alibaba/Sentinel

ACL design of dashboard

Open

#745 opened on May 9, 2019

View on GitHub
 (12 comments) (0 reactions) (0 assignees)Java (23,109 stars) (8,150 forks)batch import
area/dashboardgood first issuekind/enhancement

Description

Issue Description

Version 1.6.0 introduces authorization and it's an awesome feature. That helps dashboard to be more complete.

My discussion here is focused on the actual authorizing design.

Interface Design

First i think here is a little fuzzy on AuthUser. authTarget.

        /**
         * Query whether current user has the specific privilege to the target, the target
         * may be an app name or an ip address, or other destination.
         * <p>
         * This method will use return value to represent  whether user has the specific
         * privileges to the target, but to throw a RuntimeException to represent no auth
         * is also a good way.
         * </p>
         *
         * @param target        the target to check
         * @param privilegeType the privilege type to check
         * @return if current user has the specific privileges to the target, return true,
         * otherwise return false.
         */
        boolean authTarget(String target, PrivilegeType privilegeType);

If throwing an exception is an option it's better to include in declaration like:

 boolean authTarget(String target, PrivilegeType privilegeType) throws RuntimeException;

But i don't think it's a good idea throwing an exception because we have a boolean value returned already to mark it success or fail.

Integrating

For function integrating we can find following lines everywhere:

AuthUser authUser = authService.getAuthUser(request);
authUser.authTarget(app, PrivilegeType.READ_RULE);

It includes two intents:

  1. Get the current logged user information
  2. Check if he has the specific privilege.

But it's a little inconvenient. I have a proposal on it like:

@AuthAction(privilege = PrivilegeType.READ_RULE)
@GetMapping("example")
public String action() {
}

or

@AuthAction(app = app, privilege = PrivilegeType.READ_RULE)
@GetMapping("example")
public String action() {
}

or even a parent privilege like

@AuthAction(privilege = PrivilegeType.RULES)
@RequestMapping("/rules")
@Controller
public class RulesController() {
}

When you want user information we can inject it by Spring Argument Resolver like:

@AuthAction(app = app, privilege = PrivilegeType.READ_RULE)
@GetMapping("example")
public String action(AuthUser authUser) {
}

I think we can make more discussions.

Contributor guide

Tech stack
javaspring
Domain
backendsecurityapi
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
4
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
over 1 week
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
mostly clear
Prerequisites
JavaSpring frameworkSentinel dashboard knowledge
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
20
Research direction
Examine the current authorization implementation in the Sentinel dashboard, particularly the AuthUser interface and its usage across controllers. Review the comments in issue #745 for proposed designs like annotation based auth (@AuthAction). Consider implementing a Spring AOP based solution with custom annotations and argument resolvers. Discuss with maintainers to reach a consensus on the preferred approach before coding.