Skip to content

Add quotes to encrypt rewrite derived columns #34950

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
strongduanmu merged 7 commits into from
Mar 11, 2025
Merged

Add quotes to encrypt rewrite derived columns #34950

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ab540c0
Add quotes to encrypt rewrite derived columns
FlyingZC Mar 11, 2025
7d9b085
Fix rewrite IT
FlyingZC Mar 11, 2025
c71a6a0
Fix rewrite IT
FlyingZC Mar 11, 2025
fa671d6
Fix rewrite IT
FlyingZC Mar 11, 2025
8658eed
Fix rewrite IT
FlyingZC Mar 11, 2025
fb827ba
Fix rewrite IT
FlyingZC Mar 11, 2025
a8e59ad
Fix rewrite IT
FlyingZC Mar 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions RELEASE-NOTES.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
1. SQL Parser: Support MySQL INSERT with GEOMCOLLECTION function parse - [#34654](https://github.com/apache/shardingsphere/pull/34654)
1. SQL Parser: Support MySQL DELETE with statement parse - [#34817](https://github.com/apache/shardingsphere/pull/34817)
1. Encrypt: Use EncryptDerivedColumnSuffix to enhance encrypt table subquery rewrite logic - [#34829](https://github.com/apache/shardingsphere/pull/34829)
1. Encrypt: Add quotes to encrypt rewrite derived columns - [#34950](https://github.com/apache/shardingsphere/pull/34950)

### Bug Fixes

Expand Down
20 changes: 12 additions & 8 deletions ...ingsphere/encrypt/rewrite/token/generator/assignment/EncryptAssignmentTokenGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
import org.apache.shardingsphere.encrypt.rule.table.EncryptTable;
import org.apache.shardingsphere.infra.annotation.HighFrequencyInvocation;
import org.apache.shardingsphere.infra.binder.context.segment.table.TablesContext;
import org.apache.shardingsphere.infra.database.core.metadata.database.enums.QuoteCharacter;
import org.apache.shardingsphere.infra.database.core.type.DatabaseType;
import org.apache.shardingsphere.infra.database.core.type.DatabaseTypeRegistry;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.pojo.SQLToken;
Expand Down Expand Up @@ -64,37 +65,40 @@ public Collection<SQLToken> generateSQLTokens(final TablesContext tablesContext,
EncryptTable encryptTable = rule.getEncryptTable(tableName);
Collection<SQLToken> result = new LinkedList<>();
String schemaName = tablesContext.getSchemaName().orElseGet(() -> new DatabaseTypeRegistry(databaseType).getDefaultSchemaName(databaseName));
QuoteCharacter quoteCharacter = new DatabaseTypeRegistry(databaseType).getDialectDatabaseMetaData().getQuoteCharacter();
for (ColumnAssignmentSegment each : setAssignmentSegment.getAssignments()) {
String columnName = each.getColumns().get(0).getIdentifier().getValue();
if (encryptTable.isEncryptColumn(columnName)) {
generateSQLToken(schemaName, encryptTable.getTable(), encryptTable.getEncryptColumn(columnName), each).ifPresent(result::add);
generateSQLToken(schemaName, encryptTable.getTable(), encryptTable.getEncryptColumn(columnName), each, quoteCharacter).ifPresent(result::add);
}
}
return result;
}

private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment) {
private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment,
final QuoteCharacter quoteCharacter) {
if (segment.getValue() instanceof ParameterMarkerExpressionSegment) {
return Optional.of(generateParameterSQLToken(encryptColumn, segment));
return Optional.of(generateParameterSQLToken(encryptColumn, segment, quoteCharacter));
}
if (segment.getValue() instanceof LiteralExpressionSegment) {
return Optional.of(generateLiteralSQLToken(schemaName, tableName, encryptColumn, segment));
return Optional.of(generateLiteralSQLToken(schemaName, tableName, encryptColumn, segment, quoteCharacter));
}
return Optional.empty();
}

private EncryptAssignmentToken generateParameterSQLToken(final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment) {
private EncryptAssignmentToken generateParameterSQLToken(final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment, final QuoteCharacter quoteCharacter) {
EncryptParameterAssignmentToken result =
new EncryptParameterAssignmentToken(segment.getColumns().get(0).getStartIndex(), segment.getStopIndex(), segment.getColumns().get(0).getIdentifier().getQuoteCharacter());
new EncryptParameterAssignmentToken(segment.getColumns().get(0).getStartIndex(), segment.getStopIndex(), quoteCharacter);
result.addColumnName(encryptColumn.getCipher().getName());
encryptColumn.getAssistedQuery().ifPresent(optional -> result.addColumnName(optional.getName()));
encryptColumn.getLikeQuery().ifPresent(optional -> result.addColumnName(optional.getName()));
return result;
}

