IGNITE-26608

Author: petrov-mg

modules/clients/src/test/java/org/apache/ignite/common/ComputeTaskPermissionsTest.java

@@ -50,12 +50,12 @@
 import org.apache.ignite.internal.IgniteEx;
 import org.apache.ignite.internal.management.cache.VerifyBackupPartitionsTask;
 import org.apache.ignite.internal.processors.security.AbstractSecurityTest;
-import org.apache.ignite.internal.processors.security.OperationSecurityContext;
 import org.apache.ignite.internal.processors.security.PublicAccessJob;
 import org.apache.ignite.internal.processors.security.SecurityContext;
 import org.apache.ignite.internal.processors.security.compute.ComputePermissionCheckTest;
 import org.apache.ignite.internal.processors.security.impl.TestSecurityData;
 import org.apache.ignite.internal.processors.security.impl.TestSecurityPluginProvider;
+import org.apache.ignite.internal.thread.context.Scope;
 import org.apache.ignite.internal.util.lang.ConsumerX;
 import org.apache.ignite.internal.util.lang.RunnableX;
 import org.apache.ignite.internal.util.lang.gridfunc.AtomicIntegerFactoryCallable;
@@ -379,7 +379,7 @@ public void testSystemTaskCancel() throws Exception {
         SecurityContext initiatorSecCtx = securityContext("no-permissions-login-0");
 
         SupplierX<Future<?>> starter = () -> {
-            try (OperationSecurityContext ignored1 = grid(0).context().security().withContext(initiatorSecCtx)) {
+            try (Scope ignored1 = grid(0).context().security().withContext(initiatorSecCtx)) {
                 return new TestFutureAdapter<>(
                     grid(0).context().closure().runAsync(
                         BROADCAST,
@@ -429,7 +429,7 @@ private void checkTaskCancel(
             assertTrue(taskStartedLatch.await(getTestTimeout(), MILLISECONDS));
 
             try (
-                OperationSecurityContext ignored = initiator == null
+                Scope ignored = initiator == null
                     ? null
                     : grid(0).context().security().withContext(initiator)
             ) {

modules/commons/src/main/java/org/apache/ignite/internal/thread/context/ContextAttribute.java

@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.thread.context;
+
+import java.util.NoSuchElementException;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/** */
+public class ContextAttribute<T> {
+    /** */
+    static final AtomicInteger ID_GEN = new AtomicInteger();
+
+    /** */
+    static final int MAX_ATTRIBUTE_CNT = Integer.SIZE;
+
+    /** */
+    private final byte id;
+
+    /** */
+    private final int bitmask;
+
+    /** */
+    private ContextAttribute(byte id) {
+        this.id = id;
+        this.bitmask = 1 << id;
+    }
+
+    /** */
+    byte id() {
+        return id;
+    }
+
+    /** */
+    int bitmask() {
+        return bitmask;
+    }
+
+    /** */
+    public boolean isAttached() {
+        return ThreadLocalContextStorage.get().findScopedContextFor(this) != null;
+    }
+
+    /** */
+    public T get() {
+        ScopedContext sc = ThreadLocalContextStorage.get().findScopedContextFor(this);
+
+        if (sc == null)
+            throw new NoSuchElementException();
+
+        return (T)sc.value();
+    }
+
+    /** */
+    public T orElse(T other) {
+        ScopedContext sc = ThreadLocalContextStorage.get().findScopedContextFor(this);
+
+        return sc == null ? other : (T)sc.value();
+    }
+
+    /** */
+    public static <T> ContextAttribute<T> newInstance() {
+        int id = ID_GEN.getAndIncrement();
+
+        if (MAX_ATTRIBUTE_CNT <= id) {
+            throw new RuntimeException("Exceeded maximum supported number of created Context Attributes instances" +
+                " [maxCnt=" + MAX_ATTRIBUTE_CNT + ']');
+        }
+
+        return new ContextAttribute<>((byte)id);
+    }
+
+    /** */
+    static int highReservedId() {
+        return ID_GEN.get();
+    }
+}

modules/commons/src/main/java/org/apache/ignite/internal/thread/context/ContextAwareWrapper.java

@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.thread.context;
+
+import java.util.function.BiFunction;
+import org.apache.ignite.internal.IgniteInternalWrapper;
+
+/** */
+public abstract class ContextAwareWrapper<T> implements IgniteInternalWrapper<T> {
+    /** */
+    protected final T delegate;
+
+    /** */
+    protected final ContextSnapshot snapshot;
+
+    /** */
+    @Override public T delegate() {
+        return delegate;
+    }
+
+    /** */
+    protected ContextAwareWrapper(T delegate, ContextSnapshot snapshot) {
+        this.delegate = delegate;
+        this.snapshot = snapshot;
+    }
+
+    /** */
+    protected static <T> T wrap(T delegate, BiFunction<T, ContextSnapshot, T> wrapper) {
+        return wrap(delegate, wrapper, false);
+    }
+
+    /** */
+    protected static <T> T wrap(T delegate, BiFunction<T, ContextSnapshot, T> wrapper, boolean ignoreEmptyContext) {
+        if (delegate == null || delegate instanceof ContextAwareWrapper)
+            return delegate;
+
+        ContextSnapshot snapshot = ContextSnapshot.capture();
+
+        if (ignoreEmptyContext && snapshot.isEmpty())
+            return delegate;
+
+        return wrapper.apply(delegate, snapshot);
+    }
+}

modules/commons/src/main/java/org/apache/ignite/internal/thread/context/ContextDataChain.java

