users)) { @@ -86,19 +87,20 @@ public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDom return false; } finally { rlock.unlock(); - LOG.info("dx test after rlock userIdentityExist"); + LOG.info("dx test after unrlock userIdentityExist {}", rwLock.getOwner()); } } public List getUserByName(String name) { LOG.info("dx test before rlock getUserByName {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock getUserByName {}", rwLock.getOwner()); try { List users = nameToUsers.get(name); return users == null ? Collections.EMPTY_LIST : users; } finally { rlock.unlock(); - LOG.info("dx test after rlock getUserByName {}", rwLock.getOwner()); + LOG.info("dx test after unrlock getUserByName {}", rwLock.getOwner()); } } @@ -118,6 +120,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] List users = new ArrayList<>(); LOG.info("dx test before rlock checkPasswordInternal {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock checkPasswordInternal {}", rwLock.getOwner()); try { users = nameToUsers.get(remoteUser); if (CollectionUtils.isEmpty(users)) { @@ -126,7 +129,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] } } finally { rlock.unlock(); - LOG.info("dx test after rlock checkPasswordInternal {}", rwLock.getOwner()); + LOG.info("dx test after unrlock checkPasswordInternal {}", rwLock.getOwner()); } for (User user : users) { @@ -164,6 +167,7 @@ public List getUserIdentityUncheckPasswd(String remoteUser, String List userIdentities = Lists.newArrayList(); LOG.info("dx test before rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); try { List users = nameToUsers.getOrDefault(remoteUser, Lists.newArrayList()); for (User user : users) { @@ -175,7 +179,7 @@ public List getUserIdentityUncheckPasswd(String remoteUser, String return userIdentities; } finally { rlock.unlock(); - LOG.info("dx test after rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); + LOG.info("dx test after unrlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); } } @@ -204,6 +208,7 @@ private boolean comparePassword(Password curUserPassword, byte[] remotePasswd, public void clearEntriesSetByResolver() { LOG.info("dx test before wlock clearEntriesSetByResolver {}", rwLock.getOwner()); wlock.lock(); + LOG.info("dx test after wlock clearEntriesSetByResolver {}", rwLock.getOwner()); try { Iterator>> iterator = nameToUsers.entrySet().iterator(); while (iterator.hasNext()) { @@ -223,7 +228,7 @@ public void clearEntriesSetByResolver() { } } finally { wlock.unlock(); - LOG.info("dx test after wlock clearEntriesSetByResolver {}", rwLock.getOwner()); + LOG.info("dx test after unwlock clearEntriesSetByResolver {}", rwLock.getOwner()); } } @@ -274,6 +279,7 @@ public User createUserWithoutLock(UserIdentity userIdent, byte[] pwd, UserIdenti public User getUserByUserIdentity(UserIdentity userIdent) { LOG.info("dx test before wlock getUserByUserIdentity {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after wlock getUserByUserIdentity {}", rwLock.getOwner()); try { List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); if (CollectionUtils.isEmpty(nameToLists)) { @@ -289,13 +295,14 @@ public User getUserByUserIdentity(UserIdentity userIdent) { return null; } finally { rlock.lock(); - LOG.info("dx test after wlock getUserByUserIdentity {}", rwLock.getOwner()); + LOG.info("dx test after unwlock getUserByUserIdentity {}", rwLock.getOwner()); } } public void removeUser(UserIdentity userIdent) { LOG.info("dx test before wlock removeUser {}", rwLock.getOwner()); wlock.lock(); + LOG.info("dx test after wlock removeUser {}", rwLock.getOwner()); try { List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); if (CollectionUtils.isEmpty(nameToLists)) { @@ -315,18 +322,19 @@ public void removeUser(UserIdentity userIdent) { } } finally { wlock.unlock(); - LOG.info("dx test after wlock removeUser {}", rwLock.getOwner()); + LOG.info("dx test after unwlock removeUser {}", rwLock.getOwner()); } } public Map> getNameToUsers() { LOG.info("dx test before rlock getNameToUsers {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock getNameToUsers {}", rwLock.getOwner()); try { return ImmutableMap.copyOf(nameToUsers); } finally { rlock.unlock(); - LOG.info("dx test after rlock getNameToUsers {}", rwLock.getOwner()); + LOG.info("dx test after unrlock