feat: add observe status access-key for pre-check and logging only (#5216)

[larry4xie]

What's the purpose of this PR

add observe status access-key for pre-check and logging only

Which issue(s) this PR fixes:

Fixes #5216

Brief changelog

Follow this checklist to help us incorporate your contribution quickly and easily:

• Read the Contributing Guide before making this pull request.
• Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
• Write necessary unit tests to verify the code.
• Run mvn clean test to make sure this pull request doesn't break anything.
• Update the CHANGES log.

Summary by CodeRabbit

Release Notes

• New Features

  • Introduced a new mode parameter for enabling and disabling access keys, allowing users to specify operational modes (filter or observer).
  • Enhanced access key management UI with updated tips and status indicators for access keys.
  • Added new methods for retrieving observable and available secrets based on access key modes.
  • Added functionality for observing access keys for pre-check and logging purposes.

• Bug Fixes

  • Improved logging and validation mechanisms in client authentication for better tracking and security.

• Documentation

  • Updated localization strings and user guidance related to access key management.

These changes enhance user control and clarity in managing access keys within the application.

[coderabbitai]

Walkthrough

The changes introduce a new access key management feature in the Apollo framework, allowing for the specification of access key modes (FILTER and OBSERVER) during enabling and disabling operations. This includes modifications to the relevant controllers, services, and data models, as well as updates to the user interface and localization files. Additionally, new SQL columns and methods are added to support the pre-check functionality for unenabled keys, enhancing the overall access key handling capabilities.

Changes

Files	Change Summary
apollo-adminservice/.../AccessKeyController.java	Updated enable and disable methods to include a mode parameter. Modified the disable method to set the mode to AccessKeyMode.FILTER.
apollo-biz/.../AccessKey.java	Added a new field mode, with corresponding getter and setter methods. Updated toString() method to include mode.
apollo-biz/.../AccessKeyService.java	Enhanced update method to include mode updates.
apollo-biz/.../accesskey-test.sql	Modified SQL insert statement to include a new Mode column.
apollo-common/.../AccessKeyMode.java	Introduced a new interface defining constants for FILTER and OBSERVER modes.
apollo-common/.../AccessKeyDTO.java	Added a new mode field with getter and setter methods.
apollo-configservice/.../ClientAuthenticationFilter.java	Enhanced logging and pre-check mechanisms for authorization and timestamp validation.
apollo-configservice/.../AccessKeyServiceWithCache.java	Added methods to retrieve observable and available secrets based on access key modes.
apollo-portal/.../AdminServiceAPI.java	Updated enable method to include a mode parameter.
apollo-portal/.../AccessKeyController.java	Modified enable method to accept a new optional mode parameter.
apollo-portal/.../AccessKeyService.java	Updated enable method to include a mode parameter.
apollo-portal/.../access_key.html	Updated UI to reflect new access key management tips and actions based on the mode.
apollo-portal/.../i18n/en.json	Modified text strings related to access key management, including new entries for the "Observe" operator.
apollo-portal/.../i18n/zh-CN.json	Updated localization strings for access key management, including new tips and operators.
apollo-portal/.../scripts/controller/AccessKeyController.js	Updated enable function to include a mode parameter for user feedback messages.
apollo-portal/.../scripts/services/AccessKeyService.js	Updated enable_access_key method URL to include mode as a query parameter.
scripts/sql/.../apolloconfigdb.sql	Added a new Mode column to the AccessKey table in the SQL schema.
scripts/sql/.../apolloconfigdb-v230-v240.sql	SQL script to upgrade the database schema, adding the Mode column to the AccessKey table.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant AccessKeyController
    participant AccessKeyService
    participant AccessKeyRepository

    User->>AccessKeyController: enable(appId, id, mode)
    AccessKeyController->>AccessKeyService: enable(appId, id, mode)
    AccessKeyService->>AccessKeyRepository: save(AccessKey)
    AccessKeyRepository-->>AccessKeyService: AccessKey saved
    AccessKeyService-->>AccessKeyController: success response
    AccessKeyController-->>User: success message

