Initial commit
This commit is contained in:
Docker7530
@@ -0,0 +1,101 @@
|
||||
# cache+ 账户无法查看名下子帐号
|
||||
|
||||
## 截图
|
||||
|
||||
|
||||
|
||||
## 排查思路
|
||||
|
||||
1、首先明确客户是可以看到账户管理界面的,说明有对应的权限。
|
||||
|
||||
2、定位到查询的位置
|
||||
|
||||
```java
|
||||
com.cmcc.cdn.platform.selfservice.controller.EnterpriseSubAccountController#getSubUserInfoList
|
||||
```
|
||||
|
||||
代码主体流程为 `获取用户id` 及 `企业信息` 主要涉及表 `user` 和 `enterprise_user`。
|
||||
|
||||
然后通过 `enterprise_subuser` 和 `user` 表联查得到其名下所有的用户。将每个用户的 Children 设为空后进行返回。
|
||||
|
||||
整体流程并没有过滤。从库中查询的话是有 5 条数据,有一条是昨天新增的,首先考虑是数据引起的,因为没有日志暂时无法具体的定位,进行日志的补充。在最近的版本进行了上线,日志显示已经全部查询完成。但是还是栈内存溢出。
|
||||
|
||||
二次定位到有可能是 fastjson 序列化引起的。考虑到要保留原查询框架及实体,目前方案为拷贝对象到新的实体中,解除 Controller 中返回的。
|
||||
|
||||
```java
|
||||
log.info("用户查询完成,开始拷贝对象");
|
||||
ArrayList<UserForAccountManagement> userForAccountManagements = new ArrayList<>();
|
||||
for (User user : users) {
|
||||
UserForAccountManagement userForAccountManagement = new UserForAccountManagement();
|
||||
BeanUtils.copyProperties(user, userForAccountManagement);
|
||||
userForAccountManagements.add(userForAccountManagement);
|
||||
}
|
||||
```
|
||||
|
||||
## 问题排查记录
|
||||
|
||||
利用对象的计算工具进行监控:
|
||||
|
||||
```java
|
||||
查询1,当前页的所有人员ID为:[1682, 1675, 1648, 1641]
|
||||
|
||||
查询2,所有人员ID为:[1682, 1675, 1648, 1641]
|
||||
|
||||
出表后内存占用318.4 MB
|
||||
|
||||
查询3,从User表中取到的用户ID集合:[1682, 1675, 1648, 1641]
|
||||
|
||||
开始处理用户权限
|
||||
|
||||
用户查询完成,开始拷贝对象
|
||||
|
||||
转换后内存1.3 KB
|
||||
|
||||
return前对象内存占用1.5 KB
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
### 工具
|
||||
|
||||
地址
|
||||
|
||||
[查看对象大小](https://blog.csdn.net/yetaodiao/article/details/127369667)
|
||||
|
||||
```java
|
||||
System.out.println("转换后内存"+ RamUsageEstimator.humanSizeOf(userForAccountManagements));
|
||||
```
|
||||
|
||||
```java
|
||||
//坐标
|
||||
<dependency>
|
||||
<groupId>org.apache.lucene</groupId>
|
||||
<artifactId>lucene-core</artifactId>
|
||||
<version>4.0.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.commons</groupId>
|
||||
<artifactId>commons-lang3</artifactId>
|
||||
<version>3.12.0</version>
|
||||
</dependency>
|
||||
```
|
||||
|
||||
指定项目 json 转换工具
|
||||
|
||||
```java
|
||||
com.cmcc.cdn.platform.CustomWebAppConfigurer
|
||||
```
|
||||
|
||||
## 前端沟通
|
||||
|
||||
NORMAL_ESOP_MANAGE(企业)
|
||||
|
||||
TYMH_YYZHGL
|
||||
|
||||
有这两个权限之一的有账户管理模块
|
||||
|
||||
1、对于集团业务管理员,是/businessManage/managerList 接口,它只需要看用户,不需要用户的查看,编辑,删除权限的东西,操作栏中的东西是一次就查完了。
|
||||
|
||||
1、对于企业客户接口/selfService/enterprisesubuser/getCpSubUserInfoList。页面操作是单独发起的。
|
||||
@@ -0,0 +1,44 @@
|
||||
