From aa8d25f6e548eb2e67d424c82aac38a9ef6b8d2a Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Wed, 19 Apr 2023 10:03:06 +0800 Subject: [PATCH 01/11] feat: support fetching table tag value --- include/libs/catalog/catalog.h | 1 + source/libs/catalog/inc/catalogInt.h | 8 ++ source/libs/catalog/src/ctgAsync.c | 127 ++++++++++++++++++++++++++- 3 files changed, 135 insertions(+), 1 deletion(-) diff --git a/include/libs/catalog/catalog.h b/include/libs/catalog/catalog.h index 2c684f8f76..2f8e7846f3 100644 --- a/include/libs/catalog/catalog.h +++ b/include/libs/catalog/catalog.h @@ -82,6 +82,7 @@ typedef struct SCatalogReq { SArray* pUser; // element is SUserAuthInfo SArray* pTableIndex; // element is SNAME SArray* pTableCfg; // element is SNAME + SArray* pTableTag; // element is SNAME bool qNodeRequired; // valid qnode bool dNodeRequired; // valid dnode bool svrVerRequired; diff --git a/source/libs/catalog/inc/catalogInt.h b/source/libs/catalog/inc/catalogInt.h index 85a130d293..f0e5024c59 100644 --- a/source/libs/catalog/inc/catalogInt.h +++ b/source/libs/catalog/inc/catalogInt.h @@ -58,6 +58,7 @@ typedef enum { CTG_CI_OTHERTABLE_META, CTG_CI_TBL_SMA, CTG_CI_TBL_CFG, + CTG_CI_TBL_TAG, CTG_CI_INDEX_INFO, CTG_CI_USER, CTG_CI_UDF, @@ -110,6 +111,7 @@ typedef enum { CTG_TASK_GET_SVR_VER, CTG_TASK_GET_TB_META_BATCH, CTG_TASK_GET_TB_HASH_BATCH, + CTG_TASK_GET_TB_TAG, } CTG_TASK_TYPE; typedef enum { @@ -186,6 +188,11 @@ typedef struct SCtgTbCfgCtx { SVgroupInfo* pVgInfo; } SCtgTbCfgCtx; +typedef struct SCtgTbTagCtx { + SName* pName; + SVgroupInfo* pVgInfo; +} SCtgTbTagCtx; + typedef struct SCtgDbVgCtx { char dbFName[TSDB_DB_FNAME_LEN]; } SCtgDbVgCtx; @@ -304,6 +311,7 @@ typedef struct SCtgJob { catalogCallback userFp; int32_t tbMetaNum; int32_t tbHashNum; + int32_t tbTagNum; int32_t dbVgNum; int32_t udfNum; int32_t qnodeNum; diff --git a/source/libs/catalog/src/ctgAsync.c b/source/libs/catalog/src/ctgAsync.c index f2a354997d..b10da5cc73 100644 --- a/source/libs/catalog/src/ctgAsync.c +++ b/source/libs/catalog/src/ctgAsync.c @@ -386,6 +386,37 @@ int32_t ctgInitGetTbCfgTask(SCtgJob* pJob, int32_t taskIdx, void* param) { return TSDB_CODE_SUCCESS; } +int32_t ctgInitGetTbTagTask(SCtgJob* pJob, int32_t taskIdx, void* param) { + SName* name = (SName*)param; + SCtgTask task = {0}; + + task.type = CTG_TASK_GET_TB_TAG; + task.taskId = taskIdx; + task.pJob = pJob; + + task.taskCtx = taosMemoryCalloc(1, sizeof(SCtgTbTagCtx)); + if (NULL == task.taskCtx) { + CTG_ERR_RET(TSDB_CODE_OUT_OF_MEMORY); + } + + SCtgTbTagCtx* ctx = task.taskCtx; + ctx->pName = taosMemoryMalloc(sizeof(*name)); + if (NULL == ctx->pName) { + taosMemoryFree(task.taskCtx); + CTG_ERR_RET(TSDB_CODE_OUT_OF_MEMORY); + } + + memcpy(ctx->pName, name, sizeof(*name)); + + taosArrayPush(pJob->pTasks, &task); + + qDebug("QID:0x%" PRIx64 " the %dth task type %s initialized, tbName:%s", pJob->queryId, taskIdx, + ctgTaskTypeStr(task.type), name->tname); + + return TSDB_CODE_SUCCESS; +} + + int32_t ctgHandleForceUpdate(SCatalog* pCtg, int32_t taskNum, SCtgJob* pJob, const SCatalogReq* pReq) { SHashObj* pDb = taosHashInit(taskNum, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), false, HASH_NO_LOCK); SHashObj* pTb = taosHashInit(taskNum, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), false, HASH_NO_LOCK); @@ -437,6 +468,15 @@ int32_t ctgHandleForceUpdate(SCatalog* pCtg, int32_t taskNum, SCtgJob* pJob, con char dbFName[TSDB_DB_FNAME_LEN]; tNameGetFullDbName(name, dbFName); taosHashPut(pDb, dbFName, strlen(dbFName), dbFName, TSDB_DB_FNAME_LEN); + taosHashPut(pTb, name, sizeof(SName), name, sizeof(SName)); + } + + for (int32_t i = 0; i < pJob->tbTagNum; ++i) { + SName* name = taosArrayGet(pReq->pTableTag, i); + char dbFName[TSDB_DB_FNAME_LEN]; + tNameGetFullDbName(name, dbFName); + taosHashPut(pDb, dbFName, strlen(dbFName), dbFName, TSDB_DB_FNAME_LEN); + taosHashPut(pTb, name, sizeof(SName), name, sizeof(SName)); } char* dbFName = taosHashIterate(pDb, NULL); @@ -505,9 +545,10 @@ int32_t ctgInitJob(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgJob** job, const int32_t dbInfoNum = (int32_t)taosArrayGetSize(pReq->pDbInfo); int32_t tbIndexNum = (int32_t)taosArrayGetSize(pReq->pTableIndex); int32_t tbCfgNum = (int32_t)taosArrayGetSize(pReq->pTableCfg); + int32_t tbTagNum = (int32_t)ctgGetTablesReqNum(pReq->pTableTag); int32_t taskNum = tbMetaNum + dbVgNum + udfNum + tbHashNum + qnodeNum + dnodeNum + svrVerNum + dbCfgNum + indexNum + - userNum + dbInfoNum + tbIndexNum + tbCfgNum; + userNum + dbInfoNum + tbIndexNum + tbCfgNum + tbTagNum; *job = taosMemoryCalloc(1, sizeof(SCtgJob)); if (NULL == *job) { @@ -537,6 +578,7 @@ int32_t ctgInitJob(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgJob** job, const pJob->tbIndexNum = tbIndexNum; pJob->tbCfgNum = tbCfgNum; pJob->svrVerNum = svrVerNum; + pJob->tbTagNum = tbTagNum; #if CTG_BATCH_FETCH pJob->pBatchs = @@ -604,6 +646,12 @@ int32_t ctgInitJob(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgJob** job, const CTG_ERR_JRET(ctgInitTask(pJob, CTG_TASK_GET_TB_CFG, name, NULL)); } + for (int32_t i = 0; i < tbCfgNum; ++i) { + SName* name = taosArrayGet(pReq->pTableTag, i); + CTG_ERR_JRET(ctgInitTask(pJob, CTG_TASK_GET_TB_TAG, name, NULL)); + } + + for (int32_t i = 0; i < indexNum; ++i) { char* indexName = taosArrayGet(pReq->pIndex, i); CTG_ERR_JRET(ctgInitTask(pJob, CTG_TASK_GET_INDEX_INFO, indexName, NULL)); @@ -1473,6 +1521,24 @@ _return: CTG_RET(code); } + +int32_t ctgHandleGetTbTagRsp(SCtgTaskReq* tReq, int32_t reqType, const SDataBuf* pMsg, int32_t rspCode) { + int32_t code = 0; + SCtgTask* pTask = tReq->pTask; + CTG_ERR_JRET(ctgProcessRspMsg(&pTask->msgCtx.out, reqType, pMsg->pData, pMsg->len, rspCode, pTask->msgCtx.target)); + + STableCfgRsp* pRsp = (STableCfgRsp*)pTask->msgCtx.out; + + TSWAP(pTask->res, pTask->msgCtx.out); + +_return: + + ctgHandleTaskEnd(pTask, code); + + CTG_RET(code); +} + + int32_t ctgHandleGetDbCfgRsp(SCtgTaskReq* tReq, int32_t reqType, const SDataBuf* pMsg, int32_t rspCode) { int32_t code = 0; SCtgTask* pTask = tReq->pTask; @@ -1935,6 +2001,45 @@ _return: CTG_RET(code); } + +int32_t ctgLaunchGetTbTagTask(SCtgTask* pTask) { + int32_t code = 0; + SCatalog* pCtg = pTask->pJob->pCtg; + SRequestConnInfo* pConn = &pTask->pJob->conn; + SCtgTbTagCtx* pCtx = (SCtgTbTagCtx*)pTask->taskCtx; + SArray* pRes = NULL; + char dbFName[TSDB_DB_FNAME_LEN]; + tNameGetFullDbName(pCtx->pName, dbFName); + SCtgJob* pJob = pTask->pJob; + SCtgMsgCtx* pMsgCtx = CTG_GET_TASK_MSGCTX(pTask, -1); + if (NULL == pMsgCtx->pBatchs) { + pMsgCtx->pBatchs = pJob->pBatchs; + } + + if (NULL == pCtx->pVgInfo) { + CTG_ERR_JRET(ctgGetTbHashVgroupFromCache(pCtg, pCtx->pName, &pCtx->pVgInfo)); + if (NULL == pCtx->pVgInfo) { + CTG_ERR_JRET(ctgLaunchSubTask(pTask, CTG_TASK_GET_DB_VGROUP, ctgGetTbCfgCb, dbFName)); + return TSDB_CODE_SUCCESS; + } + } + + CTG_CACHE_NHIT_INC(CTG_CI_TBL_TAG, 1); + + CTG_ERR_JRET(ctgGetTableCfgFromVnode(pCtg, pConn, pCtx->pName, pCtx->pVgInfo, NULL, pTask)); + + return TSDB_CODE_SUCCESS; + +_return: + + if (CTG_TASK_LAUNCHED == pTask->status) { + ctgHandleTaskEnd(pTask, code); + } + + CTG_RET(code); +} + + int32_t ctgLaunchGetQnodeTask(SCtgTask* pTask) { SCatalog* pCtg = pTask->pJob->pCtg; SRequestConnInfo* pConn = &pTask->pJob->conn; @@ -2138,6 +2243,25 @@ _return: CTG_RET(ctgHandleTaskEnd(pTask, pTask->subRes.code)); } +int32_t ctgGetTbTagCb(SCtgTask* pTask) { + int32_t code = 0; + + CTG_ERR_JRET(pTask->subRes.code); + + SCtgTbTagCtx* pCtx = (SCtgTbTagCtx*)pTask->taskCtx; + SDBVgInfo* pDb = (SDBVgInfo*)pTask->subRes.res; + + pCtx->pVgInfo = taosMemoryCalloc(1, sizeof(SVgroupInfo)); + CTG_ERR_JRET(ctgGetVgInfoFromHashValue(pTask->pJob->pCtg, pDb, pCtx->pName, pCtx->pVgInfo)); + + CTG_RET(ctgLaunchGetTbTagTask(pTask)); + +_return: + + CTG_RET(ctgHandleTaskEnd(pTask, pTask->subRes.code)); +} + + int32_t ctgGetUserCb(SCtgTask* pTask) { int32_t code = 0; @@ -2197,6 +2321,7 @@ SCtgAsyncFps