Loading

Assessment against linked issues

Objective	Addressed	Explanation
增加未启用密钥的预校验能力 (Issue #5216)	✅
触发条件：开关开启 + 有密钥配置 + 所有密钥均未开启 (Issue #5216)	❓	The implementation of pre-check logic is unclear in the current changes.
打印日志，日志至少包含 appId, clientIp, authorization 等信息 (Issue #5216)	✅	Enhanced logging in ClientAuthenticationFilter includes client IP and other relevant info.

Poem

🐇 In the land of keys, both near and far,
New modes arise, like a shining star.
FILTER and OBSERVER, a choice to make,
With logs to guide us, no chance to mistake.
Hopping through changes, we cheer and play,
Access keys flourish in a bright new way! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 7

Outside diff range and nitpick comments (3)

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/service/AccessKeyService.java (1)

52-53: Add unit tests for the updated method signature.

The method signature has been updated to include an additional mode parameter. Ensure that the unit tests for this method have been updated to cover the new parameter.

Do you want me to generate the unit testing code or open a GitHub issue to track this task?

scripts/sql/profiles/mysql-database-not-specified/delta/v230-v240/apolloconfigdb-v230-v240.sql (1)

29-30: LGTM!

The SQL statement for adding the Mode column to the AccessKey table is well-structured and follows best practices:

• The column is defined with an appropriate data type (tinyint(2) unsigned) and default value (0).
• The comment provides clarity on the purpose and possible values of the column.
• The AFTER clause ensures proper positioning of the new column within the table structure.

Consider adding a check constraint to enforce the allowed values for the Mode column:

ALTER TABLE `AccessKey`
    ADD COLUMN `Mode` tinyint(2) unsigned NOT NULL DEFAULT '0' COMMENT '密钥模式，0: filter，1: observer' AFTER `Secret`,
    ADD CONSTRAINT `CK_AccessKey_Mode` CHECK (`Mode` IN (0, 1));

This will ensure that only valid values (0 for "filter" and 1 for "observer") can be inserted into the Mode column.

apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilter.java (1)

82-82: Avoid logging sensitive information directly

Including timestamp in logs is generally acceptable, but ensure that logging practices comply with security policies regarding sensitive information.

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7e7b090 and 46390df.

Files selected for processing (26)

• apollo-adminservice/src/main/java/com/ctrip/framework/apollo/adminservice/controller/AccessKeyController.java (4 hunks)
• apollo-biz/src/main/java/com/ctrip/framework/apollo/biz/entity/AccessKey.java (3 hunks)
• apollo-biz/src/main/java/com/ctrip/framework/apollo/biz/service/AccessKeyService.java (1 hunks)
• apollo-biz/src/test/resources/sql/accesskey-test.sql (1 hunks)
• apollo-common/src/main/java/com/ctrip/framework/apollo/common/constants/AccessKeyMode.java (1 hunks)
• apollo-common/src/main/java/com/ctrip/framework/apollo/common/dto/AccessKeyDTO.java (2 hunks)
• apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilter.java (3 hunks)
• apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/service/AccessKeyServiceWithCache.java (3 hunks)
• apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/util/AccessKeyUtil.java (2 hunks)
• apollo-configservice/src/test/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilterTest.java (2 hunks)
• apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/api/AdminServiceAPI.java (1 hunks)
• apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/AccessKeyController.java (1 hunks)
• apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/service/AccessKeyService.java (1 hunks)
• apollo-portal/src/main/resources/static/app/access_key.html (2 hunks)
• apollo-portal/src/main/resources/static/i18n/en.json (2 hunks)
• apollo-portal/src/main/resources/static/i18n/zh-CN.json (2 hunks)
• apollo-portal/src/main/resources/static/scripts/controller/AccessKeyController.js (1 hunks)
• apollo-portal/src/main/resources/static/scripts/services/AccessKeyService.js (2 hunks)
• scripts/sql/profiles/h2-default/apolloconfigdb.sql (1 hunks)
• scripts/sql/profiles/h2-default/delta/v230-v240/apolloconfigdb-v230-v240.sql (1 hunks)
• scripts/sql/profiles/mysql-database-not-specified/apolloconfigdb.sql (1 hunks)
• scripts/sql/profiles/mysql-database-not-specified/delta/v230-v240/apolloconfigdb-v230-v240.sql (1 hunks)
• scripts/sql/profiles/mysql-default/apolloconfigdb.sql (1 hunks)
• scripts/sql/profiles/mysql-default/delta/v230-v240/apolloconfigdb-v230-v240.sql (1 hunks)
• scripts/sql/src/apolloconfigdb.sql (1 hunks)
• scripts/sql/src/delta/v230-v240/apolloconfigdb-v230-v240.sql (1 hunks)