private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment) {
private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final String tableName, final EncryptColumn encryptColumn, final ColumnAssignmentSegment segment,
final QuoteCharacter quoteCharacter) {
EncryptLiteralAssignmentToken result =
new EncryptLiteralAssignmentToken(segment.getColumns().get(0).getStartIndex(), segment.getStopIndex(), segment.getColumns().get(0).getIdentifier().getQuoteCharacter());
new EncryptLiteralAssignmentToken(segment.getColumns().get(0).getStartIndex(), segment.getStopIndex(), quoteCharacter);
addCipherAssignment(schemaName, tableName, encryptColumn, segment, result);
addAssistedQueryAssignment(schemaName, tableName, encryptColumn, segment, result);
addLikeAssignment(schemaName, tableName, encryptColumn, segment, result);
Expand Down
5 changes: 4 additions & 1 deletion ...gsphere/encrypt/rewrite/token/generator/insert/EncryptInsertCipherNameTokenGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@
import org.apache.shardingsphere.infra.binder.context.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.context.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.binder.context.statement.dml.SelectStatementContext;
import org.apache.shardingsphere.infra.database.core.metadata.database.enums.QuoteCharacter;
import org.apache.shardingsphere.infra.database.core.type.DatabaseTypeRegistry;
import org.apache.shardingsphere.infra.exception.core.ShardingSpherePreconditions;
import org.apache.shardingsphere.infra.exception.generic.UnsupportedSQLOperationException;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.generator.CollectionSQLTokenGenerator;
Expand Down Expand Up @@ -66,6 +68,7 @@ public boolean isGenerateSQLToken(final SQLStatementContext sqlStatementContext)
public Collection<SQLToken> generateSQLTokens(final InsertStatementContext insertStatementContext) {
Optional<InsertColumnsSegment> insertColumnsSegment = insertStatementContext.getSqlStatement().getInsertColumns();
Preconditions.checkState(insertColumnsSegment.isPresent());
QuoteCharacter quoteCharacter = new DatabaseTypeRegistry(insertStatementContext.getDatabaseType()).getDialectDatabaseMetaData().getQuoteCharacter();
Collection<ColumnSegment> insertColumns = insertColumnsSegment.get().getColumns();
if (null != insertStatementContext.getInsertSelectContext()) {
checkInsertSelectEncryptor(insertStatementContext.getInsertSelectContext().getSelectStatementContext(), insertColumns);
Expand All @@ -78,7 +81,7 @@ public Collection<SQLToken> generateSQLTokens(final InsertStatementContext inser
for (ColumnSegment each : insertColumns) {
String columnName = each.getIdentifier().getValue();
if (encryptTable.get().isEncryptColumn(columnName)) {
IdentifierValue name = new IdentifierValue(encryptTable.get().getEncryptColumn(columnName).getCipher().getName(), each.getIdentifier().getQuoteCharacter());
IdentifierValue name = new IdentifierValue(encryptTable.get().getEncryptColumn(columnName).getCipher().getName(), quoteCharacter);
Collection<Projection> projections = Collections.singleton(new ColumnProjection(null, name, null, insertStatementContext.getDatabaseType()));
result.add(new SubstitutableColumnNameToken(each.getStartIndex(), each.getStopIndex(), projections, insertStatementContext.getDatabaseType()));
}
Expand Down
5 changes: 4 additions & 1 deletion ...ere/encrypt/rewrite/token/generator/insert/EncryptInsertDerivedColumnsTokenGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@
import org.apache.shardingsphere.infra.annotation.HighFrequencyInvocation;
import org.apache.shardingsphere.infra.binder.context.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.context.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.database.core.metadata.database.enums.QuoteCharacter;
import org.apache.shardingsphere.infra.database.core.type.DatabaseTypeRegistry;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.generator.CollectionSQLTokenGenerator;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.pojo.SQLToken;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.pojo.generic.InsertColumnsToken;
Expand Down Expand Up @@ -57,11 +59,12 @@ public Collection<SQLToken> generateSQLTokens(final InsertStatementContext inser
if (!encryptTable.isPresent()) {
return Collections.emptyList();
}
QuoteCharacter quoteCharacter = new DatabaseTypeRegistry(insertStatementContext.getDatabaseType()).getDialectDatabaseMetaData().getQuoteCharacter();
Collection<SQLToken> result = new LinkedList<>();
for (ColumnSegment each : insertStatementContext.getSqlStatement().getColumns()) {
List<String> derivedColumnNames = getDerivedColumnNames(encryptTable.get(), each);
if (!derivedColumnNames.isEmpty()) {
result.add(new InsertColumnsToken(each.getStopIndex() + 1, derivedColumnNames, each.getIdentifier().getQuoteCharacter()));
result.add(new InsertColumnsToken(each.getStopIndex() + 1, derivedColumnNames, quoteCharacter));
}
}
return result;
Expand Down
27 changes: 14 additions & 13 deletions ...ingsphere/encrypt/rewrite/token/generator/insert/EncryptInsertOnUpdateTokenGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import org.apache.shardingsphere.infra.annotation.HighFrequencyInvocation;
import org.apache.shardingsphere.infra.binder.context.statement.SQLStatementContext;
import org.apache.shardingsphere.infra.binder.context.statement.dml.InsertStatementContext;
import org.apache.shardingsphere.infra.database.core.metadata.database.enums.QuoteCharacter;
import org.apache.shardingsphere.infra.database.core.type.DatabaseTypeRegistry;
import org.apache.shardingsphere.infra.metadata.database.ShardingSphereDatabase;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.generator.CollectionSQLTokenGenerator;
Expand Down Expand Up @@ -79,6 +80,7 @@ public Collection<SQLToken> generateSQLTokens(final InsertStatementContext inser
.orElseGet(() -> new DatabaseTypeRegistry(insertStatementContext.getDatabaseType()).getDefaultSchemaName(database.getName()));
String tableName = insertStatement.getTable().map(optional -> optional.getTableName().getIdentifier().getValue()).orElse("");
EncryptTable encryptTable = rule.getEncryptTable(tableName);
QuoteCharacter quoteCharacter = new DatabaseTypeRegistry(insertStatementContext.getDatabaseType()).getDialectDatabaseMetaData().getQuoteCharacter();
Collection<SQLToken> result = new LinkedList<>();
for (ColumnAssignmentSegment each : onDuplicateKeyColumnsSegments) {
boolean leftColumnIsEncrypt = encryptTable.isEncryptColumn(each.getColumns().get(0).getIdentifier().getValue());
Expand All @@ -94,28 +96,27 @@ public Collection<SQLToken> generateSQLTokens(final InsertStatementContext inser
continue;
}
EncryptColumn encryptColumn = encryptTable.getEncryptColumn(each.getColumns().get(0).getIdentifier().getValue());
generateSQLToken(schemaName, encryptTable, encryptColumn, each).ifPresent(result::add);
generateSQLToken(schemaName, encryptTable, encryptColumn, each, quoteCharacter).ifPresent(result::add);
}
return result;
}

