Add authorization options to Nebula 2.0 service (#303)

* replace graphd configs with Nebula 1.0 version and add enable_authorize and auth_type flag options when start Nebula service

restore options in Nebula 1.0

remain mutable options in gflags.json un changed

replace graphd configs with Nebula 1.0 version and add enable_authorize and auth_type flag options when start Nebula service

restore options in Nebula 1.0

remain mutable options in gflags.json un changed

replace graphd configs with Nebula 1.0 version and add enable_authorize and auth_type flag options when start Nebula service

restore options in Nebula 1.0

remain mutable options in gflags.json unchanged

* Fixed session timeout when FLAGS_session_idle_timeout_secs == 0

* reverted session_idle_timeout_secs back

* add comment

* Tests/add case for time index bound (#307)

* Remove timezone field.

* Fix the value to string.

* Remove extra blank.

* Add more.

* Correct the typo.

* Add test cases for index bound.

* Correct the error.

Co-authored-by: dutor <440396+dutor@users.noreply.github.com>

* Reuse the vid type check function. (#313)

Co-authored-by: dutor <440396+dutor@users.noreply.github.com>

* add comment

Co-authored-by: dutor <440396+dutor@users.noreply.github.com>
Co-authored-by: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com>

.gitignore

@@ -7,6 +7,7 @@ build
 _build
 _build.log
 _install
+install
 bin/
 install_manifest.txt
 

conf/nebula-graphd.conf.default

@@ -39,7 +39,7 @@
 # Seconds before the idle connections are closed, 0 for never closed
 --client_idle_timeout_secs=0
 # Seconds before the idle sessions are expired, 0 for no expiration
---session_idle_timeout_secs=60000
+--session_idle_timeout_secs=0
 # The number of threads to accept incoming connections
 --num_accept_threads=1
 # The number of networking IO threads, 0 for # of CPU cores
@@ -52,3 +52,15 @@
 --ws_http_port=13000
 # HTTP2 service port
 --ws_h2_port=13002
+# The default charset when a space is created
+--default_charset=utf8
+# The defaule collate when a space is created
+--default_collate=utf8_bin
+
+########## authorization ##########
+# Enable authorization
+--enable_authorize=false
+
+########## Authentication ##########
+# User login authentication type, password for nebula authentication, ldap for ldap authentication, cloud for cloud authentication
+--auth_type=password

conf/nebula-graphd.conf.production

@@ -53,4 +53,13 @@
 # HTTP2 service port
 --ws_h2_port=13002
 
---load_data_interval_secs=120
+# Heartbeat interval of communication between meta client and graphd service
+--heartbeat_interval_secs=10
+
+########## authorization ##########
+# Enable authorization
+--enable_authorize=false
+
+########## authentication ##########
+# User login authentication type, password for nebula authentication, ldap for ldap authentication, cloud for cloud authentication
+--auth_type=password

src/service/GraphFlags.cpp

@@ -12,7 +12,7 @@ DEFINE_int32(client_idle_timeout_secs,
              0,
              "Seconds before we close the idle connections, 0 for infinite");
 DEFINE_int32(session_idle_timeout_secs,
-             600,
+             0,
              "Seconds before we expire the idle sessions, 0 for infinite");
 DEFINE_int32(session_reclaim_interval_secs, 10, "Period we try to reclaim expired sessions");
 DEFINE_int32(num_netio_threads,

src/service/SessionManager.cpp

@@ -81,6 +81,9 @@ int64_t SessionManager::newSessionId() {
 
 // TODO(dutor) Now we do a brute-force scanning, of course we could make it more efficient.
 void SessionManager::reclaimExpiredSessions() {
+    if (FLAGS_session_idle_timeout_secs == 0) {
+        return;
+    }
     folly::RWSpinLock::WriteHolder holder(rwlock_);
     if (activeSessions_.empty()) {
         return;