Additional comments not posted (45)

apollo-common/src/main/java/com/ctrip/framework/apollo/common/constants/AccessKeyMode.java (1)

19-25: LGTM!

The AccessKeyMode interface is well-defined and serves its purpose as a container for the access key mode constants. The constant names are clear and self-explanatory, and their values are unique and follow a sequential pattern. The interface is placed in an appropriate package for common constants.

scripts/sql/src/delta/v230-v240/apolloconfigdb-v230-v240.sql (1)

22-23: LGTM!

The SQL script for adding the Mode column to the AccessKey table looks good. The data type, constraints, and default value are appropriate for the intended purpose, and the comment provides clear documentation on the meaning of the different mode values.

A few additional suggestions for consideration:

1. Consider adding a check constraint to ensure that the Mode column only accepts valid values (0 or 1). This can help prevent invalid data from being inserted into the table.

2. If there are any existing queries or application code that relies on the current structure of the AccessKey table, make sure to update them to handle the new Mode column appropriately.

3. Verify that the upgrade process handles the addition of the new column gracefully, especially if there is a large amount of existing data in the AccessKey table.

Overall, the changes in this SQL script are well-structured and align with the objectives of introducing the new access key management feature.

apollo-common/src/main/java/com/ctrip/framework/apollo/common/dto/AccessKeyDTO.java (2)

27-27: LGTM!

The new mode field aligns with the PR objective and follows best practices.

---

55-57: LGTM!

The new getter and setter methods for the mode field follow the JavaBean convention and maintain encapsulation.

Also applies to: 59-61

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/service/AccessKeyService.java (1)

52-53: Verify the method signature change in the codebase.

The method signature has been updated to include an additional mode parameter. Ensure that all method calls to enable have been updated to pass the mode parameter.

Run the following script to verify the method usage:

Also, consider adding validation for the mode parameter to handle invalid values gracefully and prevent unexpected behavior.

apollo-biz/src/main/java/com/ctrip/framework/apollo/biz/entity/AccessKey.java (3)

39-40: LGTM!

The new mode field is correctly defined with appropriate access modifier, annotation, and data type.

---

61-67: LGTM!

The getter and setter methods for the mode field are implemented correctly, following the JavaBean convention and providing proper encapsulation.

---

80-80: LGTM!

The toString() method is correctly updated to include the mode field, enhancing the debugging and logging capabilities of the AccessKey class.

scripts/sql/profiles/mysql-default/delta/v230-v240/apolloconfigdb-v230-v240.sql (1)

31-32: LGTM! Verify the application code and dependent queries/views.

The SQL statement for adding the Mode column to the AccessKey table looks good. The column type, constraints, and comment are appropriate.

Please ensure that:

1. The application code has been updated to handle the new Mode column appropriately, both for reading and writing data.
2. Any queries or views that reference the AccessKey table have been updated to include the new column if necessary.