private Optional<EncryptAssignmentToken> generateSQLToken(final String schemaName, final EncryptTable encryptTable,
final EncryptColumn encryptColumn, final ColumnAssignmentSegment assignmentSegment) {
final EncryptColumn encryptColumn, final ColumnAssignmentSegment assignmentSegment, final QuoteCharacter quoteCharacter) {
if (assignmentSegment.getValue() instanceof ParameterMarkerExpressionSegment) {
return Optional.of(generateParameterSQLToken(encryptTable, assignmentSegment));
return Optional.of(generateParameterSQLToken(encryptTable, assignmentSegment, quoteCharacter));
}
if (assignmentSegment.getValue() instanceof FunctionSegment && "VALUES".equalsIgnoreCase(((FunctionSegment) assignmentSegment.getValue()).getFunctionName())) {
return Optional.of(generateValuesSQLToken(encryptTable, assignmentSegment, (FunctionSegment) assignmentSegment.getValue()));
return Optional.of(generateValuesSQLToken(encryptTable, assignmentSegment, (FunctionSegment) assignmentSegment.getValue(), quoteCharacter));
}
if (assignmentSegment.getValue() instanceof LiteralExpressionSegment) {
return Optional.of(generateLiteralSQLToken(schemaName, encryptTable.getTable(), encryptColumn, assignmentSegment));
return Optional.of(generateLiteralSQLToken(schemaName, encryptTable.getTable(), encryptColumn, assignmentSegment, quoteCharacter));
}
return Optional.empty();
}

private EncryptAssignmentToken generateParameterSQLToken(final EncryptTable encryptTable, final ColumnAssignmentSegment assignmentSegment) {
EncryptParameterAssignmentToken result = new EncryptParameterAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex(),
assignmentSegment.getColumns().get(0).getIdentifier().getQuoteCharacter());
private EncryptAssignmentToken generateParameterSQLToken(final EncryptTable encryptTable, final ColumnAssignmentSegment assignmentSegment, final QuoteCharacter quoteCharacter) {
EncryptParameterAssignmentToken result = new EncryptParameterAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex(), quoteCharacter);
String columnName = assignmentSegment.getColumns().get(0).getIdentifier().getValue();
EncryptColumn encryptColumn = encryptTable.getEncryptColumn(columnName);
result.addColumnName(encryptColumn.getCipher().getName());
Expand All @@ -125,23 +126,23 @@ private EncryptAssignmentToken generateParameterSQLToken(final EncryptTable encr
}