getNameToUsers {}", rwLock.getOwner()); } } @@ -344,6 +352,7 @@ public void setPassword(UserIdentity userIdentity, byte[] password, boolean errO public void getAllDomains(Set allDomains) { LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); try { for (Entry> entry : nameToUsers.entrySet()) { for (User user : entry.getValue()) { @@ -353,7 +362,7 @@ public void getAllDomains(Set allDomains) { } } } finally { - LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); + LOG.info("dx test before unrlock getAllDomains {}", rwLock.getOwner()); rlock.unlock(); } } @@ -364,6 +373,7 @@ public void getAllDomains(Set allDomains) { public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPsMap) { LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); wlock.lock(); + LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); try { for (Entry> userEntry : nameToUsers.entrySet()) { for (Map.Entry> entry : resolvedIPsMap.entrySet()) { @@ -387,7 +397,7 @@ public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPs } } finally { wlock.unlock(); - LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); + LOG.info("dx test before unwlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); } } @@ -404,11 +414,12 @@ private User getDomainUser(List users, String domain) { public String toString() { LOG.info("dx test before rlock toString {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test before rlock toString {}", rwLock.getOwner()); try { return nameToUsers.toString(); } finally { rlock.unlock(); - LOG.info("dx test before rlock toString {}", rwLock.getOwner()); + LOG.info("dx test before unrlock toString {}", rwLock.getOwner()); } } @@ -428,6 +439,7 @@ private void removeClusterPrefix() { Map> newNameToUsers = Maps.newHashMap(); LOG.info("dx test before wlock removeClusterPrefix {}", rwLock.getOwner()); wlock.lock(); + LOG.info("dx test after wlock removeClusterPrefix {}", rwLock.getOwner()); try { for (Entry> entry : nameToUsers.entrySet()) { String user = entry.getKey(); @@ -436,7 +448,7 @@ private void removeClusterPrefix() { this.nameToUsers = newNameToUsers; } finally { wlock.unlock(); - LOG.info("dx test after wlock removeClusterPrefix {}", rwLock.getOwner()); + LOG.info("dx test after unwlock removeClusterPrefix {}", rwLock.getOwner()); } } @@ -449,17 +461,19 @@ public void gsonPostProcess() throws IOException { public Set getAllUsers() { LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); try { return new HashSet<>(nameToUsers.keySet()); } finally { rlock.unlock(); - LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); + LOG.info("dx test before unrlock getAllUsers {}", rwLock.getOwner()); } } public String getUserId(String userName) { LOG.info("dx test before rlock getUserId {}", rwLock.getOwner()); rlock.lock(); + LOG.info("dx test after rlock getUserId {}", rwLock.getOwner()); try { if (!nameToUsers.containsKey(userName)) { LOG.warn("can't find userName {} 's userId, nameToUsers {}", userName, nameToUsers); @@ -475,7 +489,7 @@ public String getUserId(String userName) { return userId; } finally { rlock.unlock(); - LOG.info("dx test after rlock getUserId {}", rwLock.getOwner()); + LOG.info("dx test after unrlock getUserId {}", rwLock.getOwner()); } } From 45b79efa42fc552c9d20f570d819cc05c4731cee Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Mon, 13 May 2024 19:21:30 +0800 Subject: [PATCH 4/6] fix --- .../doris/mysql/privilege/UserManager.java | 31 +++++++++++-------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index e45d153c53cd0a..ddf5df4307a4a4 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -73,24 +73,28 @@ public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDom rlock.lock(); LOG.info("dx test after rlock userIdentityExist {}", rwLock.getOwner()); try { - List users = nameToUsers.get(userIdentity.getQualifiedUser()); - if (CollectionUtils.isEmpty(users)) { - return false; - } - for (User user : users) { - if (user.getUserIdentity().getHost().equalsIgnoreCase(userIdentity.getHost())) { - if (includeByDomain || !user.isSetByDomainResolver()) { - return true; - } - } - } - return false; + return userIdentityExistWithoutLock(userIdentity, includeByDomain); } finally { rlock.unlock(); LOG.info("dx test after unrlock userIdentityExist {}", rwLock.getOwner()); } } + public