You can use the following script to search for potential references to the AccessKey table in the codebase:

scripts/sql/profiles/h2-default/delta/v230-v240/apolloconfigdb-v230-v240.sql (2)

30-30: LGTM!

The UNIX_TIMESTAMP function alias is created correctly using the CREATE ALIAS statement and maps to a fully qualified Java method for timestamp conversion.

---

34-34: LGTM!

The Mode column is added correctly to the AccessKey table using the ALTER TABLE statement with the ADD COLUMN clause. The column definition is valid, specifying the data type, size, nullability, and default value. The column is added at an appropriate position and has a clear comment explaining its purpose and possible values.

apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/util/AccessKeyUtil.java (2)

49-51: LGTM!

The new findObservableSecrets method is well-implemented and serves a clear purpose. It retrieves observable secrets for a given application ID by delegating to the accessKeyServiceWithCache instance. The method signature and logic are straightforward and easy to understand.

---

79-81: Clarify the purpose and intended usage of the preCheckInvalid method.

The preCheckInvalid method is currently empty and only contains a comment indicating it's for test mocking. It's unclear how this method fits into the overall functionality of the AccessKeyUtil class and the access key pre-check feature.

Please provide more context or documentation to explain the following:

1. What is the intended purpose of this method?
2. How is it meant to be used in the context of access key pre-checking?
3. Are there any plans to implement the method's logic in the future, or will it remain a placeholder for testing?

Adding this information will help developers better understand the role of this method and how it relates to the broader access key management functionality.

apollo-adminservice/src/main/java/com/ctrip/framework/apollo/adminservice/controller/AccessKeyController.java (4)

21-21: LGTM!

The import statement for the AccessKeyMode class is correctly added.

---

31-31: LGTM!

The import statement for the RequestParam annotation is correctly added.

---

66-70: LGTM!

The changes to the enable method signature and the usage of the mode parameter are implemented correctly:

• The mode parameter is marked as optional with a default value of 0, ensuring backward compatibility.
• The mode value is correctly set in the AccessKey entity before updating it.

---

81-81: LGTM!

Setting the mode to AccessKeyMode.FILTER when disabling an access key is a valid approach to ensure the access key operates in the filter mode.

apollo-biz/src/main/java/com/ctrip/framework/apollo/biz/service/AccessKeyService.java (1)

77-77: LGTM!

The change to set the mode of the accessKey object based on the incoming entity parameter is a valid enhancement to the update method. It allows for a more comprehensive update of the AccessKey entity by including the mode attribute along with the enabled status and last modified information.

The change is consistent with the method's purpose and does not introduce any apparent issues or side effects. It aligns well with the overall access key management feature being introduced in this PR.

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/AccessKeyController.java (1)

80-83: LGTM! Verify the accessKeyService.enable method implementation.

The addition of the optional mode parameter to the enable method provides more flexibility in enabling access keys by allowing the mode to be specified. The default value of 0 ensures backward compatibility for existing callers.

Please verify that the accessKeyService.enable method has been updated to handle the new mode parameter correctly.

Run the following script to verify the accessKeyService.enable method signature:

apollo-portal/src/main/resources/static/scripts/services/AccessKeyService.js (1)

34-34: LGTM!

The addition of the mode query parameter to the URL aligns with the PR objective of introducing an observe status access-key feature. This change allows for more granular control over the enabling process.

apollo-portal/src/main/resources/static/scripts/controller/AccessKeyController.js (1)

139-153: LGTM!

The changes to the enable function look good:

• The new mode parameter is handled correctly, defaulting to 0 if not explicitly set to 1.
• The tipsPrefix is constructed based on the mode value, allowing for different user feedback messages.
• The confirmation message and success/error notifications are updated to use the tipsPrefix, providing contextually relevant messages.
• The call to AccessKeyService.enable_access_key is updated to pass the mode parameter along with the existing parameters.