# 问题资料
|
||||
|
||||
对方提供的日志
|
||||
|
||||
```
|
||||
正在向ibs平台获取日志下载地址:IbsSubDownloadAddrReq(cpId=80041344, startTime=Wed Feb 01 00:00:00 CST 2023, endTime=Wed Feb 01 09:13:47 CST 2023, taskId=ucb5gk2n-tlfg2277vhs4gyxsFri Sep 23 22:13:22 CST 20220, append=0) [c.c.c.d.ibs.client.IbsSubClient:getDownloadAddr:116]
|
||||
[2023-02-01 11:14:47.472] [ INFO] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] 请求地址:https://ibs-uops.cdn.10086.cn:443/action?commandType=subscribeDownload&version=1 [c.c.c.d.ibs.client.IbsSubClient:getDownloadAddr:117]
|
||||
[2023-02-01 11:14:47.473] [ INFO] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] K1:dayun_cdn_key [c.c.c.d.ibs.utils.HeaderUtil:getAuthorization:55]
|
||||
[2023-02-01 11:14:47.474] [ INFO] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] N1:333L+1j0zeAMYZ989US0uPa5A==353M/afFlUFfnVa+1IrxLyjrw==35 [c.c.c.d.ibs.utils.HeaderUtil:getAuthorization:60]
|
||||
[2023-02-01 11:14:47.474] [ INFO] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] k2:f943d71a2337af92f07484812ab8fbb01f382dda92d86e3191e9095d35c3d24e [c.c.c.d.ibs.utils.HeaderUtil:getToken:73]
|
||||
[2023-02-01 11:14:47.475] [DEBUG] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] uri:/action?commandType=subscribeDownload&version=1, body:{"cp_id":"80041344","start":"2023-02-01T00:00:00+08:00","end":"2023-02-01T09:13:47+08:00","task_id":"ucb5gk2n-tlfg2277vhs4gyxsFri Sep 23 22:13:22 CST 20220","append":"0"} [c.c.c.d.ibs.utils.HeaderUtil:getToken:79]
|
||||
[2023-02-01 11:14:47.475] [DEBUG] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] token:61465B6C9567007719EEF3D9E2D426EC5357357C28B9E9D350F2247FDB5EAFD6 [c.c.c.d.ibs.utils.HeaderUtil:getToken:80]
|
||||
[2023-02-01 11:14:47.476] [DEBUG] [TID:Ignored_Trace] [io-18080-exec-2] [reqId-969195d71c04e8748f12a-c72d6bb2-1] authorization:333L+1j0zeAMYZ989US0uPa5A==353M/afFlUFfnVa+1IrxLyjrw==35|63D9D927|61465B6C9567007719EEF3D9E2D426EC5357357C28B9E9D350F2247FDB5EAFD6 [c.c.c.d
|
||||
```
|
||||
|
||||
# 目前现象
|
||||
|
||||
在 POSTMAN 进行请求后会报鉴权不通过的问题。
|
||||
|
||||
# 思路
|
||||
|
||||
1、定位到报错的位置
|
||||
|
||||
2、首先请求到了 oms 系统
|
||||
|
||||
3、但是因为日志较少定位到报错位置为
|
||||
|
||||
```java
|
||||
com.cmcc.cdn.platform.filter.AuthorityCheckFilter#doFilterInternal
|
||||
```
|
||||
|
||||
4、添加日志打包到灰度环境进行处理
|
||||
|
||||
5、定位到问题在下方位置
|
||||
|
||||
|
||||
|
||||
此处的 authentications 是在 omsTenantAuthenticationDao 中全部查出来的。
|
||||
|
||||
后边又进行了 ACCessKey 的 get,会报空指针。
|
||||
|
||||
|
||||
|
||||
最后定位到 `oms_tenant_authentication` 表有一条脏数据的 AccessKey 的值是空的,导致此处直接空指针。
|
||||
@@ -0,0 +1,70 @@
|
||||
# 工单无法删除
|
||||
|
||||
