CGP协议安全模式
安全模式与协议正常模式本质区别是,正常模式下所有数据库操作指令均由协议消息体直接操作数据库,而安全模式下数据库操作协议在DbPoxy下预先定义好数据库操作定义后由CGP协议消息指明预定义操作ID进行数据库操作及参数传入从而达到消息安全级别更高。
在DbPoxy中通过cmd.json预定义数据库操作,定义CmdID作为触发索引
通过CGP协议触发cmd.json预定义数据库操作.
1.在DbPoxy所在路径下的data目录创建cmd.json文件
{"database_type": "mongodb",//数据库类型,此值必须与dbpoxy.yml配置一致"enable": true, //本配置文件是否启用"inject": "$", //全局防注入字符串,多个以英文半角豆号分隔"cmd": [{"db_name": "DbPoxyTestDB", //数据库名"table_name": "test", //表名"op_name": "insert", //操作符,支持insert,update,query,delete"inject": "$", //单指令防注入字符串,多个以英文半角豆号分隔"cmd_id": 1,"value": { //数据库操作指令"datetime": "{0}","number": "{1}","string": "{2}"},"param_count": 3 //数据库操作指令参数数量,内核会以此值验证CGP消息}]}
2.CGP协议消息指令
{"token":"password","msg_id":1,"ref_topic":"dbpoxy/mongodb/result","ref_qos":0,//上半部份与CGP协议一致"save_mode":true, //使用安全模式"cmd_id":1, //指定需要触发的预定义指令,此值填写cmd.json中的cmd_id索引//params为操作预定义消息参数,mongodb以json形式定义消息,{0}等值对应预定义指令参数影射"params":{"{0}":"2018-10-12T10:10:12+08:00","{1}":12345.12345655889977,"{2}":"djkfjdkfj" }}
0.本次以mysql为例,先到数据库创业测试库(ldh)及users表
1.在DbPoxy所在路径下的data目录创建cmd.json文件
{"database_type": "mysql",//数据库类型,此值必须与dbpoxy.yml配置一致"enable": true,//本配置文件是否启用"inject": "=",//全局防注入字符串,多个以英文半角豆号分隔"cmd": [{//新增一条数据库记录预定义,操作id,cmd_id为1,通过cmd_id对应触发"db_name": "ldh",//数据库名"table_name": "users",//表名"op_name": "insert",//操作符,支持insert,update,query,delete,work(事务)"inject": "=",//单指令防注入字符串,多个以英文半角豆号分隔"cmd_id": 1,"value": { //数据库操作指令,insert,update,delete指令使用sql_exec定义"sql_exec": "INSERT INTO users(age, name, num, createat) VALUES ({0}, {1}, {2}, {3})"},"param_count": 4//数据库操作指令参数数量,内核会以此值验证CGP消息},{"db_name": "ldh",//数据库名"table_name":"users",//表名"op_name":"query",//操作符,支持insert,update,query,delete,work(事务)"cmd_id": 2,"value": {//数据库操作指令,insert,update,delete指令使用sql_query定义"sql_query":"SELECT * FROM users;"},"param_count": 0},{"db_name": "ldh",//数据库名"table_name":"users",//表名"op_name":"work",//操作符,支持insert,update,query,delete,work(事务)"cmd_id": 3,"sql_works":[//数据库操作指令,insert,update,delete指令使用sql_works定义{"table_name":"users", "work":"INSERT INTO users(age, name, num, createat) VALUES ({0}, {1}, {2}, {3})","id_alias":"insertid"},{"table_name":"users", "work":"UPDATE users SET age={4}, name={5} WHERE id=insertid"},{"table_name":"users", "work":"DELETE FROM users WHERE id=insertid"}],"param_count": 6}]}
2.CGP协议消息指令
2.1触发cmd.json中的cmd_id:1指令(定义中为insert操作)
{"token":"password","msg_id":1,"ref_topic":"dbpoxy/mongodb/result","ref_qos":0,"save_mode":true,"cmd_id":1, //指定cmd.json中的cmd_id触发预定指令"params":{"{0}":36, "{1}":"dfdfdf","{2}":12345.12345655889977,"{3}":"2011-12-18 13:17:17" }}
返回值
{"msg_id": 1,"result_op": true,"result_changes": 1,"result_data": [{"id": 4}]}
2.2触发cmd.json中的cmd_id:2指令(定义中为query操作)
{"token":"password","msg_id":1,"ref_topic":"dbpoxy/mongodb/result","ref_qos":0,"save_mode":true,"cmd_id":2//指定cmd.json中的cmd_id触发预定指令}
返回值
{"msg_id": 1,"result_op": true,"result_changes": 4,"result_data": [{"age": 36,"createat": "2011-12-18 13:17:17","id": 1,"name": "dfdfdf","num": 12345.1},{"age": 36,"createat": "2011-12-18 13:17:17","id": 2,"name": "dfdfdf","num": 12345.1},{"age": 36,"createat": "2011-12-18 13:17:17","id": 3,"name": "dfdfdf","num": 12345.1},{"age": 36,"createat": "2011-12-18 13:17:17","id": 4,"name": "dfdfdf","num": 12345.1}]}
2.3触发cmd.json中的cmd_id:3指令(定义中为work事务操作)
{"token":"password","msg_id":1,"ref_topic":"dbpoxy/mongodb/result","ref_qos":0,"save_mode":true,"cmd_id":3, //指定cmd.json中的cmd_id触发预定指令"params":{"work": [{"{0}":36, "{1}":"dfdfdf","{2}":12345.12345655889977,"{3}":"2011-12-18 13:17:17"},{"{4}":11, "{5}":"jacob"}] }}
返回值
{"msg_id": 1,"result_op": true,"result_changes": 3,"result_data": [{"0": 5,"1": 1,"2": 1}]}
Last updated 11 months ago