From 2c0649d2d4bfca5a1a17e767e22fc237982ddaf1 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:01:41 +0000 Subject: [PATCH 01/16] ce feat: enhance Cloudbeaver use case with SQL result masking capabilities MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - cloudbeaver 通过依赖注入集成数据脱敏 - Introduced `SQLResultMasker` interface for masking SQL results during execution. - Updated `CloudbeaverUsecase` to utilize the new `SQLResultMasker` for enhanced data privacy. - Refactored `buildTaskIdAssocDataMasking` to accept a `taskMaskingContext` for improved masking context management. - Integrated masking task checks within the GraphQL distributor to ensure sensitive data is appropriately handled during operations. - Enhanced the initialization of `CloudbeaverService` to include the new SQL result masking functionality. --- internal/dms/biz/cloudbeaver.go | 74 +++++++++++++++++++++++------ internal/dms/service/cloudbeaver.go | 11 ++--- 2 files changed, 64 insertions(+), 21 deletions(-) diff --git a/internal/dms/biz/cloudbeaver.go b/internal/dms/biz/cloudbeaver.go index ba6d9cfe..24766f0f 100644 --- a/internal/dms/biz/cloudbeaver.go +++ b/internal/dms/biz/cloudbeaver.go @@ -64,6 +64,10 @@ func (c CloudbeaverConnection) PrimaryKey() string { return getDBPrimaryKey(c.DMSDBServiceID, c.Purpose, c.DMSUserId) } +type SQLResultMasker interface { + MaskSQLResults(ctx context.Context, result *model.SQLExecuteInfo, dbServiceUID, schemaName string) error +} + type CloudbeaverRepo interface { GetCloudbeaverUserByID(ctx context.Context, cloudbeaverUserId string) (*CloudbeaverUser, bool, error) UpdateCloudbeaverUserCache(ctx context.Context, u *CloudbeaverUser) error @@ -84,15 +88,16 @@ type CloudbeaverUsecase struct { dbServiceUsecase *DBServiceUsecase opPermissionVerifyUsecase *OpPermissionVerifyUsecase dmsConfigUseCase *DMSConfigUseCase - dataMaskingUseCase *DataMaskingUsecase + sqlResultMasker SQLResultMasker cbOperationLogUsecase *CbOperationLogUsecase projectUsecase *ProjectUsecase + maskingTaskRepo MaskingTaskRepo repo CloudbeaverRepo proxyTargetRepo ProxyTargetRepo maintenanceTimeUsecase *MaintenanceTimeUsecase } -func NewCloudbeaverUsecase(log utilLog.Logger, cfg *CloudbeaverCfg, userUsecase *UserUsecase, dbServiceUsecase *DBServiceUsecase, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, dmsConfigUseCase *DMSConfigUseCase, dataMaskingUseCase *DataMaskingUsecase, cloudbeaverRepo CloudbeaverRepo, proxyTargetRepo ProxyTargetRepo, cbOperationUseDase *CbOperationLogUsecase, projectUsecase *ProjectUsecase, maintenanceTimeUsecase *MaintenanceTimeUsecase) (cu *CloudbeaverUsecase) { +func NewCloudbeaverUsecase(log utilLog.Logger, cfg *CloudbeaverCfg, userUsecase *UserUsecase, dbServiceUsecase *DBServiceUsecase, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, dmsConfigUseCase *DMSConfigUseCase, sqlResultMasker SQLResultMasker, cloudbeaverRepo CloudbeaverRepo, proxyTargetRepo ProxyTargetRepo, cbOperationUseCase *CbOperationLogUsecase, projectUsecase *ProjectUsecase, maskingTaskRepo MaskingTaskRepo, maintenanceTimeUsecase *MaintenanceTimeUsecase) (cu *CloudbeaverUsecase) { cu = &CloudbeaverUsecase{ repo: cloudbeaverRepo, proxyTargetRepo: proxyTargetRepo, @@ -100,9 +105,10 @@ func NewCloudbeaverUsecase(log utilLog.Logger, cfg *CloudbeaverCfg, userUsecase dbServiceUsecase: dbServiceUsecase, opPermissionVerifyUsecase: opPermissionVerifyUsecase, dmsConfigUseCase: dmsConfigUseCase, - dataMaskingUseCase: dataMaskingUseCase, - cbOperationLogUsecase: cbOperationUseDase, + sqlResultMasker: sqlResultMasker, + cbOperationLogUsecase: cbOperationUseCase, projectUsecase: projectUsecase, + maskingTaskRepo: maskingTaskRepo, cloudbeaverCfg: cfg, log: utilLog.NewHelper(log, utilLog.WithMessageKey("biz.cloudbeaver")), maintenanceTimeUsecase: maintenanceTimeUsecase, @@ -329,12 +335,18 @@ type TaskInfo struct { } `json:"data"` } +type taskMaskingContext struct { + Enabled bool + DBServiceUID string + SchemaName string +} + var ( taskIDAssocUid sync.Map taskIdAssocMasking sync.Map ) -func (cu *CloudbeaverUsecase) buildTaskIdAssocDataMasking(raw []byte, enableMasking bool) error { +func (cu *CloudbeaverUsecase) buildTaskIdAssocDataMasking(raw []byte, maskingCtx taskMaskingContext) error { var taskInfo TaskInfo if err := UnmarshalGraphQLResponse(raw, &taskInfo); err != nil { @@ -343,7 +355,7 @@ func (cu *CloudbeaverUsecase) buildTaskIdAssocDataMasking(raw []byte, enableMask return fmt.Errorf("extract task id err: %v", err) } - taskIdAssocMasking.Store(taskInfo.Data.TaskInfo.ID, enableMasking) + taskIdAssocMasking.Store(taskInfo.Data.TaskInfo.ID, maskingCtx) return nil } @@ -442,6 +454,7 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { ctx := graphql.StartOperationTrace(c.Request().Context()) var dbService *DBService + var maskingSchemaName string if params.OperationName == "asyncReadDataFromContainer" { dbService, err = cu.getDbService(c.Request().Context(), params) if err != nil { @@ -453,8 +466,12 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { return err } + isMaskingEnabled, _ := cu.maskingTaskRepo.CheckMaskingTaskExist(c.Request().Context(), dbService.UID) // 构建任务ID与数据脱敏的关联 - return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), dbService.IsMaskingSwitch) + return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), taskMaskingContext{ + Enabled: isMaskingEnabled, + DBServiceUID: dbService.UID, + }) } // 处理异步SQL执行查询请求 @@ -478,8 +495,17 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { cu.log.Error(err) } + isMaskingEnabled, _ := cu.maskingTaskRepo.CheckMaskingTaskExist(c.Request().Context(), dbService.UID) + maskCtx := taskMaskingContext{ + Enabled: isMaskingEnabled, + DBServiceUID: dbService.UID, + } + if ep, epErr := cu.getWorkflowExecParams(c, params); epErr == nil { + maskCtx.SchemaName = ep.instanceSchema + } + // 构建任务ID与数据脱敏的关联 - return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), dbService.IsMaskingSwitch) + return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), maskCtx) } // 获取SQLE服务地址 @@ -492,6 +518,7 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { if err != nil { return err } + maskingSchemaName = execParams.instanceSchema // 构建直接审计请求参数 directAuditReq := cloudbeaver.DirectAuditParams{ AuditSQLReq: cloudbeaver.AuditSQLReq{ @@ -537,8 +564,12 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { return err } + isMaskingEnabled, _ := cu.maskingTaskRepo.CheckMaskingTaskExist(c.Request().Context(), dbService.UID) // 构建任务ID与数据脱敏的关联 - return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), dbService.IsMaskingSwitch) + return cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), taskMaskingContext{ + Enabled: isMaskingEnabled, + DBServiceUID: dbService.UID, + }) } // 处理获取异步任务信息请求 @@ -589,7 +620,7 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { return nil } - enableMasking := false + var maskingCtx taskMaskingContext // 处理获取SQL执行任务结果请求 if params.OperationName == "getSqlExecuteTaskResults" { // 检查是否需要数据脱敏 @@ -599,9 +630,10 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { return c.JSON(http.StatusOK, model.ServerError{Message: &msg}) } - enableMasking, ok = taskIdAssocMaskingVal.(bool) - if !ok { - msg := fmt.Sprintf("task id %v assoc masking val is not bool", params.Variables["taskId"]) + var ctxOk bool + maskingCtx, ctxOk = taskIdAssocMaskingVal.(taskMaskingContext) + if !ctxOk { + msg := fmt.Sprintf("task id %v assoc masking context type assertion failed", params.Variables["taskId"]) return c.JSON(http.StatusOK, model.ServerError{Message: &msg}) } } @@ -666,7 +698,12 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { } if params.OperationName == "asyncSqlExecuteQuery" { - if err := cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), dbService.IsMaskingSwitch); err != nil { + isMaskingEnabled, _ := cu.maskingTaskRepo.CheckMaskingTaskExist(c.Request().Context(), dbService.UID) + if err := cu.buildTaskIdAssocDataMasking(cloudbeaverResBuf.Bytes(), taskMaskingContext{ + Enabled: isMaskingEnabled, + DBServiceUID: dbService.UID, + SchemaName: maskingSchemaName, + }); err != nil { return nil, err } } @@ -713,9 +750,16 @@ func (cu *CloudbeaverUsecase) GraphQLDistributor() echo.MiddlewareFunc { } } + maskingHandler := func(ctx context.Context, result *model.SQLExecuteInfo) error { + if cu.sqlResultMasker == nil { + return nil + } + return cu.sqlResultMasker.MaskSQLResults(ctx, result, maskingCtx.DBServiceUID, maskingCtx.SchemaName) + } + // 创建GraphQL可执行schema g := resolver.NewExecutableSchema(resolver.Config{ - Resolvers: cloudbeaver.NewResolverImpl(c, cloudbeaverNext, cu.dataMaskingUseCase.SQLExecuteResultsDataMasking, enableMasking), + Resolvers: cloudbeaver.NewResolverImpl(c, cloudbeaverNext, maskingHandler, maskingCtx.Enabled), Directives: resolver.DirectiveRoot{ Since: func(ctx context.Context, obj any, next graphql.Resolver, version string) (res any, err error) { // @since directive implementation diff --git a/internal/dms/service/cloudbeaver.go b/internal/dms/service/cloudbeaver.go index 0c340dcf..ecd135ba 100644 --- a/internal/dms/service/cloudbeaver.go +++ b/internal/dms/service/cloudbeaver.go @@ -4,7 +4,6 @@ import ( "fmt" "github.com/actiontech/dms/internal/apiserver/conf" - maskingBiz "github.com/actiontech/dms/internal/data_masking/biz" "github.com/actiontech/dms/internal/dms/biz" "github.com/actiontech/dms/internal/dms/storage" @@ -49,7 +48,8 @@ func NewAndInitCloudbeaverService(logger utilLog.Logger, opts *conf.DMSOptions) projectUsecase := biz.NewProjectUsecase(logger, tx, projectRepo, memberUsecase, opPermissionVerifyUsecase, pluginUseCase, businessTagUsecase, &environmentTagUsecase) dbServiceRepo := storage.NewDBServiceRepo(logger, st) environmentTagUsecase = *biz.NewEnvironmentTagUsecase(storage.NewEnvironmentTagRepo(logger, st), logger, projectUsecase, opPermissionVerifyUsecase) - dbServiceUseCase := biz.NewDBServiceUsecase(logger, dbServiceRepo, pluginUseCase, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, &environmentTagUsecase) + discoveryTaskRepo := storage.NewSensitiveDataDiscoveryTaskRepo(logger, st) + dbServiceUseCase := biz.NewDBServiceUsecase(logger, dbServiceRepo, discoveryTaskRepo, pluginUseCase, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, &environmentTagUsecase) ldapConfigurationRepo := storage.NewLDAPConfigurationRepo(logger, st) ldapConfigurationUsecase := biz.NewLDAPConfigurationUsecase(logger, tx, ldapConfigurationRepo) @@ -61,11 +61,10 @@ func NewAndInitCloudbeaverService(logger utilLog.Logger, opts *conf.DMSOptions) loginConfigurationRepo := storage.NewLoginConfigurationRepo(logger, st) loginConfigurationUsecase := biz.NewLoginConfigurationUsecase(logger, tx, loginConfigurationRepo) userUsecase := biz.NewUserUsecase(logger, tx, userRepo, userGroupRepo, pluginUseCase, opPermissionUsecase, opPermissionVerifyUsecase, loginConfigurationUsecase, ldapConfigurationUsecase, cloudbeaverRepo, nil) - dataMasking, err := maskingBiz.NewDataMaskingUseCase(logger) + sqlResultMasker, err := newCloudbeaverSQLResultMasker(logger, st, dmsProxyTargetRepo) if err != nil { - return nil, fmt.Errorf("failed to new data masking use case: %v", err) + return nil, err } - dataMaskingUsecase := biz.NewMaskingUsecase(logger, dataMasking) dmsConfigRepo := storage.NewDMSConfigRepo(logger, st) dmsConfigUseCase := biz.NewDMSConfigUseCase(logger, dmsConfigRepo) cbOperationLogUsecase := biz.NewCbOperationLogUsecase(logger, storage.NewCbOperationLogRepo(logger, st), opPermissionVerifyUsecase, dmsProxyTargetRepo, biz.NewSystemVariableUsecase(logger, storage.NewSystemVariableRepo(logger, st))) @@ -83,7 +82,7 @@ func NewAndInitCloudbeaverService(logger utilLog.Logger, opts *conf.DMSOptions) } } - cloudbeaverUsecase := biz.NewCloudbeaverUsecase(logger, cfg, userUsecase, dbServiceUseCase, opPermissionVerifyUsecase, dmsConfigUseCase, dataMaskingUsecase, cloudbeaverRepo, dmsProxyTargetRepo, cbOperationLogUsecase, projectUsecase, maintenanceTimeUsecase) + cloudbeaverUsecase := biz.NewCloudbeaverUsecase(logger, cfg, userUsecase, dbServiceUseCase, opPermissionVerifyUsecase, dmsConfigUseCase, sqlResultMasker, cloudbeaverRepo, dmsProxyTargetRepo, cbOperationLogUsecase, projectUsecase, discoveryTaskRepo, maintenanceTimeUsecase) proxyUsecase := biz.NewCloudbeaverProxyUsecase(logger, cloudbeaverUsecase) return &CloudbeaverService{ From fdb2b17fdeb97ed87d8307701a177d3238b43e4b Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:06:18 +0000 Subject: [PATCH 02/16] ce feat: add masking audit permission and update related localization MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 新增配置脱敏任务的权限 - Introduced a new operation permission for masking audit with UID `700038`. - Updated the permission name for desensitization to "配置脱敏任务". - Enhanced localization support by adding descriptions and names for the new masking audit permission. - Refactored permission handling to accommodate the new permission type in various service components. --- internal/dms/biz/op_permission.go | 9 +++- internal/dms/pkg/constant/const.go | 5 +++ internal/dms/service/op_permission.go | 34 ++++++++++++++- internal/dms/service/user.go | 2 + internal/pkg/locale/message_zh.go | 59 ++++++++++++++++++--------- pkg/dms-common/api/dms/v1/user.go | 6 +++ 6 files changed, 92 insertions(+), 23 deletions(-) diff --git a/internal/dms/biz/op_permission.go b/internal/dms/biz/op_permission.go index 0c85799b..2a236d82 100644 --- a/internal/dms/biz/op_permission.go +++ b/internal/dms/biz/op_permission.go @@ -324,7 +324,14 @@ func initOpPermission() []*OpPermission { }, { UID: pkgConst.UIdOfOpPermissionDesensitization, - Name: "脱敏规则配置权限", + Name: "配置脱敏任务", + RangeType: OpRangeTypeProject, + Module: DesensitizationRule, + Service: v1.ServiceDMS, + }, + { + UID: pkgConst.UIdOfOpPermissionMaskingAudit, + Name: "脱敏审核", RangeType: OpRangeTypeProject, Module: DesensitizationRule, Service: v1.ServiceDMS, diff --git a/internal/dms/pkg/constant/const.go b/internal/dms/pkg/constant/const.go index fbe4a798..73ed4d0a 100644 --- a/internal/dms/pkg/constant/const.go +++ b/internal/dms/pkg/constant/const.go @@ -47,6 +47,7 @@ const ( UIdOfOpPermissionManageRoleMange = "700035" UIdOfOpPermissionDesensitization = "700036" UIDOfOpPermissionViewSQLInsight = "700037" + UIdOfOpPermissionMaskingAudit = "700038" UIDOfDMSConfig = "700100" @@ -125,6 +126,8 @@ func ConvertPermissionIdToType(opPermissionUid string) (apiOpPermissionTyp dmsCo apiOpPermissionTyp = dmsCommonV1.OpPermissionManageRoleMange case UIdOfOpPermissionDesensitization: apiOpPermissionTyp = dmsCommonV1.OpPermissionDesensitization + case UIdOfOpPermissionMaskingAudit: + apiOpPermissionTyp = dmsCommonV1.OpPermissionMaskingAudit case UIDOfOrdinaryUser: apiOpPermissionTyp = dmsCommonV1.OpPermissionTypeNone default: @@ -202,6 +205,8 @@ func ConvertPermissionTypeToId(opPermissionType dmsCommonV1.OpPermissionType) (p permissionId = UIdOfOpPermissionManageRoleMange case dmsCommonV1.OpPermissionDesensitization: permissionId = UIdOfOpPermissionDesensitization + case dmsCommonV1.OpPermissionMaskingAudit: + permissionId = UIdOfOpPermissionMaskingAudit case dmsCommonV1.OpPermissionTypeNone: permissionId = UIDOfOrdinaryUser default: diff --git a/internal/dms/service/op_permission.go b/internal/dms/service/op_permission.go index 292ba6d7..755c178e 100644 --- a/internal/dms/service/op_permission.go +++ b/internal/dms/service/op_permission.go @@ -50,6 +50,7 @@ var OpPermissionNameByUID = map[string]*i18n.Message{ pkgConst.UIdOfOpPermissionManageSQLMangeWhiteList: locale.NameOpPermissionManageSQLMangeWhiteList, pkgConst.UIdOfOpPermissionManageRoleMange: locale.NameOpPermissionManageRoleMange, pkgConst.UIdOfOpPermissionDesensitization: locale.NameOpPermissionDesensitization, + pkgConst.UIdOfOpPermissionMaskingAudit: locale.NameOpPermissionMaskingAudit, } var OpPermissionDescByUID = map[string]*i18n.Message{ @@ -72,6 +73,24 @@ var OpPermissionDescByUID = map[string]*i18n.Message{ pkgConst.UIDOfOpPermissionGlobalView: locale.DescOpPermissionGlobalView, pkgConst.UIDOfOpPermissionCreatePipeline: locale.DescOpPermissionCreatePipeline, pkgConst.UIDOfOrdinaryUser: locale.DescOpPermissionOrdinaryUser, + pkgConst.UIDOfOpPermissionViewOperationRecord: locale.DescOpPermissionViewOperationRecord, + pkgConst.UIDOfOpPermissionViewExportTask: locale.DescOpPermissionViewExportTask, + pkgConst.UIDOfPermissionViewQuickAuditRecord: locale.DescPermissionViewQuickAuditRecord, + pkgConst.UIDOfOpPermissionViewIDEAuditRecord: locale.DescOpPermissionViewIDEAuditRecord, + pkgConst.UIDOfOpPermissionViewOptimizationRecord: locale.DescOpPermissionViewOptimizationRecord, + pkgConst.UIDOfOpPermissionViewVersionManage: locale.DescOpPermissionViewVersionManage, + pkgConst.UIDOfOpPermissionVersionManage: locale.DescOpPermissionVersionManage, + pkgConst.UIdOfOpPermissionViewPipeline: locale.DescOpPermissionViewPipeline, + pkgConst.UIdOfOpPermissionManageProjectDataSource: locale.DescOpPermissionManageProjectDataSource, + pkgConst.UIdOfOpPermissionManageAuditRuleTemplate: locale.DescOpPermissionManageAuditRuleTemplate, + pkgConst.UIdOfOpPermissionManageApprovalTemplate: locale.DescOpPermissionManageApprovalTemplate, + pkgConst.UIdOfOpPermissionManageMember: locale.DescOpPermissionManageMember, + pkgConst.UIdOfOpPermissionPushRule: locale.DescOpPermissionPushRule, + pkgConst.UIdOfOpPermissionMangeAuditSQLWhiteList: locale.DescOpPermissionMangeAuditSQLWhiteList, + pkgConst.UIdOfOpPermissionManageSQLMangeWhiteList: locale.DescOpPermissionManageSQLMangeWhiteList, + pkgConst.UIdOfOpPermissionManageRoleMange: locale.DescOpPermissionManageRoleMange, + pkgConst.UIdOfOpPermissionDesensitization: locale.DescOpPermissionDesensitization, + pkgConst.UIdOfOpPermissionMaskingAudit: locale.DescOpPermissionMaskingAudit, } func (d *DMSService) ListOpPermissions(ctx context.Context, req *dmsV1.ListOpPermissionReq) (reply *dmsV1.ListOpPermissionReply, err error) { @@ -164,12 +183,23 @@ func (d *DMSService) ListOpPermissions(ctx context.Context, req *dmsV1.ListOpPer if err != nil { return nil, fmt.Errorf("parse op range type failed: %v", err) } + + opPermissionName := o.Name + if msg, ok := OpPermissionNameByUID[o.GetUID()]; ok && msg != nil { + opPermissionName = locale.Bundle.LocalizeMsgByCtx(ctx, msg) + } + + opPermissionDesc := "" + if msg, ok := OpPermissionDescByUID[o.GetUID()]; ok && msg != nil { + opPermissionDesc = locale.Bundle.LocalizeMsgByCtx(ctx, msg) + } + ret[i] = &dmsV1.ListOpPermission{ OpPermission: dmsV1.UidWithName{ Uid: o.GetUID(), - Name: locale.Bundle.LocalizeMsgByCtx(ctx, OpPermissionNameByUID[o.GetUID()]), + Name: opPermissionName, }, - Description: locale.Bundle.LocalizeMsgByCtx(ctx, OpPermissionDescByUID[o.GetUID()]), + Description: opPermissionDesc, RangeType: opRangeTyp, Module: string(o.Module), Service: o.Service, diff --git a/internal/dms/service/user.go b/internal/dms/service/user.go index 8dd74523..2878a216 100644 --- a/internal/dms/service/user.go +++ b/internal/dms/service/user.go @@ -815,6 +815,8 @@ func convertBizOpPermission(opPermissionUid string) (apiOpPermissionTyp dmsCommo apiOpPermissionTyp = dmsCommonV1.OpPermissionManageRoleMange case pkgConst.UIdOfOpPermissionDesensitization: apiOpPermissionTyp = dmsCommonV1.OpPermissionDesensitization + case pkgConst.UIdOfOpPermissionMaskingAudit: + apiOpPermissionTyp = dmsCommonV1.OpPermissionMaskingAudit case pkgConst.UIDOfOrdinaryUser: apiOpPermissionTyp = dmsCommonV1.OpPermissionTypeNone default: diff --git a/internal/pkg/locale/message_zh.go b/internal/pkg/locale/message_zh.go index 371c15f7..19ed3f3f 100644 --- a/internal/pkg/locale/message_zh.go +++ b/internal/pkg/locale/message_zh.go @@ -59,27 +59,46 @@ var ( NameOpPermissionMangeAuditSQLWhiteList = &i18n.Message{ID: "NameOpPermissionMangeAuditSQLWhiteList", Other: "审核SQL例外"} NameOpPermissionManageSQLMangeWhiteList = &i18n.Message{ID: "NameOpPermissionManageSQLMangeWhiteList", Other: "管控SQL例外"} NameOpPermissionManageRoleMange = &i18n.Message{ID: "NameOpPermissionManageRoleMange", Other: "角色管理权限"} - NameOpPermissionDesensitization = &i18n.Message{ID: "NameOpPermissionDesensitization", Other: "脱敏规则配置权限"} + NameOpPermissionDesensitization = &i18n.Message{ID: "NameOpPermissionDesensitization", Other: "配置脱敏任务"} + NameOpPermissionMaskingAudit = &i18n.Message{ID: "NameOpPermissionMaskingAudit", Other: "脱敏审核"} - DescOpPermissionGlobalManagement = &i18n.Message{ID: "DescOpPermissionGlobalManagement", Other: "具备系统最高权限,可进行系统配置、用户管理等操作"} - DescOpPermissionGlobalView = &i18n.Message{ID: "DescOpPermissionGlobalView", Other: "负责系统操作审计、数据合规检查等工作"} - DescOpPermissionCreateProject = &i18n.Message{ID: "DescOpPermissionCreateProject", Other: "创建项目、配置项目资源"} - DescOpPermissionProjectAdmin = &i18n.Message{ID: "DescOpPermissionProjectAdmin", Other: "项目管理;拥有该权限的用户可以管理项目下的所有资源"} - DescOpPermissionCreateWorkflow = &i18n.Message{ID: "DescOpPermissionCreateWorkflow", Other: "创建/编辑工单;拥有该权限的用户可以创建/编辑工单"} - DescOpPermissionOrdinaryUser = &i18n.Message{ID: "DescOpPermissionOrdinaryUser", Other: "基础功能操作权限,可进行日常业务操作"} - DescOpPermissionAuditWorkflow = &i18n.Message{ID: "DescOpPermissionAuditWorkflow", Other: "审核/驳回工单;拥有该权限的用户可以审核/驳回工单"} - DescOpPermissionAuthDBServiceData = &i18n.Message{ID: "DescOpPermissionAuthDBServiceData", Other: "授权数据源数据权限;拥有该权限的用户可以授权数据源数据权限"} - DescOpPermissionExecuteWorkflow = &i18n.Message{ID: "DescOpPermissionExecuteWorkflow", Other: "上线工单;拥有该权限的用户可以上线工单"} - DescOpPermissionViewOthersWorkflow = &i18n.Message{ID: "DescOpPermissionViewOthersWorkflow", Other: "查看他人创建的工单;拥有该权限的用户可以查看他人创建的工单"} - DescOpPermissionViewOthersAuditPlan = &i18n.Message{ID: "DescOpPermissionViewOthersAuditPlan", Other: "查看他人创建的扫描任务;拥有该权限的用户可以查看他人创建的扫描任务"} - DescOpPermissionViewSQLInsight = &i18n.Message{ID: "DescOpPermissionViewSQLInsight", Other: "查看性能洞察;拥有该权限的用户可以查看性能洞察的数据"} - DescOpPermissionSaveAuditPlan = &i18n.Message{ID: "DescOpPermissionSaveAuditPlan", Other: "创建/编辑扫描任务;拥有该权限的用户可以创建/编辑扫描任务"} - DescOpPermissionSQLQuery = &i18n.Message{ID: "DescOpPermissionSQLQuery", Other: "SQL工作台查询;拥有该权限的用户可以执行SQL工作台查询"} - DescOpPermissionExportApprovalReject = &i18n.Message{ID: "DescOpPermissionExportApprovalReject", Other: "审批/驳回数据导出工单;拥有该权限的用户可以执行审批导出数据工单或者驳回导出数据工单"} - DescOpPermissionExportCreate = &i18n.Message{ID: "DescOpPermissionExportCreate", Other: "创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单"} - DescOpPermissionCreateOptimization = &i18n.Message{ID: "DescOpPermissionCreateOptimization", Other: "创建智能调优;拥有该权限的用户可以创建智能调优"} - DescOpPermissionViewOthersOptimization = &i18n.Message{ID: "DescOpPermissionViewOthersOptimization", Other: "查看他人创建的智能调优;拥有该权限的用户可以查看他人创建的智能调优"} - DescOpPermissionCreatePipeline = &i18n.Message{ID: "DescOpPermissionCreatePipeline", Other: "配置流水线;拥有该权限的用户可以为数据源配置流水线"} + DescOpPermissionGlobalManagement = &i18n.Message{ID: "DescOpPermissionGlobalManagement", Other: "具备系统最高权限,可进行系统配置、用户管理等操作"} + DescOpPermissionGlobalView = &i18n.Message{ID: "DescOpPermissionGlobalView", Other: "负责系统操作审计、数据合规检查等工作"} + DescOpPermissionCreateProject = &i18n.Message{ID: "DescOpPermissionCreateProject", Other: "创建项目、配置项目资源"} + DescOpPermissionProjectAdmin = &i18n.Message{ID: "DescOpPermissionProjectAdmin", Other: "项目管理;拥有该权限的用户可以管理项目下的所有资源"} + DescOpPermissionCreateWorkflow = &i18n.Message{ID: "DescOpPermissionCreateWorkflow", Other: "创建/编辑工单;拥有该权限的用户可以创建/编辑工单"} + DescOpPermissionOrdinaryUser = &i18n.Message{ID: "DescOpPermissionOrdinaryUser", Other: "基础功能操作权限,可进行日常业务操作"} + DescOpPermissionAuditWorkflow = &i18n.Message{ID: "DescOpPermissionAuditWorkflow", Other: "审核/驳回工单;拥有该权限的用户可以审核/驳回工单"} + DescOpPermissionAuthDBServiceData = &i18n.Message{ID: "DescOpPermissionAuthDBServiceData", Other: "授权数据源数据权限;拥有该权限的用户可以授权数据源数据权限"} + DescOpPermissionExecuteWorkflow = &i18n.Message{ID: "DescOpPermissionExecuteWorkflow", Other: "上线工单;拥有该权限的用户可以上线工单"} + DescOpPermissionViewOthersWorkflow = &i18n.Message{ID: "DescOpPermissionViewOthersWorkflow", Other: "查看他人创建的工单;拥有该权限的用户可以查看他人创建的工单"} + DescOpPermissionViewOthersAuditPlan = &i18n.Message{ID: "DescOpPermissionViewOthersAuditPlan", Other: "查看他人创建的扫描任务;拥有该权限的用户可以查看他人创建的扫描任务"} + DescOpPermissionViewSQLInsight = &i18n.Message{ID: "DescOpPermissionViewSQLInsight", Other: "查看性能洞察;拥有该权限的用户可以查看性能洞察的数据"} + DescOpPermissionSaveAuditPlan = &i18n.Message{ID: "DescOpPermissionSaveAuditPlan", Other: "创建/编辑扫描任务;拥有该权限的用户可以创建/编辑扫描任务"} + DescOpPermissionSQLQuery = &i18n.Message{ID: "DescOpPermissionSQLQuery", Other: "SQL工作台查询;拥有该权限的用户可以执行SQL工作台查询"} + DescOpPermissionExportApprovalReject = &i18n.Message{ID: "DescOpPermissionExportApprovalReject", Other: "审批/驳回数据导出工单;拥有该权限的用户可以执行审批导出数据工单或者驳回导出数据工单"} + DescOpPermissionExportCreate = &i18n.Message{ID: "DescOpPermissionExportCreate", Other: "创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单"} + DescOpPermissionCreateOptimization = &i18n.Message{ID: "DescOpPermissionCreateOptimization", Other: "创建智能调优;拥有该权限的用户可以创建智能调优"} + DescOpPermissionViewOthersOptimization = &i18n.Message{ID: "DescOpPermissionViewOthersOptimization", Other: "查看他人创建的智能调优;拥有该权限的用户可以查看他人创建的智能调优"} + DescOpPermissionCreatePipeline = &i18n.Message{ID: "DescOpPermissionCreatePipeline", Other: "配置流水线;拥有该权限的用户可以为数据源配置流水线"} + DescOpPermissionViewOperationRecord = &i18n.Message{ID: "DescOpPermissionViewOperationRecord", Other: "查看所有操作记录;拥有该权限的用户可以查看平台全部操作记录"} + DescOpPermissionViewExportTask = &i18n.Message{ID: "DescOpPermissionViewExportTask", Other: "查看所有导出任务;拥有该权限的用户可以查看平台全部导出任务"} + DescPermissionViewQuickAuditRecord = &i18n.Message{ID: "DescPermissionViewQuickAuditRecord", Other: "查看所有快捷审核记录;拥有该权限的用户可以查看全部快捷审核记录"} + DescOpPermissionViewIDEAuditRecord = &i18n.Message{ID: "DescOpPermissionViewIDEAuditRecord", Other: "查看所有IDE审核记录;拥有该权限的用户可以查看全部IDE审核记录"} + DescOpPermissionViewOptimizationRecord = &i18n.Message{ID: "DescOpPermissionViewOptimizationRecord", Other: "查看所有优化记录;拥有该权限的用户可以查看全部优化记录"} + DescOpPermissionViewVersionManage = &i18n.Message{ID: "DescOpPermissionViewVersionManage", Other: "查看他人创建的版本记录;拥有该权限的用户可以查看全部版本记录"} + DescOpPermissionVersionManage = &i18n.Message{ID: "DescOpPermissionVersionManage", Other: "配置版本;拥有该权限的用户可以配置版本管理策略"} + DescOpPermissionViewPipeline = &i18n.Message{ID: "DescOpPermissionViewPipeline", Other: "查看所有流水线;拥有该权限的用户可以查看全部流水线"} + DescOpPermissionManageProjectDataSource = &i18n.Message{ID: "DescOpPermissionManageProjectDataSource", Other: "管理项目数据源;拥有该权限的用户可以管理项目下数据源"} + DescOpPermissionManageAuditRuleTemplate = &i18n.Message{ID: "DescOpPermissionManageAuditRuleTemplate", Other: "管理审核规则模版;拥有该权限的用户可以管理审核规则模版"} + DescOpPermissionManageApprovalTemplate = &i18n.Message{ID: "DescOpPermissionManageApprovalTemplate", Other: "管理审批流程模版;拥有该权限的用户可以管理审批流程模版"} + DescOpPermissionManageMember = &i18n.Message{ID: "DescOpPermissionManageMember", Other: "管理成员与权限;拥有该权限的用户可以管理项目成员与权限"} + DescOpPermissionPushRule = &i18n.Message{ID: "DescOpPermissionPushRule", Other: "管理推送规则;拥有该权限的用户可以管理推送规则"} + DescOpPermissionMangeAuditSQLWhiteList = &i18n.Message{ID: "DescOpPermissionMangeAuditSQLWhiteList", Other: "审核SQL例外;拥有该权限的用户可以管理审核SQL例外"} + DescOpPermissionManageSQLMangeWhiteList = &i18n.Message{ID: "DescOpPermissionManageSQLMangeWhiteList", Other: "管控SQL例外;拥有该权限的用户可以管理管控SQL例外"} + DescOpPermissionManageRoleMange = &i18n.Message{ID: "DescOpPermissionManageRoleMange", Other: "角色管理权限;拥有该权限的用户可以管理角色"} + DescOpPermissionDesensitization = &i18n.Message{ID: "DescOpPermissionDesensitization", Other: "配置脱敏任务;拥有该权限的用户可以管理脱敏模板、脱敏发现任务和规则配置"} + DescOpPermissionMaskingAudit = &i18n.Message{ID: "DescOpPermissionMaskingAudit", Other: "脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求"} ) // role diff --git a/pkg/dms-common/api/dms/v1/user.go b/pkg/dms-common/api/dms/v1/user.go index 9e164317..d043f516 100644 --- a/pkg/dms-common/api/dms/v1/user.go +++ b/pkg/dms-common/api/dms/v1/user.go @@ -254,6 +254,8 @@ const ( OpPermissionManageRoleMange OpPermissionType = "manage_role_mange" // 脱敏规则;脱敏规则配置权限 OpPermissionDesensitization OpPermissionType = "desensitization" + // 脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求 + OpPermissionMaskingAudit OpPermissionType = "masking_audit" // 无任何权限 OpPermissionTypeNone OpPermissionType = "none" ) @@ -330,6 +332,8 @@ func ParseOpPermissionType(typ string) (OpPermissionType, error) { return OpPermissionManageRoleMange, nil case string(OpPermissionDesensitization): return OpPermissionDesensitization, nil + case string(OpPermissionMaskingAudit): + return OpPermissionMaskingAudit, nil case string(OpPermissionTypeNone): return OpPermissionTypeNone, nil default: @@ -369,6 +373,8 @@ func GetOperationTypeDesc(opType OpPermissionType) string { return "查看他人创建的智能调优" case OpPermissionTypeCreatePipeline: return "配置流水线" + case OpPermissionMaskingAudit: + return "脱敏审核" default: return "未知操作类型" } From dc2ca3701419aeed9a653be4180acbe8af3d1d90 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:10:20 +0000 Subject: [PATCH 03/16] refactor: remove masking switch references and introduce masking task repository MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 从数据源配置中移除是否开启脱敏,移动到脱敏任务,由数据源是否开启脱敏任务判断是否开启脱敏 - Removed `IsMaskingSwitch` from `DBService`, `BizDBServiceArgs`, and related methods to streamline the configuration. - Introduced `MaskingTaskRepo` interface for managing masking task existence and status. - Updated `DBServiceUsecase` to include `maskingTaskRepo` for enhanced masking task management. - Adjusted various service methods to reflect the removal of masking switch logic, ensuring cleaner code and improved maintainability. --- internal/dms/biz/db_service.go | 15 +++++++------ internal/dms/biz/repo_fields.go | 1 - internal/dms/service/db_service.go | 33 +++++++++-------------------- internal/dms/storage/convert.go | 2 -- internal/dms/storage/model/model.go | 3 +-- 5 files changed, 20 insertions(+), 34 deletions(-) diff --git a/internal/dms/biz/db_service.go b/internal/dms/biz/db_service.go index 58e56393..782a56d3 100644 --- a/internal/dms/biz/db_service.go +++ b/internal/dms/biz/db_service.go @@ -71,8 +71,7 @@ type DBService struct { LastConnectionErrorMsg *string `json:"last_connection_error_msg"` // sqle config - SQLEConfig *SQLEConfig `json:"sqle_config"` - IsMaskingSwitch bool `json:"is_masking_switch"` + SQLEConfig *SQLEConfig `json:"sqle_config"` // PROV config AccountPurpose string `json:"account_purpose"` // audit plan types @@ -132,7 +131,6 @@ func newDBService(args *BizDBServiceArgs) (*DBService, error) { Source: args.Source, MaintenancePeriod: args.MaintenancePeriod, SQLEConfig: &SQLEConfig{}, - IsMaskingSwitch: args.IsMaskingSwitch, EnableBackup: args.EnableBackup, BackupMaxRows: args.BackupMaxRows, } @@ -173,8 +171,14 @@ type DBServiceRepo interface { GetFieldDistinctValue(ctx context.Context, field DBServiceField, results interface{}) error } +type MaskingTaskRepo interface { + CheckMaskingTaskExist(ctx context.Context, dbServiceUID string) (bool, error) + ListMaskingTaskStatus(ctx context.Context, dbServiceUIDs []string) (map[string]bool, error) +} + type DBServiceUsecase struct { repo DBServiceRepo + maskingTaskRepo MaskingTaskRepo dmsProxyTargetRepo ProxyTargetRepo pluginUsecase *PluginUsecase opPermissionVerifyUsecase *OpPermissionVerifyUsecase @@ -183,10 +187,11 @@ type DBServiceUsecase struct { log *utilLog.Helper } -func NewDBServiceUsecase(log utilLog.Logger, repo DBServiceRepo, pluginUsecase *PluginUsecase, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, +func NewDBServiceUsecase(log utilLog.Logger, repo DBServiceRepo, maskingTaskRepo MaskingTaskRepo, pluginUsecase *PluginUsecase, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, projectUsecase *ProjectUsecase, proxyTargetRepo ProxyTargetRepo, environmentTagUsecase *EnvironmentTagUsecase) *DBServiceUsecase { return &DBServiceUsecase{ repo: repo, + maskingTaskRepo: maskingTaskRepo, opPermissionVerifyUsecase: opPermissionVerifyUsecase, pluginUsecase: pluginUsecase, projectUsecase: projectUsecase, @@ -217,7 +222,6 @@ type BizDBServiceArgs struct { DataExportRuleTemplateName string DataExportRuleTemplateID string SQLQueryConfig *SQLQueryConfig - IsMaskingSwitch bool EnableBackup bool BackupMaxRows uint64 } @@ -721,7 +725,6 @@ func (d *DBServiceUsecase) UpdateDBServiceByArgs(ctx context.Context, dbServiceU ds.User = updateDBService.User ds.AdditionalParams = updateDBService.AdditionalParams ds.MaintenancePeriod = updateDBService.MaintenancePeriod - ds.IsMaskingSwitch = updateDBService.IsMaskingSwitch ds.EnableBackup = updateDBService.EnableBackup ds.BackupMaxRows = updateDBService.BackupMaxRows ds.SQLEConfig = &SQLEConfig{} diff --git a/internal/dms/biz/repo_fields.go b/internal/dms/biz/repo_fields.go index e181a367..861d048e 100644 --- a/internal/dms/biz/repo_fields.go +++ b/internal/dms/biz/repo_fields.go @@ -137,7 +137,6 @@ const ( DBServiceFieldProjectUID DBServiceField = "project_uid" DBServiceFieldMaintenancePeriod DBServiceField = "maintenanceperiod" DBServiceFieldExtraParameters DBServiceField = "extraparameters" - DBServiceFieldIsEnableMasking DBServiceField = "is_enable_masking" DBServiceFieldLastConnectionStatus DBServiceField = "last_connection_status" DBServiceFieldEnvironmentTagUID DBServiceField = "environment_tag_uid" ) diff --git a/internal/dms/service/db_service.go b/internal/dms/service/db_service.go index 12affb80..e4807f3d 100644 --- a/internal/dms/service/db_service.go +++ b/internal/dms/service/db_service.go @@ -61,10 +61,6 @@ func (d *DMSService) UpdateDBService(ctx context.Context, req *dmsV2.UpdateDBSer AdditionalParams: additionalParams, } - if biz.IsDMS() { - args.IsMaskingSwitch = req.DBService.IsEnableMasking - } - sqleConfig := req.DBService.SQLEConfig if sqleConfig != nil { args.AuditEnabled = sqleConfig.AuditEnabled @@ -264,10 +260,6 @@ func (d *DMSService) AddDBService(ctx context.Context, req *dmsV1.AddDBServiceRe BackupMaxRows: autoChooseBackupMaxRows(req.DBService.EnableBackup, req.DBService.BackupMaxRows), } - if biz.IsDMS() { - args.IsMaskingSwitch = req.DBService.IsEnableMasking - } - sqleConfig := req.DBService.SQLEConfig if sqleConfig != nil { args.AuditEnabled = sqleConfig.AuditEnabled @@ -323,10 +315,6 @@ func (d *DMSService) AddDBServiceV2(ctx context.Context, req *dmsV2.AddDBService BackupMaxRows: autoChooseBackupMaxRows(req.DBService.EnableBackup, req.DBService.BackupMaxRows), } - if biz.IsDMS() { - args.IsMaskingSwitch = req.DBService.IsEnableMasking - } - sqleConfig := req.DBService.SQLEConfig if sqleConfig != nil { args.AuditEnabled = sqleConfig.AuditEnabled @@ -435,7 +423,6 @@ func (d *DMSService) convertBizDBServiceArgs2ImportDBService(dbs []*biz.BizDBSer SQLQueryConfig: nil, }, AdditionalParams: nil, - IsEnableMasking: false, EnvironmentTagName: u.EnvironmentTagName, } @@ -478,7 +465,6 @@ func (d *DMSService) convertImportDBService2BizDBService(ctx context.Context, im MaintenancePeriod: d.convertMaintenanceTimeToPeriod(u.MaintenanceTimes), Source: u.Source, SQLEConfig: nil, - IsMaskingSwitch: u.IsEnableMasking, AccountPurpose: "", } tag, err := d.EnvironmentTagUsecase.GetOrCreateEnvironmentTag(ctx, u.ProjectUID, u.EnvironmentTagName) @@ -554,14 +540,6 @@ func (d *DMSService) ListDBServices(ctx context.Context, req *dmsCommonV2.ListDB }) } - if biz.IsDMS() && req.IsEnableMasking != nil { - andConditions = append(andConditions, pkgConst.FilterCondition{ - Field: string(biz.DBServiceFieldIsEnableMasking), - Operator: pkgConst.FilterOperatorEqual, - Value: *req.IsEnableMasking, - }) - } - if req.FilterByName != "" { andConditions = append(andConditions, pkgConst.FilterCondition{ Field: string(biz.DBServiceFieldName), @@ -648,6 +626,15 @@ func (d *DMSService) ListDBServices(ctx context.Context, req *dmsCommonV2.ListDB return nil, err } + var dbServiceUids []string + for _, u := range service { + dbServiceUids = append(dbServiceUids, u.UID) + } + maskingTaskStatusMap := make(map[string]bool) + if d.DataMaskingUsecase != nil && d.DataMaskingUsecase.DiscoveryTaskUsecase != nil { + maskingTaskStatusMap, _ = d.DataMaskingUsecase.DiscoveryTaskUsecase.ListMaskingTaskStatus(ctx, dbServiceUids) + } + ret := make([]*dmsCommonV2.ListDBService, len(service)) for i, u := range service { password, err := pkgAes.AesEncrypt(u.Password) @@ -667,7 +654,7 @@ func (d *DMSService) ListDBServices(ctx context.Context, req *dmsCommonV2.ListDB Desc: u.Desc, Source: u.Source, ProjectUID: u.ProjectUID, - IsEnableMasking: u.IsMaskingSwitch, + IsEnableMasking: maskingTaskStatusMap[u.UID], InstanceAuditPlanID: u.InstanceAuditPlanID, AuditPlanTypes: u.AuditPlanTypes, EnableBackup: u.EnableBackup, diff --git a/internal/dms/storage/convert.go b/internal/dms/storage/convert.go index 598be415..fac480bb 100644 --- a/internal/dms/storage/convert.go +++ b/internal/dms/storage/convert.go @@ -45,7 +45,6 @@ func convertBizDBService(ds *biz.DBService) (*model.DBService, error) { Source: ds.Source, MaintenancePeriod: ds.MaintenancePeriod, ProjectUID: ds.ProjectUID, - IsEnableMasking: ds.IsMaskingSwitch, EnableBackup: ds.EnableBackup, BackupMaxRows: ds.BackupMaxRows, } @@ -114,7 +113,6 @@ func convertModelDBService(ds *model.DBService) (*biz.DBService, error) { AdditionalParams: ds.AdditionalParams, Source: ds.Source, ProjectUID: ds.ProjectUID, - IsMaskingSwitch: ds.IsEnableMasking, EnableBackup: ds.EnableBackup, BackupMaxRows: ds.BackupMaxRows, } diff --git a/internal/dms/storage/model/model.go b/internal/dms/storage/model/model.go index c9a71089..d1d9dded 100644 --- a/internal/dms/storage/model/model.go +++ b/internal/dms/storage/model/model.go @@ -83,7 +83,6 @@ type DBService struct { ProjectUID string `json:"project_uid" gorm:"size:32;column:project_uid;index:project_uid_name,unique"` MaintenancePeriod periods.Periods `json:"maintenance_period" gorm:"type:text"` ExtraParameters ExtraParameters `json:"extra_parameters" gorm:"TYPE:json"` - IsEnableMasking bool `json:"is_enable_masking" gorm:"column:is_enable_masking;type:bool"` LastConnectionStatus *string `json:"last_connection_status"` LastConnectionTime *time.Time `json:"last_connection_time"` LastConnectionErrorMsg *string `json:"last_connection_error_msg"` @@ -732,4 +731,4 @@ type OperationRecord struct { func (OperationRecord) TableName() string { return "operation_records" -} +} \ No newline at end of file From 4ea7e334040156ebe133d32a9d47e40823f5b249 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:12:09 +0000 Subject: [PATCH 04/16] ce feat: add GetURL method to ProxyTarget for URL retrieval - Introduced a new method `GetURL` in the `ProxyTarget` struct to safely retrieve the URL as a string. - The method checks for a nil URL and returns an empty string if it is not set, enhancing the usability of the `ProxyTarget` type. --- internal/dms/biz/proxy.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/internal/dms/biz/proxy.go b/internal/dms/biz/proxy.go index b9418ed7..9f081e9b 100644 --- a/internal/dms/biz/proxy.go +++ b/internal/dms/biz/proxy.go @@ -24,6 +24,13 @@ type ProxyTargetRepo interface { GetProxyTargetByName(ctx context.Context, name string) (*ProxyTarget, error) } +func (p *ProxyTarget) GetURL() string { + if p.URL == nil { + return "" + } + return p.URL.String() +} + type ProxyTarget struct { middleware.ProxyTarget Version string From 8b0bf89449539222064e1a82d11f71a66cc57470 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:21:24 +0000 Subject: [PATCH 05/16] feat: enhance data export workflow with masking configuration and task repository MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 依赖注入 - Added `maskingConfigRepo` and `maskingTaskRepo` to the `DataExportWorkflowUsecase` for improved data masking capabilities. - Updated the constructor for `DataExportWorkflowUsecase` to include new dependencies, facilitating better management of masking configurations and tasks. - Introduced a new file `data_masking_ce.go` to define methods related to data masking, returning errors for unsupported operations in the current context. - Refactored `DMSService` to initialize the new masking configuration repository and update the data masking use case, ensuring a cohesive integration of data masking functionalities. --- internal/dms/biz/data_export_workflow.go | 6 +- internal/dms/service/data_masking_ce.go | 83 +++++++++++++++++++ internal/dms/service/service.go | 18 ++-- .../service/sql_workbench_service.go | 3 +- 4 files changed, 100 insertions(+), 10 deletions(-) create mode 100644 internal/dms/service/data_masking_ce.go diff --git a/internal/dms/biz/data_export_workflow.go b/internal/dms/biz/data_export_workflow.go index 27aa081b..8554717d 100644 --- a/internal/dms/biz/data_export_workflow.go +++ b/internal/dms/biz/data_export_workflow.go @@ -124,6 +124,7 @@ type DataExportWorkflowUsecase struct { repo WorkflowRepo dbServiceRepo DBServiceRepo dataExportTaskRepo DataExportTaskRepo + maskingConfigRepo DataExportMaskingConfigRepo dmsProxyTargetRepo ProxyTargetRepo opPermissionVerifyUsecase *OpPermissionVerifyUsecase projectUsecase *ProjectUsecase @@ -131,15 +132,17 @@ type DataExportWorkflowUsecase struct { webhookUsecase *WebHookConfigurationUsecase userUsecase *UserUsecase systemVariableUsecase *SystemVariableUsecase + maskingTaskRepo MaskingTaskRepo log *utilLog.Helper reportHost string } -func NewDataExportWorkflowUsecase(logger utilLog.Logger, tx TransactionGenerator, repo WorkflowRepo, dataExportTaskRepo DataExportTaskRepo, dbServiceRepo DBServiceRepo, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, projectUsecase *ProjectUsecase, proxyTargetRepo ProxyTargetRepo, clusterUseCase *ClusterUsecase, webhookUsecase *WebHookConfigurationUsecase, userUsecase *UserUsecase, systemVariableUsecase *SystemVariableUsecase, reportHost string) *DataExportWorkflowUsecase { +func NewDataExportWorkflowUsecase(logger utilLog.Logger, tx TransactionGenerator, repo WorkflowRepo, dataExportTaskRepo DataExportTaskRepo, dbServiceRepo DBServiceRepo, maskingConfigRepo DataExportMaskingConfigRepo, opPermissionVerifyUsecase *OpPermissionVerifyUsecase, projectUsecase *ProjectUsecase, proxyTargetRepo ProxyTargetRepo, clusterUseCase *ClusterUsecase, webhookUsecase *WebHookConfigurationUsecase, userUsecase *UserUsecase, systemVariableUsecase *SystemVariableUsecase, maskingTaskRepo MaskingTaskRepo, reportHost string) *DataExportWorkflowUsecase { return &DataExportWorkflowUsecase{ tx: tx, repo: repo, dbServiceRepo: dbServiceRepo, + maskingConfigRepo: maskingConfigRepo, opPermissionVerifyUsecase: opPermissionVerifyUsecase, projectUsecase: projectUsecase, dmsProxyTargetRepo: proxyTargetRepo, @@ -148,6 +151,7 @@ func NewDataExportWorkflowUsecase(logger utilLog.Logger, tx TransactionGenerator webhookUsecase: webhookUsecase, userUsecase: userUsecase, systemVariableUsecase: systemVariableUsecase, + maskingTaskRepo: maskingTaskRepo, log: utilLog.NewHelper(logger, utilLog.WithMessageKey("biz.dataExportWorkflow")), reportHost: reportHost, } diff --git a/internal/dms/service/data_masking_ce.go b/internal/dms/service/data_masking_ce.go new file mode 100644 index 00000000..37a1393d --- /dev/null +++ b/internal/dms/service/data_masking_ce.go @@ -0,0 +1,83 @@ +//go:build !dms + +package service + +import ( + "context" + "errors" + + v1 "github.com/actiontech/dms/api/dms/service/v1" + "github.com/actiontech/dms/internal/dms/biz" + "github.com/actiontech/dms/internal/dms/storage" + utilLog "github.com/actiontech/dms/pkg/dms-common/pkg/log" + + dmsV1 "github.com/actiontech/dms/api/dms/service/v1" +) + +var errNotSupportDataMasking = errors.New("DataMasking related functions are dms version functions") + +func (d *DMSService) ConfigureMaskingRules(ctx context.Context, req *v1.ConfigureMaskingRulesReq) error { + return errNotSupportDataMasking +} + +func (d *DMSService) AddSensitiveDataDiscoveryTask(ctx context.Context, req *v1.AddSensitiveDataDiscoveryTaskReq) (reply *v1.AddSensitiveDataDiscoveryTaskReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) UpdateSensitiveDataDiscoveryTask(ctx context.Context, req *v1.UpdateSensitiveDataDiscoveryTaskReq) (reply *v1.UpdateSensitiveDataDiscoveryTaskReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) DeleteSensitiveDataDiscoveryTask(ctx context.Context, req *v1.DeleteSensitiveDataDiscoveryTaskReq) error { + return errNotSupportDataMasking +} + +func (d *DMSService) GetMaskingOverviewTree(ctx context.Context, req *v1.GetMaskingOverviewTreeReq, currentUserUid string) (reply *v1.GetMaskingOverviewTreeReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) GetTableColumnMaskingDetails(ctx context.Context, req *v1.GetTableColumnMaskingDetailsReq) (reply *v1.GetTableColumnMaskingDetailsReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) ListSensitiveDataDiscoveryTasks(ctx context.Context, req *v1.ListSensitiveDataDiscoveryTasksReq) (reply *v1.ListSensitiveDataDiscoveryTasksReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) ListSensitiveDataDiscoveryTaskHistories(ctx context.Context, req *v1.ListSensitiveDataDiscoveryTaskHistoriesReq) (reply *v1.ListSensitiveDataDiscoveryTaskHistoriesReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) ListMaskingRules(ctx context.Context) (reply *dmsV1.ListMaskingRulesReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) ListMaskingTemplates(ctx context.Context, req *dmsV1.ListMaskingTemplatesReq) (reply *dmsV1.ListMaskingTemplatesReply, err error) { + return nil, errNotSupportDataMasking +} + +func (d *DMSService) AddMaskingTemplate(ctx context.Context, req *dmsV1.AddMaskingTemplateReq) error { + return errNotSupportDataMasking +} + +func (d *DMSService) UpdateMaskingTemplate(ctx context.Context, req *dmsV1.UpdateMaskingTemplateReq) error { + return errNotSupportDataMasking +} + +func (d *DMSService) DeleteMaskingTemplate(ctx context.Context, req *dmsV1.DeleteMaskingTemplateReq) error { + return errNotSupportDataMasking +} + +func initDataMaskingUsecase(_ utilLog.Logger, _ *storage.Storage, _ *biz.DBServiceUsecase, _ *biz.ClusterUsecase, _ biz.ProxyTargetRepo) (*dataMaskingUsecase, func(), error) { + return nil, func() {}, nil +} + +func newCloudbeaverSQLResultMasker(_ utilLog.Logger, _ *storage.Storage, _ biz.ProxyTargetRepo) (biz.SQLResultMasker, error) { + return nil, nil +} + +type dataMaskingUsecase struct{} + +func initDataExportMaskingConfigRepo(_ utilLog.Logger, _ *storage.Storage) biz.DataExportMaskingConfigRepo { + return nil +} diff --git a/internal/dms/service/service.go b/internal/dms/service/service.go index 2a02498f..fd2e8ecb 100644 --- a/internal/dms/service/service.go +++ b/internal/dms/service/service.go @@ -5,7 +5,6 @@ import ( "fmt" "github.com/actiontech/dms/internal/apiserver/conf" - maskingBiz "github.com/actiontech/dms/internal/data_masking/biz" "github.com/actiontech/dms/internal/dms/biz" "github.com/actiontech/dms/internal/dms/storage" @@ -43,7 +42,7 @@ type DMSService struct { ClusterUsecase *biz.ClusterUsecase DataExportWorkflowUsecase *biz.DataExportWorkflowUsecase CbOperationLogUsecase *biz.CbOperationLogUsecase - DataMaskingUsecase *biz.DataMaskingUsecase + DataMaskingUsecase *dataMaskingUsecase AuthAccessTokenUseCase *biz.AuthAccessTokenUsecase SwaggerUseCase *biz.SwaggerUseCase GatewayUsecase *biz.GatewayUsecase @@ -86,7 +85,8 @@ func NewAndInitDMSService(logger utilLog.Logger, opts *conf.DMSOptions) (*DMSSer dmsProxyTargetRepo := storage.NewProxyTargetRepo(logger, st) resourceOverviewUsecase := biz.NewResourceOverviewUsecase(logger, projectRepo, dbServiceRepo, *opPermissionVerifyUsecase, storage.NewResourceOverviewRepo(logger, st), dmsProxyTargetRepo) environmentTagUsecase = *biz.NewEnvironmentTagUsecase(storage.NewEnvironmentTagRepo(logger, st), logger, projectUsecase, opPermissionVerifyUsecase) - dbServiceUseCase := biz.NewDBServiceUsecase(logger, dbServiceRepo, pluginUseCase, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, &environmentTagUsecase) + discoveryTaskRepo := storage.NewSensitiveDataDiscoveryTaskRepo(logger, st) + dbServiceUseCase := biz.NewDBServiceUsecase(logger, dbServiceRepo, discoveryTaskRepo, pluginUseCase, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, &environmentTagUsecase) dbServiceTaskRepo := storage.NewDBServiceSyncTaskRepo(logger, st) dbServiceTaskUsecase := biz.NewDBServiceSyncTaskUsecase(logger, dbServiceTaskRepo, opPermissionVerifyUsecase, projectUsecase, dbServiceUseCase, &environmentTagUsecase) ldapConfigurationRepo := storage.NewLDAPConfigurationRepo(logger, st) @@ -150,13 +150,14 @@ func NewAndInitDMSService(logger utilLog.Logger, opts *conf.DMSOptions) (*DMSSer cbOperationRepo := storage.NewCbOperationLogRepo(logger, st) CbOperationLogUsecase := biz.NewCbOperationLogUsecase(logger, cbOperationRepo, opPermissionVerifyUsecase, dmsProxyTargetRepo, systemVariableUsecase) workflowRepo := storage.NewWorkflowRepo(logger, st) - DataExportWorkflowUsecase := biz.NewDataExportWorkflowUsecase(logger, tx, workflowRepo, dataExportTaskRepo, dbServiceRepo, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, clusterUsecase, webhookConfigurationUsecase, userUsecase, systemVariableUsecase, fmt.Sprintf("%s:%d", opts.ReportHost, opts.APIServiceOpts.Port)) - dataMasking, err := maskingBiz.NewDataMaskingUseCase(logger) - authAccessTokenUsecase := biz.NewAuthAccessTokenUsecase(logger, userUsecase) + dataExportMaskingConfigRepo := initDataExportMaskingConfigRepo(logger, st) + DataExportWorkflowUsecase := biz.NewDataExportWorkflowUsecase(logger, tx, workflowRepo, dataExportTaskRepo, dbServiceRepo, dataExportMaskingConfigRepo, opPermissionVerifyUsecase, projectUsecase, dmsProxyTargetRepo, clusterUsecase, webhookConfigurationUsecase, userUsecase, systemVariableUsecase, discoveryTaskRepo, fmt.Sprintf("%s:%d", opts.ReportHost, opts.APIServiceOpts.Port)) + dataMaskingUsecase, stopDataMaskingScheduler, err := initDataMaskingUsecase(logger, st, dbServiceUseCase, clusterUsecase, dmsProxyTargetRepo) if err != nil { - return nil, fmt.Errorf("failed to new data masking use case: %v", err) + return nil, fmt.Errorf("failed to initialize data masking usecase: %v", err) } - dataMaskingUsecase := biz.NewMaskingUsecase(logger, dataMasking) + + authAccessTokenUsecase := biz.NewAuthAccessTokenUsecase(logger, userUsecase) cronTask := biz.NewCronTaskUsecase(logger, DataExportWorkflowUsecase, CbOperationLogUsecase, operationRecordUsecase, oauth2SessionUsecase) err = cronTask.InitialTask() @@ -204,6 +205,7 @@ func NewAndInitDMSService(logger utilLog.Logger, opts *conf.DMSOptions) (*DMSSer MaintenanceTimeUsecase: maintenanceTimeUsecase, log: utilLog.NewHelper(logger, utilLog.WithMessageKey("dms.service")), shutdownCallback: func() error { + stopDataMaskingScheduler() if err := st.Close(); nil != err { return fmt.Errorf("failed to close storage: %v", err) } diff --git a/internal/sql_workbench/service/sql_workbench_service.go b/internal/sql_workbench/service/sql_workbench_service.go index c261514a..fb55f029 100644 --- a/internal/sql_workbench/service/sql_workbench_service.go +++ b/internal/sql_workbench/service/sql_workbench_service.go @@ -163,7 +163,8 @@ func NewAndInitSqlWorkbenchService(logger utilLog.Logger, opts *conf.DMSOptions) dbServiceRepo := storage.NewDBServiceRepo(logger, st) environmentTagUsecase = *biz.NewEnvironmentTagUsecase(storage.NewEnvironmentTagRepo(logger, st), logger, projectUsecase, opPermissionVerifyUsecase) proxyTargetRepo := storage.NewProxyTargetRepo(logger, st) - dbServiceUsecase := biz.NewDBServiceUsecase(logger, dbServiceRepo, pluginUsecase, opPermissionVerifyUsecase, projectUsecase, proxyTargetRepo, &environmentTagUsecase) + discoveryTaskRepo := storage.NewSensitiveDataDiscoveryTaskRepo(logger, st) + dbServiceUsecase := biz.NewDBServiceUsecase(logger, dbServiceRepo, discoveryTaskRepo, pluginUsecase, opPermissionVerifyUsecase, projectUsecase, proxyTargetRepo, &environmentTagUsecase) // 初始化SqlWorkbench相关的存储层 sqlWorkbenchUserRepo := storage.NewSqlWorkbenchRepo(logger, st) From ea5abef2d327abb3378e0b7382233f94301b4a46 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:22:08 +0000 Subject: [PATCH 06/16] refactor: remove data masking switch from DBService and update masking templates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 接口定义新增与调整 - Removed `IsEnableMasking` field from `DBService`, `UpdateDBService`, and `ImportDBService` to streamline configuration. - Introduced new API endpoints for managing masking rules and templates, enhancing data masking capabilities. - Added methods for listing, adding, updating, and deleting masking templates and sensitive data discovery tasks in the `DMSController`. - Updated routing to accommodate new masking functionalities, ensuring better organization and maintainability of the codebase. --- api/dms/service/v1/db_service.go | 8 - api/dms/service/v1/masking.go | 766 +++++++++++++++++- api/dms/service/v2/db_service.go | 8 - .../apiserver/service/data_mask_controller.go | 678 ++++++++++++++++ internal/apiserver/service/dms_controller.go | 20 - internal/apiserver/service/router.go | 6 +- internal/apiserver/service/router_dms_ce.go | 9 + 7 files changed, 1450 insertions(+), 45 deletions(-) create mode 100644 internal/apiserver/service/data_mask_controller.go create mode 100644 internal/apiserver/service/router_dms_ce.go diff --git a/api/dms/service/v1/db_service.go b/api/dms/service/v1/db_service.go index fcacffa1..054b7732 100644 --- a/api/dms/service/v1/db_service.go +++ b/api/dms/service/v1/db_service.go @@ -45,9 +45,6 @@ type DBService struct { Desc string `json:"desc"` // SQLE config SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` - // data masking switch - // Required: false - IsEnableMasking bool `json:"is_enable_masking"` // backup switch // Required: false EnableBackup bool `json:"enable_backup"` @@ -202,9 +199,6 @@ type UpdateDBService struct { Desc *string `json:"desc"` // SQLE config SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` - // data masking switch - // Required: false - IsEnableMasking bool `json:"is_enable_masking"` // backup switch // Required: false EnableBackup bool `json:"enable_backup"` @@ -328,8 +322,6 @@ type ImportDBService struct { SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` // DB Service Custom connection parameters AdditionalParams []*dmsCommonV1.AdditionalParam `json:"additional_params"` - // is enable masking - IsEnableMasking bool `json:"is_enable_masking"` } // swagger:model diff --git a/api/dms/service/v1/masking.go b/api/dms/service/v1/masking.go index 7bb26d88..b989c752 100644 --- a/api/dms/service/v1/masking.go +++ b/api/dms/service/v1/masking.go @@ -8,12 +8,26 @@ import ( type ListMaskingRulesReq struct { } +// swagger:model ListMaskingRulesData type ListMaskingRulesData struct { - MaskingType string `json:"masking_type"` - Description string `json:"description"` - ReferenceFields []string `json:"reference_fields"` - Effect string `json:"effect"` - Id int `json:"id"` + // masking type + // Example: "MASK_DIGIT" + MaskingType string `json:"masking_type"` + // description + // Example: "mask digits" + Description string `json:"description"` + // effect description for users + // Example: "保留开头2位和结尾2位,中间字符替换为*" + Effect string `json:"effect"` + // effect example before masking + // Example: "13812345678" + EffectExampleBefore string `json:"effect_example_before"` + // effect example after masking + // Example: "138******78" + EffectExampleAfter string `json:"effect_example_after"` + // masking rule id + // Example: 1 + Id int `json:"id"` } // swagger:model ListMaskingRulesReply @@ -21,6 +35,746 @@ type ListMaskingRulesReply struct { // list masking rule reply Data []ListMaskingRulesData `json:"data"` - // Generic reply + base.GenericResp +} + +// swagger:parameters ListMaskingTemplates +type ListMaskingTemplatesReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // the maximum count of masking templates to be returned, default is 20 + // in: query + PageSize uint32 `query:"page_size" json:"page_size"` + // the offset of masking templates to be returned, default is 0 + // in: query + PageIndex uint32 `query:"page_index" json:"page_index"` +} + +// swagger:model ListMaskingTemplatesData +type ListMaskingTemplatesData struct { + // masking template id + // Example: 1 + Id int `json:"id"` + // masking template name + // Example: "Standard Template" + Name string `json:"name"` + // count of rules in the template + // Example: 5 + RuleCount int `json:"rule_count"` + // preview of rule name in the template, up to 3 items + RuleNames []string `json:"rule_names"` +} + +// swagger:model ListMaskingTemplatesReply +type ListMaskingTemplatesReply struct { + // list masking templates reply + Data []ListMaskingTemplatesData `json:"data"` + // total count of masking templates + // Example: 100 + Total int64 `json:"total_nums"` + + base.GenericResp +} + +// swagger:model AddMaskingTemplateReq +type AddMaskingTemplateReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // masking template + // Required: true + MaskingTemplate *AddMaskingTemplate `json:"masking_template" validate:"required"` +} + +// swagger:model AddMaskingTemplate +type AddMaskingTemplate struct { + // masking template name + // Required: true + // Example: "New Template" + Name string `json:"name" validate:"required"` + // masking rule id list + // Required: true + // MinLength: 1 + // Example: [1, 2, 3] + RuleIDs []int `json:"rule_ids" validate:"required,min=1"` +} + +// swagger:model AddMaskingTemplateReply +type AddMaskingTemplateReply struct { + base.GenericResp +} + +// swagger:model UpdateMaskingTemplateReq +type UpdateMaskingTemplateReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // masking template id + // in: path + // swagger:ignore + // Required: true + // Example: 1 + TemplateID int `param:"template_id" json:"template_id" validate:"required"` + // masking template + // Required: true + MaskingTemplate *UpdateMaskingTemplate `json:"masking_template" validate:"required"` +} + +// swagger:model UpdateMaskingTemplate +type UpdateMaskingTemplate struct { + // masking rule id list + // Required: true + // MinLength: 1 + // Example: [1, 2] + RuleIDs []int `json:"rule_ids" validate:"required,min=1"` +} + +// swagger:model UpdateMaskingTemplateReply +type UpdateMaskingTemplateReply struct { + base.GenericResp +} + +// swagger:parameters DeleteMaskingTemplate +type DeleteMaskingTemplateReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // masking template id + // in: path + // Required: true + // Example: 1 + TemplateID int `param:"template_id" json:"template_id" validate:"required"` +} + +// swagger:model DeleteMaskingTemplateReply +type DeleteMaskingTemplateReply struct { + base.GenericResp +} + +// swagger:parameters ListSensitiveDataDiscoveryTasks +type ListSensitiveDataDiscoveryTasksReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // the maximum count of tasks to be returned, default is 20 + // in: query + // Example: 20 + PageSize uint32 `query:"page_size" json:"page_size"` + // the offset of tasks to be returned, default is 0 + // in: query + // Example: 0 + PageIndex uint32 `query:"page_index" json:"page_index"` +} + +// swagger:enum SensitiveDataDiscoveryTaskType +type SensitiveDataDiscoveryTaskType string + +const ( + SensitiveDataDiscoveryTaskTypePeriodic SensitiveDataDiscoveryTaskType = "PERIODIC" // 周期性任务 + SensitiveDataDiscoveryTaskTypeOneTime SensitiveDataDiscoveryTaskType = "ONE_TIME" // 一次性任务 +) + +// swagger:enum SensitiveDataDiscoveryTaskStatus +type SensitiveDataDiscoveryTaskStatus string + +const ( + SensitiveDataDiscoveryTaskStatusPendingChangeConfirm SensitiveDataDiscoveryTaskStatus = "PENDING_CONFIRM" + SensitiveDataDiscoveryTaskStatusNormal SensitiveDataDiscoveryTaskStatus = "NORMAL" + SensitiveDataDiscoveryTaskStatusCompleted SensitiveDataDiscoveryTaskStatus = "COMPLETED" + SensitiveDataDiscoveryTaskStatusRunning SensitiveDataDiscoveryTaskStatus = "RUNNING" + SensitiveDataDiscoveryTaskStatusFailed SensitiveDataDiscoveryTaskStatus = "FAILED" +) + +// swagger:model ListSensitiveDataDiscoveryTasksData +type ListSensitiveDataDiscoveryTasksData struct { + // sensitive data discovery task id + // Example: 1 + ID int `json:"id"` + // database instance id + // Example: "db_service_uid_1" + DBServiceUID string `json:"db_service_uid"` + // database instance name + // Example: "mysql-01" + DBServiceName string `json:"db_service_name"` + // task type + // Example: "PERIODIC" + TaskType SensitiveDataDiscoveryTaskType `json:"task_type"` + // sensitive data identification method + // Example: "BY_FIELD_NAME" + IdentificationMethod SensitiveDataIdentificationMethod `json:"identification_method"` + // execution plan + // Example: "ONE_TIME" + ExecutionPlan SensitiveDataDiscoveryTaskType `json:"execution_plan"` + // whether periodic scanning is enabled + // Example: true + IsPeriodicScanEnabled bool `json:"is_periodic_scan_enabled"` + // cron expression of execution frequency, periodic task returns cron, one-time task returns empty + // Example: "0 2 * * *" + ExecutionFrequency string `json:"execution_frequency"` + // related masking template id + // Example: 1 + MaskingTemplateID int `json:"masking_template_id"` + // related masking template name + // Example: "Standard Template" + MaskingTemplateName string `json:"masking_template_name"` + // next run time, periodic task returns RFC3339 time, one-time task returns null + // Format: date-time (RFC3339) + // Example: "2024-01-15T10:30:00Z" + NextExecutionAt *string `json:"next_execution_at"` + // task status + // Example: "NORMAL" + Status SensitiveDataDiscoveryTaskStatus `json:"status"` +} + +// swagger:model ListSensitiveDataDiscoveryTasksReply +type ListSensitiveDataDiscoveryTasksReply struct { + // sensitive data discovery tasks list reply + Data []ListSensitiveDataDiscoveryTasksData `json:"data"` + // total count of sensitive data discovery tasks + // Example: 100 + Total int64 `json:"total_nums"` + + base.GenericResp +} + +// swagger:enum SensitiveDataIdentificationMethod +type SensitiveDataIdentificationMethod string + +const ( + SensitiveDataIdentificationMethodByFieldName SensitiveDataIdentificationMethod = "BY_FIELD_NAME" + SensitiveDataIdentificationMethodBySampleData SensitiveDataIdentificationMethod = "BY_SAMPLE_DATA" +) + +// swagger:model AddSensitiveDataDiscoveryTaskReq +type AddSensitiveDataDiscoveryTaskReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // sensitive data discovery task + // Required: true + Task *AddSensitiveDataDiscoveryTask `json:"task" validate:"required"` +} + +// swagger:enum ConfidenceLevel +type ConfidenceLevel string + +const ( + ConfidenceHigh ConfidenceLevel = "HIGH" + ConfidenceMedium ConfidenceLevel = "MEDIUM" + ConfidenceLow ConfidenceLevel = "LOW" +) + +// swagger:model AddSensitiveDataDiscoveryTask +type AddSensitiveDataDiscoveryTask struct { + // database instance id + // Required: true + // Example: "1" + DBServiceUID string `json:"db_service_uid" validate:"required"` + // masking template id + // Required: true + // Example: 1 + MaskingTemplateID int `json:"masking_template_id"` + // sensitive data identification method + // Required: true + // Example: "BY_FIELD_NAME" + IdentificationMethod SensitiveDataIdentificationMethod `json:"identification_method" validate:"required,oneof=BY_FIELD_NAME BY_SAMPLE_DATA"` + // execution plan + // Required: true + // Example: "ONE_TIME" + ExecutionPlan SensitiveDataDiscoveryTaskType `json:"execution_plan" validate:"required,oneof=PERIODIC ONE_TIME"` + // whether periodic scanning is enabled, default is true + // Example: true + IsPeriodicScanEnabled *bool `json:"is_periodic_scan_enabled"` + // cron expression, required when execution_plan is PERIODIC + // Example: "0 0 * * *" + CronExpression string `json:"cron_expression"` +} + +// swagger:model SensitiveFieldScanResult +type SensitiveFieldScanResult struct { + // scan information for the field + // Example: "matched by field name 'email'" + ScanInfo string `json:"scan_info"` + // confidence level + // Example: "High" + Confidence ConfidenceLevel `json:"confidence"` + // recommended masking rule id + // Example: 1 + RecommendedMaskingRuleID int `json:"recommended_masking_rule_id"` + // recommended masking rule name + // Example: "Email Masking" + RecommendedMaskingRuleName string `json:"recommended_masking_rule_name"` +} + +// swagger:model SuspectedSensitiveFieldsTree +type SuspectedSensitiveFieldsTree struct { + // database_name -> database node + Databases map[string]SuspectedSensitiveDatabaseNode `json:"databases"` +} + +// swagger:model SuspectedSensitiveDatabaseNode +type SuspectedSensitiveDatabaseNode struct { + // table_name -> table node + Tables map[string]SuspectedSensitiveTableNode `json:"tables"` +} + +// swagger:model SuspectedSensitiveTableNode +type SuspectedSensitiveTableNode struct { + // field_name -> scan result + Fields map[string]SensitiveFieldScanResult `json:"fields"` +} + +// swagger:model AddSensitiveDataDiscoveryTaskData +type AddSensitiveDataDiscoveryTaskData struct { + // suspected sensitive fields tree + SuspectedSensitiveFieldsTree SuspectedSensitiveFieldsTree `json:"suspected_sensitive_fields_tree"` +} + +// swagger:model AddSensitiveDataDiscoveryTaskReply +type AddSensitiveDataDiscoveryTaskReply struct { + // add sensitive data discovery task reply + Data AddSensitiveDataDiscoveryTaskData `json:"data"` + + base.GenericResp +} + +// swagger:model UpdateSensitiveDataDiscoveryTaskReq +type UpdateSensitiveDataDiscoveryTaskReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // sensitive data discovery task id + // in: path + // swagger:ignore + // Required: true + // Example: 1 + TaskID int `param:"task_id" json:"task_id" validate:"required"` + // sensitive data discovery task + // Required: true + Task *UpdateSensitiveDataDiscoveryTask `json:"task" validate:"required"` +} + +// swagger:model UpdateSensitiveDataDiscoveryTask +type UpdateSensitiveDataDiscoveryTask struct { + // masking template id + // Required: true + // Example: 1 + MaskingTemplateID int `json:"masking_template_id"` + // sensitive data identification method + // Required: true + // Example: "BY_FIELD_NAME" + IdentificationMethod SensitiveDataIdentificationMethod `json:"identification_method" validate:"required,oneof=BY_FIELD_NAME BY_SAMPLE_DATA"` + // execution plan + // Required: true + // Example: "PERIODIC" + ExecutionPlan SensitiveDataDiscoveryTaskType `json:"execution_plan" validate:"required,oneof=PERIODIC ONE_TIME"` + // whether periodic scanning is enabled + // Example: true + IsPeriodicScanEnabled *bool `json:"is_periodic_scan_enabled"` + // cron expression, required when execution_plan is PERIODIC + // Example: "0 0 * * *" + CronExpression string `json:"cron_expression"` +} + +// swagger:model UpdateSensitiveDataDiscoveryTaskData +type UpdateSensitiveDataDiscoveryTaskData struct { + // suspected sensitive fields tree + SuspectedSensitiveFieldsTree SuspectedSensitiveFieldsTree `json:"suspected_sensitive_fields_tree"` +} + +// swagger:model UpdateSensitiveDataDiscoveryTaskReply +type UpdateSensitiveDataDiscoveryTaskReply struct { + // update sensitive data discovery task reply + Data UpdateSensitiveDataDiscoveryTaskData `json:"data"` + + base.GenericResp +} + +// swagger:parameters DeleteSensitiveDataDiscoveryTask +type DeleteSensitiveDataDiscoveryTaskReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // sensitive data discovery task id + // in: path + // Required: true + // Example: 1 + TaskID int `param:"task_id" json:"task_id" validate:"required"` +} + +// swagger:model DeleteSensitiveDataDiscoveryTaskReply +type DeleteSensitiveDataDiscoveryTaskReply struct { + base.GenericResp +} + +// swagger:parameters ListSensitiveDataDiscoveryTaskHistories +type ListSensitiveDataDiscoveryTaskHistoriesReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // sensitive data discovery task id + // in: path + // Required: true + // Example: 1 + TaskID int `param:"task_id" json:"task_id" validate:"required"` + // the maximum count of histories to be returned, default is 20 + // in: query + // Example: 20 + PageSize uint32 `query:"page_size" json:"page_size"` + // the offset of histories to be returned, default is 0 + // in: query + // Example: 0 + PageIndex uint32 `query:"page_index" json:"page_index"` +} + +// swagger:model ListSensitiveDataDiscoveryTaskHistoriesData +type ListSensitiveDataDiscoveryTaskHistoriesData struct { + // execution time in RFC3339 format + // Format: date-time (RFC3339) + // Example: "2024-01-15T10:30:00Z" + ExecutedAt string `json:"executed_at"` + // execution status + // Example: "NORMAL" + Status SensitiveDataDiscoveryTaskStatus `json:"status"` + // newly discovered sensitive field count + // Example: 10 + NewSensitiveFieldCount int `json:"new_sensitive_field_count"` + // remark + // Example: "scan completed successfully" + Remark string `json:"remark"` +} + +// swagger:model ListSensitiveDataDiscoveryTaskHistoriesReply +type ListSensitiveDataDiscoveryTaskHistoriesReply struct { + // sensitive data discovery task histories reply + Data []ListSensitiveDataDiscoveryTaskHistoriesData `json:"data"` + // total count of sensitive data discovery task histories + // Example: 100 + Total int64 `json:"total_nums"` + + base.GenericResp +} + +// swagger:model ConfigureMaskingRulesReq +type ConfigureMaskingRulesReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // masking rule configurations for batch create or update + // Required: true + // MinLength: 1 + MaskingRuleConfigs []MaskingRuleConfig `json:"masking_rule_configs" validate:"required,min=1"` +} + +// swagger:model MaskingRuleConfig +type MaskingRuleConfig struct { + // data source id + // Required: true + // Example: "1" + DBServiceUID string `json:"db_service_uid" validate:"required"` + // schema name + // Required: true + // Example: "db1" + SchemaName string `json:"schema_name" validate:"required"` + // table name + // Required: true + // Example: "users" + TableName string `json:"table_name" validate:"required"` + // column name + // Required: true + // Example: "email" + ColumnName string `json:"column_name" validate:"required"` + // masking rule id + // Required: true + // Example: 1 + MaskingRuleID int `json:"masking_rule_id" validate:"required"` + // whether to enable masking for this column + // Required: true + // Example: true + IsMaskingEnabled bool `json:"is_masking_enabled" validate:"required"` +} + +// swagger:model ConfigureMaskingRulesReply +type ConfigureMaskingRulesReply struct { + base.GenericResp +} + +// swagger:enum MaskingConfigStatus +type MaskingConfigStatus string + +const ( + MaskingConfigStatusConfigured MaskingConfigStatus = "CONFIGURED" + MaskingConfigStatusPendingConfirm MaskingConfigStatus = "PENDING_CONFIRM" + MaskingConfigStatusSystemConfirmed MaskingConfigStatus = "SYSTEM_CONFIRMED" +) + +// swagger:parameters GetMaskingOverviewTree +type GetMaskingOverviewTreeReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // data source id + // in: query + // Required: true + // Example: "1" + DBServiceUID string `query:"db_service_uid" json:"db_service_uid" validate:"required"` + // fuzzy search keywords for column name + // in: query + // Example: "user" + Keywords string `query:"keywords" json:"keywords"` + // masking config status filters + // in: query + MaskingConfigStatus MaskingConfigStatus `query:"masking_config_statuses" json:"masking_config_statuses"` +} + +// swagger:model MaskingOverviewDashboard +type MaskingOverviewDashboard struct { + // total count of tables that contain sensitive data + // Example: 50 + TotalSensitiveTables int `json:"total_sensitive_tables"` + // total count of columns with configured masking + // Example: 120 + ConfiguredMaskingColumns int `json:"configured_masking_columns"` + // total count of columns pending masking confirmation + // Example: 5 + PendingConfirmMaskingColumns int `json:"pending_confirm_masking_columns"` +} + +// swagger:model MaskingOverviewTableData +type MaskingOverviewTableData struct { + // table id + // Example: 1 + TableID int `json:"table_id"` + // configured masking column count for this table + // Example: 3 + ConfiguredMaskingColumns int `json:"configured_masking_columns"` + // pending masking confirmation column count for this table + // Example: 1 + PendingConfirmMaskingColumns int `json:"pending_confirm_masking_columns"` +} + +// swagger:model MaskingOverviewDatabaseNode +type MaskingOverviewDatabaseNode struct { + // table_name -> table overview data + Tables map[string]MaskingOverviewTableData `json:"tables"` +} + +// swagger:model GetMaskingOverviewTreeData +type GetMaskingOverviewTreeData struct { + // dashboard summary for the selected data source + Dashboard MaskingOverviewDashboard `json:"dashboard"` + // database_name -> database node + Databases map[string]MaskingOverviewDatabaseNode `json:"databases"` +} + +// swagger:model GetMaskingOverviewTreeReply +type GetMaskingOverviewTreeReply struct { + // masking overview tree reply + Data GetMaskingOverviewTreeData `json:"data"` + + base.GenericResp +} + +// swagger:parameters GetTableColumnMaskingDetails +type GetTableColumnMaskingDetailsReq struct { + // project uid + // + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // table id from masking overview tree + // in: path + // Required: true + // Example: 1 + TableID int `param:"table_id" json:"table_id" validate:"required"` + // fuzzy search keywords for column name + // in: query + // Example: "phone" + Keywords string `query:"keywords" json:"keywords"` +} + +// swagger:model TableColumnMaskingDetail +type TableColumnMaskingDetail struct { + // column name + // Example: "email" + ColumnName string `json:"column_name"` + // current masking rule id, null if no masking rule is applied + // + // Example: 1 + MaskingRuleID *int `json:"masking_rule_id"` + // current masking rule name, null if no masking rule is applied + // + // Example: "Email Masking" + MaskingRuleName *string `json:"masking_rule_name"` + // confidence level of masking recommendation,null if no masking rule is applied + // + // Example: 2 + Confidence *ConfidenceLevel `json:"confidence"` + // current masking config status + Status MaskingConfigStatus `json:"status"` +} + +// swagger:model GetTableColumnMaskingDetailsReply +type GetTableColumnMaskingDetailsReply struct { + // table column masking details reply + Data []TableColumnMaskingDetail `json:"data"` + + base.GenericResp +} + +// swagger:parameters ListPendingApprovalRequests +type ListPendingApprovalRequestsReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // the maximum count of requests to be returned, default is 20 + // in: query + // Example: 20 + PageSize uint32 `query:"page_size" json:"page_size"` + // the offset of requests to be returned, default is 0 + // in: query + // Example: 0 + PageIndex uint32 `query:"page_index" json:"page_index"` +} + +// swagger:model PendingApprovalRequestData +type PendingApprovalRequestData struct { + // approval request id + // Example: 1 + ID int `json:"id"` + // applicant name + // Example: "admin" + ApplicantName string `json:"applicant_name"` + // application time in RFC3339 format + // Format: date-time (RFC3339) + // Example: "2024-01-15T10:30:00Z" + AppliedAt string `json:"applied_at"` + // application reason + // Example: "data analysis" + Reason string `json:"reason"` + // data scope + // Example: "database 'db1', table 'users'" + DataScope string `json:"data_scope"` +} + +// swagger:model ListPendingApprovalRequestsReply +type ListPendingApprovalRequestsReply struct { + // pending approval requests reply + Data []PendingApprovalRequestData `json:"data"` + // total count of pending approval requests + // Example: 100 + Total int64 `json:"total_nums"` + + base.GenericResp +} + +// swagger:enum ApprovalAction +type ApprovalAction string + +const ( + ApprovalActionApprove ApprovalAction = "APPROVE" + ApprovalActionReject ApprovalAction = "REJECT" +) + +// swagger:model ProcessApprovalRequestReq +type ProcessApprovalRequestReq struct { + // project uid + // in: path + // swagger:ignore + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // approval request id + // in: path + // swagger:ignore + // Required: true + // Example: 1 + RequestID int `param:"request_id" json:"request_id" validate:"required"` + // process action + // Required: true + // Example: "APPROVE" + Action ApprovalAction `json:"action" validate:"required"` + // reject reason, required when action is REJECT + // Example: "insufficient reason" + RejectReason string `json:"reject_reason"` + // approval remark, optional when action is APPROVE + // Example: "approved for one-time access" + ApproveRemark string `json:"approve_remark"` +} + +// swagger:model ProcessApprovalRequestReply +type ProcessApprovalRequestReply struct { + base.GenericResp +} + +// swagger:parameters GetPlaintextAccessRequestDetail +type GetPlaintextAccessRequestDetailReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // approval request id + // in: path + // Required: true + // Example: 1 + RequestID int `param:"request_id" json:"request_id" validate:"required"` +} + +// swagger:model MaskingPreviewData +type MaskingPreviewData struct { + // preview columns + // Example: ["id", "name", "email"] + Columns []string `json:"columns"` + // preview rows + // Example: [["1", "John", "j***@example.com"], ["2", "Alice", "a***@example.com"]] + Rows [][]string `json:"rows"` +} + +// swagger:model GetPlaintextAccessRequestDetailReply +type GetPlaintextAccessRequestDetailReply struct { + // plaintext access request detail reply + Data struct { + // query sql statement + // Example: "SELECT * FROM users" + QuerySQL string `json:"query_sql"` + // masking result preview + MaskingPreview MaskingPreviewData `json:"masking_preview"` + // application reason + // Example: "troubleshooting" + Reason string `json:"reason"` + } `json:"data"` + base.GenericResp } diff --git a/api/dms/service/v2/db_service.go b/api/dms/service/v2/db_service.go index c5986c19..f4d4d344 100644 --- a/api/dms/service/v2/db_service.go +++ b/api/dms/service/v2/db_service.go @@ -124,9 +124,6 @@ type DBService struct { Desc string `json:"desc"` // SQLE config SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` - // data masking switch - // Required: false - IsEnableMasking bool `json:"is_enable_masking"` // backup switch // Required: false EnableBackup bool `json:"enable_backup"` @@ -180,9 +177,6 @@ type UpdateDBService struct { Desc *string `json:"desc"` // SQLE config SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` - // data masking switch - // Required: false - IsEnableMasking bool `json:"is_enable_masking"` // backup switch // Required: false EnableBackup bool `json:"enable_backup"` @@ -227,8 +221,6 @@ type ImportDBService struct { SQLEConfig *dmsCommonV1.SQLEConfig `json:"sqle_config"` // DB Service Custom connection parameters AdditionalParams []*dmsCommonV1.AdditionalParam `json:"additional_params"` - // is enable masking - IsEnableMasking bool `json:"is_enable_masking"` } // swagger:model ListGlobalDBServicesReplyV2 diff --git a/internal/apiserver/service/data_mask_controller.go b/internal/apiserver/service/data_mask_controller.go new file mode 100644 index 00000000..537d7f49 --- /dev/null +++ b/internal/apiserver/service/data_mask_controller.go @@ -0,0 +1,678 @@ +package service + +import ( + aV1 "github.com/actiontech/dms/api/dms/service/v1" + apiError "github.com/actiontech/dms/internal/apiserver/pkg/error" + "github.com/actiontech/dms/pkg/dms-common/api/jwt" + "github.com/labstack/echo/v4" +) + +// swagger:operation GET /v1/dms/masking/rules Masking ListMaskingRules +// +// List masking rules. +// +// --- +// responses: +// '200': +// description: List masking rules successfully +// schema: +// "$ref": "#/definitions/ListMaskingRulesReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListMaskingRules(c echo.Context) error { + req := &aV1.ListMaskingRulesReq{} + err := bindAndValidateReq(c, req) + if nil != err { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.ListMaskingRules(c.Request().Context()) + if nil != err { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/templates Masking ListMaskingTemplates +// +// List masking templates. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: page_size +// description: the maximum count of masking templates to be returned, default is 20 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: page_index +// description: the offset of masking templates to be returned, default is 0 +// in: query +// required: false +// type: integer +// format: uint32 +// +// responses: +// '200': +// description: List masking templates successfully +// schema: +// "$ref": "#/definitions/ListMaskingTemplatesReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListMaskingTemplates(c echo.Context) error { + req := &aV1.ListMaskingTemplatesReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.ListMaskingTemplates(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation POST /v1/dms/projects/{project_uid}/masking/templates Masking AddMaskingTemplate +// +// Add masking template. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: masking_template +// description: masking template info +// in: body +// required: true +// schema: +// "$ref": "#/definitions/AddMaskingTemplateReq" +// +// responses: +// '200': +// description: Add masking template successfully +// schema: +// "$ref": "#/definitions/AddMaskingTemplateReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) AddMaskingTemplate(c echo.Context) error { + req := &aV1.AddMaskingTemplateReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + if err := ctl.DMS.AddMaskingTemplate(c.Request().Context(), req); err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + return NewOkRespWithReply(c, &aV1.AddMaskingTemplateReply{}) +} + +// swagger:operation PUT /v1/dms/projects/{project_uid}/masking/templates/{template_id} Masking UpdateMaskingTemplate +// +// Update masking template. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: template_id +// description: masking template id +// in: path +// required: true +// type: integer +// - name: masking_template +// description: masking template info +// in: body +// required: true +// schema: +// "$ref": "#/definitions/UpdateMaskingTemplateReq" +// +// responses: +// '200': +// description: Update masking template successfully +// schema: +// "$ref": "#/definitions/UpdateMaskingTemplateReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) UpdateMaskingTemplate(c echo.Context) error { + req := &aV1.UpdateMaskingTemplateReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + if err := ctl.DMS.UpdateMaskingTemplate(c.Request().Context(), req); err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + return NewOkRespWithReply(c, &aV1.UpdateMaskingTemplateReply{}) +} + +// swagger:operation DELETE /v1/dms/projects/{project_uid}/masking/templates/{template_id} Masking DeleteMaskingTemplate +// +// Delete masking template. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: template_id +// description: masking template id +// in: path +// required: true +// type: integer +// +// responses: +// '200': +// description: Delete masking template successfully +// schema: +// "$ref": "#/definitions/DeleteMaskingTemplateReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) DeleteMaskingTemplate(c echo.Context) error { + req := &aV1.DeleteMaskingTemplateReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + if err := ctl.DMS.DeleteMaskingTemplate(c.Request().Context(), req); err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + return NewOkRespWithReply(c, &aV1.DeleteMaskingTemplateReply{}) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks Masking ListSensitiveDataDiscoveryTasks +// +// List sensitive data discovery tasks. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: page_size +// description: the maximum count of tasks to be returned, default is 20 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: page_index +// description: the offset of tasks to be returned, default is 0 +// in: query +// required: false +// type: integer +// format: uint32 +// +// responses: +// '200': +// description: List sensitive data discovery tasks successfully +// schema: +// "$ref": "#/definitions/ListSensitiveDataDiscoveryTasksReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListSensitiveDataDiscoveryTasks(c echo.Context) error { + req := &aV1.ListSensitiveDataDiscoveryTasksReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.ListSensitiveDataDiscoveryTasks(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation POST /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks Masking AddSensitiveDataDiscoveryTask +// +// Add sensitive data discovery task. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: task +// description: sensitive data discovery task info +// in: body +// required: true +// schema: +// "$ref": "#/definitions/AddSensitiveDataDiscoveryTaskReq" +// +// responses: +// '200': +// description: Add sensitive data discovery task successfully +// schema: +// "$ref": "#/definitions/AddSensitiveDataDiscoveryTaskReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) AddSensitiveDataDiscoveryTask(c echo.Context) error { + req := &aV1.AddSensitiveDataDiscoveryTaskReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + reply, err := ctl.DMS.AddSensitiveDataDiscoveryTask(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation PUT /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id} Masking UpdateSensitiveDataDiscoveryTask +// +// Update sensitive data discovery task. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: task_id +// description: sensitive data discovery task id +// in: path +// required: true +// type: integer +// - name: task +// description: sensitive data discovery task info +// in: body +// required: true +// schema: +// "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTaskReq" +// +// responses: +// '200': +// description: Update sensitive data discovery task successfully +// schema: +// "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTaskReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) UpdateSensitiveDataDiscoveryTask(c echo.Context) error { + req := &aV1.UpdateSensitiveDataDiscoveryTaskReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.UpdateSensitiveDataDiscoveryTask(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation DELETE /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id} Masking DeleteSensitiveDataDiscoveryTask +// +// Delete sensitive data discovery task. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: task_id +// description: sensitive data discovery task id +// in: path +// required: true +// type: integer +// +// responses: +// '200': +// description: Delete sensitive data discovery task successfully +// schema: +// "$ref": "#/definitions/DeleteSensitiveDataDiscoveryTaskReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) DeleteSensitiveDataDiscoveryTask(c echo.Context) error { + req := &aV1.DeleteSensitiveDataDiscoveryTaskReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + if err := ctl.DMS.DeleteSensitiveDataDiscoveryTask(c.Request().Context(), req); err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, &aV1.DeleteSensitiveDataDiscoveryTaskReply{}) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}/histories Masking ListSensitiveDataDiscoveryTaskHistories +// +// List sensitive data discovery task histories. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: task_id +// description: sensitive data discovery task id +// in: path +// required: true +// type: integer +// - name: page_size +// description: the maximum count of histories to be returned, default is 20 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: page_index +// description: the offset of histories to be returned, default is 0 +// in: query +// required: false +// type: integer +// format: uint32 +// +// responses: +// '200': +// description: List sensitive data discovery task histories successfully +// schema: +// "$ref": "#/definitions/ListSensitiveDataDiscoveryTaskHistoriesReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListSensitiveDataDiscoveryTaskHistories(c echo.Context) error { + req := &aV1.ListSensitiveDataDiscoveryTaskHistoriesReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.ListSensitiveDataDiscoveryTaskHistories(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation PUT /v1/dms/projects/{project_uid}/masking/rule-configs Masking ConfigureMaskingRules +// +// Configure masking rules in batch. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: masking_rule_configs_req +// description: masking rule configurations for batch create or update +// in: body +// required: true +// schema: +// "$ref": "#/definitions/ConfigureMaskingRulesReq" +// +// responses: +// '200': +// description: Configure masking rules successfully +// schema: +// "$ref": "#/definitions/ConfigureMaskingRulesReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ConfigureMaskingRules(c echo.Context) error { + req := &aV1.ConfigureMaskingRulesReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + if err := ctl.DMS.ConfigureMaskingRules(c.Request().Context(), req); err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + return NewOkRespWithReply(c, &aV1.ConfigureMaskingRulesReply{}) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/overview Masking GetMaskingOverviewTree +// +// Get masking overview tree. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: db_service_uid +// description: data source id +// in: query +// required: true +// type: string +// - name: keywords +// description: fuzzy search keyword for database name, table name, and column name +// in: query +// required: false +// type: string +// - name: masking_config_statuses +// description: "masking config status filters, enum: CONFIGURED/PENDING_CONFIRM" +// in: query +// required: false +// type: string +// +// responses: +// '200': +// description: Get masking overview tree successfully +// schema: +// "$ref": "#/definitions/GetMaskingOverviewTreeReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) GetMaskingOverviewTree(c echo.Context) error { + req := &aV1.GetMaskingOverviewTreeReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + currentUserUid, err := jwt.GetUserUidStrFromContext(c) + if err != nil { + return NewErrResp(c, err, apiError.UnauthorizedErr) + } + + reply, err := ctl.DMS.GetMaskingOverviewTree(c.Request().Context(), req, currentUserUid) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/tables/{table_id}/column-masking-details Masking GetTableColumnMaskingDetails +// +// Get table column masking details. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: table_id +// description: table id from masking overview tree +// in: path +// required: true +// type: integer +// - name: keywords +// description: fuzzy search keyword for column name +// in: query +// required: false +// type: string +// +// responses: +// '200': +// description: Get table column masking details successfully +// schema: +// "$ref": "#/definitions/GetTableColumnMaskingDetailsReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) GetTableColumnMaskingDetails(c echo.Context) error { + req := &aV1.GetTableColumnMaskingDetailsReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + reply, err := ctl.DMS.GetTableColumnMaskingDetails(c.Request().Context(), req) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/approval-requests/pending Masking ListPendingApprovalRequests +// +// List pending approval requests. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: page_size +// description: the maximum count of requests to be returned, default is 20 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: page_index +// description: the offset of requests to be returned, default is 0 +// in: query +// required: false +// type: integer +// format: uint32 +// +// responses: +// '200': +// description: List pending approval requests successfully +// schema: +// "$ref": "#/definitions/ListPendingApprovalRequestsReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListPendingApprovalRequests(c echo.Context) error { + req := &aV1.ListPendingApprovalRequestsReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + return NewOkRespWithReply(c, &aV1.ListPendingApprovalRequestsReply{}) +} + +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/approval-requests/{request_id} Masking GetPlaintextAccessRequestDetail +// +// Get plaintext access request detail. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: request_id +// description: approval request id +// in: path +// required: true +// type: integer +// +// responses: +// '200': +// description: Get plaintext access request detail successfully +// schema: +// "$ref": "#/definitions/GetPlaintextAccessRequestDetailReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) GetPlaintextAccessRequestDetail(c echo.Context) error { + req := &aV1.GetPlaintextAccessRequestDetailReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + return NewOkRespWithReply(c, &aV1.GetPlaintextAccessRequestDetailReply{}) +} + +// swagger:operation POST /v1/dms/projects/{project_uid}/masking/approval-requests/{request_id}/decisions Masking ProcessApprovalRequest +// +// Process approval request. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: request_id +// description: approval request id +// in: path +// required: true +// type: integer +// - name: action +// description: process action info +// in: body +// required: true +// schema: +// "$ref": "#/definitions/ProcessApprovalRequestReq" +// +// responses: +// '200': +// description: Process approval request successfully +// schema: +// "$ref": "#/definitions/ProcessApprovalRequestReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ProcessApprovalRequest(c echo.Context) error { + req := &aV1.ProcessApprovalRequestReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + return NewOkRespWithReply(c, &aV1.ProcessApprovalRequestReply{}) +} diff --git a/internal/apiserver/service/dms_controller.go b/internal/apiserver/service/dms_controller.go index c0b6e902..d1e8c157 100644 --- a/internal/apiserver/service/dms_controller.go +++ b/internal/apiserver/service/dms_controller.go @@ -4157,26 +4157,6 @@ func (ctl *DMSController) proxyDownloadDataExportTask(c echo.Context, reportHost return } -// swagger:route GET /v1/dms/masking/rules Masking ListMaskingRules -// -// List masking rules. -// -// responses: -// 200: body:ListMaskingRulesReply -// default: body:GenericResp -func (ctl *DMSController) ListMaskingRules(c echo.Context) error { - req := &aV1.ListMaskingRulesReq{} - err := bindAndValidateReq(c, req) - if nil != err { - return NewErrResp(c, err, apiError.BadRequestErr) - } - - reply, err := ctl.DMS.ListMaskingRules(c.Request().Context()) - if nil != err { - return NewErrResp(c, err, apiError.DMSServiceErr) - } - return NewOkRespWithReply(c, reply) -} // swagger:route GET /v1/dms/projects/{project_uid}/cb_operation_logs CBOperationLogs ListCBOperationLogs // diff --git a/internal/apiserver/service/router.go b/internal/apiserver/service/router.go index fe9c87ca..825f1d88 100644 --- a/internal/apiserver/service/router.go +++ b/internal/apiserver/service/router.go @@ -24,6 +24,9 @@ func (s *APIServer) initRouter() error { s.echo.GET("/swagger/*", s.DMSController.SwaggerHandler, SwaggerMiddleWare) v1 := s.echo.Group(dmsV1.CurrentGroupVersion) + if err := s.initRouterDMS(v1); err != nil { + return err + } v2 := s.echo.Group(dmsV2.CurrentGroupVersion) // DMS RESTful resource { @@ -246,9 +249,6 @@ func (s *APIServer) initRouter() error { operationRecordV1.GET("", s.DMSController.GetOperationRecordList) operationRecordV1.GET("/exports", s.DMSController.ExportOperationRecordList) - maskingV1 := v1.Group("/dms/masking") - maskingV1.GET("/rules", s.DMSController.ListMaskingRules) - gatewayV1 := v1.Group("/dms/gateways") gatewayV1.POST("", s.DMSController.AddGateway) diff --git a/internal/apiserver/service/router_dms_ce.go b/internal/apiserver/service/router_dms_ce.go new file mode 100644 index 00000000..eb606e4f --- /dev/null +++ b/internal/apiserver/service/router_dms_ce.go @@ -0,0 +1,9 @@ +//go:build !dms + +package service + +import "github.com/labstack/echo/v4" + +func (s *APIServer) initRouterDMS(v1 *echo.Group) error { + return nil +} From 43f76a8d78dad9997e7047177005906297d8e68e Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:24:54 +0000 Subject: [PATCH 07/16] ce docs: make swagger - Revised descriptions for existing endpoints to enhance clarity, including responses for listing masking rules and approval requests. - Introduced new endpoints for managing masking approval requests, including listing pending requests and processing decisions. - Added definitions for new request and response structures related to masking templates and sensitive data discovery tasks in the Swagger documentation. - Improved organization of API routes under the `/masking` namespace for better maintainability. --- api/swagger.json | 2399 +++++++++++++++++++++++++++++++++++++++++----- api/swagger.yaml | 1620 +++++++++++++++++++++++++++++-- 2 files changed, 3690 insertions(+), 329 deletions(-) diff --git a/api/swagger.json b/api/swagger.json index b3a6b8ca..66f7cd33 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -1610,13 +1610,13 @@ "operationId": "ListMaskingRules", "responses": { "200": { - "description": "ListMaskingRulesReply", + "description": "List masking rules successfully", "schema": { "$ref": "#/definitions/ListMaskingRulesReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } @@ -4362,106 +4362,95 @@ } } }, - "/v1/dms/projects/{project_uid}/member_groups": { + "/v1/dms/projects/{project_uid}/masking/approval-requests/pending": { "get": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "List member group, for front page.", - "operationId": "ListMemberGroups", + "summary": "List pending approval requests.", + "operationId": "ListPendingApprovalRequests", "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, { "type": "integer", "format": "uint32", + "example": "20", "x-go-name": "PageSize", - "description": "the maximum count of member to be returned", + "description": "the maximum count of requests to be returned, default is 20", "name": "page_size", - "in": "query", - "required": true + "in": "query" }, { "type": "integer", "format": "uint32", + "example": "0", "x-go-name": "PageIndex", - "description": "the offset of members to be returned, default is 0", + "description": "the offset of requests to be returned, default is 0", "name": "page_index", "in": "query" - }, - { - "enum": [ - "name" - ], - "type": "string", - "x-go-enum-desc": "name MemberGroupOrderByName", - "x-go-name": "OrderBy", - "description": "Multiple of [\"name\"], default is [\"name\"]\nname MemberGroupOrderByName", - "name": "order_by", - "in": "query" - }, - { - "type": "string", - "x-go-name": "FilterByName", - "description": "filter the user group name", - "name": "filter_by_name", - "in": "query" - }, - { - "type": "string", - "x-go-name": "ProjectUid", - "description": "project id", - "name": "project_uid", - "in": "path", - "required": true } ], "responses": { "200": { - "description": "ListMemberGroupsReply", + "description": "List pending approval requests successfully", "schema": { - "$ref": "#/definitions/ListMemberGroupsReply" + "$ref": "#/definitions/ListPendingApprovalRequestsReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } } } - }, - "post": { + } + }, + "/v1/dms/projects/{project_uid}/masking/approval-requests/{request_id}": { + "get": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "Add member group.", - "operationId": "AddMemberGroup", + "summary": "Get plaintext access request detail.", + "operationId": "GetPlaintextAccessRequestDetail", "parameters": [ { "type": "string", - "description": "project id", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", "name": "project_uid", "in": "path", "required": true }, { - "description": "Add new member group", - "name": "member_group", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/AddMemberGroupReq" - } + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "RequestID", + "description": "approval request id", + "name": "request_id", + "in": "path", + "required": true } ], "responses": { "200": { - "description": "AddMemberGroupReply", + "description": "Get plaintext access request detail successfully", "schema": { - "$ref": "#/definitions/AddMemberGroupReply" + "$ref": "#/definitions/GetPlaintextAccessRequestDetailReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } @@ -4469,32 +4458,47 @@ } } }, - "/v1/dms/projects/{project_uid}/member_groups/tips": { - "get": { + "/v1/dms/projects/{project_uid}/masking/approval-requests/{request_id}/decisions": { + "post": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "List member group tips.", - "operationId": "ListMemberGroupTips", + "summary": "Process approval request.", + "operationId": "ProcessApprovalRequest", "parameters": [ { "type": "string", - "x-go-name": "ProjectUid", - "description": "project id", + "description": "project uid", "name": "project_uid", "in": "path", "required": true + }, + { + "type": "integer", + "description": "approval request id", + "name": "request_id", + "in": "path", + "required": true + }, + { + "description": "process action info", + "name": "action", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/ProcessApprovalRequestReq" + } } ], "responses": { "200": { - "description": "ListMemberGroupTipsReply", + "description": "Process approval request successfully", "schema": { - "$ref": "#/definitions/ListMemberGroupTipsReply" + "$ref": "#/definitions/ProcessApprovalRequestReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } @@ -4502,193 +4506,156 @@ } } }, - "/v1/dms/projects/{project_uid}/member_groups/{member_group_uid}": { + "/v1/dms/projects/{project_uid}/masking/overview": { "get": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "Get member group, for front page.", - "operationId": "GetMemberGroup", + "summary": "Get masking overview tree.", + "operationId": "GetMaskingOverviewTree", "parameters": [ { "type": "string", - "x-go-name": "MemberGroupUid", - "description": "Member group id", - "name": "member_group_uid", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", "in": "path", "required": true }, { "type": "string", - "x-go-name": "ProjectUid", - "description": "project id", - "name": "project_uid", - "in": "path", + "example": "\"1\"", + "x-go-name": "DBServiceUID", + "description": "data source id", + "name": "db_service_uid", + "in": "query", "required": true + }, + { + "type": "string", + "example": "\"user\"", + "x-go-name": "Keywords", + "description": "fuzzy search keyword for database name, table name, and column name", + "name": "keywords", + "in": "query" + }, + { + "enum": [ + "CONFIGURED", + "PENDING_CONFIRM", + "SYSTEM_CONFIRMED" + ], + "type": "string", + "x-go-enum-desc": "CONFIGURED MaskingConfigStatusConfigured\nPENDING_CONFIRM MaskingConfigStatusPendingConfirm\nSYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed", + "x-go-name": "MaskingConfigStatus", + "description": "masking config status filters, enum: CONFIGURED/PENDING_CONFIRM", + "name": "masking_config_statuses", + "in": "query" } ], "responses": { "200": { - "description": "GetMemberGroupReply", + "description": "Get masking overview tree successfully", "schema": { - "$ref": "#/definitions/GetMemberGroupReply" + "$ref": "#/definitions/GetMaskingOverviewTreeReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } } } - }, + } + }, + "/v1/dms/projects/{project_uid}/masking/rule-configs": { "put": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "update member group, for front page.", - "operationId": "UpdateMemberGroup", + "summary": "Configure masking rules in batch.", + "operationId": "ConfigureMaskingRules", "parameters": [ { "type": "string", - "description": "project id", + "description": "project uid", "name": "project_uid", "in": "path", "required": true }, { - "type": "string", - "description": "Member group id", - "name": "member_group_uid", - "in": "path", - "required": true - }, - { - "description": "Update a member group", - "name": "member_group", + "description": "masking rule configurations for batch create or update", + "name": "masking_rule_configs_req", "in": "body", "required": true, "schema": { - "$ref": "#/definitions/UpdateMemberGroupReq" + "$ref": "#/definitions/ConfigureMaskingRulesReq" } } ], "responses": { "200": { - "description": "GenericResp", + "description": "Configure masking rules successfully", "schema": { - "$ref": "#/definitions/GenericResp" + "$ref": "#/definitions/ConfigureMaskingRulesReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } } } - }, - "delete": { + } + }, + "/v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks": { + "get": { "tags": [ - "MemberGroup" + "Masking" ], - "summary": "delete member group, for front page.", - "operationId": "DeleteMemberGroup", + "summary": "List sensitive data discovery tasks.", + "operationId": "ListSensitiveDataDiscoveryTasks", "parameters": [ { "type": "string", + "example": "\"project_uid\"", "x-go-name": "ProjectUid", - "description": "project id", + "description": "project uid", "name": "project_uid", "in": "path", "required": true }, - { - "type": "string", - "x-go-name": "MemberGroupUid", - "description": "member group id", - "name": "member_group_uid", - "in": "path", - "required": true - } - ], - "responses": { - "200": { - "description": "GenericResp", - "schema": { - "$ref": "#/definitions/GenericResp" - } - }, - "default": { - "description": "GenericResp", - "schema": { - "$ref": "#/definitions/GenericResp" - } - } - } - } - }, - "/v1/dms/projects/{project_uid}/members": { - "get": { - "tags": [ - "Member" - ], - "summary": "List member, for front page.", - "operationId": "ListMembers", - "parameters": [ { "type": "integer", "format": "uint32", + "example": "20", "x-go-name": "PageSize", - "description": "the maximum count of member to be returned", + "description": "the maximum count of tasks to be returned, default is 20", "name": "page_size", - "in": "query", - "required": true + "in": "query" }, { "type": "integer", "format": "uint32", + "example": "0", "x-go-name": "PageIndex", - "description": "the offset of members to be returned, default is 0", + "description": "the offset of tasks to be returned, default is 0", "name": "page_index", "in": "query" - }, - { - "enum": [ - "user_uid" - ], - "type": "string", - "x-go-enum-desc": "user_uid MemberOrderByUserUid", - "x-go-name": "OrderBy", - "description": "Multiple of [\"name\"], default is [\"name\"]\nuser_uid MemberOrderByUserUid", - "name": "order_by", - "in": "query" - }, - { - "type": "string", - "x-go-name": "FilterByUserUid", - "description": "filter the member user uid", - "name": "filter_by_user_uid", - "in": "query" - }, - { - "type": "string", - "x-go-name": "ProjectUid", - "description": "project id", - "name": "project_uid", - "in": "path", - "required": true } ], "responses": { "200": { - "description": "ListMemberReply", + "description": "List sensitive data discovery tasks successfully", "schema": { - "$ref": "#/definitions/ListMemberReply" + "$ref": "#/definitions/ListSensitiveDataDiscoveryTasksReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } @@ -4697,37 +4664,37 @@ }, "post": { "tags": [ - "Member" + "Masking" ], - "summary": "Add member.", - "operationId": "AddMember", + "summary": "Add sensitive data discovery task.", + "operationId": "AddSensitiveDataDiscoveryTask", "parameters": [ { "type": "string", - "description": "project id", + "description": "project uid", "name": "project_uid", "in": "path", "required": true }, { - "description": "Add new member", - "name": "member", + "description": "sensitive data discovery task info", + "name": "task", "in": "body", "required": true, "schema": { - "$ref": "#/definitions/AddMemberReq" + "$ref": "#/definitions/AddSensitiveDataDiscoveryTaskReq" } } ], "responses": { "200": { - "description": "AddMemberReply", + "description": "Add sensitive data discovery task successfully", "schema": { - "$ref": "#/definitions/AddMemberReply" + "$ref": "#/definitions/AddSensitiveDataDiscoveryTaskReply" } }, "default": { - "description": "GenericResp", + "description": "Generic error response", "schema": { "$ref": "#/definitions/GenericResp" } @@ -4735,21 +4702,777 @@ } } }, - "/v1/dms/projects/{project_uid}/members/internal": { - "get": { + "/v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}": { + "put": { "tags": [ - "Member" + "Masking" ], - "summary": "List members, for internal backend service.", - "operationId": "ListMembersForInternal", + "summary": "Update sensitive data discovery task.", + "operationId": "UpdateSensitiveDataDiscoveryTask", "parameters": [ { - "type": "integer", - "format": "uint32", - "x-go-name": "PageSize", - "description": "the maximum count of member to be returned", - "name": "page_size", - "in": "query", + "type": "string", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "description": "sensitive data discovery task id", + "name": "task_id", + "in": "path", + "required": true + }, + { + "description": "sensitive data discovery task info", + "name": "task", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTaskReq" + } + } + ], + "responses": { + "200": { + "description": "Update sensitive data discovery task successfully", + "schema": { + "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTaskReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "delete": { + "tags": [ + "Masking" + ], + "summary": "Delete sensitive data discovery task.", + "operationId": "DeleteSensitiveDataDiscoveryTask", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "TaskID", + "description": "sensitive data discovery task id", + "name": "task_id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "Delete sensitive data discovery task successfully", + "schema": { + "$ref": "#/definitions/DeleteSensitiveDataDiscoveryTaskReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}/histories": { + "get": { + "tags": [ + "Masking" + ], + "summary": "List sensitive data discovery task histories.", + "operationId": "ListSensitiveDataDiscoveryTaskHistories", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "TaskID", + "description": "sensitive data discovery task id", + "name": "task_id", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "uint32", + "example": "20", + "x-go-name": "PageSize", + "description": "the maximum count of histories to be returned, default is 20", + "name": "page_size", + "in": "query" + }, + { + "type": "integer", + "format": "uint32", + "example": "0", + "x-go-name": "PageIndex", + "description": "the offset of histories to be returned, default is 0", + "name": "page_index", + "in": "query" + } + ], + "responses": { + "200": { + "description": "List sensitive data discovery task histories successfully", + "schema": { + "$ref": "#/definitions/ListSensitiveDataDiscoveryTaskHistoriesReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/masking/tables/{table_id}/column-masking-details": { + "get": { + "tags": [ + "Masking" + ], + "summary": "Get table column masking details.", + "operationId": "GetTableColumnMaskingDetails", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "TableID", + "description": "table id from masking overview tree", + "name": "table_id", + "in": "path", + "required": true + }, + { + "type": "string", + "example": "\"phone\"", + "x-go-name": "Keywords", + "description": "fuzzy search keyword for column name", + "name": "keywords", + "in": "query" + } + ], + "responses": { + "200": { + "description": "Get table column masking details successfully", + "schema": { + "$ref": "#/definitions/GetTableColumnMaskingDetailsReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/masking/templates": { + "get": { + "tags": [ + "Masking" + ], + "summary": "List masking templates.", + "operationId": "ListMaskingTemplates", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageSize", + "description": "the maximum count of masking templates to be returned, default is 20", + "name": "page_size", + "in": "query" + }, + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageIndex", + "description": "the offset of masking templates to be returned, default is 0", + "name": "page_index", + "in": "query" + } + ], + "responses": { + "200": { + "description": "List masking templates successfully", + "schema": { + "$ref": "#/definitions/ListMaskingTemplatesReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "post": { + "tags": [ + "Masking" + ], + "summary": "Add masking template.", + "operationId": "AddMaskingTemplate", + "parameters": [ + { + "type": "string", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "description": "masking template info", + "name": "masking_template", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/AddMaskingTemplateReq" + } + } + ], + "responses": { + "200": { + "description": "Add masking template successfully", + "schema": { + "$ref": "#/definitions/AddMaskingTemplateReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/masking/templates/{template_id}": { + "put": { + "tags": [ + "Masking" + ], + "summary": "Update masking template.", + "operationId": "UpdateMaskingTemplate", + "parameters": [ + { + "type": "string", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "description": "masking template id", + "name": "template_id", + "in": "path", + "required": true + }, + { + "description": "masking template info", + "name": "masking_template", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/UpdateMaskingTemplateReq" + } + } + ], + "responses": { + "200": { + "description": "Update masking template successfully", + "schema": { + "$ref": "#/definitions/UpdateMaskingTemplateReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "delete": { + "tags": [ + "Masking" + ], + "summary": "Delete masking template.", + "operationId": "DeleteMaskingTemplate", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "int64", + "example": 1, + "x-go-name": "TemplateID", + "description": "masking template id", + "name": "template_id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "Delete masking template successfully", + "schema": { + "$ref": "#/definitions/DeleteMaskingTemplateReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/member_groups": { + "get": { + "tags": [ + "MemberGroup" + ], + "summary": "List member group, for front page.", + "operationId": "ListMemberGroups", + "parameters": [ + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageSize", + "description": "the maximum count of member to be returned", + "name": "page_size", + "in": "query", + "required": true + }, + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageIndex", + "description": "the offset of members to be returned, default is 0", + "name": "page_index", + "in": "query" + }, + { + "enum": [ + "name" + ], + "type": "string", + "x-go-enum-desc": "name MemberGroupOrderByName", + "x-go-name": "OrderBy", + "description": "Multiple of [\"name\"], default is [\"name\"]\nname MemberGroupOrderByName", + "name": "order_by", + "in": "query" + }, + { + "type": "string", + "x-go-name": "FilterByName", + "description": "filter the user group name", + "name": "filter_by_name", + "in": "query" + }, + { + "type": "string", + "x-go-name": "ProjectUid", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "ListMemberGroupsReply", + "schema": { + "$ref": "#/definitions/ListMemberGroupsReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "post": { + "tags": [ + "MemberGroup" + ], + "summary": "Add member group.", + "operationId": "AddMemberGroup", + "parameters": [ + { + "type": "string", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "description": "Add new member group", + "name": "member_group", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/AddMemberGroupReq" + } + } + ], + "responses": { + "200": { + "description": "AddMemberGroupReply", + "schema": { + "$ref": "#/definitions/AddMemberGroupReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/member_groups/tips": { + "get": { + "tags": [ + "MemberGroup" + ], + "summary": "List member group tips.", + "operationId": "ListMemberGroupTips", + "parameters": [ + { + "type": "string", + "x-go-name": "ProjectUid", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "ListMemberGroupTipsReply", + "schema": { + "$ref": "#/definitions/ListMemberGroupTipsReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/member_groups/{member_group_uid}": { + "get": { + "tags": [ + "MemberGroup" + ], + "summary": "Get member group, for front page.", + "operationId": "GetMemberGroup", + "parameters": [ + { + "type": "string", + "x-go-name": "MemberGroupUid", + "description": "Member group id", + "name": "member_group_uid", + "in": "path", + "required": true + }, + { + "type": "string", + "x-go-name": "ProjectUid", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "GetMemberGroupReply", + "schema": { + "$ref": "#/definitions/GetMemberGroupReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "put": { + "tags": [ + "MemberGroup" + ], + "summary": "update member group, for front page.", + "operationId": "UpdateMemberGroup", + "parameters": [ + { + "type": "string", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "string", + "description": "Member group id", + "name": "member_group_uid", + "in": "path", + "required": true + }, + { + "description": "Update a member group", + "name": "member_group", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/UpdateMemberGroupReq" + } + } + ], + "responses": { + "200": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "delete": { + "tags": [ + "MemberGroup" + ], + "summary": "delete member group, for front page.", + "operationId": "DeleteMemberGroup", + "parameters": [ + { + "type": "string", + "x-go-name": "ProjectUid", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "string", + "x-go-name": "MemberGroupUid", + "description": "member group id", + "name": "member_group_uid", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/members": { + "get": { + "tags": [ + "Member" + ], + "summary": "List member, for front page.", + "operationId": "ListMembers", + "parameters": [ + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageSize", + "description": "the maximum count of member to be returned", + "name": "page_size", + "in": "query", + "required": true + }, + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageIndex", + "description": "the offset of members to be returned, default is 0", + "name": "page_index", + "in": "query" + }, + { + "enum": [ + "user_uid" + ], + "type": "string", + "x-go-enum-desc": "user_uid MemberOrderByUserUid", + "x-go-name": "OrderBy", + "description": "Multiple of [\"name\"], default is [\"name\"]\nuser_uid MemberOrderByUserUid", + "name": "order_by", + "in": "query" + }, + { + "type": "string", + "x-go-name": "FilterByUserUid", + "description": "filter the member user uid", + "name": "filter_by_user_uid", + "in": "query" + }, + { + "type": "string", + "x-go-name": "ProjectUid", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "ListMemberReply", + "schema": { + "$ref": "#/definitions/ListMemberReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + }, + "post": { + "tags": [ + "Member" + ], + "summary": "Add member.", + "operationId": "AddMember", + "parameters": [ + { + "type": "string", + "description": "project id", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "description": "Add new member", + "name": "member", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/AddMemberReq" + } + } + ], + "responses": { + "200": { + "description": "AddMemberReply", + "schema": { + "$ref": "#/definitions/AddMemberReply" + } + }, + "default": { + "description": "GenericResp", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, + "/v1/dms/projects/{project_uid}/members/internal": { + "get": { + "tags": [ + "Member" + ], + "summary": "List members, for internal backend service.", + "operationId": "ListMembersForInternal", + "parameters": [ + { + "type": "integer", + "format": "uint32", + "x-go-name": "PageSize", + "description": "the maximum count of member to be returned", + "name": "page_size", + "in": "query", "required": true }, { @@ -7070,8 +7793,68 @@ "AddGatewayReq": { "type": "object", "properties": { - "add_gateway": { - "$ref": "#/definitions/Gateway" + "add_gateway": { + "$ref": "#/definitions/Gateway" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddMaskingTemplate": { + "type": "object", + "required": [ + "name", + "rule_ids" + ], + "properties": { + "name": { + "description": "masking template name", + "type": "string", + "x-go-name": "Name", + "example": "\"New Template\"" + }, + "rule_ids": { + "description": "masking rule id list", + "type": "array", + "minLength": 1, + "items": { + "type": "integer", + "format": "int64" + }, + "x-go-name": "RuleIDs", + "example": [ + 1, + 2, + 3 + ] + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddMaskingTemplateReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddMaskingTemplateReq": { + "type": "object", + "required": [ + "masking_template" + ], + "properties": { + "masking_template": { + "$ref": "#/definitions/AddMaskingTemplate" } }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" @@ -7294,6 +8077,106 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "AddSensitiveDataDiscoveryTask": { + "type": "object", + "required": [ + "db_service_uid", + "masking_template_id", + "identification_method", + "execution_plan" + ], + "properties": { + "cron_expression": { + "description": "cron expression, required when execution_plan is PERIODIC", + "type": "string", + "x-go-name": "CronExpression", + "example": "\"0 0 * * *\"" + }, + "db_service_uid": { + "description": "database instance id", + "type": "string", + "x-go-name": "DBServiceUID", + "example": "\"1\"" + }, + "execution_plan": { + "description": "execution plan\nPERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "type": "string", + "enum": [ + "PERIODIC", + "ONE_TIME" + ], + "x-go-enum-desc": "PERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "x-go-name": "ExecutionPlan", + "example": "\"ONE_TIME\"" + }, + "identification_method": { + "description": "sensitive data identification method\nBY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "type": "string", + "enum": [ + "BY_FIELD_NAME", + "BY_SAMPLE_DATA" + ], + "x-go-enum-desc": "BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "x-go-name": "IdentificationMethod", + "example": "\"BY_FIELD_NAME\"" + }, + "is_periodic_scan_enabled": { + "description": "whether periodic scanning is enabled, default is true", + "type": "boolean", + "x-go-name": "IsPeriodicScanEnabled", + "example": true + }, + "masking_template_id": { + "description": "masking template id", + "type": "integer", + "format": "int64", + "x-go-name": "MaskingTemplateID", + "example": 1 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddSensitiveDataDiscoveryTaskData": { + "type": "object", + "properties": { + "suspected_sensitive_fields_tree": { + "$ref": "#/definitions/SuspectedSensitiveFieldsTree" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddSensitiveDataDiscoveryTaskReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "$ref": "#/definitions/AddSensitiveDataDiscoveryTaskData" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "AddSensitiveDataDiscoveryTaskReq": { + "type": "object", + "required": [ + "task" + ], + "properties": { + "task": { + "$ref": "#/definitions/AddSensitiveDataDiscoveryTask" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "AddSession": { "description": "Use this struct to add a new session", "type": "object", @@ -8122,6 +9005,41 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "ConfigureMaskingRulesReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ConfigureMaskingRulesReq": { + "type": "object", + "required": [ + "masking_rule_configs" + ], + "properties": { + "masking_rule_configs": { + "description": "masking rule configurations for batch create or update", + "type": "array", + "minLength": 1, + "items": { + "$ref": "#/definitions/MaskingRuleConfig" + }, + "x-go-name": "MaskingRuleConfigs" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "CreateBusinessTagReq": { "type": "object", "properties": { @@ -8211,11 +9129,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "data masking switch", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time\nempty value means that maintenance time is unlimited", "type": "array", @@ -8431,11 +9344,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "data masking switch", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time\nempty value means that maintenance time is unlimited", "type": "array", @@ -8758,6 +9666,40 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "DeleteMaskingTemplateReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "DeleteSensitiveDataDiscoveryTaskReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "EnvironmentTag": { "type": "object", "properties": { @@ -9295,6 +10237,43 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "GetMaskingOverviewTreeData": { + "type": "object", + "properties": { + "dashboard": { + "$ref": "#/definitions/MaskingOverviewDashboard" + }, + "databases": { + "description": "database_name -\u003e database node", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/MaskingOverviewDatabaseNode" + }, + "x-go-name": "Databases" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "GetMaskingOverviewTreeReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "$ref": "#/definitions/GetMaskingOverviewTreeData" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "GetMemberGroup": { "type": "object", "properties": { @@ -9520,6 +10499,45 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "GetPlaintextAccessRequestDetailReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "plaintext access request detail reply", + "type": "object", + "properties": { + "masking_preview": { + "$ref": "#/definitions/MaskingPreviewData" + }, + "query_sql": { + "description": "query sql statement", + "type": "string", + "x-go-name": "QuerySQL", + "example": "\"SELECT * FROM users\"" + }, + "reason": { + "description": "application reason", + "type": "string", + "x-go-name": "Reason", + "example": "\"troubleshooting\"" + } + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "GetProjectTipsReply": { "type": "object", "properties": { @@ -9669,6 +10687,31 @@ }, "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, + "GetTableColumnMaskingDetailsReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "table column masking details reply", + "type": "array", + "items": { + "$ref": "#/definitions/TableColumnMaskingDetail" + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "GetUser": { "description": "A dms user", "type": "object", @@ -10037,11 +11080,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "is enable masking", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time", "type": "array", @@ -10120,11 +11158,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "is enable masking", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time", "type": "array", @@ -11592,21 +12625,84 @@ }, "x-go-name": "Data" }, - "message": { - "description": "message", + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + }, + "total_nums": { + "type": "integer", + "format": "int64", + "x-go-name": "Total" + } + }, + "x-go-name": "ListGlobalDBServicesReply", + "x-go-package": "github.com/actiontech/dms/api/dms/service/v2" + }, + "ListGlobalDBServicesTipsReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "$ref": "#/definitions/ListGlobalDBServiceTips" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ListMaskingRulesData": { + "type": "object", + "properties": { + "description": { + "description": "description", + "type": "string", + "x-go-name": "Description", + "example": "\"mask digits\"" + }, + "effect": { + "description": "effect description for users", + "type": "string", + "x-go-name": "Effect", + "example": "\"保留开头2位和结尾2位,中间字符替换为*\"" + }, + "effect_example_after": { + "description": "effect example after masking", "type": "string", - "x-go-name": "Message" + "x-go-name": "EffectExampleAfter", + "example": "\"138******78\"" }, - "total_nums": { + "effect_example_before": { + "description": "effect example before masking", + "type": "string", + "x-go-name": "EffectExampleBefore", + "example": "\"13812345678\"" + }, + "id": { + "description": "masking rule id", "type": "integer", "format": "int64", - "x-go-name": "Total" + "x-go-name": "Id", + "example": 1 + }, + "masking_type": { + "description": "masking type", + "type": "string", + "x-go-name": "MaskingType", + "example": "\"MASK_DIGIT\"" } }, - "x-go-name": "ListGlobalDBServicesReply", - "x-go-package": "github.com/actiontech/dms/api/dms/service/v2" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, - "ListGlobalDBServicesTipsReply": { + "ListMaskingRulesReply": { "type": "object", "properties": { "code": { @@ -11616,7 +12712,12 @@ "x-go-name": "Code" }, "data": { - "$ref": "#/definitions/ListGlobalDBServiceTips" + "description": "list masking rule reply", + "type": "array", + "items": { + "$ref": "#/definitions/ListMaskingRulesData" + }, + "x-go-name": "Data" }, "message": { "description": "message", @@ -11626,37 +12727,41 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, - "ListMaskingRulesData": { + "ListMaskingTemplatesData": { "type": "object", "properties": { - "description": { - "type": "string", - "x-go-name": "Description" - }, - "effect": { - "type": "string", - "x-go-name": "Effect" - }, "id": { + "description": "masking template id", "type": "integer", "format": "int64", - "x-go-name": "Id" + "x-go-name": "Id", + "example": 1 }, - "masking_type": { + "name": { + "description": "masking template name", "type": "string", - "x-go-name": "MaskingType" + "x-go-name": "Name", + "example": "\"Standard Template\"" }, - "reference_fields": { + "rule_count": { + "description": "count of rules in the template", + "type": "integer", + "format": "int64", + "x-go-name": "RuleCount", + "example": 5 + }, + "rule_names": { + "description": "preview of rule name in the template, up to 3 items", "type": "array", "items": { "type": "string" }, - "x-go-name": "ReferenceFields" + "x-go-name": "RuleNames" } }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, - "ListMaskingRulesReply": { + "ListMaskingTemplatesReply": { "type": "object", "properties": { "code": { @@ -11666,10 +12771,10 @@ "x-go-name": "Code" }, "data": { - "description": "list