## 截图
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## 问题原因
|
||||
|
||||
查看两个工单的域名为已经删除的域名,属于 catch+ 开发人员手动调接口删除。
|
||||
|
||||
但是因为客户之前走过两个错误类型的工单,导致当运维想要关闭工单的时候无法进行操做。
|
||||
|
||||
## 解决方案
|
||||
|
||||
1、首先确认最后运维工程师审批时需要修改的表。
|
||||
|
||||
2、代码中主要涉及表的修改位置为:
|
||||
|
||||
```java
|
||||
com.cmcc.cdn.platform.selfservice.service.impl.AdaptWorkOrderServiceImpl#handle
|
||||
(com.cmcc.cdn.platform.selfservice.entity.User, com.cmcc.cdn.platform.portal.domain.workorder.WorkOrder, com.cmcc.cdn.platform.portal.enums.WorkOrderEnums.Button, java.util.Map<java.lang.String,java.lang.Object>)
|
||||
```
|
||||
|
||||
3、其中涉及表格
|
||||
|
||||
工程师记录:`config_change_work_order_additional`
|
||||
|
||||
工单表:`work_order`
|
||||
|
||||
catch 需求变更:`work_order_adaptconfig_change`
|
||||
|
||||
通过走正常流程对比,需要做如下改动:
|
||||
|
||||
1、修改 work_order 的 status 为 finished
|
||||
|
||||
2、删除 work_order 中对应的 approval_user_id
|
||||
|
||||
3、work_order_adaptconfig_change 表的 state 和 finish 字段修改为 END 和 1
|
||||
|
||||
## 本次处理数据为
|
||||
|
||||
`work_order`
|
||||
|
||||
324019 --> 005-20230111002 --> cfn.migufun.com
|
||||
|
||||
324017 --> 005-20230111001 --> metalive.migufun.com
|
||||
|
||||
`work_order_adaptconfig_change`
|
||||
|
||||
301
|
||||
|
||||
300
|
||||
|
||||
## SQL
|
||||
|
||||
```sql
|
||||
update work_order set status = 'finished' where id = 324019 and code = '005-20230111002';
|
||||
update work_order set status = 'finished' where id = 324017 and code = '005-20230111001';
|
||||
|
||||
UPDATE work_order SET approval_user_id = NULL where id = 324019 and code = '005-20230111002';
|
||||
UPDATE work_order SET approval_user_id = NULL where id = 324017 and code = '005-20230111001';
|
||||
|
||||
update work_order_adaptconfig_change set state = 'END' where id = 301;
|
||||
update work_order_adaptconfig_change set state = 'END' where id = 300;
|
||||
|
||||
update work_order_adaptconfig_change set finish = 1 where id = 301;
|
||||
update work_order_adaptconfig_change set finish = 1 where id = 300;
|
||||
```
|
||||
@@ -0,0 +1,56 @@
|
||||
# 上海移动域名管理界面出现不属于上海移动的域名
|
||||
|
||||
## 截图
|
||||
|
||||
|
||||
|
||||
## 排查思路
|
||||
|
||||
1. 确定用户账号(sh-admin 或者 zhouqh)和查询条件。
|
||||
2. 根据查询条件跟踪查询逻辑。
|
||||
|
||||
```java
|
||||
{
|
||||
"pageNum": 1,
|
||||
"pageSize": 10,
|
||||
"domain": [],
|
||||
"enterProvince": "上海",
|
||||
"company": "",
|
||||
"configureProvinces": "",
|
||||
"enterSource": "",
|
||||
"product": "",
|
||||
"productState": "",
|
||||
"domainType": "",
|
||||
"state": "",
|
||||
"domainPlain": "",
|
||||
"isDisableDomain": "",
|
||||
"isLegal": "",
|
||||
"httpSelection": "",
|
||||