private EncryptAssignmentToken generateLiteralSQLToken(final String schemaName, final String tableName,
final EncryptColumn encryptColumn, final ColumnAssignmentSegment assignmentSegment) {
EncryptLiteralAssignmentToken result = new EncryptLiteralAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex(),
assignmentSegment.getColumns().get(0).getIdentifier().getQuoteCharacter());
final EncryptColumn encryptColumn, final ColumnAssignmentSegment assignmentSegment, final QuoteCharacter quoteCharacter) {
EncryptLiteralAssignmentToken result = new EncryptLiteralAssignmentToken(assignmentSegment.getColumns().get(0).getStartIndex(), assignmentSegment.getStopIndex(), quoteCharacter);
addCipherAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
addAssistedQueryAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
addLikeAssignment(schemaName, tableName, encryptColumn, assignmentSegment, result);
return result;
}

private EncryptAssignmentToken generateValuesSQLToken(final EncryptTable encryptTable, final ColumnAssignmentSegment assignmentSegment, final FunctionSegment functionSegment) {
private EncryptAssignmentToken generateValuesSQLToken(final EncryptTable encryptTable, final ColumnAssignmentSegment assignmentSegment, final FunctionSegment functionSegment,
final QuoteCharacter quoteCharacter) {
ColumnSegment columnSegment = assignmentSegment.getColumns().get(0);
String column = columnSegment.getIdentifier().getValue();
Optional<ExpressionSegment> valueColumnSegment = functionSegment.getParameters().stream().findFirst();
Preconditions.checkState(valueColumnSegment.isPresent());
String valueColumn = ((ColumnSegment) valueColumnSegment.get()).getIdentifier().getValue();
EncryptFunctionAssignmentToken result =
new EncryptFunctionAssignmentToken(columnSegment.getStartIndex(), assignmentSegment.getStopIndex(), assignmentSegment.getColumns().get(0).getIdentifier().getQuoteCharacter());
new EncryptFunctionAssignmentToken(columnSegment.getStartIndex(), assignmentSegment.getStopIndex(), quoteCharacter);
boolean isEncryptColumn = encryptTable.isEncryptColumn(column);
boolean isEncryptValueColumn = encryptTable.isEncryptColumn(valueColumn);
EncryptColumn encryptColumn = encryptTable.getEncryptColumn(column);
Expand Down
9 changes: 8 additions & 1 deletion ...ingsphere/encrypt/rewrite/token/generator/projection/EncryptProjectionTokenGenerator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import org.apache.shardingsphere.infra.binder.context.statement.dml.SelectStatementContext;
import org.apache.shardingsphere.infra.database.core.metadata.database.enums.QuoteCharacter;
import org.apache.shardingsphere.infra.database.core.type.DatabaseType;
import org.apache.shardingsphere.infra.database.core.type.DatabaseTypeRegistry;
import org.apache.shardingsphere.infra.exception.generic.UnsupportedSQLOperationException;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.pojo.SQLToken;
import org.apache.shardingsphere.infra.rewrite.sql.token.common.pojo.generic.SubstitutableColumnNameToken;
Expand Down Expand Up @@ -170,12 +171,18 @@ private Collection<Projection> generateProjections(final EncryptColumn encryptCo

private ColumnProjection generateProjection(final EncryptColumn encryptColumn, final ColumnProjection columnProjection) {
String encryptColumnName = getEncryptColumnName(columnProjection, encryptColumn);
IdentifierValue cipherColumnName = new IdentifierValue(encryptColumnName, columnProjection.getName().getQuoteCharacter());
QuoteCharacter quoteCharacter = getQuoteCharacter(columnProjection);
IdentifierValue cipherColumnName = new IdentifierValue(encryptColumnName, quoteCharacter);
IdentifierValue cipherColumnAlias = columnProjection.getAlias().orElse(columnProjection.getName());
return new ColumnProjection(columnProjection.getOwner().orElse(null), cipherColumnName, cipherColumnAlias,
databaseType, columnProjection.getLeftParentheses().orElse(null), columnProjection.getRightParentheses().orElse(null));
}

private QuoteCharacter getQuoteCharacter(final ColumnProjection columnProjection) {
QuoteCharacter databaseQuoteCharacter = new DatabaseTypeRegistry(databaseType).getDialectDatabaseMetaData().getQuoteCharacter();
return TableSourceType.PHYSICAL_TABLE == columnProjection.getColumnBoundInfo().getTableSourceType() ? databaseQuoteCharacter : columnProjection.getName().getQuoteCharacter();
}

private String getEncryptColumnName(final ColumnProjection columnProjection, final EncryptColumn encryptColumn) {
IdentifierValue columnName = columnProjection.getName();
return TableSourceType.TEMPORARY_TABLE == columnProjection.getColumnBoundInfo().getTableSourceType()
Expand Down
Loading
Loading