masking rule reply", + "description": "list masking templates reply", "type": "array", "items": { - "$ref": "#/definitions/ListMaskingRulesData" + "$ref": "#/definitions/ListMaskingTemplatesData" }, "x-go-name": "Data" }, @@ -11677,6 +12782,13 @@ "description": "message", "type": "string", "x-go-name": "Message" + }, + "total_nums": { + "description": "total count of masking templates", + "type": "integer", + "format": "int64", + "x-go-name": "Total", + "example": 100 } }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" @@ -11889,6 +13001,17 @@ "ListMemberRoleWithOpRange": { "type": "object", "properties": { + "member_group": { + "$ref": "#/definitions/ProjectMemberGroup" + }, + "op_permissions": { + "description": "member op permissions", + "type": "array", + "items": { + "$ref": "#/definitions/UidWithName" + }, + "x-go-name": "OpPermissions" + }, "op_range_type": { "description": "op permission range type, only support db service now\nunknown OpRangeTypeUnknown\nglobal OpRangeTypeGlobal 全局权限: 该权限只能被用户使用\nproject OpRangeTypeProject 项目权限: 该权限只能被成员使用\ndb_service OpRangeTypeDBService 项目内的数据源权限: 该权限只能被成员使用", "type": "string", @@ -11913,7 +13036,7 @@ "$ref": "#/definitions/UidWithName" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "ListMemberTipsItem": { "type": "object", @@ -12075,6 +13198,38 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "ListPendingApprovalRequestsReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "pending approval requests reply", + "type": "array", + "items": { + "$ref": "#/definitions/PendingApprovalRequestData" + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + }, + "total_nums": { + "description": "total count of pending approval requests", + "type": "integer", + "format": "int64", + "x-go-name": "Total", + "example": 100 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "ListProjectReply": { "type": "object", "properties": { @@ -12340,6 +13495,212 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "ListSensitiveDataDiscoveryTaskHistoriesData": { + "type": "object", + "properties": { + "executed_at": { + "description": "execution time in RFC3339 format\nFormat: date-time (RFC3339)", + "type": "string", + "x-go-name": "ExecutedAt", + "example": "\"2024-01-15T10:30:00Z\"" + }, + "new_sensitive_field_count": { + "description": "newly discovered sensitive field count", + "type": "integer", + "format": "int64", + "x-go-name": "NewSensitiveFieldCount", + "example": 10 + }, + "remark": { + "description": "remark", + "type": "string", + "x-go-name": "Remark", + "example": "\"scan completed successfully\"" + }, + "status": { + "description": "execution status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "type": "string", + "enum": [ + "PENDING_CONFIRM", + "NORMAL", + "COMPLETED", + "RUNNING", + "FAILED" + ], + "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "x-go-name": "Status", + "example": "\"NORMAL\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ListSensitiveDataDiscoveryTaskHistoriesReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "sensitive data discovery task histories reply", + "type": "array", + "items": { + "$ref": "#/definitions/ListSensitiveDataDiscoveryTaskHistoriesData" + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + }, + "total_nums": { + "description": "total count of sensitive data discovery task histories", + "type": "integer", + "format": "int64", + "x-go-name": "Total", + "example": 100 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ListSensitiveDataDiscoveryTasksData": { + "type": "object", + "properties": { + "db_service_name": { + "description": "database instance name", + "type": "string", + "x-go-name": "DBServiceName", + "example": "\"mysql-01\"" + }, + "db_service_uid": { + "description": "database instance id", + "type": "string", + "x-go-name": "DBServiceUID", + "example": "\"db_service_uid_1\"" + }, + "execution_frequency": { + "description": "cron expression of execution frequency, periodic task returns cron, one-time task returns empty", + "type": "string", + "x-go-name": "ExecutionFrequency", + "example": "\"0 2 * * *\"" + }, + "execution_plan": { + "description": "execution plan\nPERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "type": "string", + "enum": [ + "PERIODIC", + "ONE_TIME" + ], + "x-go-enum-desc": "PERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "x-go-name": "ExecutionPlan", + "example": "\"ONE_TIME\"" + }, + "id": { + "description": "sensitive data discovery task id", + "type": "integer", + "format": "int64", + "x-go-name": "ID", + "example": 1 + }, + "identification_method": { + "description": "sensitive data identification method\nBY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "type": "string", + "enum": [ + "BY_FIELD_NAME", + "BY_SAMPLE_DATA" + ], + "x-go-enum-desc": "BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "x-go-name": "IdentificationMethod", + "example": "\"BY_FIELD_NAME\"" + }, + "is_periodic_scan_enabled": { + "description": "whether periodic scanning is enabled", + "type": "boolean", + "x-go-name": "IsPeriodicScanEnabled", + "example": true + }, + "masking_template_id": { + "description": "related masking template id", + "type": "integer", + "format": "int64", + "x-go-name": "MaskingTemplateID", + "example": 1 + }, + "masking_template_name": { + "description": "related masking template name", + "type": "string", + "x-go-name": "MaskingTemplateName", + "example": "\"Standard Template\"" + }, + "next_execution_at": { + "description": "next run time, periodic task returns RFC3339 time, one-time task returns null\nFormat: date-time (RFC3339)", + "type": "string", + "x-go-name": "NextExecutionAt", + "example": "\"2024-01-15T10:30:00Z\"" + }, + "status": { + "description": "task status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "type": "string", + "enum": [ + "PENDING_CONFIRM", + "NORMAL", + "COMPLETED", + "RUNNING", + "FAILED" + ], + "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "x-go-name": "Status", + "example": "\"NORMAL\"" + }, + "task_type": { + "description": "task type\nPERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "type": "string", + "enum": [ + "PERIODIC", + "ONE_TIME" + ], + "x-go-enum-desc": "PERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "x-go-name": "TaskType", + "example": "\"PERIODIC\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ListSensitiveDataDiscoveryTasksReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "sensitive data discovery tasks list reply", + "type": "array", + "items": { + "$ref": "#/definitions/ListSensitiveDataDiscoveryTasksData" + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + }, + "total_nums": { + "description": "total count of sensitive data discovery tasks", + "type": "integer", + "format": "int64", + "x-go-name": "Total", + "example": 100 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "ListUser": { "description": "A dms user", "type": "object", @@ -12574,28 +13935,189 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, - "MIMEHeader": { - "description": "A MIMEHeader represents a MIME-style header mapping\nkeys to sets of values.", + "MIMEHeader": { + "description": "A MIMEHeader represents a MIME-style header mapping\nkeys to sets of values.", + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "x-go-package": "net/textproto" + }, + "MaintenanceTime": { + "type": "object", + "properties": { + "maintenance_start_time": { + "$ref": "#/definitions/Time" + }, + "maintenance_stop_time": { + "$ref": "#/definitions/Time" + } + }, + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + }, + "MaskingOverviewDashboard": { + "type": "object", + "properties": { + "configured_masking_columns": { + "description": "total count of columns with configured masking", + "type": "integer", + "format": "int64", + "x-go-name": "ConfiguredMaskingColumns", + "example": 120 + }, + "pending_confirm_masking_columns": { + "description": "total count of columns pending masking confirmation", + "type": "integer", + "format": "int64", + "x-go-name": "PendingConfirmMaskingColumns", + "example": 5 + }, + "total_sensitive_tables": { + "description": "total count of tables that contain sensitive data", + "type": "integer", + "format": "int64", + "x-go-name": "TotalSensitiveTables", + "example": 50 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "MaskingOverviewDatabaseNode": { + "type": "object", + "properties": { + "tables": { + "description": "table_name -\u003e table overview data", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/MaskingOverviewTableData" + }, + "x-go-name": "Tables" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "MaskingOverviewTableData": { + "type": "object", + "properties": { + "configured_masking_columns": { + "description": "configured masking column count for this table", + "type": "integer", + "format": "int64", + "x-go-name": "ConfiguredMaskingColumns", + "example": 3 + }, + "pending_confirm_masking_columns": { + "description": "pending masking confirmation column count for this table", + "type": "integer", + "format": "int64", + "x-go-name": "PendingConfirmMaskingColumns", + "example": 1 + }, + "table_id": { + "description": "table id", + "type": "integer", + "format": "int64", + "x-go-name": "TableID", + "example": 1 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "MaskingPreviewData": { "type": "object", - "additionalProperties": { - "type": "array", - "items": { - "type": "string" + "properties": { + "columns": { + "description": "preview columns", + "type": "array", + "items": { + "type": "string" + }, + "x-go-name": "Columns", + "example": [ + "id", + "name", + "email" + ] + }, + "rows": { + "description": "preview rows", + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string" + } + }, + "x-go-name": "Rows", + "example": [ + [ + "1", + "John", + "j***@example.com" + ], + [ + "2", + "Alice", + "a***@example.com" + ] + ] } }, - "x-go-package": "net/textproto" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, - "MaintenanceTime": { + "MaskingRuleConfig": { "type": "object", + "required": [ + "db_service_uid", + "schema_name", + "table_name", + "column_name", + "masking_rule_id", + "is_masking_enabled" + ], "properties": { - "maintenance_start_time": { - "$ref": "#/definitions/Time" + "column_name": { + "description": "column name", + "type": "string", + "x-go-name": "ColumnName", + "example": "\"email\"" }, - "maintenance_stop_time": { - "$ref": "#/definitions/Time" + "db_service_uid": { + "description": "data source id", + "type": "string", + "x-go-name": "DBServiceUID", + "example": "\"1\"" + }, + "is_masking_enabled": { + "description": "whether to enable masking for this column", + "type": "boolean", + "x-go-name": "IsMaskingEnabled", + "example": true + }, + "masking_rule_id": { + "description": "masking rule id", + "type": "integer", + "format": "int64", + "x-go-name": "MaskingRuleID", + "example": 1 + }, + "schema_name": { + "description": "schema name", + "type": "string", + "x-go-name": "SchemaName", + "example": "\"db1\"" + }, + "table_name": { + "description": "table name", + "type": "string", + "x-go-name": "TableName", + "example": "\"users\"" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "Member": { "description": "A member", @@ -12847,7 +14369,7 @@ "type": "object", "properties": { "op_permission_type": { - "description": "op permission type\nunknown OpPermissionTypeUnknown\ncreate_project OpPermissionTypeCreateProject 创建项目;创建项目的用户自动拥有该项目管理权限\nglobal_view OpPermissionTypeGlobalView 项目管理;拥有该权限的用户可以管理项目下的所有资源\nglobal_management OpPermissionTypeGlobalManagement 全局浏览;拥有该权限的用户可以浏览全局的资源\nproject_admin OpPermissionTypeProjectAdmin 全局管理;拥有该权限的用户可以浏览和管理全局的资源\ncreate_workflow OpPermissionTypeCreateWorkflow 创建/编辑工单;拥有该权限的用户可以创建/编辑工单\naudit_workflow OpPermissionTypeAuditWorkflow 审核/驳回工单;拥有该权限的用户可以审核/驳回工单\nauth_db_service_data OpPermissionTypeAuthDBServiceData 账号管理;拥有该权限的用户可以授权数据源数据权限\nview_others_workflow OpPermissionTypeViewOthersWorkflow 查看其他工单权限\nexecute_workflow OpPermissionTypeExecuteWorkflow 上线工单;拥有该权限的用户可以上线工单\nview_other_audit_plan OpPermissionTypeViewOtherAuditPlan 查看其他扫描任务权限\nview_sql_insight OpPermissionTypeViewSQLInsight 查看SQL洞察权限\nsave_audit_plan OpPermissionTypeSaveAuditPlan 创建扫描任务权限;拥有该权限的用户可以创建/更新扫描任务\nsql_query OpPermissionTypeSQLQuery SQL查询;SQL查询权限\ncreate_export_task OpPermissionTypeExportCreate 创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单\naudit_export_workflow OpPermissionTypeAuditExportWorkflow 审核/驳回数据导出工单;拥有该权限的用户可以审核/驳回数据导出工单\ncreate_optimization OpPermissionTypeCreateOptimization 创建智能调优;拥有该权限的用户可以创建智能调优\nview_others_optimization OpPermissionTypeViewOthersOptimization 查看他人创建的智能调优\ncreate_pipeline OpPermissionTypeCreatePipeline 配置流水线\nview_operation_record OpPermissionViewOperationRecord SQL工作台;查看所有操作记录\nview_export_task OpPermissionViewExportTask 数据导出;查看所有导出任务\nview_quick_audit_record OpPermissionViewQuickAuditRecord 快捷审核;查看所有快捷审核记录\nview_ide_audit_record OpPermissionViewIDEAuditRecord IDE审核;查看所有IDE审核记录\nview_optimization_record OpPermissionViewOptimizationRecord SQL优化;查看所有优化记录\nview_version_manage OpPermissionViewVersionManage 版本管理;查看他人创建的版本记录\nversion_manage OpPermissionVersionManage 版本管理;配置版本\nview_pipeline OpPermissionViewPipeline CI/CD集成;查看所有流水线\nmanage_project_data_source OpPermissionManageProjectDataSource 数据源管理;管理项目数据源管理\nmanage_audit_rule_template OpPermissionManageAuditRuleTemplate 审核规则模版;管理审核规则模版\nmanage_approval_template OpPermissionManageApprovalTemplate 审批流程模版;管理审批流程模版\nmanage_member OpPermissionManageMember 成员与权限;管理成员与权限\nmanage_push_rule OpPermissionPushRule 推送规则;管理推送规则\nmanage_audit_sql_white_list OpPermissionMangeAuditSQLWhiteList 审核SQL例外;管理审核SQL例外\nmanage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外\nmanage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限\ndesensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限\nnone OpPermissionTypeNone 无任何权限", + "description": "op permission type\nunknown OpPermissionTypeUnknown\ncreate_project OpPermissionTypeCreateProject 创建项目;创建项目的用户自动拥有该项目管理权限\nglobal_view OpPermissionTypeGlobalView 项目管理;拥有该权限的用户可以管理项目下的所有资源\nglobal_management OpPermissionTypeGlobalManagement 全局浏览;拥有该权限的用户可以浏览全局的资源\nproject_admin OpPermissionTypeProjectAdmin 全局管理;拥有该权限的用户可以浏览和管理全局的资源\ncreate_workflow OpPermissionTypeCreateWorkflow 创建/编辑工单;拥有该权限的用户可以创建/编辑工单\naudit_workflow OpPermissionTypeAuditWorkflow 审核/驳回工单;拥有该权限的用户可以审核/驳回工单\nauth_db_service_data OpPermissionTypeAuthDBServiceData 账号管理;拥有该权限的用户可以授权数据源数据权限\nview_others_workflow OpPermissionTypeViewOthersWorkflow 查看其他工单权限\nexecute_workflow OpPermissionTypeExecuteWorkflow 上线工单;拥有该权限的用户可以上线工单\nview_other_audit_plan OpPermissionTypeViewOtherAuditPlan 查看其他扫描任务权限\nview_sql_insight OpPermissionTypeViewSQLInsight 查看SQL洞察权限\nsave_audit_plan OpPermissionTypeSaveAuditPlan 创建扫描任务权限;拥有该权限的用户可以创建/更新扫描任务\nsql_query OpPermissionTypeSQLQuery SQL查询;SQL查询权限\ncreate_export_task OpPermissionTypeExportCreate 创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单\naudit_export_workflow OpPermissionTypeAuditExportWorkflow 审核/驳回数据导出工单;拥有该权限的用户可以审核/驳回数据导出工单\ncreate_optimization OpPermissionTypeCreateOptimization 创建智能调优;拥有该权限的用户可以创建智能调优\nview_others_optimization OpPermissionTypeViewOthersOptimization 查看他人创建的智能调优\ncreate_pipeline OpPermissionTypeCreatePipeline 配置流水线\nview_operation_record OpPermissionViewOperationRecord SQL工作台;查看所有操作记录\nview_export_task OpPermissionViewExportTask 数据导出;查看所有导出任务\nview_quick_audit_record OpPermissionViewQuickAuditRecord 快捷审核;查看所有快捷审核记录\nview_ide_audit_record OpPermissionViewIDEAuditRecord IDE审核;查看所有IDE审核记录\nview_optimization_record OpPermissionViewOptimizationRecord SQL优化;查看所有优化记录\nview_version_manage OpPermissionViewVersionManage 版本管理;查看他人创建的版本记录\nversion_manage OpPermissionVersionManage 版本管理;配置版本\nview_pipeline OpPermissionViewPipeline CI/CD集成;查看所有流水线\nmanage_project_data_source OpPermissionManageProjectDataSource 数据源管理;管理项目数据源管理\nmanage_audit_rule_template OpPermissionManageAuditRuleTemplate 审核规则模版;管理审核规则模版\nmanage_approval_template OpPermissionManageApprovalTemplate 审批流程模版;管理审批流程模版\nmanage_member OpPermissionManageMember 成员与权限;管理成员与权限\nmanage_push_rule OpPermissionPushRule 推送规则;管理推送规则\nmanage_audit_sql_white_list OpPermissionMangeAuditSQLWhiteList 审核SQL例外;管理审核SQL例外\nmanage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外\nmanage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限\ndesensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限\nmasking_audit OpPermissionMaskingAudit 脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求\nnone OpPermissionTypeNone 无任何权限", "type": "string", "enum": [ "unknown", @@ -12886,9 +14408,10 @@ "manage_sql_mange_white_list", "manage_role_mange", "desensitization", + "masking_audit", "none" ], - "x-go-enum-desc": "unknown OpPermissionTypeUnknown\ncreate_project OpPermissionTypeCreateProject 创建项目;创建项目的用户自动拥有该项目管理权限\nglobal_view OpPermissionTypeGlobalView 项目管理;拥有该权限的用户可以管理项目下的所有资源\nglobal_management OpPermissionTypeGlobalManagement 全局浏览;拥有该权限的用户可以浏览全局的资源\nproject_admin OpPermissionTypeProjectAdmin 全局管理;拥有该权限的用户可以浏览和管理全局的资源\ncreate_workflow OpPermissionTypeCreateWorkflow 创建/编辑工单;拥有该权限的用户可以创建/编辑工单\naudit_workflow OpPermissionTypeAuditWorkflow 审核/驳回工单;拥有该权限的用户可以审核/驳回工单\nauth_db_service_data OpPermissionTypeAuthDBServiceData 账号管理;拥有该权限的用户可以授权数据源数据权限\nview_others_workflow OpPermissionTypeViewOthersWorkflow 查看其他工单权限\nexecute_workflow OpPermissionTypeExecuteWorkflow 上线工单;拥有该权限的用户可以上线工单\nview_other_audit_plan OpPermissionTypeViewOtherAuditPlan 查看其他扫描任务权限\nview_sql_insight OpPermissionTypeViewSQLInsight 查看SQL洞察权限\nsave_audit_plan OpPermissionTypeSaveAuditPlan 创建扫描任务权限;拥有该权限的用户可以创建/更新扫描任务\nsql_query OpPermissionTypeSQLQuery SQL查询;SQL查询权限\ncreate_export_task OpPermissionTypeExportCreate 创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单\naudit_export_workflow OpPermissionTypeAuditExportWorkflow 审核/驳回数据导出工单;拥有该权限的用户可以审核/驳回数据导出工单\ncreate_optimization OpPermissionTypeCreateOptimization 创建智能调优;拥有该权限的用户可以创建智能调优\nview_others_optimization OpPermissionTypeViewOthersOptimization 查看他人创建的智能调优\ncreate_pipeline OpPermissionTypeCreatePipeline 配置流水线\nview_operation_record OpPermissionViewOperationRecord SQL工作台;查看所有操作记录\nview_export_task OpPermissionViewExportTask 数据导出;查看所有导出任务\nview_quick_audit_record OpPermissionViewQuickAuditRecord 快捷审核;查看所有快捷审核记录\nview_ide_audit_record OpPermissionViewIDEAuditRecord IDE审核;查看所有IDE审核记录\nview_optimization_record OpPermissionViewOptimizationRecord SQL优化;查看所有优化记录\nview_version_manage OpPermissionViewVersionManage 版本管理;查看他人创建的版本记录\nversion_manage OpPermissionVersionManage 版本管理;配置版本\nview_pipeline OpPermissionViewPipeline CI/CD集成;查看所有流水线\nmanage_project_data_source OpPermissionManageProjectDataSource 数据源管理;管理项目数据源管理\nmanage_audit_rule_template OpPermissionManageAuditRuleTemplate 审核规则模版;管理审核规则模版\nmanage_approval_template OpPermissionManageApprovalTemplate 审批流程模版;管理审批流程模版\nmanage_member OpPermissionManageMember 成员与权限;管理成员与权限\nmanage_push_rule OpPermissionPushRule 推送规则;管理推送规则\nmanage_audit_sql_white_list OpPermissionMangeAuditSQLWhiteList 审核SQL例外;管理审核SQL例外\nmanage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外\nmanage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限\ndesensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限\nnone OpPermissionTypeNone 无任何权限", + "x-go-enum-desc": "unknown OpPermissionTypeUnknown\ncreate_project OpPermissionTypeCreateProject 创建项目;创建项目的用户自动拥有该项目管理权限\nglobal_view OpPermissionTypeGlobalView 项目管理;拥有该权限的用户可以管理项目下的所有资源\nglobal_management OpPermissionTypeGlobalManagement 全局浏览;拥有该权限的用户可以浏览全局的资源\nproject_admin OpPermissionTypeProjectAdmin 全局管理;拥有该权限的用户可以浏览和管理全局的资源\ncreate_workflow OpPermissionTypeCreateWorkflow 创建/编辑工单;拥有该权限的用户可以创建/编辑工单\naudit_workflow OpPermissionTypeAuditWorkflow 审核/驳回工单;拥有该权限的用户可以审核/驳回工单\nauth_db_service_data OpPermissionTypeAuthDBServiceData 账号管理;拥有该权限的用户可以授权数据源数据权限\nview_others_workflow OpPermissionTypeViewOthersWorkflow 查看其他工单权限\nexecute_workflow OpPermissionTypeExecuteWorkflow 上线工单;拥有该权限的用户可以上线工单\nview_other_audit_plan OpPermissionTypeViewOtherAuditPlan 查看其他扫描任务权限\nview_sql_insight OpPermissionTypeViewSQLInsight 查看SQL洞察权限\nsave_audit_plan OpPermissionTypeSaveAuditPlan 创建扫描任务权限;拥有该权限的用户可以创建/更新扫描任务\nsql_query OpPermissionTypeSQLQuery SQL查询;SQL查询权限\ncreate_export_task OpPermissionTypeExportCreate 创建数据导出任务;拥有该权限的用户可以创建数据导出任务或者工单\naudit_export_workflow OpPermissionTypeAuditExportWorkflow 审核/驳回数据导出工单;拥有该权限的用户可以审核/驳回数据导出工单\ncreate_optimization OpPermissionTypeCreateOptimization 创建智能调优;拥有该权限的用户可以创建智能调优\nview_others_optimization OpPermissionTypeViewOthersOptimization 查看他人创建的智能调优\ncreate_pipeline OpPermissionTypeCreatePipeline 配置流水线\nview_operation_record OpPermissionViewOperationRecord SQL工作台;查看所有操作记录\nview_export_task OpPermissionViewExportTask 数据导出;查看所有导出任务\nview_quick_audit_record OpPermissionViewQuickAuditRecord 快捷审核;查看所有快捷审核记录\nview_ide_audit_record OpPermissionViewIDEAuditRecord IDE审核;查看所有IDE审核记录\nview_optimization_record OpPermissionViewOptimizationRecord SQL优化;查看所有优化记录\nview_version_manage OpPermissionViewVersionManage 版本管理;查看他人创建的版本记录\nversion_manage OpPermissionVersionManage 版本管理;配置版本\nview_pipeline OpPermissionViewPipeline CI/CD集成;查看所有流水线\nmanage_project_data_source OpPermissionManageProjectDataSource 数据源管理;管理项目数据源管理\nmanage_audit_rule_template OpPermissionManageAuditRuleTemplate 审核规则模版;管理审核规则模版\nmanage_approval_template OpPermissionManageApprovalTemplate 审批流程模版;管理审批流程模版\nmanage_member OpPermissionManageMember 成员与权限;管理成员与权限\nmanage_push_rule OpPermissionPushRule 推送规则;管理推送规则\nmanage_audit_sql_white_list OpPermissionMangeAuditSQLWhiteList 审核SQL例外;管理审核SQL例外\nmanage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外\nmanage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限\ndesensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限\nmasking_audit OpPermissionMaskingAudit 脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求\nnone OpPermissionTypeNone 无任何权限", "x-go-name": "OpPermissionType" }, "range_type": { @@ -13084,6 +14607,43 @@ }, "x-go-package": "github.com/actiontech/dms/pkg/params" }, + "PendingApprovalRequestData": { + "type": "object", + "properties": { + "applicant_name": { + "description": "applicant name", + "type": "string", + "x-go-name": "ApplicantName", + "example": "\"admin\"" + }, + "applied_at": { + "description": "application time in RFC3339 format\nFormat: date-time (RFC3339)", + "type": "string", + "x-go-name": "AppliedAt", + "example": "\"2024-01-15T10:30:00Z\"" + }, + "data_scope": { + "description": "data scope", + "type": "string", + "x-go-name": "DataScope", + "example": "\"database 'db1', table 'users'\"" + }, + "id": { + "description": "approval request id", + "type": "integer", + "format": "int64", + "x-go-name": "ID", + "example": 1 + }, + "reason": { + "description": "application reason", + "type": "string", + "x-go-name": "Reason", + "example": "\"data analysis\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "PersonalizationReq": { "type": "object", "properties": { @@ -13216,6 +14776,55 @@ "x-go-name": "PreviewImportProjects", "x-go-package": "github.com/actiontech/dms/api/dms/service/v2" }, + "ProcessApprovalRequestReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ProcessApprovalRequestReq": { + "type": "object", + "required": [ + "action" + ], + "properties": { + "action": { + "description": "process action\nAPPROVE ApprovalActionApprove\nREJECT ApprovalActionReject", + "type": "string", + "enum": [ + "APPROVE", + "REJECT" + ], + "x-go-enum-desc": "APPROVE ApprovalActionApprove\nREJECT ApprovalActionReject", + "x-go-name": "Action", + "example": "\"APPROVE\"" + }, + "approve_remark": { + "description": "approval remark, optional when action is APPROVE", + "type": "string", + "x-go-name": "ApproveRemark", + "example": "\"approved for one-time access\"" + }, + "reject_reason": { + "description": "reject reason, required when action is REJECT", + "type": "string", + "x-go-name": "RejectReason", + "example": "\"insufficient reason\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "ProjectInfo": { "type": "object", "properties": { @@ -13925,6 +15534,85 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "SensitiveFieldScanResult": { + "type": "object", + "properties": { + "confidence": { + "description": "confidence level\nHIGH ConfidenceHigh\nMEDIUM ConfidenceMedium\nLOW ConfidenceLow", + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW" + ], + "x-go-enum-desc": "HIGH ConfidenceHigh\nMEDIUM ConfidenceMedium\nLOW ConfidenceLow", + "x-go-name": "Confidence", + "example": "\"High\"" + }, + "recommended_masking_rule_id": { + "description": "recommended masking rule id", + "type": "integer", + "format": "int64", + "x-go-name": "RecommendedMaskingRuleID", + "example": 1 + }, + "recommended_masking_rule_name": { + "description": "recommended masking rule name", + "type": "string", + "x-go-name": "RecommendedMaskingRuleName", + "example": "\"Email Masking\"" + }, + "scan_info": { + "description": "scan information for the field", + "type": "string", + "x-go-name": "ScanInfo", + "example": "\"matched by field name 'email'\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "SuspectedSensitiveDatabaseNode": { + "type": "object", + "properties": { + "tables": { + "description": "table_name -\u003e table node", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/SuspectedSensitiveTableNode" + }, + "x-go-name": "Tables" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "SuspectedSensitiveFieldsTree": { + "type": "object", + "properties": { + "databases": { + "description": "database_name -\u003e database node", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/SuspectedSensitiveDatabaseNode" + }, + "x-go-name": "Databases" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "SuspectedSensitiveTableNode": { + "type": "object", + "properties": { + "fields": { + "description": "field_name -\u003e scan result", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/SensitiveFieldScanResult" + }, + "x-go-name": "Fields" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "SyncGatewayReq": { "type": "object", "properties": { @@ -13972,6 +15660,54 @@ }, "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, + "TableColumnMaskingDetail": { + "type": "object", + "properties": { + "column_name": { + "description": "column name", + "type": "string", + "x-go-name": "ColumnName", + "example": "\"email\"" + }, + "confidence": { + "description": "confidence level of masking recommendation,null if no masking rule is applied\nHIGH ConfidenceHigh\nMEDIUM ConfidenceMedium\nLOW ConfidenceLow", + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW" + ], + "x-go-enum-desc": "HIGH ConfidenceHigh\nMEDIUM ConfidenceMedium\nLOW ConfidenceLow", + "x-go-name": "Confidence", + "example": "2" + }, + "masking_rule_id": { + "description": "current masking rule id, null if no masking rule is applied", + "type": "integer", + "format": "int64", + "x-go-name": "MaskingRuleID", + "example": 1 + }, + "masking_rule_name": { + "description": "current masking rule name, null if no masking rule is applied", + "type": "string", + "x-go-name": "MaskingRuleName", + "example": "\"Email Masking\"" + }, + "status": { + "description": "current masking config status\nCONFIGURED MaskingConfigStatusConfigured\nPENDING_CONFIRM MaskingConfigStatusPendingConfirm\nSYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed", + "type": "string", + "enum": [ + "CONFIGURED", + "PENDING_CONFIRM", + "SYSTEM_CONFIRMED" + ], + "x-go-enum-desc": "CONFIGURED MaskingConfigStatusConfigured\nPENDING_CONFIRM MaskingConfigStatusPendingConfirm\nSYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed", + "x-go-name": "Status" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "Task": { "type": "object", "properties": { @@ -14460,11 +16196,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "data masking switch", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time", "type": "array", @@ -14601,11 +16332,6 @@ "type": "string", "x-go-name": "Host" }, - "is_enable_masking": { - "description": "data masking switch", - "type": "boolean", - "x-go-name": "IsEnableMasking" - }, "maintenance_times": { "description": "DB Service maintenance time", "type": "array", @@ -14735,6 +16461,58 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "UpdateMaskingTemplate": { + "type": "object", + "required": [ + "rule_ids" + ], + "properties": { + "rule_ids": { + "description": "masking rule id list", + "type": "array", + "minLength": 1, + "items": { + "type": "integer", + "format": "int64" + }, + "x-go-name": "RuleIDs", + "example": [ + 1, + 2 + ] + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "UpdateMaskingTemplateReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "UpdateMaskingTemplateReq": { + "type": "object", + "required": [ + "masking_template" + ], + "properties": { + "masking_template": { + "$ref": "#/definitions/UpdateMaskingTemplate" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "UpdateMember": { "type": "object", "properties": { @@ -14972,6 +16750,99 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "UpdateSensitiveDataDiscoveryTask": { + "type": "object", + "required": [ + "masking_template_id", + "identification_method", + "execution_plan" + ], + "properties": { + "cron_expression": { + "description": "cron expression, required when execution_plan is PERIODIC", + "type": "string", + "x-go-name": "CronExpression", + "example": "\"0 0 * * *\"" + }, + "execution_plan": { + "description": "execution plan\nPERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "type": "string", + "enum": [ + "PERIODIC", + "ONE_TIME" + ], + "x-go-enum-desc": "PERIODIC SensitiveDataDiscoveryTaskTypePeriodic\nONE_TIME SensitiveDataDiscoveryTaskTypeOneTime", + "x-go-name": "ExecutionPlan", + "example": "\"PERIODIC\"" + }, + "identification_method": { + "description": "sensitive data identification method\nBY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "type": "string", + "enum": [ + "BY_FIELD_NAME", + "BY_SAMPLE_DATA" + ], + "x-go-enum-desc": "BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName\nBY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData", + "x-go-name": "IdentificationMethod", + "example": "\"BY_FIELD_NAME\"" + }, + "is_periodic_scan_enabled": { + "description": "whether periodic scanning is enabled", + "type": "boolean", + "x-go-name": "IsPeriodicScanEnabled", + "example": true + }, + "masking_template_id": { + "description": "masking template id", + "type": "integer", + "format": "int64", + "x-go-name": "MaskingTemplateID", + "example": 1 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "UpdateSensitiveDataDiscoveryTaskData": { + "type": "object", + "properties": { + "suspected_sensitive_fields_tree": { + "$ref": "#/definitions/SuspectedSensitiveFieldsTree" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "UpdateSensitiveDataDiscoveryTaskReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTaskData" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "UpdateSensitiveDataDiscoveryTaskReq": { + "type": "object", + "required": [ + "task" + ], + "properties": { + "task": { + "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTask" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "UpdateSmsConfiguration": { "type": "object", "properties": { diff --git a/api/swagger.yaml b/api/swagger.yaml index faeb0c25..e8fba748 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -158,6 +158,51 @@ definitions: $ref: '#/definitions/Gateway' type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddMaskingTemplate: + properties: + name: + description: masking template name + example: '"New Template"' + type: string + x-go-name: Name + rule_ids: + description: masking rule id list + example: + - 1 + - 2 + - 3 + items: + format: int64 + type: integer + minLength: 1 + type: array + x-go-name: RuleIDs + required: + - name + - rule_ids + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddMaskingTemplateReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddMaskingTemplateReq: + properties: + masking_template: + $ref: '#/definitions/AddMaskingTemplate' + required: + - masking_template + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 AddMemberGroupReply: properties: code: @@ -319,6 +364,93 @@ definitions: $ref: '#/definitions/Role' type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddSensitiveDataDiscoveryTask: + properties: + cron_expression: + description: cron expression, required when execution_plan is PERIODIC + example: '"0 0 * * *"' + type: string + x-go-name: CronExpression + db_service_uid: + description: database instance id + example: '"1"' + type: string + x-go-name: DBServiceUID + execution_plan: + description: |- + execution plan + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + enum: + - PERIODIC + - ONE_TIME + example: '"ONE_TIME"' + type: string + x-go-enum-desc: |- + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + x-go-name: ExecutionPlan + identification_method: + description: |- + sensitive data identification method + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + enum: + - BY_FIELD_NAME + - BY_SAMPLE_DATA + example: '"BY_FIELD_NAME"' + type: string + x-go-enum-desc: |- + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + x-go-name: IdentificationMethod + is_periodic_scan_enabled: + description: whether periodic scanning is enabled, default is true + example: true + type: boolean + x-go-name: IsPeriodicScanEnabled + masking_template_id: + description: masking template id + example: 1 + format: int64 + type: integer + x-go-name: MaskingTemplateID + required: + - db_service_uid + - masking_template_id + - identification_method + - execution_plan + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddSensitiveDataDiscoveryTaskData: + properties: + suspected_sensitive_fields_tree: + $ref: '#/definitions/SuspectedSensitiveFieldsTree' + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddSensitiveDataDiscoveryTaskReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + $ref: '#/definitions/AddSensitiveDataDiscoveryTaskData' + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + AddSensitiveDataDiscoveryTaskReq: + properties: + task: + $ref: '#/definitions/AddSensitiveDataDiscoveryTask' + required: + - task + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 AddSession: description: Use this struct to add a new session properties: @@ -935,6 +1067,32 @@ definitions: x-go-name: Version type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ConfigureMaskingRulesReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ConfigureMaskingRulesReq: + properties: + masking_rule_configs: + description: masking rule configurations for batch create or update + items: + $ref: '#/definitions/MaskingRuleConfig' + minLength: 1 + type: array + x-go-name: MaskingRuleConfigs + required: + - masking_rule_configs + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 CreateBusinessTagReq: properties: business_tag: @@ -994,10 +1152,6 @@ definitions: description: DB Service Host type: string x-go-name: Host - is_enable_masking: - description: data masking switch - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: |- DB Service maintenance time @@ -1166,10 +1320,6 @@ definitions: description: DB Service Host type: string x-go-name: Host - is_enable_masking: - description: data masking switch - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: |- DB Service maintenance time @@ -1431,6 +1581,32 @@ definitions: x-go-name: Message type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + DeleteMaskingTemplateReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + DeleteSensitiveDataDiscoveryTaskReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 EnvironmentTag: properties: name: @@ -1839,6 +2015,33 @@ definitions: x-go-name: Message type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + GetMaskingOverviewTreeData: + properties: + dashboard: + $ref: '#/definitions/MaskingOverviewDashboard' + databases: + additionalProperties: + $ref: '#/definitions/MaskingOverviewDatabaseNode' + description: database_name -> database node + type: object + x-go-name: Databases + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + GetMaskingOverviewTreeReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + $ref: '#/definitions/GetMaskingOverviewTreeData' + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetMemberGroup: properties: is_project_admin: @@ -2007,6 +2210,36 @@ definitions: x-go-name: TotalNums type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + GetPlaintextAccessRequestDetailReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: plaintext access request detail reply + properties: + masking_preview: + $ref: '#/definitions/MaskingPreviewData' + query_sql: + description: query sql statement + example: '"SELECT * FROM users"' + type: string + x-go-name: QuerySQL + reason: + description: application reason + example: '"troubleshooting"' + type: string + x-go-name: Reason + type: object + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetProjectTipsReply: properties: code: @@ -2118,6 +2351,25 @@ definitions: x-go-name: Message type: object x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + GetTableColumnMaskingDetailsReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: table column masking details reply + items: + $ref: '#/definitions/TableColumnMaskingDetail' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetUser: description: A dms user properties: @@ -2438,10 +2690,6 @@ definitions: description: db service host type: string x-go-name: Host - is_enable_masking: - description: is enable masking - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: DB Service maintenance time items: @@ -2500,10 +2748,6 @@ definitions: description: db service host type: string x-go-name: Host - is_enable_masking: - description: is enable masking - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: DB Service maintenance time items: @@ -3690,23 +3934,36 @@ definitions: ListMaskingRulesData: properties: description: + description: description + example: '"mask digits"' type: string x-go-name: Description effect: + description: effect description for users + example: '"保留开头2位和结尾2位,中间字符替换为*"' type: string x-go-name: Effect + effect_example_after: + description: effect example after masking + example: '"138******78"' + type: string + x-go-name: EffectExampleAfter + effect_example_before: + description: effect example before masking + example: '"13812345678"' + type: string + x-go-name: EffectExampleBefore id: + description: masking rule id + example: 1 format: int64 type: integer x-go-name: Id masking_type: + description: masking type + example: '"MASK_DIGIT"' type: string x-go-name: MaskingType - reference_fields: - items: - type: string - type: array - x-go-name: ReferenceFields type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMaskingRulesReply: @@ -3728,6 +3985,58 @@ definitions: x-go-name: Message type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListMaskingTemplatesData: + properties: + id: + description: masking template id + example: 1 + format: int64 + type: integer + x-go-name: Id + name: + description: masking template name + example: '"Standard Template"' + type: string + x-go-name: Name + rule_count: + description: count of rules in the template + example: 5 + format: int64 + type: integer + x-go-name: RuleCount + rule_names: + description: preview of rule name in the template, up to 3 items + items: + type: string + type: array + x-go-name: RuleNames + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListMaskingTemplatesReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: list masking templates reply + items: + $ref: '#/definitions/ListMaskingTemplatesData' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + total_nums: + description: total count of masking templates + example: 100 + format: int64 + type: integer + x-go-name: Total + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMember: description: A dms member properties: @@ -3885,6 +4194,14 @@ definitions: x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMemberRoleWithOpRange: properties: + member_group: + $ref: '#/definitions/ProjectMemberGroup' + op_permissions: + description: member op permissions + items: + $ref: '#/definitions/UidWithName' + type: array + x-go-name: OpPermissions op_range_type: description: |- op permission range type, only support db service now @@ -3913,7 +4230,7 @@ definitions: role_uid: $ref: '#/definitions/UidWithName' type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMemberTipsItem: properties: user_id: @@ -4041,6 +4358,31 @@ definitions: x-go-name: Total type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListPendingApprovalRequestsReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: pending approval requests reply + items: + $ref: '#/definitions/PendingApprovalRequestData' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + total_nums: + description: total count of pending approval requests + example: 100 + format: int64 + type: integer + x-go-name: Total + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListProjectReply: properties: code: @@ -4278,23 +4620,231 @@ definitions: x-go-name: Total type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 - ListUser: - description: A dms user + ListSensitiveDataDiscoveryTaskHistoriesData: properties: - authentication_type: + executed_at: description: |- - user authentication type - ldap UserAuthenticationTypeLDAP - dms UserAuthenticationTypeDMS - oauth2 UserAuthenticationTypeOAUTH2 - unknown UserAuthenticationTypeUnknown - enum: - - ldap - - dms - - oauth2 - - unknown + execution time in RFC3339 format + Format: date-time (RFC3339) + example: '"2024-01-15T10:30:00Z"' type: string - x-go-enum-desc: |- + x-go-name: ExecutedAt + new_sensitive_field_count: + description: newly discovered sensitive field count + example: 10 + format: int64 + type: integer + x-go-name: NewSensitiveFieldCount + remark: + description: remark + example: '"scan completed successfully"' + type: string + x-go-name: Remark + status: + description: |- + execution status + PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm + NORMAL SensitiveDataDiscoveryTaskStatusNormal + COMPLETED SensitiveDataDiscoveryTaskStatusCompleted + RUNNING SensitiveDataDiscoveryTaskStatusRunning + FAILED SensitiveDataDiscoveryTaskStatusFailed + enum: + - PENDING_CONFIRM + - NORMAL + - COMPLETED + - RUNNING + - FAILED + example: '"NORMAL"' + type: string + x-go-enum-desc: |- + PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm + NORMAL SensitiveDataDiscoveryTaskStatusNormal + COMPLETED SensitiveDataDiscoveryTaskStatusCompleted + RUNNING SensitiveDataDiscoveryTaskStatusRunning + FAILED SensitiveDataDiscoveryTaskStatusFailed + x-go-name: Status + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListSensitiveDataDiscoveryTaskHistoriesReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: sensitive data discovery task histories reply + items: + $ref: '#/definitions/ListSensitiveDataDiscoveryTaskHistoriesData' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + total_nums: + description: total count of sensitive data discovery task histories + example: 100 + format: int64 + type: integer + x-go-name: Total + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListSensitiveDataDiscoveryTasksData: + properties: + db_service_name: + description: database instance name + example: '"mysql-01"' + type: string + x-go-name: DBServiceName + db_service_uid: + description: database instance id + example: '"db_service_uid_1"' + type: string + x-go-name: DBServiceUID + execution_frequency: + description: cron expression of execution frequency, periodic task returns cron, one-time task returns empty + example: '"0 2 * * *"' + type: string + x-go-name: ExecutionFrequency + execution_plan: + description: |- + execution plan + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + enum: + - PERIODIC + - ONE_TIME + example: '"ONE_TIME"' + type: string + x-go-enum-desc: |- + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + x-go-name: ExecutionPlan + id: + description: sensitive data discovery task id + example: 1 + format: int64 + type: integer + x-go-name: ID + identification_method: + description: |- + sensitive data identification method + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + enum: + - BY_FIELD_NAME + - BY_SAMPLE_DATA + example: '"BY_FIELD_NAME"' + type: string + x-go-enum-desc: |- + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + x-go-name: IdentificationMethod + is_periodic_scan_enabled: + description: whether periodic scanning is enabled + example: true + type: boolean + x-go-name: IsPeriodicScanEnabled + masking_template_id: + description: related masking template id + example: 1 + format: int64 + type: integer + x-go-name: MaskingTemplateID + masking_template_name: + description: related masking template name + example: '"Standard Template"' + type: string + x-go-name: MaskingTemplateName + next_execution_at: + description: |- + next run time, periodic task returns RFC3339 time, one-time task returns null + Format: date-time (RFC3339) + example: '"2024-01-15T10:30:00Z"' + type: string + x-go-name: NextExecutionAt + status: + description: |- + task status + PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm + NORMAL SensitiveDataDiscoveryTaskStatusNormal + COMPLETED SensitiveDataDiscoveryTaskStatusCompleted + RUNNING SensitiveDataDiscoveryTaskStatusRunning + FAILED SensitiveDataDiscoveryTaskStatusFailed + enum: + - PENDING_CONFIRM + - NORMAL + - COMPLETED + - RUNNING + - FAILED + example: '"NORMAL"' + type: string + x-go-enum-desc: |- + PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm + NORMAL SensitiveDataDiscoveryTaskStatusNormal + COMPLETED SensitiveDataDiscoveryTaskStatusCompleted + RUNNING SensitiveDataDiscoveryTaskStatusRunning + FAILED SensitiveDataDiscoveryTaskStatusFailed + x-go-name: Status + task_type: + description: |- + task type + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + enum: + - PERIODIC + - ONE_TIME + example: '"PERIODIC"' + type: string + x-go-enum-desc: |- + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + x-go-name: TaskType + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListSensitiveDataDiscoveryTasksReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: sensitive data discovery tasks list reply + items: + $ref: '#/definitions/ListSensitiveDataDiscoveryTasksData' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + total_nums: + description: total count of sensitive data discovery tasks + example: 100 + format: int64 + type: integer + x-go-name: Total + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListUser: + description: A dms user + properties: + authentication_type: + description: |- + user authentication type + ldap UserAuthenticationTypeLDAP + dms UserAuthenticationTypeDMS + oauth2 UserAuthenticationTypeOAUTH2 + unknown UserAuthenticationTypeUnknown + enum: + - ldap + - dms + - oauth2 + - unknown + type: string + x-go-enum-desc: |- ldap UserAuthenticationTypeLDAP dms UserAuthenticationTypeDMS oauth2 UserAuthenticationTypeOAUTH2 @@ -4518,6 +5068,131 @@ definitions: $ref: '#/definitions/Time' type: object x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + MaskingOverviewDashboard: + properties: + configured_masking_columns: + description: total count of columns with configured masking + example: 120 + format: int64 + type: integer + x-go-name: ConfiguredMaskingColumns + pending_confirm_masking_columns: + description: total count of columns pending masking confirmation + example: 5 + format: int64 + type: integer + x-go-name: PendingConfirmMaskingColumns + total_sensitive_tables: + description: total count of tables that contain sensitive data + example: 50 + format: int64 + type: integer + x-go-name: TotalSensitiveTables + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + MaskingOverviewDatabaseNode: + properties: + tables: + additionalProperties: + $ref: '#/definitions/MaskingOverviewTableData' + description: table_name -> table overview data + type: object + x-go-name: Tables + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + MaskingOverviewTableData: + properties: + configured_masking_columns: + description: configured masking column count for this table + example: 3 + format: int64 + type: integer + x-go-name: ConfiguredMaskingColumns + pending_confirm_masking_columns: + description: pending masking confirmation column count for this table + example: 1 + format: int64 + type: integer + x-go-name: PendingConfirmMaskingColumns + table_id: + description: table id + example: 1 + format: int64 + type: integer + x-go-name: TableID + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + MaskingPreviewData: + properties: + columns: + description: preview columns + example: + - id + - name + - email + items: + type: string + type: array + x-go-name: Columns + rows: + description: preview rows + example: + - - "1" + - John + - j***@example.com + - - "2" + - Alice + - a***@example.com + items: + items: + type: string + type: array + type: array + x-go-name: Rows + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + MaskingRuleConfig: + properties: + column_name: + description: column name + example: '"email"' + type: string + x-go-name: ColumnName + db_service_uid: + description: data source id + example: '"1"' + type: string + x-go-name: DBServiceUID + is_masking_enabled: + description: whether to enable masking for this column + example: true + type: boolean + x-go-name: IsMaskingEnabled + masking_rule_id: + description: masking rule id + example: 1 + format: int64 + type: integer + x-go-name: MaskingRuleID + schema_name: + description: schema name + example: '"db1"' + type: string + x-go-name: SchemaName + table_name: + description: table name + example: '"users"' + type: string + x-go-name: TableName + required: + - db_service_uid + - schema_name + - table_name + - column_name + - masking_rule_id + - is_masking_enabled + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 Member: description: A member properties: @@ -4751,6 +5426,7 @@ definitions: manage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外 manage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限 desensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限 + masking_audit OpPermissionMaskingAudit 脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求 none OpPermissionTypeNone 无任何权限 enum: - unknown @@ -4789,6 +5465,7 @@ definitions: - manage_sql_mange_white_list - manage_role_mange - desensitization + - masking_audit - none type: string x-go-enum-desc: |- @@ -4828,6 +5505,7 @@ definitions: manage_sql_mange_white_list OpPermissionManageSQLMangeWhiteList 管控SQL例外;管理管控SQL例外 manage_role_mange OpPermissionManageRoleMange 角色管理;角色管理权限 desensitization OpPermissionDesensitization 脱敏规则;脱敏规则配置权限 + masking_audit OpPermissionMaskingAudit 脱敏审核;拥有该权限的用户可以查看和处理脱敏审批请求 none OpPermissionTypeNone 无任何权限 x-go-name: OpPermissionType range_type: @@ -4982,6 +5660,38 @@ definitions: $ref: '#/definitions/Param' type: array x-go-package: github.com/actiontech/dms/pkg/params + PendingApprovalRequestData: + properties: + applicant_name: + description: applicant name + example: '"admin"' + type: string + x-go-name: ApplicantName + applied_at: + description: |- + application time in RFC3339 format + Format: date-time (RFC3339) + example: '"2024-01-15T10:30:00Z"' + type: string + x-go-name: AppliedAt + data_scope: + description: data scope + example: '"database ''db1'', table ''users''"' + type: string + x-go-name: DataScope + id: + description: approval request id + example: 1 + format: int64 + type: integer + x-go-name: ID + reason: + description: application reason + example: '"data analysis"' + type: string + x-go-name: Reason + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 PersonalizationReq: properties: file: @@ -5085,6 +5795,49 @@ definitions: type: object x-go-name: PreviewImportProjects x-go-package: github.com/actiontech/dms/api/dms/service/v2 + ProcessApprovalRequestReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ProcessApprovalRequestReq: + properties: + action: + description: |- + process action + APPROVE ApprovalActionApprove + REJECT ApprovalActionReject + enum: + - APPROVE + - REJECT + example: '"APPROVE"' + type: string + x-go-enum-desc: |- + APPROVE ApprovalActionApprove + REJECT ApprovalActionReject + x-go-name: Action + approve_remark: + description: approval remark, optional when action is APPROVE + example: '"approved for one-time access"' + type: string + x-go-name: ApproveRemark + reject_reason: + description: reject reason, required when action is REJECT + example: '"insufficient reason"' + type: string + x-go-name: RejectReason + required: + - action + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ProjectInfo: properties: project_name: @@ -5641,6 +6394,73 @@ definitions: x-go-name: Username type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + SensitiveFieldScanResult: + properties: + confidence: + description: |- + confidence level + HIGH ConfidenceHigh + MEDIUM ConfidenceMedium + LOW ConfidenceLow + enum: + - HIGH + - MEDIUM + - LOW + example: '"High"' + type: string + x-go-enum-desc: |- + HIGH ConfidenceHigh + MEDIUM ConfidenceMedium + LOW ConfidenceLow + x-go-name: Confidence + recommended_masking_rule_id: + description: recommended masking rule id + example: 1 + format: int64 + type: integer + x-go-name: RecommendedMaskingRuleID + recommended_masking_rule_name: + description: recommended masking rule name + example: '"Email Masking"' + type: string + x-go-name: RecommendedMaskingRuleName + scan_info: + description: scan information for the field + example: '"matched by field name ''email''"' + type: string + x-go-name: ScanInfo + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + SuspectedSensitiveDatabaseNode: + properties: + tables: + additionalProperties: + $ref: '#/definitions/SuspectedSensitiveTableNode' + description: table_name -> table node + type: object + x-go-name: Tables + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + SuspectedSensitiveFieldsTree: + properties: + databases: + additionalProperties: + $ref: '#/definitions/SuspectedSensitiveDatabaseNode' + description: database_name -> database node + type: object + x-go-name: Databases + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + SuspectedSensitiveTableNode: + properties: + fields: + additionalProperties: + $ref: '#/definitions/SensitiveFieldScanResult' + description: field_name -> scan result + type: object + x-go-name: Fields + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 SyncGatewayReq: properties: gateways: @@ -5676,6 +6496,59 @@ definitions: x-go-name: Url type: object x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + TableColumnMaskingDetail: + properties: + column_name: + description: column name + example: '"email"' + type: string + x-go-name: ColumnName + confidence: + description: |- + confidence level of masking recommendation,null if no masking rule is applied + HIGH ConfidenceHigh + MEDIUM ConfidenceMedium + LOW ConfidenceLow + enum: + - HIGH + - MEDIUM + - LOW + example: "2" + type: string + x-go-enum-desc: |- + HIGH ConfidenceHigh + MEDIUM ConfidenceMedium + LOW ConfidenceLow + x-go-name: Confidence + masking_rule_id: + description: current masking rule id, null if no masking rule is applied + example: 1 + format: int64 + type: integer + x-go-name: MaskingRuleID + masking_rule_name: + description: current masking rule name, null if no masking rule is applied + example: '"Email Masking"' + type: string + x-go-name: MaskingRuleName + status: + description: |- + current masking config status + CONFIGURED MaskingConfigStatusConfigured + PENDING_CONFIRM MaskingConfigStatusPendingConfirm + SYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed + enum: + - CONFIGURED + - PENDING_CONFIRM + - SYSTEM_CONFIRMED + type: string + x-go-enum-desc: |- + CONFIGURED MaskingConfigStatusConfigured + PENDING_CONFIRM MaskingConfigStatusPendingConfirm + SYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed + x-go-name: Status + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 Task: properties: task_uid: @@ -6036,10 +6909,6 @@ definitions: description: DB Service Host type: string x-go-name: Host - is_enable_masking: - description: data masking switch - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: DB Service maintenance time items: @@ -6143,10 +7012,6 @@ definitions: description: DB Service Host type: string x-go-name: Host - is_enable_masking: - description: data masking switch - type: boolean - x-go-name: IsEnableMasking maintenance_times: description: DB Service maintenance time items: @@ -6247,31 +7112,69 @@ definitions: $ref: '#/definitions/LoginConfiguration' type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 - UpdateMember: + UpdateMaskingTemplate: properties: - is_project_admin: - description: Whether the member has project admin permission - type: boolean - x-go-name: IsProjectAdmin - project_manage_permissions: - description: member project manage permissions - items: - type: string - type: array - x-go-name: ProjectManagePermissions - role_with_op_ranges: - description: member role with op ranges + rule_ids: + description: masking rule id list + example: + - 1 + - 2 items: - $ref: '#/definitions/MemberRoleWithOpRange' + format: int64 + type: integer + minLength: 1 type: array - x-go-name: RoleWithOpRanges + x-go-name: RuleIDs + required: + - rule_ids type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 - UpdateMemberGroup: + UpdateMaskingTemplateReply: properties: - is_project_admin: - description: Whether the member has project admin permission - type: boolean + code: + description: code + format: int64 + type: integer + x-go-name: Code + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateMaskingTemplateReq: + properties: + masking_template: + $ref: '#/definitions/UpdateMaskingTemplate' + required: + - masking_template + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateMember: + properties: + is_project_admin: + description: Whether the member has project admin permission + type: boolean + x-go-name: IsProjectAdmin + project_manage_permissions: + description: member project manage permissions + items: + type: string + type: array + x-go-name: ProjectManagePermissions + role_with_op_ranges: + description: member role with op ranges + items: + $ref: '#/definitions/MemberRoleWithOpRange' + type: array + x-go-name: RoleWithOpRanges + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateMemberGroup: + properties: + is_project_admin: + description: Whether the member has project admin permission + type: boolean x-go-name: IsProjectAdmin project_manage_permissions: description: member project manage permissions @@ -6439,6 +7342,87 @@ definitions: $ref: '#/definitions/UpdateSMTPConfiguration' type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateSensitiveDataDiscoveryTask: + properties: + cron_expression: + description: cron expression, required when execution_plan is PERIODIC + example: '"0 0 * * *"' + type: string + x-go-name: CronExpression + execution_plan: + description: |- + execution plan + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + enum: + - PERIODIC + - ONE_TIME + example: '"PERIODIC"' + type: string + x-go-enum-desc: |- + PERIODIC SensitiveDataDiscoveryTaskTypePeriodic + ONE_TIME SensitiveDataDiscoveryTaskTypeOneTime + x-go-name: ExecutionPlan + identification_method: + description: |- + sensitive data identification method + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + enum: + - BY_FIELD_NAME + - BY_SAMPLE_DATA + example: '"BY_FIELD_NAME"' + type: string + x-go-enum-desc: |- + BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName + BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData + x-go-name: IdentificationMethod + is_periodic_scan_enabled: + description: whether periodic scanning is enabled + example: true + type: boolean + x-go-name: IsPeriodicScanEnabled + masking_template_id: + description: masking template id + example: 1 + format: int64 + type: integer + x-go-name: MaskingTemplateID + required: + - masking_template_id + - identification_method + - execution_plan + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateSensitiveDataDiscoveryTaskData: + properties: + suspected_sensitive_fields_tree: + $ref: '#/definitions/SuspectedSensitiveFieldsTree' + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateSensitiveDataDiscoveryTaskReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + $ref: '#/definitions/UpdateSensitiveDataDiscoveryTaskData' + message: + description: message + type: string + x-go-name: Message + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + UpdateSensitiveDataDiscoveryTaskReq: + properties: + task: + $ref: '#/definitions/UpdateSensitiveDataDiscoveryTask' + required: + - task + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 UpdateSmsConfiguration: properties: configuration: @@ -7986,11 +8970,11 @@ paths: operationId: ListMaskingRules responses: "200": - description: ListMaskingRulesReply + description: List masking rules successfully schema: $ref: '#/definitions/ListMaskingRulesReply' default: - description: GenericResp + description: Generic error response schema: $ref: '#/definitions/GenericResp' summary: List masking rules. @@ -9478,6 +10462,512 @@ paths: summary: Update an existing environment tag. tags: - Project + /v1/dms/projects/{project_uid}/masking/approval-requests/{request_id}: + get: + operationId: GetPlaintextAccessRequestDetail + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: approval request id + example: 1 + format: int64 + in: path + name: request_id + required: true + type: integer + x-go-name: RequestID + responses: + "200": + description: Get plaintext access request detail successfully + schema: + $ref: '#/definitions/GetPlaintextAccessRequestDetailReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Get plaintext access request detail. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/approval-requests/{request_id}/decisions: + post: + operationId: ProcessApprovalRequest + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: approval request id + in: path + name: request_id + required: true + type: integer + - description: process action info + in: body + name: action + required: true + schema: + $ref: '#/definitions/ProcessApprovalRequestReq' + responses: + "200": + description: Process approval request successfully + schema: + $ref: '#/definitions/ProcessApprovalRequestReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Process approval request. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/approval-requests/pending: + get: + operationId: ListPendingApprovalRequests + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: the maximum count of requests to be returned, default is 20 + example: "20" + format: uint32 + in: query + name: page_size + type: integer + x-go-name: PageSize + - description: the offset of requests to be returned, default is 0 + example: "0" + format: uint32 + in: query + name: page_index + type: integer + x-go-name: PageIndex + responses: + "200": + description: List pending approval requests successfully + schema: + $ref: '#/definitions/ListPendingApprovalRequestsReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: List pending approval requests. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/overview: + get: + operationId: GetMaskingOverviewTree + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: data source id + example: '"1"' + in: query + name: db_service_uid + required: true + type: string + x-go-name: DBServiceUID + - description: fuzzy search keyword for database name, table name, and column name + example: '"user"' + in: query + name: keywords + type: string + x-go-name: Keywords + - description: 'masking config status filters, enum: CONFIGURED/PENDING_CONFIRM' + enum: + - CONFIGURED + - PENDING_CONFIRM + - SYSTEM_CONFIRMED + in: query + name: masking_config_statuses + type: string + x-go-enum-desc: |- + CONFIGURED MaskingConfigStatusConfigured + PENDING_CONFIRM MaskingConfigStatusPendingConfirm + SYSTEM_CONFIRMED MaskingConfigStatusSystemConfirmed + x-go-name: MaskingConfigStatus + responses: + "200": + description: Get masking overview tree successfully + schema: + $ref: '#/definitions/GetMaskingOverviewTreeReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Get masking overview tree. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/rule-configs: + put: + operationId: ConfigureMaskingRules + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: masking rule configurations for batch create or update + in: body + name: masking_rule_configs_req + required: true + schema: + $ref: '#/definitions/ConfigureMaskingRulesReq' + responses: + "200": + description: Configure masking rules successfully + schema: + $ref: '#/definitions/ConfigureMaskingRulesReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Configure masking rules in batch. