dcache-qos: drop subject from qos_operation table (qos engine 9)

Motivation: QoS authorization based on roles is checked only for QOS_MODIFIED operations/requests. The check occurs upon entry in the QoSEngine. Once the authorization succeeds, the request to the verifier and the verifier's adjustment request are performed as ROOT (as with other system- initiated changes, like resilient file replication). Thus it is not necessary to store the subject of the request. Modification: Eliminate serialization/deserialization of the subject. Drop the subject column from the `qos_operation` table and from the related Java object. Result: Less database bloat. Target: master Patch: https://rb.dcache.org/r/14081/ Depends-on: #14076 Depends-on: #14080 Acked-by: Tigran
dCache · Sep 6, 2023 · 253859a · 253859a
1 parent 8cb60b9
commit 253859a
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 49 deletions.
diff --git a/modules/dcache-qos/src/main/java/org/dcache/qos/services/verifier/data/VerifyOperation.java b/modules/dcache-qos/src/main/java/org/dcache/qos/services/verifier/data/VerifyOperation.java
@@ -73,8 +73,6 @@ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
-import javax.security.auth.Subject;
-import org.dcache.auth.Subjects;
 import org.dcache.qos.QoSException;
 import org.dcache.qos.data.FileQoSUpdate;
 import org.dcache.qos.data.QoSAction;
@@ -105,7 +103,6 @@ public final class VerifyOperation implements Comparable<VerifyOperation> {
     private VerifyOperationState state;
     private QoSAction previousAction;
     private QoSAction action;
-    private Subject subject;
 
     private String poolGroup;
     private String storageUnit;
@@ -243,10 +240,6 @@ public String getStorageUnit() {
         return storageUnit;
     }
 
-    public Subject getSubject() {
-        return subject == null ? Subjects.ROOT : subject;
-    }
-
     public String getTarget() {
         return target;
     }
@@ -381,10 +374,6 @@ public void setStorageUnit(String storageUnit) {
         this.storageUnit = storageUnit;
     }
 
-    public void setSubject(Subject subject) {
-        this.subject = subject;
-    }
-
     public void setTarget(String target) {
         this.target = target;
     }

diff --git a/...cache-qos/src/main/java/org/dcache/qos/services/verifier/data/VerifyOperationManager.java b/...cache-qos/src/main/java/org/dcache/qos/services/verifier/data/VerifyOperationManager.java
@@ -564,7 +564,6 @@ public boolean createOrUpdateOperation(FileQoSUpdate data) {
         operation.setRetried(0);
         operation.setNeeded(0);
         operation.setState(READY);
-        operation.setSubject(data.getSubject());
 
         switch (type) {
             case POOL_STATUS_DOWN:

diff --git a/...he-qos/src/main/java/org/dcache/qos/services/verifier/data/db/JdbcVerifyOperationDao.java b/...he-qos/src/main/java/org/dcache/qos/services/verifier/data/db/JdbcVerifyOperationDao.java
@@ -21,20 +21,13 @@
 import static org.dcache.qos.services.verifier.data.VerifyOperationState.READY;
 
 import diskCacheV111.util.PnfsId;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
-import java.util.Base64;
 import java.util.Collection;
 import java.util.List;
 import javax.annotation.ParametersAreNonnullByDefault;
-import javax.security.auth.Subject;
 import org.dcache.db.JdbcCriterion;
 import org.dcache.db.JdbcUpdate;
 import org.dcache.qos.QoSException;
@@ -85,38 +78,11 @@ private static VerifyOperation toOperation(ResultSet rs, int row) throws SQLExce
         operation.setRetried(0);
         operation.setNeeded(0);
         operation.setState(READY);
-        operation.setSubject(Subject.class.cast(deserialize(rs.getString("subject"))));
 
         LOGGER.debug("toOperation, returning {}.", operation);
         return operation;
     }
 
-    private static String serialize(Subject subject) throws QoSException {
-        if (subject == null) {
-            return null;
-        }
-        ByteArrayOutputStream baos = new ByteArrayOutputStream();
-        try (ObjectOutputStream ostream = new ObjectOutputStream(baos)) {
-            ostream.writeObject(subject);
-        } catch (IOException e) {
-            throw new QoSException("problem serializing subject", e);
-        }
-        return Base64.getEncoder().encodeToString(baos.toByteArray());
-    }
-
-    private static Object deserialize(String base64) throws SQLException {
-        if (base64 == null) {
-            return null;
-        }
-        byte[] array = Base64.getDecoder().decode(base64);
-        ByteArrayInputStream bais = new ByteArrayInputStream(array);
-        try (ObjectInputStream istream = new ObjectInputStream(bais)) {
-            return istream.readObject();
-        } catch (IOException | ClassNotFoundException e) {
-            throw new SQLException("problem deserializing subject", e);
-        }
-    }
-
     private Integer fetchSize;
 
     @Required
@@ -186,8 +152,7 @@ public boolean store(VerifyOperation operation) throws QoSException {
               .storageUnit(storageUnit)
               .messageType(operation.getMessageType())
               .parent(operation.getParent())
-              .source(operation.getSource())
-              .subject(serialize(operation.getSubject()));
+              .source(operation.getSource());
 
         LOGGER.debug("store operation for {}.", operation.getPnfsId());
 

diff --git a/...e-qos/src/main/java/org/dcache/qos/services/verifier/handlers/VerifyOperationHandler.java b/...e-qos/src/main/java/org/dcache/qos/services/verifier/handlers/VerifyOperationHandler.java
@@ -77,6 +77,7 @@ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 import java.util.concurrent.Semaphore;
 import org.dcache.alarms.AlarmMarkerFactory;
 import org.dcache.alarms.PredefinedAlarm;
+import org.dcache.auth.Subjects;
 import org.dcache.qos.QoSException;
 import org.dcache.qos.data.FileQoSRequirements;
 import org.dcache.qos.data.FileQoSUpdate;
@@ -590,7 +591,7 @@ private void handleAdjustment(FileQoSRequirements requirements,
         request.setPnfsId(requirements.getPnfsId());
         request.setAttributes(requirements.getAttributes());
         request.setPoolGroup(operation.getPoolGroup());
-        request.setSubject(operation.getSubject());
+        request.setSubject(Subjects.ROOT);
 
         String source = operation.getSource();
 

diff --git a/modules/dcache-qos/src/main/resources/org/dcache/qos/model/db.changelog-9.2.xml b/modules/dcache-qos/src/main/resources/org/dcache/qos/model/db.changelog-9.2.xml
@@ -91,4 +91,13 @@
         </createIndex>
         <rollback/>
     </changeSet>
+
+    <changeSet author="rossi" id="7.2">
+        <preConditions onFail="MARK_RAN">
+            <tableExists tableName="qos_operation"/>
+        </preConditions>
+
+        <dropColumn tableName="qos_operation" columnName="subject"/>
+        <rollback/>
+    </changeSet>
 </databaseChangeLog>