@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.thread.context;
+
+/** */
+public abstract class ContextDataChain<T> {
+    /** */
+    private final int storedAttrBits;
+
+    /** */
+    private final T prev;
+
+    /** */
+    protected ContextDataChain() {
+        storedAttrBits = 0;
+        prev = null;
+    }
+
+    /** */
+    protected ContextDataChain(int storedAttrBits, T prev) {
+        this.storedAttrBits = storedAttrBits;
+        this.prev = prev;
+    }
+
+    /** */
+    abstract boolean isEmpty();
+
+    /** */
+    int storedAttributeBits() {
+        return storedAttrBits;
+    }
+
+    /** */
+    boolean containsValueFor(ContextAttribute<?> attr) {
+        return (storedAttrBits & attr.bitmask()) != 0;
+    }
+
+    /** */
+    T previous() {
+        assert !isEmpty();
+
+        return prev;
+    }
+}

modules/commons/src/main/java/org/apache/ignite/internal/thread/context/ContextSnapshot.java

@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.thread.context;
+
+/** */
+public class ContextSnapshot extends ContextDataChain<ContextSnapshot> {
+    /** */
+    static final ContextSnapshot ROOT = new ContextSnapshot();
+    
+    /** */
+    private final ScopedContext scopedCtx;
+
+    /** */
+    private ContextSnapshot() {
+        scopedCtx = null;
+    }
+
+    /** */
+    private ContextSnapshot(ScopedContext scopedCtx, ContextSnapshot prev) {
+        super(scopedCtx.storedAttributeBits() | prev.storedAttributeBits(), prev);
+        
+        this.scopedCtx = scopedCtx;
+    }
+
+    /** */
+    public Scope restore() {
+        ThreadLocalContextStorage threadData = ThreadLocalContextStorage.get();
+
+        ContextSnapshot prev = threadData.snapshot();
+
+        threadData.reinitialize(this);
+
+        return () -> {
+            ThreadLocalContextStorage td = ThreadLocalContextStorage.get();
+
+            assert td.snapshot() == this : "Scopes must be closed in the same order and in the same thread they are opened";
+
+            td.reinitialize(prev);
+        };
+    }
+
+    /** */
+    ContextSnapshot attach(ScopedContext scopedCtx) {
+        return new ContextSnapshot(scopedCtx, this);
+    }
+
+    /** */
+    ScopedContext scopedContext() {
+        assert !isEmpty();
+
+        return scopedCtx;
+    }
+
+    /** {@inheritDoc} */
+    @Override boolean isEmpty() {
+        return this == ROOT;
+    }
+
+    /** */
+    public static ContextSnapshot capture() {
+        return ThreadLocalContextStorage.get().snapshot();
+    }
+}

…s/security/OperationSecurityContext.java …gnite/internal/thread/context/Scope.javamodules/core/src/main/java/org/apache/ignite/internal/processors/security/OperationSecurityContext.java renamed to modules/commons/src/main/java/org/apache/ignite/internal/thread/context/Scope.java modules/core/src/main/java/org/apache/ignite/internal/processors/security/OperationSecurityContext.java renamed to modules/commons/src/main/java/org/apache/ignite/internal/thread/context/Scope.java

@@ -15,32 +15,17 @@
  * limitations under the License.
  */
 
-package org.apache.ignite.internal.processors.security;
+package org.apache.ignite.internal.thread.context;
 
-/**
- *
- */
-public class OperationSecurityContext implements AutoCloseable {
-    /** Ignite Security. */
-    private final IgniteSecurity proc;
-
-    /** Security context. */
-    private final SecurityContext secCtx;
-
-    /**
-     * @param proc Ignite Security.
-     * @param secCtx Security context.
-     */
-    OperationSecurityContext(IgniteSecurity proc, SecurityContext secCtx) {
-        this.proc = proc;
-        this.secCtx = secCtx;
-    }
+/** */
+public interface Scope extends AutoCloseable {
+    /** */
+    Scope NOOP_SCOPE = new Scope() {
+        @Override public void close() {
+            // No-op.
+        }
+    };
 
     /** {@inheritDoc} */
-    @Override public void close() {
-        if (secCtx == null)
-            ((IgniteSecurityProcessor)proc).restoreDefaultContext();
-        else
-            proc.withContext(secCtx);
-    }
+    @Override void close();
 }