The changes enhance the functionality of the enable method by allowing it to handle different operational modes and providing more specific user feedback based on the selected mode. The changes are also backward compatible as the mode parameter defaults to 0, maintaining the existing behavior if not explicitly set.

apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/service/AccessKeyServiceWithCache.java (4)

22-22: LGTM!

The import statement is necessary for the new methods being added.

---

41-41: LGTM!

The import statement is necessary for the new getSecrets method being added.

---

90-95: LGTM!

The new public methods getAvailableSecrets and getObservableSecrets provide a way to retrieve access keys based on their mode and enabled status. The methods use the new private getSecrets method with a predicate filter, which is a good way to reuse code and avoid duplication.

---

97-104: LGTM!

The new private method getSecrets provides a way to retrieve access keys based on a predicate filter. The method uses the accessKeyCache to retrieve access keys, which is a good way to avoid hitting the database for every request. The method uses the stream API to filter and map the access keys, which is a good way to write concise and readable code.

apollo-configservice/src/test/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilterTest.java (2)

150-174: LGTM!

The testPreCheckInvalid test method is well-structured and comprehensive. It effectively verifies the behavior of the clientAuthenticationFilter when an invalid signature is provided.

The mocking setup covers the necessary scenarios, and the assertions ensure that no error responses are sent, the filter chain is executed, and the preCheckInvalid method is called the expected number of times.

---

176-199: LGTM!

The testPreCheckSuccessfully test method is well-structured and effectively verifies the behavior of the clientAuthenticationFilter when a valid signature is provided.

The mocking setup is appropriate for the valid signature case, and the assertions ensure that no error responses are sent, the filter chain is executed, and the preCheckInvalid method is not called.

scripts/sql/src/apolloconfigdb.sql (1)

400-400: LGTM!

The addition of the Mode column to the AccessKey table is a valid change that introduces the capability to specify access key modes. The chosen data type, constraints, and default value align with the intended functionality.

scripts/sql/profiles/h2-default/apolloconfigdb.sql (1)

396-396: LGTM!

The addition of the Mode column to the AccessKey table looks good:

• The column is defined with the appropriate data type tinyint(2) unsigned and default value 0.
• The comment clearly explains the purpose and allowed values for the column.
• This is a non-breaking change as existing code will continue to work due to the default value.

Note: Application code changes will be needed to set and interpret the Mode values in order to utilize this new functionality.

scripts/sql/profiles/mysql-database-not-specified/apolloconfigdb.sql (1)

407-407: Approve the addition of the Mode column to the AccessKey table.

The new Mode column introduces a way to categorize access keys into "filter" and "observer" modes. The chosen data type and default value are appropriate.

Consider the following impacts:

• Update the application code to handle the new Mode column correctly.
• Verify that assigning the "filter" mode by default to existing access keys aligns with the intended behavior.
• Ensure that the access control logic is updated to differentiate between the "filter" and "observer" modes as needed.

scripts/sql/profiles/mysql-default/apolloconfigdb.sql (1)

412-412: LGTM!

The addition of the Mode column to the AccessKey table is a good enhancement that allows differentiating between "filter" and "observer" modes for access keys. The chosen data type and default value are appropriate.

Consider the following:

• Update any existing code that interacts with the AccessKey table to handle the new Mode column appropriately.
• Ensure that the application logic correctly utilizes the Mode value when processing access keys.
• Update the relevant documentation to reflect the new access key modes and their behavior.

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/api/AdminServiceAPI.java (2)

320-322: LGTM!

The changes to the enable method signature and the corresponding update to the URL template look good.

---

320-322: Verify the method invocation changes in the codebase.

Please ensure that all invocations of the enable method have been updated to provide the mode argument.

Run the following script to verify the method usage:

apollo-portal/src/main/resources/static/i18n/zh-CN.json (4)

519-524: Looks good!

The added localization strings provide clear guidance about access key usage and mention the new "Observe" status. The key names also follow existing naming conventions.

---

533-536: Looks good!

The added strings for the new "Observe" access key operation look appropriate and consistent with existing operation label conventions.