"bbossOrder": "",
|
||||
"createTimeOrder": "",
|
||||
"updateTimeOrder": "asc",
|
||||
"createdTime": ""
|
||||
}
|
||||
```
|
||||
|
||||
## 目前查询业务逻辑
|
||||
|
||||
省业务管理员和省运营经理点击查询**业务运维 - 配置管理**,查询条件为**所属省份**(如本次的上海),根据省获取省下的公司,再获取公司所属的域名。
|
||||
|
||||
而本次 `cdn.onepower.com.cn` 域名的中移上海信息通信科技有限公司属于上海,所以查出来了。
|
||||
|
||||
## 接口位置
|
||||
|
||||
```java
|
||||
/configManage/list/getDomainData
|
||||
com.cmcc.cdn.platform.selfservice.controller.ConfigManageController#getDomainData
|
||||
```
|
||||
|
||||
## 重点条件过滤位置
|
||||
|
||||
```java
|
||||
//2775行关于对引入省公司的条件
|
||||
com.cmcc.cdn.platform.selfservice.service.impl.ConfigManageServiceImpl#domainWhere
|
||||
```
|
||||
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
# 信安文件报错
|
||||
|
||||
## 截图及文件
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## 接口位置
|
||||
|
||||
```java
|
||||
/configManage/updateSecurity
|
||||
```
|
||||
|
||||
## 代码流程
|
||||
|
||||
```java
|
||||
com.cmcc.cdn.platform.common.util.ExcelUtil#analysisExcelFile(java.io.InputStream, java.util.List<java.lang.String>)
|
||||
//421行
|
||||
|
||||
com.cmcc.cdn.platform.common.util.ExcelUtil#checkExcelFormat
|
||||
//357行
|
||||
|
||||
com.cmcc.cdn.platform.common.util.ExcelUtil#getCellValue
|
||||
//369行
|
||||
```
|
||||
|
||||
## 问题代码
|
||||
|
||||
```java
|
||||
if(cell.getCellType() == CellType.NUMERIC){
|
||||
cell.setCellType(CellType.STRING);
|
||||
}
|
||||
|
||||
if(CellType.NUMERIC == cell.getCellType()){
|
||||
cellValue = String.valueOf(cell.getNumericCellValue());
|
||||
}else if(CellType.STRING == cell.getCellType()){
|
||||
cellValue = String.valueOf(cell.getStringCellValue());
|
||||
}else if(CellType.BOOLEAN == cell.getCellType()){
|
||||
cellValue = String.valueOf(cell.getBooleanCellValue());
|
||||
}else if(CellType.FORMULA == cell.getCellType()){
|
||||
cellValue = String.valueOf(cell.getCellFormula());
|
||||
}else if(CellType.BLANK == cell.getCellType()){
|
||||
cellValue = "";
|
||||
}else if(CellType.ERROR == cell.getCellType()){
|
||||
cellValue = "非法字符";
|
||||
}else {
|
||||
cellValue = "未知类型";
|
||||
}
|
||||
```
|
||||
|
||||
## 处理完效果
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
当天后续问题同上方情况。
|
||||
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
# 中石油证书显示未使用
|
||||
|
||||
## 问题定位
|
||||
|
||||
1. 确认域名工单来源。
|
||||
2. 试用单证书绑定是在 BPM 回调时会回传相关证书,关注点确认是否有回调。
|
||||
|
||||
## 域名工单
|
||||
|
||||
商机与试用订单号:NO.280A221228653419001 ——业务适配单(bpm_task)
|
||||
|
||||
业务开通订单号:NO.280A230203681548001 ——通用运维工单(bpm_dns_task)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## 问题域名
|
||||
|
||||
card_uttoo_net
|
||||
|
||||
