Merge pull request #3735 from atlanhq/DG-1907

DG-1907 Validate Channel Link
atlanhq · Nov 13, 2024 · d5d87fa · d5d87fa
2 parents 9d401a4 + 5067eeb
commit d5d87fa
Show file tree

Hide file tree

Showing 4 changed files with 86 additions and 2 deletions.
diff --git a/...atlas/repository/store/graph/v2/preprocessor/accesscontrol/AccessControlPreProcessor.java b/...atlas/repository/store/graph/v2/preprocessor/accesscontrol/AccessControlPreProcessor.java
@@ -0,0 +1,79 @@
+package org.apache.atlas.repository.store.graph.v2.preprocessor.accesscontrol;
+
+import org.apache.atlas.AtlasErrorCode;
+import org.apache.atlas.RequestContext;
+import org.apache.atlas.exception.AtlasBaseException;
+import org.apache.atlas.model.instance.AtlasEntity;
+import org.apache.atlas.model.instance.AtlasStruct;
+import org.apache.atlas.model.instance.EntityMutations;
+import org.apache.atlas.repository.store.graph.v2.EntityMutationContext;
+import org.apache.atlas.repository.store.graph.v2.preprocessor.PreProcessor;
+import org.apache.atlas.utils.AtlasPerfMetrics;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import static org.apache.atlas.repository.Constants.QUALIFIED_NAME;
+import static org.apache.atlas.repository.util.AccessControlUtils.ATTR_CHANNEL_LINK;
+
+public class AccessControlPreProcessor implements PreProcessor {
+    private static final Logger LOG = LoggerFactory.getLogger(AccessControlPreProcessor.class);
+
+    // Regex reference - https://atlanhq.atlassian.net/browse/DG-1907?focusedCommentId=270252
+    private static final Pattern REGEX_SLACK_CHANNEL_LINK = Pattern.compile("^https://(?<domain>\\w+\\.slack\\.com)/archives/(?<channel>C\\w{8,})(?:/p(?<timestamp>\\d{10}))?$");
+
+    @Override
+    public void processAttributes(AtlasStruct entityStruct, EntityMutationContext context, EntityMutations.EntityOperation operation) throws AtlasBaseException {
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("AccessControlPreProcessor.processAttributes: pre processing {}, {}", entityStruct.getAttribute(QUALIFIED_NAME), operation);
+        }
+
+        AtlasEntity entity = (AtlasEntity) entityStruct;
+
+        switch (operation) {
+            case CREATE:
+                processCreateAccessControlAsset(entity);
+                break;
+            case UPDATE:
+                processUpdateAccessControlAsset(context, entity);
+                break;
+        }
+    }
+
+    private void processCreateAccessControlAsset(AtlasEntity entity) throws AtlasBaseException {
+        AtlasPerfMetrics.MetricRecorder metricRecorder = RequestContext.get().startMetricRecord("processCreateAccessControlAsset");
+
+        validateChannelLink(entity);
+
+        RequestContext.get().endMetricRecord(metricRecorder);
+    }
+
+    private void processUpdateAccessControlAsset(EntityMutationContext context, AtlasEntity entity) throws AtlasBaseException {
+        AtlasPerfMetrics.MetricRecorder metricRecorder = RequestContext.get().startMetricRecord("processUpdateAccessControlAsset");
+
+        validateChannelLink(entity);
+
+        RequestContext.get().endMetricRecord(metricRecorder);
+    }
+
+    private void validateChannelLink(AtlasEntity entity) throws AtlasBaseException {
+        AtlasPerfMetrics.MetricRecorder metricRecorder = RequestContext.get().startMetricRecord("validateChannelLink");
+
+        if (entity.hasAttribute(ATTR_CHANNEL_LINK)) {
+            String channelLink = (String) entity.getAttribute(ATTR_CHANNEL_LINK);
+
+            if (StringUtils.isNotEmpty(channelLink)) {
+                Matcher channelLinkMatcher = REGEX_SLACK_CHANNEL_LINK.matcher(channelLink);
+
+                if (!channelLinkMatcher.matches()) {
+                    throw new AtlasBaseException(AtlasErrorCode.BAD_REQUEST, "Please provide a valid URL for " + ATTR_CHANNEL_LINK);
+                }
+            }
+        }
+
+        RequestContext.get().endMetricRecord(metricRecorder);
+    }
+}
diff --git a/...pache/atlas/repository/store/graph/v2/preprocessor/accesscontrol/PersonaPreProcessor.java b/...pache/atlas/repository/store/graph/v2/preprocessor/accesscontrol/PersonaPreProcessor.java
@@ -71,7 +71,7 @@
 import static org.apache.atlas.repository.util.AccessControlUtils.getUUID;
 import static org.apache.atlas.repository.util.AccessControlUtils.validateNoPoliciesAttached;
 
-public class PersonaPreProcessor implements PreProcessor {
+public class PersonaPreProcessor extends AccessControlPreProcessor {
     private static final Logger LOG = LoggerFactory.getLogger(PersonaPreProcessor.class);
 
     protected final AtlasGraph graph;
@@ -100,6 +100,7 @@ public void processAttributes(AtlasStruct entityStruct, EntityMutationContext co
         if (LOG.isDebugEnabled()) {
             LOG.debug("PersonaPreProcessor.processAttributes: pre processing {}, {}", entityStruct.getAttribute(QUALIFIED_NAME), operation);
         }
+        super.processAttributes(entityStruct, context, operation);
 
         AtlasEntity entity = (AtlasEntity) entityStruct;
 

diff --git a/...pache/atlas/repository/store/graph/v2/preprocessor/accesscontrol/PurposePreProcessor.java b/...pache/atlas/repository/store/graph/v2/preprocessor/accesscontrol/PurposePreProcessor.java
@@ -62,7 +62,7 @@
 import static org.apache.atlas.repository.util.AccessControlUtils.getUUID;
 import static org.apache.atlas.repository.util.AccessControlUtils.validateUniquenessByTags;
 
-public class PurposePreProcessor implements PreProcessor {
+public class PurposePreProcessor extends AccessControlPreProcessor {
     private static final Logger LOG = LoggerFactory.getLogger(PurposePreProcessor.class);
 
     private final AtlasGraph graph;
@@ -90,6 +90,8 @@ public void processAttributes(AtlasStruct entityStruct, EntityMutationContext co
             LOG.debug("PurposePreProcessor.processAttributes: pre processing {}, {}", entityStruct.getAttribute(QUALIFIED_NAME), operation);
         }
 
+        super.processAttributes(entityStruct, context, operation);
+
         AtlasEntity entity = (AtlasEntity) entityStruct;
 
         switch (operation) {

diff --git a/repository/src/main/java/org/apache/atlas/repository/util/AccessControlUtils.java b/repository/src/main/java/org/apache/atlas/repository/util/AccessControlUtils.java
@@ -81,6 +81,8 @@ public final class AccessControlUtils {
     public static final String POLICY_TYPE_ALLOW  = "allow";
     public static final String POLICY_TYPE_DENY  = "deny";
 
+    public static final String ATTR_CHANNEL_LINK = "channelLink";
+
     public static final String ACCESS_READ_PURPOSE_METADATA = "entity-read";
     public static final String ACCESS_READ_PERSONA_METADATA = "persona-asset-read";
     public static final String ACCESS_READ_PERSONA_GLOSSARY = "persona-glossary-read";