Merge branch 'dev' into fix/app_search

lowcoder-org · Nov 29, 2024 · b9d9716 · b9d9716
2 parents e6415d2 + 3a7fe83
commit b9d9716
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 4 deletions.
diff --git a/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/constant/NewUrl.java b/server/api-service/lowcoder-infra/src/main/java/org/lowcoder/infra/constant/NewUrl.java
@@ -34,4 +34,6 @@ private NewUrl() {
     public static final String MATERIAL_URL = PREFIX + "/materials";
     public static final String CONTACT_SYNC = PREFIX + "/sync";
     public static final String NPM_REGISTRY = PREFIX + "/npm";
+
+    public static final String PLUGINS_URL = PREFIX + "/plugins";
 }
diff --git a/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java b/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java
@@ -11,7 +11,7 @@ public enum BizError {
 
     // 5000 - 5100 general errorCode
     INTERNAL_SERVER_ERROR(500, 5000, VERBOSE),
-    NOT_AUTHORIZED(500, 5001),
+    NOT_AUTHORIZED(401, 5001),
     INVALID_PARAMETER(500, 5002),
     UNSUPPORTED_OPERATION(400, 5003),
     DUPLICATE_KEY(409, 5004, VERBOSE),
@@ -113,6 +113,7 @@ public enum BizError {
     PLUGIN_EXECUTION_TIMEOUT(504, 5800),
     INVALID_DATASOURCE_TYPE(500, 5801),
     PLUGIN_EXECUTION_TIMEOUT_WITHOUT_TIME(504, 5802, VERBOSE),
+    PLUGIN_ENDPOINT_ERROR(500, 5850),
 
     // business related, code range 5900 - 5999
     NOT_RELEASE(423, 5901),

diff --git a/...der-server/src/main/java/org/lowcoder/api/framework/exception/GlobalExceptionHandler.java b/...der-server/src/main/java/org/lowcoder/api/framework/exception/GlobalExceptionHandler.java
@@ -8,7 +8,9 @@
 import java.util.Map;
 import java.util.concurrent.TimeoutException;
 
+import org.apache.commons.lang3.StringUtils;
 import org.lowcoder.api.framework.view.ResponseView;
+import org.lowcoder.infra.constant.NewUrl;
 import org.lowcoder.infra.util.LogUtils;
 import org.lowcoder.sdk.exception.BaseException;
 import org.lowcoder.sdk.exception.BizError;
@@ -26,6 +28,7 @@
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.support.WebExchangeBindException;
+import org.springframework.web.server.ResponseStatusException;
 import org.springframework.web.server.ServerWebExchange;
 import org.springframework.web.server.ServerWebInputException;
 
@@ -133,6 +136,23 @@ public Mono<ResponseView<?>> catchServerException(ServerException e, ServerWebEx
         });
     }
 
+    @ExceptionHandler
+    @ResponseBody
+    public Mono<ResponseView<?>> catchResponseStatusException(ResponseStatusException e, ServerWebExchange exchange) {
+        if (StringUtils.startsWith(exchange.getRequest().getPath().toString(), NewUrl.PLUGINS_URL + "/")) {
+            BizError bizError = BizError.PLUGIN_ENDPOINT_ERROR;
+            exchange.getResponse().setStatusCode(e.getStatusCode());
+            return Mono.deferContextual(ctx -> {
+                apiPerfHelper.perf(bizError, exchange.getRequest().getPath());
+                doLog(e, ctx, bizError.logVerbose());
+                return Mono.just(error(bizError.getBizErrorCode(), e.getMessage() + " - path: " + exchange.getRequest().getPath()));
+            });
+
+        } else {
+            return catchException(e, exchange);
+        }
+    }
+
     @ExceptionHandler
     @ResponseBody
     public Mono<ResponseView<?>> catchException(java.lang.Exception e, ServerWebExchange exchange) {

diff --git a/...r/src/main/java/org/lowcoder/api/framework/plugin/endpoint/PluginEndpointHandlerImpl.java b/...r/src/main/java/org/lowcoder/api/framework/plugin/endpoint/PluginEndpointHandlerImpl.java
@@ -132,7 +132,10 @@ public Mono<ServerResponse> runPluginEndpointMethod(PluginEndpoint endpoint, End
 		});
 
 		return decisionMono.<EndpointResponse>handle((authorizationDecision, sink) -> {
-			if(!authorizationDecision.isGranted()) sink.error(new BizException(NOT_AUTHORIZED, "NOT_AUTHORIZED"));
+			if(!authorizationDecision.isGranted()) {
+				sink.error(new BizException(NOT_AUTHORIZED, "NOT_AUTHORIZED"));
+				return;
+			}
 			try {
 				sink.next((EndpointResponse) handler.invoke(endpoint, PluginServerRequest.fromServerRequest(request)));
 			} catch (IllegalAccessException | InvocationTargetException e) {

diff --git a/.../src/main/java/org/lowcoder/api/framework/plugin/security/PluginAuthorizationManager.java b/.../src/main/java/org/lowcoder/api/framework/plugin/security/PluginAuthorizationManager.java
@@ -31,11 +31,12 @@ public PluginAuthorizationManager()
 	public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, MethodInvocation invocation) 
 	{
 		log.info("Checking plugin reactive endpoint invocation security for {}", invocation.getMethod().getName());
-		
+
 		EndpointExtension endpointExtension = (EndpointExtension)invocation.getArguments()[1];
 		if (endpointExtension == null || StringUtils.isBlank(endpointExtension.authorize()))
 		{
-			return Mono.empty();
+			log.debug("Authorization expression is empty, proceeding without authorization - authorization granted.");
+			return Mono.just(new AuthorizationDecision(true));
 		}
 
 		Expression authorizeExpression = this.expressionHandler.getExpressionParser()