cdn_uttoo_net
|
||||
|
||||
cdn_upload_uttoo_net
|
||||
|
||||
mallcdn_uttoo_net
|
||||
|
||||
## 代码日志
|
||||
|
||||
商机试用工单号、工单号 testOrderNum、domain bind certificate, domain
|
||||
|
||||
## BPM 确认
|
||||
|
||||
与 BPM 沟通是否有下发绑定证书
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
# 移动云修改域名请求报提交失败
|
||||
|
||||
## 1、问题描述
|
||||
|
||||
截图
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
提供日志
|
||||
|
||||
```
|
||||
uri:/action?commandType=manageDomain&version=1, body:{"domains":[{"domain":"tv.snpane.cn","reg_id":"琼ICP备2022020328号-8","ex_domain":false,"ex_domain_list":[],"product_id":"5T8q+yIXrBkCbD+LH1WV9Q=="}],"sources":[{"primary":true,"type":"ip","back_addr":"198.44.165.207","back_protocol":0},{"primary":false,"type":"ip","back_addr":"118.99.26.111","back_protocol":0}],"protocol":1,"ipv6OnOff":true,"cp_id":"80019961","task_id":"1c9be71c16164a6698e01b6e003c58e7","add_type":0,"file_name":null,"cdn_type":"web","service_provider":"1","unique_id":"20230212200001--31e9-4b12-83ed-0fb3ded406eb"} [c.c.c.d.ibs.utils.HeaderUtil:getToken:79]
|
||||
cdnmp-domain-manager-info.log.2023-02-21:[2023-02-21 16:56:41.699] [DEBUG] [TID:452899b3bfbe4116990ed039f051a5fc.46.16769698016703563] [io-18080-exec-4] [reqId-f980d87ecb4fa1ae94dae-bd22a5f8-4] token:548420C873F9C9F020BF73822D91EC0717BDD1B25C1043919CF401F4EB769BC3 [c.c.c.d.ibs.utils.HeaderUtil:getToken:80]
|
||||
cdnmp-domain-manager-info.log.2023-02-21:[2023-02-21 16:56:41.700] [DEBUG] [TID:452899b3bfbe4116990ed039f051a5fc.46.16769698016703563] [io-18080-exec-4] [reqId-f980d87ecb4fa1ae94dae-bd22a5f8-4] authorization:3437363838343736383932373030|63F48749|548420C873F9C9F020BF73822D91EC0717BDD1B25C1043919CF401F4EB769BC3 [c.c.c.d.ibs.utils.HeaderUtil:getAuthorization:63]
|
||||
cdnmp-domain-manager-info.log.2023-02-21:[2023-02-21 16:56:41.700] [ INFO] [TID:452899b3bfbe4116990ed039f051a5fc.46.16769698016703563] [io-18080-exec-4] [reqId-f980d87ecb4fa1ae94dae-bd22a5f8-4] ibs update domain, uri:https://p.cdn.10086.cn:443/action?commandType=manageDomain&version=1, req:IbsDomainReq(cpId=80019961, taskId=1c9be71c16164a6698e01b6e003c58e7, addType=0, fileName=null, domains=[IbsDomain(domain=tv.snpane.cn, regId=琼ICP备2022020328号-8, exDomain=false, exDomainList=[], productId=5T8q+yIXrBkCbD+LH1WV9Q==)], cdnType=web, serviceProvider=1, sources=[IbsDomainSource(backAddr=198.44.165.207, primary=true, type=ip, backProtocol=0), IbsDomainSource(backAddr=118.99.26.111, primary=false, type=ip, backProtocol=0)], protocol
|
||||
```
|
||||
|
||||
|
||||
|
||||
## 2、问题定位
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
代码位置
|
||||
|
||||