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks: + get: + operationId: ListSensitiveDataDiscoveryTasks + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: the maximum count of tasks to be returned, default is 20 + example: "20" + format: uint32 + in: query + name: page_size + type: integer + x-go-name: PageSize + - description: the offset of tasks to be returned, default is 0 + example: "0" + format: uint32 + in: query + name: page_index + type: integer + x-go-name: PageIndex + responses: + "200": + description: List sensitive data discovery tasks successfully + schema: + $ref: '#/definitions/ListSensitiveDataDiscoveryTasksReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: List sensitive data discovery tasks. + tags: + - Masking + post: + operationId: AddSensitiveDataDiscoveryTask + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: sensitive data discovery task info + in: body + name: task + required: true + schema: + $ref: '#/definitions/AddSensitiveDataDiscoveryTaskReq' + responses: + "200": + description: Add sensitive data discovery task successfully + schema: + $ref: '#/definitions/AddSensitiveDataDiscoveryTaskReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Add sensitive data discovery task. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}: + delete: + operationId: DeleteSensitiveDataDiscoveryTask + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: sensitive data discovery task id + example: 1 + format: int64 + in: path + name: task_id + required: true + type: integer + x-go-name: TaskID + responses: + "200": + description: Delete sensitive data discovery task successfully + schema: + $ref: '#/definitions/DeleteSensitiveDataDiscoveryTaskReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Delete sensitive data discovery task. + tags: + - Masking + put: + operationId: UpdateSensitiveDataDiscoveryTask + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: sensitive data discovery task id + in: path + name: task_id + required: true + type: integer + - description: sensitive data discovery task info + in: body + name: task + required: true + schema: + $ref: '#/definitions/UpdateSensitiveDataDiscoveryTaskReq' + responses: + "200": + description: Update sensitive data discovery task successfully + schema: + $ref: '#/definitions/UpdateSensitiveDataDiscoveryTaskReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Update sensitive data discovery task. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}/histories: + get: + operationId: ListSensitiveDataDiscoveryTaskHistories + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: sensitive data discovery task id + example: 1 + format: int64 + in: path + name: task_id + required: true + type: integer + x-go-name: TaskID + - description: the maximum count of histories to be returned, default is 20 + example: "20" + format: uint32 + in: query + name: page_size + type: integer + x-go-name: PageSize + - description: the offset of histories to be returned, default is 0 + example: "0" + format: uint32 + in: query + name: page_index + type: integer + x-go-name: PageIndex + responses: + "200": + description: List sensitive data discovery task histories successfully + schema: + $ref: '#/definitions/ListSensitiveDataDiscoveryTaskHistoriesReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: List sensitive data discovery task histories. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/tables/{table_id}/column-masking-details: + get: + operationId: GetTableColumnMaskingDetails + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: table id from masking overview tree + example: 1 + format: int64 + in: path + name: table_id + required: true + type: integer + x-go-name: TableID + - description: fuzzy search keyword for column name + example: '"phone"' + in: query + name: keywords + type: string + x-go-name: Keywords + responses: + "200": + description: Get table column masking details successfully + schema: + $ref: '#/definitions/GetTableColumnMaskingDetailsReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Get table column masking details. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/templates: + get: + operationId: ListMaskingTemplates + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: the maximum count of masking templates to be returned, default is 20 + format: uint32 + in: query + name: page_size + type: integer + x-go-name: PageSize + - description: the offset of masking templates to be returned, default is 0 + format: uint32 + in: query + name: page_index + type: integer + x-go-name: PageIndex + responses: + "200": + description: List masking templates successfully + schema: + $ref: '#/definitions/ListMaskingTemplatesReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: List masking templates. + tags: + - Masking + post: + operationId: AddMaskingTemplate + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: masking template info + in: body + name: masking_template + required: true + schema: + $ref: '#/definitions/AddMaskingTemplateReq' + responses: + "200": + description: Add masking template successfully + schema: + $ref: '#/definitions/AddMaskingTemplateReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Add masking template. + tags: + - Masking + /v1/dms/projects/{project_uid}/masking/templates/{template_id}: + delete: + operationId: DeleteMaskingTemplate + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: masking template id + example: 1 + format: int64 + in: path + name: template_id + required: true + type: integer + x-go-name: TemplateID + responses: + "200": + description: Delete masking template successfully + schema: + $ref: '#/definitions/DeleteMaskingTemplateReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Delete masking template. + tags: + - Masking + put: + operationId: UpdateMaskingTemplate + parameters: + - description: project uid + in: path + name: project_uid + required: true + type: string + - description: masking template id + in: path + name: template_id + required: true + type: integer + - description: masking template info + in: body + name: masking_template + required: true + schema: + $ref: '#/definitions/UpdateMaskingTemplateReq' + responses: + "200": + description: Update masking template successfully + schema: + $ref: '#/definitions/UpdateMaskingTemplateReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: Update masking template. + tags: + - Masking /v1/dms/projects/{project_uid}/member_groups: get: operationId: ListMemberGroups From 573f1940c0ce4cfb2896a4d3d70a08fe202b1061 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:25:24 +0000 Subject: [PATCH 08/16] ce remove: delete enterprise and community edition data masking files MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 移除不再需要的旧代码 - Removed `data_masking_ce.go`, `data_masking_ee.go`, and associated configuration files to streamline the codebase. - Eliminated `data_masking_conf_ee.yml` and `data_masking_rule_in_ee.yml` as part of the cleanup process. - Deleted `masking_ce.go`, `masking_ee.go`, and related service files to enhance maintainability and focus on core functionalities. --- internal/data_masking/biz/data_masking_ce.go | 16 --------- internal/dms/biz/masking.go | 25 -------------- internal/dms/biz/masking_ce.go | 25 -------------- internal/dms/service/masking.go | 34 -------------------- 4 files changed, 100 deletions(-) delete mode 100644 internal/data_masking/biz/data_masking_ce.go delete mode 100644 internal/dms/biz/masking.go delete mode 100644 internal/dms/biz/masking_ce.go delete mode 100644 internal/dms/service/masking.go diff --git a/internal/data_masking/biz/data_masking_ce.go b/internal/data_masking/biz/data_masking_ce.go deleted file mode 100644 index eca2f53c..00000000 --- a/internal/data_masking/biz/data_masking_ce.go +++ /dev/null @@ -1,16 +0,0 @@ -//go:build !enterprise - -package biz - -import ( - utilLog "github.com/actiontech/dms/pkg/dms-common/pkg/log" -) - -// 数据脱敏为DMS企业版功能 -type DataMaskingUseCase struct { -} - -func NewDataMaskingUseCase(log utilLog.Logger) (*DataMaskingUseCase, error) { - d := &DataMaskingUseCase{} - return d, nil -} diff --git a/internal/dms/biz/masking.go b/internal/dms/biz/masking.go deleted file mode 100644 index cbda1b93..00000000 --- a/internal/dms/biz/masking.go +++ /dev/null @@ -1,25 +0,0 @@ -package biz - -import ( - maskingBiz "github.com/actiontech/dms/internal/data_masking/biz" - utilLog "github.com/actiontech/dms/pkg/dms-common/pkg/log" -) - -type DataMaskingUsecase struct { - log *utilLog.Helper - DataMasking *maskingBiz.DataMaskingUseCase -} - -func NewMaskingUsecase(log utilLog.Logger, dataMaskingUsecase *maskingBiz.DataMaskingUseCase) *DataMaskingUsecase { - return &DataMaskingUsecase{ - log: utilLog.NewHelper(log, utilLog.WithMessageKey("biz.masking")), - DataMasking: dataMaskingUsecase, - } -} - -type ListMaskingRule struct { - MaskingType string `json:"masking_type"` - Description string `json:"description"` - ReferenceFields []string `json:"reference_fields"` - Effect string `json:"effect"` -} diff --git a/internal/dms/biz/masking_ce.go b/internal/dms/biz/masking_ce.go deleted file mode 100644 index 108c4e56..00000000 --- a/internal/dms/biz/masking_ce.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build !dms - -package biz - -import ( - "context" - "errors" - - "github.com/actiontech/dms/internal/pkg/cloudbeaver/model" -) - -var errNotDataMasking = errors.New("data masking unimplemented") - -func (d *DataMaskingUsecase) ListMaskingRules(ctx context.Context) ([]ListMaskingRule, error) { - return nil, errNotDataMasking -} - -// SQLExecuteResultsDataMasking 为DMS企业版的脱敏功能,捕获cloudbeaver返回的结果集,根据配置对结果集脱敏 -func (d *DataMaskingUsecase) SQLExecuteResultsDataMasking(ctx context.Context, result *model.SQLExecuteInfo) error { - return nil -} - -func IsDMS() bool { - return false -} diff --git a/internal/dms/service/masking.go b/internal/dms/service/masking.go deleted file mode 100644 index 511f131c..00000000 --- a/internal/dms/service/masking.go +++ /dev/null @@ -1,34 +0,0 @@ -package service - -import ( - "context" - - dmsV1 "github.com/actiontech/dms/api/dms/service/v1" -) - -func (d *DMSService) ListMaskingRules(ctx context.Context) (reply *dmsV1.ListMaskingRulesReply, err error) { - rules, err := d.DataMaskingUsecase.ListMaskingRules(ctx) - if nil != err { - return nil, err - } - - ret := make([]dmsV1.ListMaskingRulesData, 0, len(rules)) - for i, rule := range rules { - var fields = make([]string, 0) - if rule.ReferenceFields != nil { - fields = rule.ReferenceFields - } - - ret = append(ret, dmsV1.ListMaskingRulesData{ - Id: i + 1, - MaskingType: rule.MaskingType, - Description: rule.Description, - ReferenceFields: fields, - Effect: rule.Effect, - }) - } - - return &dmsV1.ListMaskingRulesReply{ - Data: ret, - }, nil -} From b5d0c8b395aae6493112271635b1df249f805bd4 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 09:42:18 +0000 Subject: [PATCH 09/16] ce feat: introduce data masking configuration and sensitive data discovery task repositories MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 补充依赖注入接口和空实现 - Added `DataExportMaskingConfigRepo` interface to define data masking configuration methods. - Implemented `SensitiveDataDiscoveryTaskRepo` with methods for checking task existence and listing task statuses. - Enhanced `dataMaskingUsecase` struct to include a discovery task use case for better task management. --- internal/dms/biz/data_mask_ce.go | 5 ++++ internal/dms/service/data_masking_ce.go | 8 ++++++- .../sensitive_data_discovery_task_ce.go | 23 +++++++++++++++++++ 3 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 internal/dms/biz/data_mask_ce.go create mode 100644 internal/dms/storage/sensitive_data_discovery_task_ce.go diff --git a/internal/dms/biz/data_mask_ce.go b/internal/dms/biz/data_mask_ce.go new file mode 100644 index 00000000..c9c5492d --- /dev/null +++ b/internal/dms/biz/data_mask_ce.go @@ -0,0 +1,5 @@ +//go:build !enterprise + +package biz + +type DataExportMaskingConfigRepo interface{} diff --git a/internal/dms/service/data_masking_ce.go b/internal/dms/service/data_masking_ce.go index 37a1393d..cf126850 100644 --- a/internal/dms/service/data_masking_ce.go +++ b/internal/dms/service/data_masking_ce.go @@ -76,7 +76,13 @@ func newCloudbeaverSQLResultMasker(_ utilLog.Logger, _ *storage.Storage, _ biz.P return nil, nil } -type dataMaskingUsecase struct{} +type dataMaskingDiscoveryTaskUsecase interface { + ListMaskingTaskStatus(ctx context.Context, dbServiceUIDs []string) (map[string]bool, error) +} + +type dataMaskingUsecase struct { + DiscoveryTaskUsecase dataMaskingDiscoveryTaskUsecase +} func initDataExportMaskingConfigRepo(_ utilLog.Logger, _ *storage.Storage) biz.DataExportMaskingConfigRepo { return nil diff --git a/internal/dms/storage/sensitive_data_discovery_task_ce.go b/internal/dms/storage/sensitive_data_discovery_task_ce.go new file mode 100644 index 00000000..a23fda70 --- /dev/null +++ b/internal/dms/storage/sensitive_data_discovery_task_ce.go @@ -0,0 +1,23 @@ +//go:build !dms + +package storage + +import ( + "context" + + utilLog "github.com/actiontech/dms/pkg/dms-common/pkg/log" +) + +type SensitiveDataDiscoveryTaskRepo struct{} + +func NewSensitiveDataDiscoveryTaskRepo(_ utilLog.Logger, _ *Storage) *SensitiveDataDiscoveryTaskRepo { + return &SensitiveDataDiscoveryTaskRepo{} +} + +func (r *SensitiveDataDiscoveryTaskRepo) CheckMaskingTaskExist(_ context.Context, _ string) (bool, error) { + return false, nil +} + +func (r *SensitiveDataDiscoveryTaskRepo) ListMaskingTaskStatus(_ context.Context, _ []string) (map[string]bool, error) { + return map[string]bool{}, nil +} From 2af63df86d3c40d1f1ee307ac3e8948b6b25961f Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Tue, 24 Mar 2026 10:00:41 +0000 Subject: [PATCH 10/16] ce refactor: update API definitions for data masking - Changed the x-go-package path in Swagger files to reflect the new structure. - Removed unused properties from ListMemberRoleWithOpRange definition to streamline the API. - Added new properties for database service host and port in ListSensitiveDataDiscoveryTasksData to enhance data discovery capabilities. - Updated related Go structs to include new fields for database service host and port, ensuring consistency across the codebase. --- api/dms/service/v1/masking.go | 6 ++++++ api/swagger.json | 27 ++++++++++++++------------- api/swagger.yaml | 22 ++++++++++++---------- 3 files changed, 32 insertions(+), 23 deletions(-) diff --git a/api/dms/service/v1/masking.go b/api/dms/service/v1/masking.go index b989c752..7b4c879a 100644 --- a/api/dms/service/v1/masking.go +++ b/api/dms/service/v1/masking.go @@ -209,6 +209,12 @@ type ListSensitiveDataDiscoveryTasksData struct { // database instance name // Example: "mysql-01" DBServiceName string `json:"db_service_name"` + // database instance host + // Example: "10.10.10.10" + DBServiceHost string `json:"db_service_host"` + // database instance port + // Example: "3306" + DBServicePort string `json:"db_service_port"` // task type // Example: "PERIODIC" TaskType SensitiveDataDiscoveryTaskType `json:"task_type"` diff --git a/api/swagger.json b/api/swagger.json index 66f7cd33..de139edd 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -10308,7 +10308,7 @@ "x-go-name": "Users" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "GetMemberGroupReply": { "type": "object", @@ -13001,17 +13001,6 @@ "ListMemberRoleWithOpRange": { "type": "object", "properties": { - "member_group": { - "$ref": "#/definitions/ProjectMemberGroup" - }, - "op_permissions": { - "description": "member op permissions", - "type": "array", - "items": { - "$ref": "#/definitions/UidWithName" - }, - "x-go-name": "OpPermissions" - }, "op_range_type": { "description": "op permission range type, only support db service now\nunknown OpRangeTypeUnknown\nglobal OpRangeTypeGlobal 全局权限: 该权限只能被用户使用\nproject OpRangeTypeProject 项目权限: 该权限只能被成员使用\ndb_service OpRangeTypeDBService 项目内的数据源权限: 该权限只能被成员使用", "type": "string", @@ -13036,7 +13025,7 @@ "$ref": "#/definitions/UidWithName" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "ListMemberTipsItem": { "type": "object", @@ -13569,12 +13558,24 @@ "ListSensitiveDataDiscoveryTasksData": { "type": "object", "properties": { + "db_service_host": { + "description": "database instance host", + "type": "string", + "x-go-name": "DBServiceHost", + "example": "\"10.10.10.10\"" + }, "db_service_name": { "description": "database instance name", "type": "string", "x-go-name": "DBServiceName", "example": "\"mysql-01\"" }, + "db_service_port": { + "description": "database instance port", + "type": "string", + "x-go-name": "DBServicePort", + "example": "\"3306\"" + }, "db_service_uid": { "description": "database instance id", "type": "string", diff --git a/api/swagger.yaml b/api/swagger.yaml index e8fba748..84ec85bc 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -2068,7 +2068,7 @@ definitions: type: array x-go-name: Users type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 GetMemberGroupReply: properties: code: @@ -4194,14 +4194,6 @@ definitions: x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMemberRoleWithOpRange: properties: - member_group: - $ref: '#/definitions/ProjectMemberGroup' - op_permissions: - description: member op permissions - items: - $ref: '#/definitions/UidWithName' - type: array - x-go-name: OpPermissions op_range_type: description: |- op permission range type, only support db service now @@ -4230,7 +4222,7 @@ definitions: role_uid: $ref: '#/definitions/UidWithName' type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 ListMemberTipsItem: properties: user_id: @@ -4692,11 +4684,21 @@ definitions: x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListSensitiveDataDiscoveryTasksData: properties: + db_service_host: + description: database instance host + example: '"10.10.10.10"' + type: string + x-go-name: DBServiceHost db_service_name: description: database instance name example: '"mysql-01"' type: string x-go-name: DBServiceName + db_service_port: + description: database instance port + example: '"3306"' + type: string + x-go-name: DBServicePort db_service_uid: description: database instance id example: '"db_service_uid_1"' From 5dcb1ccd3c167d9606def789088e90f3881f7921 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Wed, 25 Mar 2026 07:06:54 +0000 Subject: [PATCH 11/16] ce feat: enhance data masking API with new endpoints and parameters MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 新增接口,用于获取可以创建脱敏任务的数据源列表 - 调整接口,支持获取全局中脱敏支持的数据源类型 - Added a new endpoint to list creatable database services for sensitive data discovery tasks, allowing users to specify project UID and optional query parameters for pagination and filtering. - Introduced a function support filter in the existing global DB services tips endpoint to return database types based on specified functionality. - Updated Swagger documentation to reflect new API definitions and parameters, ensuring clarity and consistency across the API. - Enhanced related Go structs and service methods to support the new functionality, improving the overall data masking capabilities. --- api/dms/service/v1/db_service.go | 20 +++ api/dms/service/v1/masking.go | 53 +++++++ api/swagger.json | 149 +++++++++++++++++- api/swagger.yaml | 119 +++++++++++++- .../apiserver/service/data_mask_controller.go | 56 +++++++ internal/apiserver/service/dms_controller.go | 8 +- internal/dms/biz/function_support_registry.go | 48 ++++++ internal/dms/service/data_masking_ce.go | 12 ++ internal/dms/service/db_service.go | 4 +- internal/dms/service/db_service_ce.go | 2 +- internal/dms/service/service.go | 7 + internal/dms/storage/db_service.go | 14 +- 12 files changed, 481 insertions(+), 11 deletions(-) create mode 100644 internal/dms/biz/function_support_registry.go diff --git a/api/dms/service/v1/db_service.go b/api/dms/service/v1/db_service.go index 054b7732..52314614 100644 --- a/api/dms/service/v1/db_service.go +++ b/api/dms/service/v1/db_service.go @@ -442,6 +442,23 @@ type ListGlobalDBService struct { LastConnectionTestErrorMessage string `json:"last_connection_test_error_message,omitempty"` } +// swagger:enum FunctionSupportType +type FunctionSupportType string + +const ( + // FunctionSupportTypeDataMasking 数据脱敏功能 + FunctionSupportTypeDataMasking FunctionSupportType = "data_masking" +) + +// swagger:parameters ListGlobalDBServicesTips +type ListGlobalDBServicesTipsReq struct { + // function support filter, when specified, returns the db types supported by the function + // in: query + // enum: [data_masking] + // Example: data_masking + FunctionSupport FunctionSupportType `query:"function_support" json:"function_support" validate:"omitempty,oneof=data_masking"` +} + // swagger:model ListGlobalDBServicesTipsReply type ListGlobalDBServicesTipsReply struct { // List global db service tips reply @@ -452,5 +469,8 @@ type ListGlobalDBServicesTipsReply struct { } type ListGlobalDBServiceTips struct { + // DBType 数据库类型列表 + // 当请求参数 function_support 为空时,返回所有数据库类型 + // 当请求参数 function_support 有效时,仅返回支持该功能的数据库类型 DBType []string `json:"db_type"` } diff --git a/api/dms/service/v1/masking.go b/api/dms/service/v1/masking.go index 7b4c879a..2640fe3d 100644 --- a/api/dms/service/v1/masking.go +++ b/api/dms/service/v1/masking.go @@ -784,3 +784,56 @@ type GetPlaintextAccessRequestDetailReply struct { base.GenericResp } + +// swagger:parameters ListCreatableDBServicesForMaskingTask +// 用于获取可以创建敏感数据扫描任务的数据源列表 +type ListCreatableDBServicesForMaskingTaskReq struct { + // project uid + // in: path + // Required: true + // Example: "project_uid" + ProjectUid string `param:"project_uid" json:"project_uid" validate:"required"` + // the maximum count of db services to be returned, default is 100 + // in: query + // Example: 100 + PageSize uint32 `query:"page_size" json:"page_size"` + // the offset of db services to be returned, default is 0 + // in: query + // Example: 0 + PageIndex uint32 `query:"page_index" json:"page_index"` + // fuzzy search keywords for db service name + // in: query + // Example: "mysql" + Keywords string `query:"keywords" json:"keywords"` +} + +// swagger:model ListCreatableDBServicesForMaskingTaskData +// 可创建扫描任务的数据源数据 +type ListCreatableDBServicesForMaskingTaskData struct { + // database instance uid + // Example: "db_service_uid_1" + DBServiceUID string `json:"db_service_uid"` + // database instance name + // Example: "mysql-01" + DBServiceName string `json:"db_service_name"` + // database type + // Example: "MySQL" + DBType string `json:"db_type"` + // database instance host + // Example: "10.10.10.10" + DBServiceHost string `json:"db_service_host"` + // database instance port + // Example: "3306" + DBServicePort string `json:"db_service_port"` +} + +// swagger:model ListCreatableDBServicesForMaskingTaskReply +type ListCreatableDBServicesForMaskingTaskReply struct { + // list of db services that can create masking discovery task + Data []ListCreatableDBServicesForMaskingTaskData `json:"data"` + // total count of db services + // Example: 10 + Total int64 `json:"total_nums"` + + base.GenericResp +} diff --git a/api/swagger.json b/api/swagger.json index de139edd..cc15df40 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -1389,6 +1389,20 @@ "DBService" ], "operationId": "ListGlobalDBServicesTips", + "parameters": [ + { + "enum": [ + "[data_masking]" + ], + "type": "string", + "example": "data_masking", + "x-go-enum-desc": "data_masking FunctionSupportTypeDataMasking FunctionSupportTypeDataMasking 数据脱敏功能", + "x-go-name": "FunctionSupport", + "description": "function support filter, when specified, returns the db types supported by the function\ndata_masking FunctionSupportTypeDataMasking FunctionSupportTypeDataMasking 数据脱敏功能", + "name": "function_support", + "in": "query" + } + ], "responses": { "200": { "description": "ListGlobalDBServicesTipsReply", @@ -4702,6 +4716,66 @@ } } }, + "/v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/creatable-db-services": { + "get": { + "tags": [ + "Masking" + ], + "summary": "List db services that can create sensitive data discovery task.", + "operationId": "ListCreatableDBServicesForMaskingTask", + "parameters": [ + { + "type": "string", + "example": "\"project_uid\"", + "x-go-name": "ProjectUid", + "description": "project uid", + "name": "project_uid", + "in": "path", + "required": true + }, + { + "type": "integer", + "format": "uint32", + "example": "100", + "x-go-name": "PageSize", + "description": "the maximum count of db services to be returned, default is 100", + "name": "page_size", + "in": "query" + }, + { + "type": "integer", + "format": "uint32", + "example": "0", + "x-go-name": "PageIndex", + "description": "the offset of db services to be returned, default is 0", + "name": "page_index", + "in": "query" + }, + { + "type": "string", + "example": "\"mysql\"", + "x-go-name": "Keywords", + "description": "fuzzy search keywords for db service name", + "name": "keywords", + "in": "query" + } + ], + "responses": { + "200": { + "description": "List creatable db services for masking task successfully", + "schema": { + "$ref": "#/definitions/ListCreatableDBServicesForMaskingTaskReply" + } + }, + "default": { + "description": "Generic error response", + "schema": { + "$ref": "#/definitions/GenericResp" + } + } + } + } + }, "/v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/{task_id}": { "put": { "tags": [ @@ -10308,7 +10382,7 @@ "x-go-name": "Users" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "GetMemberGroupReply": { "type": "object", @@ -10328,7 +10402,7 @@ "x-go-name": "Message" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "GetOauth2ConfigurationResData": { "type": "object", @@ -11604,6 +11678,74 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "ListCreatableDBServicesForMaskingTaskData": { + "type": "object", + "properties": { + "db_service_host": { + "description": "database instance host", + "type": "string", + "x-go-name": "DBServiceHost", + "example": "\"10.10.10.10\"" + }, + "db_service_name": { + "description": "database instance name", + "type": "string", + "x-go-name": "DBServiceName", + "example": "\"mysql-01\"" + }, + "db_service_port": { + "description": "database instance port", + "type": "string", + "x-go-name": "DBServicePort", + "example": "\"3306\"" + }, + "db_service_uid": { + "description": "database instance uid", + "type": "string", + "x-go-name": "DBServiceUID", + "example": "\"db_service_uid_1\"" + }, + "db_type": { + "description": "database type", + "type": "string", + "x-go-name": "DBType", + "example": "\"MySQL\"" + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, + "ListCreatableDBServicesForMaskingTaskReply": { + "type": "object", + "properties": { + "code": { + "description": "code", + "type": "integer", + "format": "int64", + "x-go-name": "Code" + }, + "data": { + "description": "list of db services that can create masking discovery task", + "type": "array", + "items": { + "$ref": "#/definitions/ListCreatableDBServicesForMaskingTaskData" + }, + "x-go-name": "Data" + }, + "message": { + "description": "message", + "type": "string", + "x-go-name": "Message" + }, + "total_nums": { + "description": "total count of db services", + "type": "integer", + "format": "int64", + "x-go-name": "Total", + "example": 10 + } + }, + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + }, "ListDBService": { "description": "A dms db Service", "type": "object", @@ -12450,6 +12592,7 @@ "type": "object", "properties": { "db_type": { + "description": "DBType 数据库类型列表\n当请求参数 function_support 为空时,返回所有数据库类型\n当请求参数 function_support 有效时,仅返回支持该功能的数据库类型", "type": "array", "items": { "type": "string" @@ -16042,7 +16185,7 @@ "x-go-name": "Uid" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "UpdateBusinessTagReq": { "type": "object", diff --git a/api/swagger.yaml b/api/swagger.yaml index 84ec85bc..b9eb5eb3 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -2068,7 +2068,7 @@ definitions: type: array x-go-name: Users type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetMemberGroupReply: properties: code: @@ -2083,7 +2083,7 @@ definitions: type: string x-go-name: Message type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetOauth2ConfigurationResData: properties: access_token_tag: @@ -3083,6 +3083,60 @@ definitions: x-go-name: Total type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListCreatableDBServicesForMaskingTaskData: + properties: + db_service_host: + description: database instance host + example: '"10.10.10.10"' + type: string + x-go-name: DBServiceHost + db_service_name: + description: database instance name + example: '"mysql-01"' + type: string + x-go-name: DBServiceName + db_service_port: + description: database instance port + example: '"3306"' + type: string + x-go-name: DBServicePort + db_service_uid: + description: database instance uid + example: '"db_service_uid_1"' + type: string + x-go-name: DBServiceUID + db_type: + description: database type + example: '"MySQL"' + type: string + x-go-name: DBType + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 + ListCreatableDBServicesForMaskingTaskReply: + properties: + code: + description: code + format: int64 + type: integer + x-go-name: Code + data: + description: list of db services that can create masking discovery task + items: + $ref: '#/definitions/ListCreatableDBServicesForMaskingTaskData' + type: array + x-go-name: Data + message: + description: message + type: string + x-go-name: Message + total_nums: + description: total count of db services + example: 10 + format: int64 + type: integer + x-go-name: Total + type: object + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListDBService: description: A dms db Service properties: @@ -3764,6 +3818,10 @@ definitions: ListGlobalDBServiceTips: properties: db_type: + description: |- + DBType 数据库类型列表 + 当请求参数 function_support 为空时,返回所有数据库类型 + 当请求参数 function_support 有效时,仅返回支持该功能的数据库类型 items: type: string type: array @@ -6794,7 +6852,7 @@ definitions: type: string x-go-name: Uid type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 UpdateBusinessTagReq: properties: business_tag: @@ -8826,6 +8884,18 @@ paths: get: description: list global DBServices tips operationId: ListGlobalDBServicesTips + parameters: + - description: |- + function support filter, when specified, returns the db types supported by the function + data_masking FunctionSupportTypeDataMasking FunctionSupportTypeDataMasking 数据脱敏功能 + enum: + - '[data_masking]' + example: data_masking + in: query + name: function_support + type: string + x-go-enum-desc: data_masking FunctionSupportTypeDataMasking FunctionSupportTypeDataMasking 数据脱敏功能 + x-go-name: FunctionSupport responses: "200": description: ListGlobalDBServicesTipsReply @@ -10810,6 +10880,49 @@ paths: summary: List sensitive data discovery task histories. tags: - Masking + /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/creatable-db-services: + get: + operationId: ListCreatableDBServicesForMaskingTask + parameters: + - description: project uid + example: '"project_uid"' + in: path + name: project_uid + required: true + type: string + x-go-name: ProjectUid + - description: the maximum count of db services to be returned, default is 100 + example: "100" + format: uint32 + in: query + name: page_size + type: integer + x-go-name: PageSize + - description: the offset of db services to be returned, default is 0 + example: "0" + format: uint32 + in: query + name: page_index + type: integer + x-go-name: PageIndex + - description: fuzzy search keywords for db service name + example: '"mysql"' + in: query + name: keywords + type: string + x-go-name: Keywords + responses: + "200": + description: List creatable db services for masking task successfully + schema: + $ref: '#/definitions/ListCreatableDBServicesForMaskingTaskReply' + default: + description: Generic error response + schema: + $ref: '#/definitions/GenericResp' + summary: List db services that can create sensitive data discovery task. + tags: + - Masking /v1/dms/projects/{project_uid}/masking/tables/{table_id}/column-masking-details: get: operationId: GetTableColumnMaskingDetails diff --git a/internal/apiserver/service/data_mask_controller.go b/internal/apiserver/service/data_mask_controller.go index 537d7f49..9387dd20 100644 --- a/internal/apiserver/service/data_mask_controller.go +++ b/internal/apiserver/service/data_mask_controller.go @@ -205,6 +205,62 @@ func (ctl *DMSController) DeleteMaskingTemplate(c echo.Context) error { return NewOkRespWithReply(c, &aV1.DeleteMaskingTemplateReply{}) } +// swagger:operation GET /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks/creatable-db-services Masking ListCreatableDBServicesForMaskingTask +// +// List db services that can create sensitive data discovery task. +// +// --- +// parameters: +// - name: project_uid +// description: project uid +// in: path +// required: true +// type: string +// - name: page_size +// description: the maximum count of db services to be returned, default is 100 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: page_index +// description: the offset of db services to be returned, default is 0 +// in: query +// required: false +// type: integer +// format: uint32 +// - name: keywords +// description: fuzzy search keywords for db service name +// in: query +// required: false +// type: string +// +// responses: +// '200': +// description: List creatable db services for masking task successfully +// schema: +// "$ref": "#/definitions/ListCreatableDBServicesForMaskingTaskReply" +// default: +// description: Generic error response +// schema: +// "$ref": "#/definitions/GenericResp" +func (ctl *DMSController) ListCreatableDBServicesForMaskingTask(c echo.Context) error { + req := &aV1.ListCreatableDBServicesForMaskingTaskReq{} + if err := bindAndValidateReq(c, req); err != nil { + return NewErrResp(c, err, apiError.BadRequestErr) + } + + currentUserUid, err := jwt.GetUserUidStrFromContext(c) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + reply, err := ctl.DMS.ListCreatableDBServicesForMaskingTask(c.Request().Context(), req, currentUserUid) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + return NewOkRespWithReply(c, reply) +} + // swagger:operation GET /v1/dms/projects/{project_uid}/masking/sensitive-data-discovery-tasks Masking ListSensitiveDataDiscoveryTasks // // List sensitive data discovery tasks. diff --git a/internal/apiserver/service/dms_controller.go b/internal/apiserver/service/dms_controller.go index d1e8c157..5582b58e 100644 --- a/internal/apiserver/service/dms_controller.go +++ b/internal/apiserver/service/dms_controller.go @@ -333,11 +333,17 @@ func (ctl *DMSController) ListGlobalDBServices(c echo.Context) error { // 200: body:ListGlobalDBServicesTipsReply // default: body:GenericResp func (ctl *DMSController) ListGlobalDBServicesTips(c echo.Context) error { + req := new(aV1.ListGlobalDBServicesTipsReq) + err := bindAndValidateReq(c, req) + if nil != err { + return NewErrResp(c, err, apiError.BadRequestErr) + } + currentUserUid, err := jwt.GetUserUidStrFromContext(c) if err != nil { return NewErrResp(c, err, apiError.DMSServiceErr) } - reply, err := ctl.DMS.ListGlobalDBServicesTips(c.Request().Context(), currentUserUid) + reply, err := ctl.DMS.ListGlobalDBServicesTips(c.Request().Context(), req, currentUserUid) if nil != err { return NewErrResp(c, err, apiError.DMSServiceErr) } diff --git a/internal/dms/biz/function_support_registry.go b/internal/dms/biz/function_support_registry.go new file mode 100644 index 00000000..7159d00a --- /dev/null +++ b/internal/dms/biz/function_support_registry.go @@ -0,0 +1,48 @@ +package biz + +import ( + "sync" +) + +// FunctionSupportProvider 功能支持提供者接口 +// 各功能模块实现此接口,向注册中心提供自己支持的数据库类型 +type FunctionSupportProvider interface { + // GetFunctionName 返回功能名称,如 "data_masking" + GetFunctionName() string + // GetSupportedDBTypes 返回支持的数据库类型列表 + GetSupportedDBTypes() []string +} + +// FunctionSupportRegistry 功能支持注册中心 +// 管理各功能模块支持的数据库类型,用于全局查询 +type FunctionSupportRegistry struct { + mu sync.RWMutex + providers map[string]FunctionSupportProvider +} + +// NewFunctionSupportRegistry 创建功能支持注册中心 +func NewFunctionSupportRegistry() *FunctionSupportRegistry { + return &FunctionSupportRegistry{ + providers: make(map[string]FunctionSupportProvider), + } +} + +// Register 注册功能支持提供者 +func (r *FunctionSupportRegistry) Register(provider FunctionSupportProvider) { + r.mu.Lock() + defer r.mu.Unlock() + r.providers[provider.GetFunctionName()] = provider +} + +// GetSupportedDBTypes 获取指定功能支持的数据库类型列表 +// 如果功能未注册,返回 nil +func (r *FunctionSupportRegistry) GetSupportedDBTypes(functionName string) []string { + r.mu.RLock() + defer r.mu.RUnlock() + + provider, ok := r.providers[functionName] + if !ok { + return nil + } + return provider.GetSupportedDBTypes() +} diff --git a/internal/dms/service/data_masking_ce.go b/internal/dms/service/data_masking_ce.go index cf126850..5004f3aa 100644 --- a/internal/dms/service/data_masking_ce.go +++ b/internal/dms/service/data_masking_ce.go @@ -8,6 +8,7 @@ import ( v1 "github.com/actiontech/dms/api/dms/service/v1" "github.com/actiontech/dms/internal/dms/biz" + pkgConst "github.com/actiontech/dms/internal/dms/pkg/constant" "github.com/actiontech/dms/internal/dms/storage" utilLog "github.com/actiontech/dms/pkg/dms-common/pkg/log" @@ -68,6 +69,10 @@ func (d *DMSService) DeleteMaskingTemplate(ctx context.Context, req *dmsV1.Delet return errNotSupportDataMasking } +func (d *DMSService) ListCreatableDBServicesForMaskingTask(ctx context.Context, req *v1.ListCreatableDBServicesForMaskingTaskReq, currentUserUid string) (*v1.ListCreatableDBServicesForMaskingTaskReply, error) { + return nil, errNotSupportDataMasking +} + func initDataMaskingUsecase(_ utilLog.Logger, _ *storage.Storage, _ *biz.DBServiceUsecase, _ *biz.ClusterUsecase, _ biz.ProxyTargetRepo) (*dataMaskingUsecase, func(), error) { return nil, func() {}, nil } @@ -78,6 +83,8 @@ func newCloudbeaverSQLResultMasker(_ utilLog.Logger, _ *storage.Storage, _ biz.P type dataMaskingDiscoveryTaskUsecase interface { ListMaskingTaskStatus(ctx context.Context, dbServiceUIDs []string) (map[string]bool, error) + + GetSupportedDBTypesForDiscovery() []pkgConst.DBType } type dataMaskingUsecase struct { @@ -87,3 +94,8 @@ type dataMaskingUsecase struct { func initDataExportMaskingConfigRepo(_ utilLog.Logger, _ *storage.Storage) biz.DataExportMaskingConfigRepo { return nil } + +// registerFunctionProvidersToRegistry 在 CE 版本中为空实现 +func registerFunctionProvidersToRegistry(_ *biz.FunctionSupportRegistry, _ *dataMaskingUsecase) { + // CE 版本无功能提供者需要注册 +} diff --git a/internal/dms/service/db_service.go b/internal/dms/service/db_service.go index e4807f3d..33d29bca 100644 --- a/internal/dms/service/db_service.go +++ b/internal/dms/service/db_service.go @@ -752,8 +752,8 @@ func (d *DMSService) ListGlobalDBServices(ctx context.Context, req *dmsV2.ListGl return d.listGlobalDBServices(ctx, req, currentUserUid) } -func (d *DMSService) ListGlobalDBServicesTips(ctx context.Context, currentUserUid string) (reply *dmsV1.ListGlobalDBServicesTipsReply, err error) { - return d.listGlobalDBServicesTips(ctx, currentUserUid) +func (d *DMSService) ListGlobalDBServicesTips(ctx context.Context, req *dmsV1.ListGlobalDBServicesTipsReq, currentUserUid string) (reply *dmsV1.ListGlobalDBServicesTipsReply, err error) { + return d.listGlobalDBServicesTips(ctx, req, currentUserUid) } func (d *DMSService) ImportDBServicesOfOneProjectCheck(ctx context.Context, userUid, projectUid, fileContent string) (*dmsV2.ImportDBServicesCheckReply, []byte, error) { diff --git a/internal/dms/service/db_service_ce.go b/internal/dms/service/db_service_ce.go index b5efdbc5..c7a052cb 100644 --- a/internal/dms/service/db_service_ce.go +++ b/internal/dms/service/db_service_ce.go @@ -25,6 +25,6 @@ func (d *DMSService) listGlobalDBServices(ctx context.Context, req *dmsV2.ListGl return nil, errNotSupportGlobalDBServices } -func (d *DMSService) listGlobalDBServicesTips(ctx context.Context, currentUserUid string) (reply *dmsV1.ListGlobalDBServicesTipsReply, err error) { +func (d *DMSService) listGlobalDBServicesTips(ctx context.Context, req *dmsV1.ListGlobalDBServicesTipsReq, currentUserUid string) (reply *dmsV1.ListGlobalDBServicesTipsReply, err error) { return nil, errNotSupportGlobalDBServices } diff --git a/internal/dms/service/service.go b/internal/dms/service/service.go index fd2e8ecb..d4389600 100644 --- a/internal/dms/service/service.go +++ b/internal/dms/service/service.go @@ -43,6 +43,7 @@ type DMSService struct { DataExportWorkflowUsecase *biz.DataExportWorkflowUsecase CbOperationLogUsecase *biz.CbOperationLogUsecase DataMaskingUsecase *dataMaskingUsecase + FunctionSupportRegistry *biz.FunctionSupportRegistry AuthAccessTokenUseCase *biz.AuthAccessTokenUsecase SwaggerUseCase *biz.SwaggerUseCase GatewayUsecase *biz.GatewayUsecase @@ -157,6 +158,11 @@ func NewAndInitDMSService(logger utilLog.Logger, opts *conf.DMSOptions) (*DMSSer return nil, fmt.Errorf("failed to initialize data masking usecase: %v", err) } + // 初始化功能支持注册中心 + functionSupportRegistry := biz.NewFunctionSupportRegistry() + // 在 DMS 版本中注册功能提供者(通过条件编译函数) + registerFunctionProvidersToRegistry(functionSupportRegistry, dataMaskingUsecase) + authAccessTokenUsecase := biz.NewAuthAccessTokenUsecase(logger, userUsecase) cronTask := biz.NewCronTaskUsecase(logger, DataExportWorkflowUsecase, CbOperationLogUsecase, operationRecordUsecase, oauth2SessionUsecase) @@ -197,6 +203,7 @@ func NewAndInitDMSService(logger utilLog.Logger, opts *conf.DMSOptions) (*DMSSer DataExportWorkflowUsecase: DataExportWorkflowUsecase, CbOperationLogUsecase: CbOperationLogUsecase, DataMaskingUsecase: dataMaskingUsecase, + FunctionSupportRegistry: functionSupportRegistry, AuthAccessTokenUseCase: authAccessTokenUsecase, SwaggerUseCase: swaggerUseCase, GatewayUsecase: gatewayUsecase, diff --git a/internal/dms/storage/db_service.go b/internal/dms/storage/db_service.go index 3cf474d5..d0f092c1 100644 --- a/internal/dms/storage/db_service.go +++ b/internal/dms/storage/db_service.go @@ -51,12 +51,24 @@ func (d *DBServiceRepo) SaveDBServices(ctx context.Context, ds []*biz.DBService) } func (d *DBServiceRepo) ListDBServices(ctx context.Context, opt *biz.ListDBServicesOption) (services []*biz.DBService, total int64, err error) { + if opt == nil { + opt = &biz.ListDBServicesOption{ + PageNumber: 1, + LimitPerPage: 20, + } + } + if opt.LimitPerPage == 0 { + opt.LimitPerPage = 20 + } var models []*model.DBService if err := transaction(d.log, ctx, d.db, func(tx *gorm.DB) error { // find models { - db := tx.WithContext(ctx).Order(string(opt.OrderBy)) + db := tx.WithContext(ctx) + if opt.OrderBy != "" { + db = db.Order(string(opt.OrderBy)) + } db = gormWheresWithOptions(ctx, db, opt.FilterByOptions) db = db.Limit(int(opt.LimitPerPage)).Offset(int(opt.LimitPerPage * (uint32(fixPageIndices(opt.PageNumber))))).Preload("EnvironmentTag").Find(&models) if err := db.Error; err != nil { From 6f66980d11230ec5af3a3e063bef22828023fbf7 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Wed, 25 Mar 2026 07:41:33 +0000 Subject: [PATCH 12/16] ce fix: update Swagger definitions and add new task status MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 增加敏感数据扫描任务的终止状态 - Changed the x-go-package path in Swagger files to the new structure for consistency. - Added "STOPPED" status to the task status descriptions and enums in both Swagger JSON and YAML files. - Updated related Go constants and methods to include the new "STOPPED" status for sensitive data discovery tasks, enhancing the API's functionality. --- api/dms/service/v1/masking.go | 1 + api/swagger.json | 20 +++++++++++--------- api/swagger.yaml | 12 +++++++++--- 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/api/dms/service/v1/masking.go b/api/dms/service/v1/masking.go index 2640fe3d..d56e9f60 100644 --- a/api/dms/service/v1/masking.go +++ b/api/dms/service/v1/masking.go @@ -196,6 +196,7 @@ const ( SensitiveDataDiscoveryTaskStatusCompleted SensitiveDataDiscoveryTaskStatus = "COMPLETED" SensitiveDataDiscoveryTaskStatusRunning SensitiveDataDiscoveryTaskStatus = "RUNNING" SensitiveDataDiscoveryTaskStatusFailed SensitiveDataDiscoveryTaskStatus = "FAILED" + SensitiveDataDiscoveryTaskStatusStopped SensitiveDataDiscoveryTaskStatus = "STOPPED" ) // swagger:model ListSensitiveDataDiscoveryTasksData diff --git a/api/swagger.json b/api/swagger.json index cc15df40..f9149f88 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -10382,7 +10382,7 @@ "x-go-name": "Users" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "GetMemberGroupReply": { "type": "object", @@ -10402,7 +10402,7 @@ "x-go-name": "Message" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "GetOauth2ConfigurationResData": { "type": "object", @@ -13650,16 +13650,17 @@ "example": "\"scan completed successfully\"" }, "status": { - "description": "execution status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "description": "execution status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed\nSTOPPED SensitiveDataDiscoveryTaskStatusStopped", "type": "string", "enum": [ "PENDING_CONFIRM", "NORMAL", "COMPLETED", "RUNNING", - "FAILED" + "FAILED", + "STOPPED" ], - "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed\nSTOPPED SensitiveDataDiscoveryTaskStatusStopped", "x-go-name": "Status", "example": "\"NORMAL\"" } @@ -13786,16 +13787,17 @@ "example": "\"2024-01-15T10:30:00Z\"" }, "status": { - "description": "task status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "description": "task status\nPENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed\nSTOPPED SensitiveDataDiscoveryTaskStatusStopped", "type": "string", "enum": [ "PENDING_CONFIRM", "NORMAL", "COMPLETED", "RUNNING", - "FAILED" + "FAILED", + "STOPPED" ], - "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed", + "x-go-enum-desc": "PENDING_CONFIRM SensitiveDataDiscoveryTaskStatusPendingChangeConfirm\nNORMAL SensitiveDataDiscoveryTaskStatusNormal\nCOMPLETED SensitiveDataDiscoveryTaskStatusCompleted\nRUNNING SensitiveDataDiscoveryTaskStatusRunning\nFAILED SensitiveDataDiscoveryTaskStatusFailed\nSTOPPED SensitiveDataDiscoveryTaskStatusStopped", "x-go-name": "Status", "example": "\"NORMAL\"" }, @@ -16185,7 +16187,7 @@ "x-go-name": "Uid" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "UpdateBusinessTagReq": { "type": "object", diff --git a/api/swagger.yaml b/api/swagger.yaml index b9eb5eb3..5611cfb6 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -2068,7 +2068,7 @@ definitions: type: array x-go-name: Users type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 GetMemberGroupReply: properties: code: @@ -2083,7 +2083,7 @@ definitions: type: string x-go-name: Message type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 GetOauth2ConfigurationResData: properties: access_token_tag: @@ -4698,12 +4698,14 @@ definitions: COMPLETED SensitiveDataDiscoveryTaskStatusCompleted RUNNING SensitiveDataDiscoveryTaskStatusRunning FAILED SensitiveDataDiscoveryTaskStatusFailed + STOPPED SensitiveDataDiscoveryTaskStatusStopped enum: - PENDING_CONFIRM - NORMAL - COMPLETED - RUNNING - FAILED + - STOPPED example: '"NORMAL"' type: string x-go-enum-desc: |- @@ -4712,6 +4714,7 @@ definitions: COMPLETED SensitiveDataDiscoveryTaskStatusCompleted RUNNING SensitiveDataDiscoveryTaskStatusRunning FAILED SensitiveDataDiscoveryTaskStatusFailed + STOPPED SensitiveDataDiscoveryTaskStatusStopped x-go-name: Status type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 @@ -4832,12 +4835,14 @@ definitions: COMPLETED SensitiveDataDiscoveryTaskStatusCompleted RUNNING SensitiveDataDiscoveryTaskStatusRunning FAILED SensitiveDataDiscoveryTaskStatusFailed + STOPPED SensitiveDataDiscoveryTaskStatusStopped enum: - PENDING_CONFIRM - NORMAL - COMPLETED - RUNNING - FAILED + - STOPPED example: '"NORMAL"' type: string x-go-enum-desc: |- @@ -4846,6 +4851,7 @@ definitions: COMPLETED SensitiveDataDiscoveryTaskStatusCompleted RUNNING SensitiveDataDiscoveryTaskStatusRunning FAILED SensitiveDataDiscoveryTaskStatusFailed + STOPPED SensitiveDataDiscoveryTaskStatusStopped x-go-name: Status task_type: description: |- @@ -6852,7 +6858,7 @@ definitions: type: string x-go-name: Uid type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 UpdateBusinessTagReq: properties: business_tag: From 27d73f776fd5fde0263e5830364f435c2a5ee8cb Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Wed, 25 Mar 2026 09:27:07 +0000 Subject: [PATCH 13/16] ce feat: enhance data masking functionality with user-specific configurations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 优化敏感数据扫描流程,不重复扫描用户已确认字段 - 排除Oracle系统表 - 区分用户更新和系统更新 - Updated the `ConfigureMaskingRules` method to accept a `currentUserUid` parameter, allowing for user-specific masking rule configurations. - Modified the `BatchUpsertDiscoveryResults` method to handle user updates distinctly from system updates, ensuring better control over masking configurations. - Introduced a new method `ConfigureMaskingRulesByUser` in the `MaskingRuleManagementUsecase` to facilitate user-specific rule management. - Enhanced the `SensitiveDiscoveryUsecase` to exclude previously configured columns during sensitive data discovery, improving the accuracy of the discovery process. - Updated the Oracle metadata collector to include additional default schemas for exclusion, refining the schema collection process. --- internal/apiserver/service/data_mask_controller.go | 7 ++++++- internal/dms/service/data_masking_ce.go | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/internal/apiserver/service/data_mask_controller.go b/internal/apiserver/service/data_mask_controller.go index 9387dd20..1a13b398 100644 --- a/internal/apiserver/service/data_mask_controller.go +++ b/internal/apiserver/service/data_mask_controller.go @@ -513,7 +513,12 @@ func (ctl *DMSController) ConfigureMaskingRules(c echo.Context) error { return NewErrResp(c, err, apiError.BadRequestErr) } - if err := ctl.DMS.ConfigureMaskingRules(c.Request().Context(), req); err != nil { + currentUserUid, err := jwt.GetUserUidStrFromContext(c) + if err != nil { + return NewErrResp(c, err, apiError.DMSServiceErr) + } + + if err := ctl.DMS.ConfigureMaskingRules(c.Request().Context(), req, currentUserUid); err != nil { return NewErrResp(c, err, apiError.DMSServiceErr) } diff --git a/internal/dms/service/data_masking_ce.go b/internal/dms/service/data_masking_ce.go index 5004f3aa..04f176ea 100644 --- a/internal/dms/service/data_masking_ce.go +++ b/internal/dms/service/data_masking_ce.go @@ -17,7 +17,7 @@ import ( var errNotSupportDataMasking = errors.New("DataMasking related functions are dms version functions") -func (d *DMSService) ConfigureMaskingRules(ctx context.Context, req *v1.ConfigureMaskingRulesReq) error { +func (d *DMSService) ConfigureMaskingRules(ctx context.Context, req *v1.ConfigureMaskingRulesReq, currentUserUid string) error { return errNotSupportDataMasking } From 79bcb8d71b29cd45fa02a42177285368ef9aef8d Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Thu, 26 Mar 2026 09:00:57 +0000 Subject: [PATCH 14/16] fix: update Swagger definitions and improve sensitive data discovery task management MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 调整更新敏感数据扫描任务的接口,改为Action模式,简化状态流转。移除状态机 - 修复swagger定义错误 - Corrected enum values in Swagger files for consistency, changing "[data_masking]" to "data_masking". - Updated x-go-package paths to reflect the new structure across multiple definitions. - Enhanced the UpdateSensitiveDataDiscoveryTaskReq to use an action-based approach, replacing the task requirement with an action field for better clarity in task management. - Added new properties to ListMemberRoleWithOpRange for member group and operation permissions, improving the API's functionality. --- api/dms/service/v1/db_service.go | 2 +- api/dms/service/v1/masking.go | 28 +++++++++++-------- api/swagger.json | 46 ++++++++++++++++++++------------ api/swagger.yaml | 46 +++++++++++++++++++++----------- 4 files changed, 78 insertions(+), 44 deletions(-) diff --git a/api/dms/service/v1/db_service.go b/api/dms/service/v1/db_service.go index 52314614..73bb5d03 100644 --- a/api/dms/service/v1/db_service.go +++ b/api/dms/service/v1/db_service.go @@ -454,7 +454,7 @@ const ( type ListGlobalDBServicesTipsReq struct { // function support filter, when specified, returns the db types supported by the function // in: query - // enum: [data_masking] + // enum: data_masking // Example: data_masking FunctionSupport FunctionSupportType `query:"function_support" json:"function_support" validate:"omitempty,oneof=data_masking"` } diff --git a/api/dms/service/v1/masking.go b/api/dms/service/v1/masking.go index d56e9f60..2b93a4dd 100644 --- a/api/dms/service/v1/masking.go +++ b/api/dms/service/v1/masking.go @@ -361,6 +361,15 @@ type AddSensitiveDataDiscoveryTaskReply struct { base.GenericResp } +// swagger:enum SensitiveDataDiscoveryTaskAction +type SensitiveDataDiscoveryTaskAction string + +const ( + SensitiveDataDiscoveryTaskActionEnable SensitiveDataDiscoveryTaskAction = "ENABLE" + SensitiveDataDiscoveryTaskActionTerminate SensitiveDataDiscoveryTaskAction = "TERMINATE" + SensitiveDataDiscoveryTaskActionUpdate SensitiveDataDiscoveryTaskAction = "UPDATE" +) + // swagger:model UpdateSensitiveDataDiscoveryTaskReq type UpdateSensitiveDataDiscoveryTaskReq struct { // project uid @@ -375,29 +384,26 @@ type UpdateSensitiveDataDiscoveryTaskReq struct { // Required: true // Example: 1 TaskID int `param:"task_id" json:"task_id" validate:"required"` - // sensitive data discovery task + // action type: ENABLE(启用周期扫描), TERMINATE(终止周期扫描), UPDATE(更新配置) // Required: true - Task *UpdateSensitiveDataDiscoveryTask `json:"task" validate:"required"` + // Example: "ENABLE" + Action SensitiveDataDiscoveryTaskAction `json:"action" validate:"required,oneof=ENABLE TERMINATE UPDATE"` + // task update data, required when action is UPDATE + Task *UpdateSensitiveDataDiscoveryTask `json:"task"` } // swagger:model UpdateSensitiveDataDiscoveryTask type UpdateSensitiveDataDiscoveryTask struct { // masking template id - // Required: true // Example: 1 MaskingTemplateID int `json:"masking_template_id"` // sensitive data identification method - // Required: true // Example: "BY_FIELD_NAME" - IdentificationMethod SensitiveDataIdentificationMethod `json:"identification_method" validate:"required,oneof=BY_FIELD_NAME BY_SAMPLE_DATA"` + IdentificationMethod SensitiveDataIdentificationMethod `json:"identification_method" validate:"oneof=BY_FIELD_NAME BY_SAMPLE_DATA"` // execution plan - // Required: true // Example: "PERIODIC" - ExecutionPlan SensitiveDataDiscoveryTaskType `json:"execution_plan" validate:"required,oneof=PERIODIC ONE_TIME"` - // whether periodic scanning is enabled - // Example: true - IsPeriodicScanEnabled *bool `json:"is_periodic_scan_enabled"` - // cron expression, required when execution_plan is PERIODIC + ExecutionPlan SensitiveDataDiscoveryTaskType `json:"execution_plan" validate:"oneof=PERIODIC ONE_TIME"` + // cron expression, only used when execution_plan is PERIODIC // Example: "0 0 * * *" CronExpression string `json:"cron_expression"` } diff --git a/api/swagger.json b/api/swagger.json index f9149f88..fae9f026 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -1392,7 +1392,7 @@ "parameters": [ { "enum": [ - "[data_masking]" + "data_masking" ], "type": "string", "example": "data_masking", @@ -10382,7 +10382,7 @@ "x-go-name": "Users" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "GetMemberGroupReply": { "type": "object", @@ -10402,7 +10402,7 @@ "x-go-name": "Message" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "GetOauth2ConfigurationResData": { "type": "object", @@ -13144,6 +13144,17 @@ "ListMemberRoleWithOpRange": { "type": "object", "properties": { + "member_group": { + "$ref": "#/definitions/ProjectMemberGroup" + }, + "op_permissions": { + "description": "member op permissions", + "type": "array", + "items": { + "$ref": "#/definitions/UidWithName" + }, + "x-go-name": "OpPermissions" + }, "op_range_type": { "description": "op permission range type, only support db service now\nunknown OpRangeTypeUnknown\nglobal OpRangeTypeGlobal 全局权限: 该权限只能被用户使用\nproject OpRangeTypeProject 项目权限: 该权限只能被成员使用\ndb_service OpRangeTypeDBService 项目内的数据源权限: 该权限只能被成员使用", "type": "string", @@ -13168,7 +13179,7 @@ "$ref": "#/definitions/UidWithName" } }, - "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" + "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "ListMemberTipsItem": { "type": "object", @@ -16898,14 +16909,9 @@ }, "UpdateSensitiveDataDiscoveryTask": { "type": "object", - "required": [ - "masking_template_id", - "identification_method", - "execution_plan" - ], "properties": { "cron_expression": { - "description": "cron expression, required when execution_plan is PERIODIC", + "description": "cron expression, only used when execution_plan is PERIODIC", "type": "string", "x-go-name": "CronExpression", "example": "\"0 0 * * *\"" @@ -16932,12 +16938,6 @@ "x-go-name": "IdentificationMethod", "example": "\"BY_FIELD_NAME\"" }, - "is_periodic_scan_enabled": { - "description": "whether periodic scanning is enabled", - "type": "boolean", - "x-go-name": "IsPeriodicScanEnabled", - "example": true - }, "masking_template_id": { "description": "masking template id", "type": "integer", @@ -16980,9 +16980,21 @@ "UpdateSensitiveDataDiscoveryTaskReq": { "type": "object", "required": [ - "task" + "action" ], "properties": { + "action": { + "description": "action type: ENABLE(启用周期扫描), TERMINATE(终止周期扫描), UPDATE(更新配置)\nENABLE SensitiveDataDiscoveryTaskActionEnable\nTERMINATE SensitiveDataDiscoveryTaskActionTerminate\nUPDATE SensitiveDataDiscoveryTaskActionUpdate", + "type": "string", + "enum": [ + "ENABLE", + "TERMINATE", + "UPDATE" + ], + "x-go-enum-desc": "ENABLE SensitiveDataDiscoveryTaskActionEnable\nTERMINATE SensitiveDataDiscoveryTaskActionTerminate\nUPDATE SensitiveDataDiscoveryTaskActionUpdate", + "x-go-name": "Action", + "example": "\"ENABLE\"" + }, "task": { "$ref": "#/definitions/UpdateSensitiveDataDiscoveryTask" } diff --git a/api/swagger.yaml b/api/swagger.yaml index 5611cfb6..a1c0c754 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -2068,7 +2068,7 @@ definitions: type: array x-go-name: Users type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetMemberGroupReply: properties: code: @@ -2083,7 +2083,7 @@ definitions: type: string x-go-name: Message type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 GetOauth2ConfigurationResData: properties: access_token_tag: @@ -4252,6 +4252,14 @@ definitions: x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMemberRoleWithOpRange: properties: + member_group: + $ref: '#/definitions/ProjectMemberGroup' + op_permissions: + description: member op permissions + items: + $ref: '#/definitions/UidWithName' + type: array + x-go-name: OpPermissions op_range_type: description: |- op permission range type, only support db service now @@ -4280,7 +4288,7 @@ definitions: role_uid: $ref: '#/definitions/UidWithName' type: object - x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 + x-go-package: github.com/actiontech/dms/api/dms/service/v1 ListMemberTipsItem: properties: user_id: @@ -7411,7 +7419,7 @@ definitions: UpdateSensitiveDataDiscoveryTask: properties: cron_expression: - description: cron expression, required when execution_plan is PERIODIC + description: cron expression, only used when execution_plan is PERIODIC example: '"0 0 * * *"' type: string x-go-name: CronExpression @@ -7443,21 +7451,12 @@ definitions: BY_FIELD_NAME SensitiveDataIdentificationMethodByFieldName BY_SAMPLE_DATA SensitiveDataIdentificationMethodBySampleData x-go-name: IdentificationMethod - is_periodic_scan_enabled: - description: whether periodic scanning is enabled - example: true - type: boolean - x-go-name: IsPeriodicScanEnabled masking_template_id: description: masking template id example: 1 format: int64 type: integer x-go-name: MaskingTemplateID - required: - - masking_template_id - - identification_method - - execution_plan type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 UpdateSensitiveDataDiscoveryTaskData: @@ -7483,10 +7482,27 @@ definitions: x-go-package: github.com/actiontech/dms/api/dms/service/v1 UpdateSensitiveDataDiscoveryTaskReq: properties: + action: + description: |- + action type: ENABLE(启用周期扫描), TERMINATE(终止周期扫描), UPDATE(更新配置) + ENABLE SensitiveDataDiscoveryTaskActionEnable + TERMINATE SensitiveDataDiscoveryTaskActionTerminate + UPDATE SensitiveDataDiscoveryTaskActionUpdate + enum: + - ENABLE + - TERMINATE + - UPDATE + example: '"ENABLE"' + type: string + x-go-enum-desc: |- + ENABLE SensitiveDataDiscoveryTaskActionEnable + TERMINATE SensitiveDataDiscoveryTaskActionTerminate + UPDATE SensitiveDataDiscoveryTaskActionUpdate + x-go-name: Action task: $ref: '#/definitions/UpdateSensitiveDataDiscoveryTask' required: - - task + - action type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 UpdateSmsConfiguration: @@ -8895,7 +8911,7 @@ paths: function support filter, when specified, returns the db types supported by the function data_masking FunctionSupportTypeDataMasking FunctionSupportTypeDataMasking 数据脱敏功能 enum: - - '[data_masking]' + - data_masking example: data_masking in: query name: function_support From 16473d1a5977a4b079f0b35a6513511f89d27638 Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Mon, 30 Mar 2026 05:57:16 +0000 Subject: [PATCH 15/16] docs: update swagger --- api/swagger.json | 14 ++++++++------ api/swagger.yaml | 16 +++++++++++----- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/api/swagger.json b/api/swagger.json index fae9f026..48ad3c5a 100644 --- a/api/swagger.json +++ b/api/swagger.json @@ -9684,6 +9684,12 @@ }, "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, + "DateTime": { + "description": "DateTime is a time but it serializes to ISO8601 format with millis\nIt knows how to read 3 different variations of a RFC3339 date time.\nMost APIs we encounter want either millisecond or second precision times.\nThis just tries to make it worry-free.", + "type": "string", + "format": "date-time", + "x-go-package": "github.com/go-openapi/strfmt" + }, "DbServiceConnections": { "type": "object", "properties": { @@ -10382,7 +10388,7 @@ "x-go-name": "Users" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "GetMemberGroupReply": { "type": "object", @@ -10402,7 +10408,7 @@ "x-go-name": "Message" } }, - "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" + "x-go-package": "github.com/actiontech/dms/pkg/dms-common/api/dms/v1" }, "GetOauth2ConfigurationResData": { "type": "object", @@ -11117,10 +11123,6 @@ "x-go-package": "github.com/actiontech/dms/api/dms/service/v1" }, "I18nStr": { - "type": "object", - "additionalProperties": { - "type": "string" - }, "x-go-package": "github.com/actiontech/dms/pkg/dms-common/i18nPkg" }, "ImportDBService": { diff --git a/api/swagger.yaml b/api/swagger.yaml index a1c0c754..83735307 100644 --- a/api/swagger.yaml +++ b/api/swagger.yaml @@ -1539,6 +1539,15 @@ definitions: x-go-name: Params type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 + DateTime: + description: |- + DateTime is a time but it serializes to ISO8601 format with millis + It knows how to read 3 different variations of a RFC3339 date time. + Most APIs we encounter want either millisecond or second precision times. + This just tries to make it worry-free. + format: date-time + type: string + x-go-package: github.com/go-openapi/strfmt DbServiceConnections: properties: db_service_uid: @@ -2068,7 +2077,7 @@ definitions: type: array x-go-name: Users type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 GetMemberGroupReply: properties: code: @@ -2083,7 +2092,7 @@ definitions: type: string x-go-name: Message type: object - x-go-package: github.com/actiontech/dms/api/dms/service/v1 + x-go-package: github.com/actiontech/dms/pkg/dms-common/api/dms/v1 GetOauth2ConfigurationResData: properties: access_token_tag: @@ -2660,9 +2669,6 @@ definitions: type: object x-go-package: github.com/actiontech/dms/api/dms/service/v1 I18nStr: - additionalProperties: - type: string - type: object x-go-package: github.com/actiontech/dms/pkg/dms-common/i18nPkg ImportDBService: properties: From 978b650795301735ffcbe90f174dce137cd41bcf Mon Sep 17 00:00:00 2001 From: WinfredLIN Date: Mon, 30 Mar 2026 06:38:56 +0000 Subject: [PATCH 16/16] chore: update file change prevention pattern in GitHub Actions workflow - Modified the pattern in the check-pr-files.yml to exclude _ee.md files from changes, enhancing the file change prevention mechanism. --- .github/workflows/check-pr-files.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check-pr-files.yml b/.github/workflows/check-pr-files.yml index e447dac1..8397c6e3 100644 --- a/.github/workflows/check-pr-files.yml +++ b/.github/workflows/check-pr-files.yml @@ -12,5 +12,5 @@ jobs: name: Prevent file change with: githubToken: ${{ secrets.GITHUB_TOKEN }} - pattern: ^(?!.*_ee\.go$)(?!.*_ee_test\.go$)(?!.*_ee\.yml$)(?!.*_rel\.go$)(?!.*_rel_test\.go$)(?!go\.mod$)(?!go\.sum$)(?!\.github\/workflows\/check-pr-files\.yml$)(?!vendor\/.*)(?!.*_qa\.go$).* + pattern: ^(?!.*_ee\.go$)(?!.*_ee_test\.go$)(?!.*_ee\.md$)(?!.*_ee\.yml$)(?!.*_rel\.go$)(?!.*_rel_test\.go$)(?!go\.mod$)(?!go\.sum$)(?!\.github\/workflows\/check-pr-files\.yml$)(?!vendor\/.*)(?!.*_qa\.go$).* trustedAuthors: xalvarez \ No newline at end of file