boolean userIdentityExistWithoutLock(UserIdentity userIdentity, boolean includeByDomain) { + List users = nameToUsers.get(userIdentity.getQualifiedUser()); + if (CollectionUtils.isEmpty(users)) { + return false; + } + for (User user : users) { + if (user.getUserIdentity().getHost().equalsIgnoreCase(userIdentity.getHost())) { + if (includeByDomain || !user.isSetByDomainResolver()) { + return true; + } + } + } + return false; + } + public List getUserByName(String name) { LOG.info("dx test before rlock getUserByName {}", rwLock.getOwner()); rlock.lock(); @@ -236,6 +240,7 @@ public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUs String comment) throws PatternMatcherException { LOG.info("dx test before wlock createUser {}", rwLock.getOwner()); wlock.lock(); + LOG.info("dx test after wlock createUser {}", rwLock.getOwner()); try { return createUserWithoutLock(userIdent, pwd, domainUserIdent, setByResolver, comment); } finally { @@ -373,7 +378,7 @@ public void getAllDomains(Set allDomains) { public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPsMap) { LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); + LOG.info("dx test after wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); try { for (Entry> userEntry : nameToUsers.entrySet()) { for (Map.Entry> entry : resolvedIPsMap.entrySet()) { From 1764fc2ad3a08f8ad8c2fc3915bf58d9f78018c2 Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Mon, 13 May 2024 21:28:53 +0800 Subject: [PATCH 5/6] fix again --- .../doris/mysql/privilege/UserManager.java | 38 ++++++++++--------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index ddf5df4307a4a4..3191a59911b56e 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -245,15 +245,15 @@ public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUs return createUserWithoutLock(userIdent, pwd, domainUserIdent, setByResolver, comment); } finally { wlock.unlock(); - LOG.info("dx test after wlock createUser {}", rwLock.getOwner()); + LOG.info("dx test after unwlock createUser {}", rwLock.getOwner()); } } public User createUserWithoutLock(UserIdentity userIdent, byte[] pwd, UserIdentity domainUserIdent, boolean setByResolver, String comment) throws PatternMatcherException { - if (userIdentityExist(userIdent, true)) { - User userByUserIdentity = getUserByUserIdentity(userIdent); + if (userIdentityExistWithoutLock(userIdent, true)) { + User userByUserIdentity = getUserByUserIdentityWithoutLock(userIdent); if (!userByUserIdentity.isSetByDomainResolver() && setByResolver) { // If the user is NOT created by domain resolver, // and the current operation is done by DomainResolver, @@ -286,24 +286,28 @@ public User getUserByUserIdentity(UserIdentity userIdent) { rlock.lock(); LOG.info("dx test after wlock getUserByUserIdentity {}", rwLock.getOwner()); try { - List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); - if (CollectionUtils.isEmpty(nameToLists)) { - return null; - } - Iterator iter = nameToLists.iterator(); - while (iter.hasNext()) { - User user = iter.next(); - if (user.getUserIdentity().equals(userIdent)) { - return user; - } - } - return null; + return getUserByUserIdentityWithoutLock(userIdent); } finally { - rlock.lock(); + rlock.unlock(); LOG.info("dx test after unwlock getUserByUserIdentity {}", rwLock.getOwner()); } } + public User getUserByUserIdentityWithoutLock(UserIdentity userIdent) { + List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); + if (CollectionUtils.isEmpty(nameToLists)) { + return null; + } + Iterator iter = nameToLists.iterator(); + while (iter.hasNext()) { + User user = iter.next(); + if (user.getUserIdentity().equals(userIdent)) { + return user; + } + } + return null; + } + public void removeUser(UserIdentity userIdent) { LOG.info("dx test before wlock removeUser {}", rwLock.getOwner()); wlock.lock(); @@ -402,7 +406,7 @@ public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPs } } finally { wlock.unlock(); - LOG.info("dx test before unwlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); + LOG.info("dx test after unwlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); } } From d10343e354e36b22f55cf4f2c4b3d28117efb908 Mon Sep 17 00:00:00 2001 From: deardeng <565620795@qq.com> Date: Tue, 14 May 2024 11:08:57 +0800 Subject: [PATCH 6/6] fix --- .../doris/mysql/privilege/UserManager.java | 47 +------------------ 1 file changed, 1 insertion(+), 46 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java index 3191a59911b56e..c510ca99a0fcb0 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserManager.java @@ -66,17 +66,14 @@ public class UserManager implements Writable, GsonPostProcessable { // One name may have multiple User,because host can be different @SerializedName(value = "nameToUsers") - private Map> nameToUsers = Maps.newConcurrentMap(); + private Map> nameToUsers = Maps.newHashMap(); public boolean userIdentityExist(UserIdentity userIdentity, boolean includeByDomain) { - LOG.info("dx test before rlock userIdentityExist {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock userIdentityExist {}", rwLock.getOwner()); try { return userIdentityExistWithoutLock(userIdentity, includeByDomain); } finally { rlock.unlock(); - LOG.info("dx test after unrlock userIdentityExist {}", rwLock.getOwner()); } } @@ -96,15 +93,12 @@ public boolean userIdentityExistWithoutLock(UserIdentity userIdentity, boolean i } public List getUserByName(String name) { - LOG.info("dx test before rlock getUserByName {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock getUserByName {}", rwLock.getOwner()); try { List users = nameToUsers.get(name); return users == null ? Collections.EMPTY_LIST : users; } finally { rlock.unlock(); - LOG.info("dx test after unrlock getUserByName {}", rwLock.getOwner()); } } @@ -122,9 +116,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] String remotePasswdStr, List currentUser, boolean plain) throws AuthenticationException { PasswordPolicyManager passwdPolicyMgr = Env.getCurrentEnv().getAuth().getPasswdPolicyManager(); List users = new ArrayList<>(); - LOG.info("dx test before rlock checkPasswordInternal {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock checkPasswordInternal {}", rwLock.getOwner()); try { users = nameToUsers.get(remoteUser); if (CollectionUtils.isEmpty(users)) { @@ -133,7 +125,6 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] } } finally { rlock.unlock(); - LOG.info("dx test after unrlock checkPasswordInternal {}", rwLock.getOwner()); } for (User user : users) { @@ -169,9 +160,7 @@ private void checkPasswordInternal(String remoteUser, String remoteHost, byte[] public List getUserIdentityUncheckPasswd(String remoteUser, String remoteHost) { List userIdentities = Lists.newArrayList(); - LOG.info("dx test before rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); try { List users = nameToUsers.getOrDefault(remoteUser, Lists.newArrayList()); for (User user : users) { @@ -183,7 +172,6 @@ public List getUserIdentityUncheckPasswd(String remoteUser, String return userIdentities; } finally { rlock.unlock(); - LOG.info("dx test after unrlock getUserIdentityUncheckPasswd {}", rwLock.getOwner()); } } @@ -210,9 +198,7 @@ private boolean comparePassword(Password curUserPassword, byte[] remotePasswd, public void clearEntriesSetByResolver() { - LOG.info("dx test before wlock clearEntriesSetByResolver {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test after wlock clearEntriesSetByResolver {}", rwLock.getOwner()); try { Iterator>> iterator = nameToUsers.entrySet().iterator(); while (iterator.hasNext()) { @@ -232,20 +218,16 @@ public void clearEntriesSetByResolver() { } } finally { wlock.unlock(); - LOG.info("dx test after unwlock clearEntriesSetByResolver {}", rwLock.getOwner()); } } public User createUser(UserIdentity userIdent, byte[] pwd, UserIdentity domainUserIdent, boolean setByResolver, String comment) throws PatternMatcherException { - LOG.info("dx test before wlock createUser {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test after wlock createUser {}", rwLock.getOwner()); try { return createUserWithoutLock(userIdent, pwd, domainUserIdent, setByResolver, comment); } finally { wlock.unlock(); - LOG.info("dx test after unwlock createUser {}", rwLock.getOwner()); } } @@ -282,14 +264,11 @@ public User createUserWithoutLock(UserIdentity userIdent, byte[] pwd, UserIdenti } public User getUserByUserIdentity(UserIdentity userIdent) { - LOG.info("dx test before wlock getUserByUserIdentity {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after wlock getUserByUserIdentity {}", rwLock.getOwner()); try { return getUserByUserIdentityWithoutLock(userIdent); } finally { rlock.unlock(); - LOG.info("dx test after unwlock getUserByUserIdentity {}", rwLock.getOwner()); } } @@ -309,9 +288,7 @@ public User getUserByUserIdentityWithoutLock(UserIdentity userIdent) { } public void removeUser(UserIdentity userIdent) { - LOG.info("dx test before wlock removeUser {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test after wlock removeUser {}", rwLock.getOwner()); try { List nameToLists = nameToUsers.get(userIdent.getQualifiedUser()); if (CollectionUtils.isEmpty(nameToLists)) { @@ -331,19 +308,15 @@ public void removeUser(UserIdentity userIdent) { } } finally { wlock.unlock(); - LOG.info("dx test after unwlock removeUser {}", rwLock.getOwner()); } } public Map> getNameToUsers() { - LOG.info("dx test before rlock getNameToUsers {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock getNameToUsers {}", rwLock.getOwner()); try { return ImmutableMap.copyOf(nameToUsers); } finally { rlock.unlock(); - LOG.info("dx test after unrlock getNameToUsers {}", rwLock.getOwner()); } } @@ -359,9 +332,7 @@ public void setPassword(UserIdentity userIdentity, byte[] password, boolean errO } public void getAllDomains(Set allDomains) { - LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test before rlock getAllDomains {}", rwLock.getOwner()); try { for (Entry> entry : nameToUsers.entrySet()) { for (User user : entry.getValue()) { @@ -371,7 +342,6 @@ public void getAllDomains(Set allDomains) { } } } finally { - LOG.info("dx test before unrlock getAllDomains {}", rwLock.getOwner()); rlock.unlock(); } } @@ -380,9 +350,7 @@ public void getAllDomains(Set allDomains) { // it will only modify password entry of these resolved IPs. All other privileges are binded // to the domain, so no need to modify. public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPsMap) { - LOG.info("dx test before wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test after wlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); try { for (Entry> userEntry : nameToUsers.entrySet()) { for (Map.Entry> entry : resolvedIPsMap.entrySet()) { @@ -406,7 +374,6 @@ public void addUserPrivEntriesByResolvedIPs(Map> resolvedIPs } } finally { wlock.unlock(); - LOG.info("dx test after unwlock addUserPrivEntriesByResolvedIPs {}", rwLock.getOwner()); } } @@ -421,14 +388,11 @@ private User getDomainUser(List users, String domain) { @Override public String toString() { - LOG.info("dx test before rlock toString {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test before rlock toString {}", rwLock.getOwner()); try { return nameToUsers.toString(); } finally { rlock.unlock(); - LOG.info("dx test before unrlock toString {}", rwLock.getOwner()); } } @@ -446,9 +410,7 @@ public static UserManager read(DataInput in) throws IOException { // should be removed after version 3.0 private void removeClusterPrefix() { Map> newNameToUsers = Maps.newHashMap(); - LOG.info("dx test before wlock removeClusterPrefix {}", rwLock.getOwner()); wlock.lock(); - LOG.info("dx test after wlock removeClusterPrefix {}", rwLock.getOwner()); try { for (Entry> entry : nameToUsers.entrySet()) { String user = entry.getKey(); @@ -457,7 +419,6 @@ private void removeClusterPrefix() { this.nameToUsers = newNameToUsers; } finally { wlock.unlock(); - LOG.info("dx test after unwlock removeClusterPrefix {}", rwLock.getOwner()); } } @@ -468,21 +429,16 @@ public void gsonPostProcess() throws IOException { // ====== CLOUD ====== public Set getAllUsers() { - LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test before rlock getAllUsers {}", rwLock.getOwner()); try { return new HashSet<>(nameToUsers.keySet()); } finally { rlock.unlock(); - LOG.info("dx test before unrlock getAllUsers {}", rwLock.getOwner()); } } public String getUserId(String userName) { - LOG.info("dx test before rlock getUserId {}", rwLock.getOwner()); rlock.lock(); - LOG.info("dx test after rlock getUserId {}", rwLock.getOwner()); try { if (!nameToUsers.containsKey(userName)) { LOG.warn("can't find userName {} 's userId, nameToUsers {}", userName, nameToUsers); @@ -498,7 +454,6 @@ public String getUserId(String userName) { return userId; } finally { rlock.unlock(); - LOG.info("dx test after unrlock getUserId {}", rwLock.getOwner()); } }