---

541-546: Looks good!

The added success and error message strings for the new observe access key operation are consistent with existing message conventions and provide suitable user-facing text.

---

550-550: Looks good!

The confirmation message for the observe access key operation is consistent with other confirmation prompts and provides a clear text to confirm the action.

apollo-portal/src/main/resources/static/i18n/en.json (4)

520-524: LGTM!

The added localization strings for access key tips are clear and informative. The JSON syntax is valid.

---

533-536: Looks good!

The new localization strings for the "Observe" access key operation are consistent with the existing entries. The JSON syntax is valid.

---

541-546: Approved.

The success and error message strings for the "Observe" access key operation are clear and consistent with the existing entries. The JSON syntax is valid.

---

550-551: Good to go!

The confirmation prompt string for the "Observe" access key operation is clear and consistent with the existing entries. The JSON syntax is valid.

apollo-configservice/src/main/java/com/ctrip/framework/apollo/configservice/filter/ClientAuthenticationFilter.java (3)

20-20: Imports added for client IP extraction and tracing

The addition of WebUtils and Tracer imports is appropriate for retrieving client IP addresses and logging events, supporting the new logging functionality.

Also applies to: 24-24

---

78-78: Retrieve and utilize client IP for enhanced logging

Fetching the client IP address using WebUtils.tryToGetClientIp(request) enhances logging details and aids in monitoring and troubleshooting client requests.

---

159-164: Review the use of accessKeyUtil.preCheckInvalid() in production code

The preCheckInvalidLogging method includes a call to accessKeyUtil.preCheckInvalid();, with a comment indicating it's "only for test mock". If this method is intended solely for testing purposes, it should not be invoked in production code to avoid unintended side effects.

Confirm whether accessKeyUtil.preCheckInvalid() should be called in the production environment. If not, consider removing it:

 private void preCheckInvalidLogging(String message) {
   logger.warn(message);
   Tracer.logEvent("Apollo.AccessKey.PreCheck", message);
-  // only for test mock
-  accessKeyUtil.preCheckInvalid();
 }

apollo-portal/src/main/resources/static/app/access_key.html (1)

63-67: Ensure Translations for New Tips Are Included

The new tips AccessKey.Tips.4 and its sub-items (AccessKey.Tips.4.1, AccessKey.Tips.4.2, AccessKey.Tips.4.3) have been added. Please verify that corresponding translations exist in all localization files to ensure they are displayed correctly to users.

Verification successful

---

Translations Verified Successfully

All new translation keys (AccessKey.Tips.4, AccessKey.Tips.4.1, AccessKey.Tips.4.2, AccessKey.Tips.4.3) are present in the localization files (en.json, zh-CN.json).

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if new translation keys are present in localization files.

# List of new translation keys
keys=(
  'AccessKey.Tips.4'
  'AccessKey.Tips.4.1'
  'AccessKey.Tips.4.2'
  'AccessKey.Tips.4.3'
)

# Loop through each key and check if it's present in the localization files
for key in "${keys[@]}"; do
  echo "Checking for $key..."
  if ! rg --files-with-matches "$key" ./src/main/resources/i18n/; then
    echo "Missing translation for $key"
  fi
done

Length of output: 1436

---

Script:

#!/bin/bash
# Description: Locate all i18n directories in the repository.

fd --type d i18n

Length of output: 64

---

Script:

#!/bin/bash
# Description: Check if new translation keys are present in localization files.

# List of new translation keys
keys=(
  'AccessKey.Tips.4'
  'AccessKey.Tips.4.1'
  'AccessKey.Tips.4.2'
  'AccessKey.Tips.4.3'
)

# Loop through each key and check if it's present in the localization files
for key in "${keys[@]}"; do
  echo "Checking for $key..."
  if ! rg --files-with-matches "$key" ./apollo-portal/src/main/resources/static/i18n/; then
    echo "Missing translation for $key"
  fi
done

Length of output: 1328