com.cmcc.cdn.platform.selfservice.service.bpm.impl.YdyBpmManageServiceImpl#saveDomainStateRecords
|
||||
|
||||
|
||||
|
||||
## 3、问题总结:
|
||||
|
||||
在进行实体的持久化时,**BpmLiveTaskPO**的**domainInfo**属性中有相应的**sources**字段。
|
||||
|
||||
表关系为:通过 bpm_live_task_domain_state_record 使**ydy_bpm_domain_state_record**与**bpm_live_task**进行关联。
|
||||
|
||||
查看 ydy_bpm_domain_state_record 表中的字段 sources 字段大小限制为 varchar(255) 。
|
||||
|
||||
调整 sources 大小后进行重试。
|
||||
@@ -0,0 +1,19 @@
|
||||
证书到期提醒
|
||||
|
||||
com.cmcc.cdn.cert.service.impl.CertificateConfigServiceImpl#deleteSubscribeExpiredLinks
|
||||
|
||||
控制邮件发送间隔:
|
||||
|
||||
CERT_EXPIRE_MONITOR_JOB
|
||||
|
||||
发送条件:
|
||||
|
||||
select * from certificate_info where id = 234;
|
||||
|
||||
表中的 expire_time 时间和 deleted
|
||||
|
||||
select * from contact_info where id = 9;
|
||||
|
||||
表中的 remind_time 控制发证书邮件的时间间隔
|
||||
|
||||
相关附件见同名文件夹
|
||||
File diff suppressed because one or more lines are too long
@@ -0,0 +1,75 @@
|
||||
```
|
||||
www.scctcm.cn
|
||||
www.sczgcyyp.com
|
||||
www.emjiannan.com
|
||||
|
||||
已删除的域名在移动CDN信安管理系统查看还是未备案。
|
||||
```
|
||||
|
||||
|
||||
|
||||
13:50-13:55 提交的工单,工单号:BY1IhMBBgiw2CNN6,AOwkziNdjpMwN1Rq,0T3LvUCJZXFXGy04
|
||||
|
||||
```sql
|
||||
-- 查看删除记录
|
||||
select delete_time
|
||||
from domain_delete_record
|
||||
where domain = 'www.emjiannan.com';
|
||||
```
|
||||
|
||||
回调接口
|
||||
|
||||
```
|
||||
定制化
|
||||
https://p.cdn.10086.cn/v1/custom/domain/synchronize
|
||||
自助
|
||||
/actionpm
|
||||
```
|
||||
|
||||
参考日志
|
||||
|
||||
|
||||
|
||||
```
|
||||
2023-02-23 at 13:55:34 CST [http-nio-8080-exec-9066] INFO com.cmcc.cdn.platform.selfservice.service.impl.PortalInformationTransServiceImpl 73 deleteUsers -
|
||||
企业删除同步信安,userCdnList:
|
||||
{"delete_user_info_list":[{"user_id_cdn":"KHZuYSIEc"}]}
|
||||
```
|
||||
|
||||
/actionpm?commandType=pipeDomainCallBack&version=1
|
||||
|
||||
这个接口。在流程中有
|
||||
|
||||
com.cmcc.cdn.platform.selfservice.service.impl.PortalInformationServiceImpl#notifyDeleteInformation
|
||||
|
||||
的动作。其中看到有删除域名和删除企业。
|
||||
|
||||
这个是只有删除域名,才会触发信安系统去删除么?因为我筛选日志看 www.scctcm.cn 这个域名删除时间点有同步删除企业相关信息,但是没有同步删除域名的操作。
|
||||
|
||||
此表中没有。
|
||||
|
||||
|
||||
|
||||
删除时间
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
处理步骤
|
||||
|
||||
1、在 big_cloud_information_domain 表中确认是否存在。如果不存在说明已经同步信安删除。
|
||||
|
||||
2、在 self_service_domain_config 表中确认是否存在。取人域名是否删除。
|
||||
|
||||
3、在 domain_delete_record 确认删除时间。
|
||||
|
||||
然后可以搜索删除日志。
|
||||
|
||||
信安返回的枚举值
|
||||
|
||||
com.cmcc.cdn.platform.selfservice.enums.InformationSecurityCodeEnum
|
||||
Reference in New Issue
Block a user