timoninmaxim commented on code in PR #11766:
URL: https://github.com/apache/ignite/pull/11766#discussion_r1897246765
##########
modules/core/src/main/java/org/apache/ignite/internal/processors/odbc/ClientListenerConnectionContext.java:
##########
@@ -88,4 +90,13 @@ void initializeFromHandshake(GridNioSession ses,
ClientListenerProtocolVersion v
* Connection attributes.
*/
Map<String, String> attributes();
+
+ /**
+ * @return {@code True} if client is management.
+ */
+ default boolean isManagementClient() {
Review Comment:
managementClient
##########
modules/core/src/main/java/org/apache/ignite/internal/processors/odbc/ClientListenerNioListener.java:
##########
@@ -534,4 +551,40 @@ private void ensureClientPermissions(byte clientType)
throws IgniteCheckedExcept
throw new IgniteCheckedException("Unknown client type: " +
clientType);
}
}
+
+ /**
+ * Ensures if the client are allowed to connect.
+ *
+ * @param connCtx Connection context.
+ * @throws IgniteCheckedException If failed.
+ */
+ private void ensureConnectionAllowed(ClientListenerConnectionContext
connCtx) throws IgniteCheckedException {
+ boolean isControlUtility = connCtx.clientType() == THIN_CLIENT &&
connCtx.isManagementClient();
+
+ if (nodeInRecoveryMode()) {
+ if (!isControlUtility)
+ throw new ClientConnectionNodeRecoveryException("Node in
recovery mode.");
+
+ return;
+ }
+
+ // If security enabled then only admin allowed to connect as management
Review Comment:
dot in the end of line
##########
modules/core/src/main/java/org/apache/ignite/internal/processors/odbc/ClientListenerConnectionContext.java:
##########
@@ -88,4 +90,13 @@ void initializeFromHandshake(GridNioSession ses,
ClientListenerProtocolVersion v
* Connection attributes.
*/
Map<String, String> attributes();
+
+ /**
+ * @return {@code True} if client is management.
+ */
+ default boolean isManagementClient() {
+ Map<String, String> attrs = attributes();
+
+ return attrs != null &&
Boolean.parseBoolean(attrs.get(MANAGEMENT_CLIENT_ATTR));
Review Comment:
`attributes()` doesn't return null.
##########
modules/core/src/main/java/org/apache/ignite/spi/discovery/tcp/ServerImpl.java:
##########
@@ -4405,9 +4425,10 @@ else if (log.isDebugEnabled())
}
}
- IgniteNodeValidationResult err;
+ IgniteNodeValidationResult err = ensureJoinEnabled(node);
Review Comment:
Why do you decide to add the check here? There is an alternative - similar
to checking node authentication.
As I can see "validate" is two-factor process - `validateNode(node)`,
`validateNode(node, data)`. The logic is described in
`GridComponent#validateNode`. Looks it's a not obvious place for this check.
##########
modules/core/src/main/java/org/apache/ignite/spi/discovery/tcp/ServerImpl.java:
##########
@@ -297,6 +301,12 @@ class ServerImpl extends TcpDiscoveryImpl {
private final ConcurrentMap<InetSocketAddress,
GridPingFutureAdapter<IgniteBiTuple<UUID, Boolean>>> pingMap =
new ConcurrentHashMap<>();
+ /** Client node connection allowed property. */
+ private DistributedBooleanProperty clientConnectionEnabled;
Review Comment:
Here and below
1. final
2. follow abbreviation rules
##########
modules/core/src/main/java/org/apache/ignite/internal/cluster/DistributedConfigurationUtils.java:
##########
@@ -95,4 +106,42 @@ public static <T extends Serializable>
IgniteInternalFuture<Void> setDefaultValu
}
};
}
+
+ /**
+ * Creates and registers distributed properties to enable connection by
type.
+ * @param subscriptionProcessor Processor to register properties.
+ * @param log Logger to log default values.
+ * @param types Connection types.
+ * @return Detached distributed property.
+ */
+ public static List<DistributedBooleanProperty>
newConnectionEnabledProperty(
+ GridInternalSubscriptionProcessor subscriptionProcessor,
+ IgniteLogger log,
+ String... types
+ ) {
+ List<DistributedBooleanProperty> props = Arrays.stream(types).map(type
-> DistributedBooleanProperty.detachedBooleanProperty(
+ "new" + type + "ConnectionsEnabled",
+ "If true then new " + type.toUpperCase() + " connections allowed."
+ )).collect(Collectors.toList());
+
+ subscriptionProcessor.registerDistributedConfigurationListener(new
DistributedConfigurationLifecycleListener() {
+ @Override public void
onReadyToRegister(DistributedPropertyDispatcher dispatcher) {
+ props.forEach(dispatcher::registerProperty);
+ }
+
+ @Override public void onReadyToWrite() {
+ props.forEach(prop -> setDefaultValue(prop, true, log));
+ }
+ });
+
+ return props;
+ }
+
+ /**
+ * @param prop Property to get value from.
+ * @return Property value. Default {@code true}.
+ */
+ public static boolean asBoolean(@Nullable DistributedBooleanProperty prop)
{
+ return prop != null ? prop.getOrDefault(true) : Boolean.TRUE;
Review Comment:
`prop` never null
##########
modules/core/src/main/java/org/apache/ignite/internal/processors/cache/persistence/wal/reader/StandaloneGridKernalContext.java:
##########
@@ -677,7 +677,7 @@ private void setField(IgniteEx kernal, String name, Object
val) throws NoSuchFie
/** {@inheritDoc} */
@Override public GridInternalSubscriptionProcessor
internalSubscriptionProcessor() {
- return null;
+ return new GridInternalSubscriptionProcessor(this);
Review Comment:
Does standalone instance support any connections? I don't see neither
ClientProcessor, nor ability to work with other nodes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@ignite.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