gCtgAsyncFps[] = { {ctgInitGetSvrVerTask, ctgLaunchGetSvrVerTask, ctgHandleGetSvrVerRsp, ctgDumpSvrVer, NULL, NULL}, {ctgInitGetTbMetasTask, ctgLaunchGetTbMetasTask, ctgHandleGetTbMetasRsp, ctgDumpTbMetasRes, NULL, NULL}, {ctgInitGetTbHashsTask, ctgLaunchGetTbHashsTask, ctgHandleGetTbHashsRsp, ctgDumpTbHashsRes, NULL, NULL}, + {ctgInitGetTbTagTask, ctgLaunchGetTbTagTask, ctgHandleGetTbTagRsp, ctgDumpTbTagRes, NULL, NULL}, }; int32_t ctgMakeAsyncRes(SCtgJob* pJob) { From e36bf05f98b7b973f742df9ab7238a4cad518f3f Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Thu, 20 Apr 2023 17:30:09 +0800 Subject: [PATCH 02/11] enh: support get subtable tag and auth --- include/libs/catalog/catalog.h | 1 + source/libs/catalog/inc/catalogInt.h | 10 ++ source/libs/catalog/src/catalog.c | 2 +- source/libs/catalog/src/ctgAsync.c | 96 +++++++++++++++++--- source/libs/catalog/src/ctgCache.c | 23 +++++ source/libs/catalog/src/ctgUtil.c | 131 ++++++++++++++++++--------- 6 files changed, 202 insertions(+), 61 deletions(-) diff --git a/include/libs/catalog/catalog.h b/include/libs/catalog/catalog.h index 2f8e7846f3..6f2fb4eb6b 100644 --- a/include/libs/catalog/catalog.h +++ b/include/libs/catalog/catalog.h @@ -106,6 +106,7 @@ typedef struct SMetaData { SArray* pUser; // pRes = SUserAuthRes* SArray* pQnodeList; // pRes = SArray* SArray* pTableCfg; // pRes = STableCfg* + SArray* pTableTag; // pRes = SArray* SArray* pDnodeList; // pRes = SArray* SMetaRes* pSvrVer; // pRes = char* } SMetaData; diff --git a/source/libs/catalog/inc/catalogInt.h b/source/libs/catalog/inc/catalogInt.h index f0e5024c59..1eaf45dafe 100644 --- a/source/libs/catalog/inc/catalogInt.h +++ b/source/libs/catalog/inc/catalogInt.h @@ -154,6 +154,11 @@ typedef struct SCtgTbCacheInfo { int32_t tbType; } SCtgTbCacheInfo; +typedef struct SCtgTbMetaParam { + SName* pName; + int32_t flag; +} SCtgTbMetaParam; + typedef struct SCtgTbMetaCtx { SCtgTbCacheInfo tbInfo; int32_t vgId; @@ -631,6 +636,7 @@ typedef struct SCtgCacheItemInfo { #define CTG_FLAG_SYS_DB 0x8 #define CTG_FLAG_FORCE_UPDATE 0x10 #define CTG_FLAG_ONLY_CACHE 0x20 +#define CTG_FLAG_SYNC_OP 0x40 #define CTG_FLAG_SET(_flag, _v) ((_flag) |= (_v)) @@ -933,6 +939,10 @@ void ctgReleaseVgMetaToCache(SCatalog* pCtg, SCtgDBCache* dbCache, SCtgTbCach void ctgReleaseTbMetaToCache(SCatalog* pCtg, SCtgDBCache* dbCache, SCtgTbCache* pCache); void ctgGetGlobalCacheStat(SCtgCacheStat* pStat); int32_t ctgChkSetAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res); +int32_t ctgGetTbMeta(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgTbMetaCtx* ctx, STableMeta** pTableMeta); +int32_t ctgGetCachedStbNameFromSuid(SCatalog* pCtg, char* dbFName, uint64_t suid, char **stbName); +int32_t ctgGetTbTagCb(SCtgTask* pTask); +int32_t ctgGetUserCb(SCtgTask* pTask); extern SCatalogMgmt gCtgMgmt; extern SCtgDebug gCTGDebug; diff --git a/source/libs/catalog/src/catalog.c b/source/libs/catalog/src/catalog.c index bddc6c01a7..b263654e70 100644 --- a/source/libs/catalog/src/catalog.c +++ b/source/libs/catalog/src/catalog.c @@ -208,7 +208,7 @@ int32_t ctgGetTbMeta(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgTbMetaCtx* ctx } while (true) { - CTG_ERR_JRET(ctgRefreshTbMeta(pCtg, pConn, ctx, &output, false)); + CTG_ERR_JRET(ctgRefreshTbMeta(pCtg, pConn, ctx, &output, ctx->flag & CTG_FLAG_SYNC_OP)); if (CTG_IS_META_TABLE(output->metaType)) { *pTableMeta = output->tbMeta; diff --git a/source/libs/catalog/src/ctgAsync.c b/source/libs/catalog/src/ctgAsync.c index b10da5cc73..affcfeb8ac 100644 --- a/source/libs/catalog/src/ctgAsync.c +++ b/source/libs/catalog/src/ctgAsync.c @@ -21,7 +21,8 @@ #include "trpc.h" int32_t ctgInitGetTbMetaTask(SCtgJob* pJob, int32_t taskIdx, void* param) { - SName* name = (SName*)param; + SCtgTbMetaParam* pParam = (SCtgTbMetaParam*)param; + SName* name = pParam->pName; SCtgTask task = {0}; task.type = CTG_TASK_GET_TB_META; @@ -41,7 +42,7 @@ int32_t ctgInitGetTbMetaTask(SCtgJob* pJob, int32_t taskIdx, void* param) { } memcpy(ctx->pName, name, sizeof(*name)); - ctx->flag = CTG_FLAG_UNKNOWN_STB; + ctx->flag = pParam->flag | CTG_FLAG_UNKNOWN_STB; taosArrayPush(pJob->pTasks, &task); @@ -545,7 +546,7 @@ int32_t ctgInitJob(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgJob** job, const int32_t dbInfoNum = (int32_t)taosArrayGetSize(pReq->pDbInfo); int32_t tbIndexNum = (int32_t)taosArrayGetSize(pReq->pTableIndex); int32_t tbCfgNum = (int32_t)taosArrayGetSize(pReq->pTableCfg); - int32_t tbTagNum = (int32_t)ctgGetTablesReqNum(pReq->pTableTag); + int32_t tbTagNum = (int32_t)taosArrayGetSize(pReq->pTableTag); int32_t taskNum = tbMetaNum + dbVgNum + udfNum + tbHashNum + qnodeNum + dnodeNum + svrVerNum + dbCfgNum + indexNum + userNum + dbInfoNum + tbIndexNum + tbCfgNum + tbTagNum; @@ -646,7 +647,7 @@ int32_t ctgInitJob(SCatalog* pCtg, SRequestConnInfo* pConn, SCtgJob** job, const CTG_ERR_JRET(ctgInitTask(pJob, CTG_TASK_GET_TB_CFG, name, NULL)); } - for (int32_t i = 0; i < tbCfgNum; ++i) { + for (int32_t i = 0; i < tbTagNum; ++i) { SName* name = taosArrayGet(pReq->pTableTag, i); CTG_ERR_JRET(ctgInitTask(pJob, CTG_TASK_GET_TB_TAG, name, NULL)); } @@ -761,7 +762,11 @@ int32_t ctgDumpTbHashsRes(SCtgTask* pTask) { int32_t ctgDumpTbIndexRes(SCtgTask* pTask) { SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableIndex) { - pJob->jobRes.pTableIndex = taosArrayInit(pJob->tbIndexNum, sizeof(SMetaRes)); + SArray* pRes = taosArrayInit(pJob->tbIndexNum, sizeof(SMetaRes)); + if (atomic_val_compare_exchange_ptr(&pJob->jobRes.pTableIndex, NULL, pRes)) { + taosArrayDestroy(pRes); + } + if (NULL == pJob->jobRes.pTableIndex) { CTG_ERR_RET(TSDB_CODE_OUT_OF_MEMORY); } @@ -776,7 +781,11 @@ int32_t ctgDumpTbIndexRes(SCtgTask* pTask) { int32_t ctgDumpTbCfgRes(SCtgTask* pTask) { SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableCfg) { - pJob->jobRes.pTableCfg = taosArrayInit(pJob->tbCfgNum, sizeof(SMetaRes)); + SArray* pRes = taosArrayInit(pJob->tbCfgNum, sizeof(SMetaRes)); + if (atomic_val_compare_exchange_ptr(&pJob->jobRes.pTableCfg, NULL, pRes)) { + taosArrayDestroy(pRes); + } + if (NULL == pJob->jobRes.pTableCfg) { CTG_ERR_RET(TSDB_CODE_OUT_OF_MEMORY); } @@ -788,6 +797,26 @@ int32_t ctgDumpTbCfgRes(SCtgTask* pTask) { return TSDB_CODE_SUCCESS; } +int32_t ctgDumpTbTagRes(SCtgTask* pTask) { + SCtgJob* pJob = pTask->pJob; + if (NULL == pJob->jobRes.pTableTag) { + SArray* pRes = taosArrayInit(pJob->tbTagNum, sizeof(SMetaRes)); + if (atomic_val_compare_exchange_ptr(&pJob->jobRes.pTableTag, NULL, pRes)) { + taosArrayDestroy(pRes); + } + + if (NULL == pJob->jobRes.pTableTag) { + CTG_ERR_RET(TSDB_CODE_OUT_OF_MEMORY); + } + } + + SMetaRes res = {.code = pTask->code, .pRes = pTask->res}; + taosArrayPush(pJob->jobRes.pTableTag, &res); + + return TSDB_CODE_SUCCESS; +} + + int32_t ctgDumpIndexRes(SCtgTask* pTask) { SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pIndex) { @@ -1123,7 +1152,7 @@ int32_t ctgHandleGetTbMetaRsp(SCtgTaskReq* tReq, int32_t reqType, const SDataBuf STableMetaOutput* pOut = (STableMetaOutput*)pMsgCtx->out; - ctgUpdateTbMetaToCache(pCtg, pOut, false); + ctgUpdateTbMetaToCache(pCtg, pOut, flag & CTG_FLAG_SYNC_OP); if (CTG_IS_META_BOTH(pOut->metaType)) { memcpy(pOut->tbMeta, &pOut->ctbMeta, sizeof(pOut->ctbMeta)); @@ -1525,11 +1554,36 @@ _return: int32_t ctgHandleGetTbTagRsp(SCtgTaskReq* tReq, int32_t reqType, const SDataBuf* pMsg, int32_t rspCode) { int32_t code = 0; SCtgTask* pTask = tReq->pTask; + SCatalog* pCtg = pTask->pJob->pCtg; CTG_ERR_JRET(ctgProcessRspMsg(&pTask->msgCtx.out, reqType, pMsg->pData, pMsg->len, rspCode, pTask->msgCtx.target)); STableCfgRsp* pRsp = (STableCfgRsp*)pTask->msgCtx.out; + if (NULL == pRsp->pTags || pRsp->tagsLen <= 0) { + ctgError("invalid tag in tbCfg rsp, pTags:%p, len:%d", pRsp->pTags, pRsp->tagsLen); + CTG_ERR_JRET(TSDB_CODE_INVALID_MSG); + } + + SArray* pTagVals = NULL; + STag* pTag = (STag*)pRsp->pTags; + + if (tTagIsJson(pTag)) { + pTagVals = taosArrayInit(1, sizeof(STagVal)); + if (NULL == pTagVals) { + CTG_ERR_JRET(TSDB_CODE_OUT_OF_MEMORY); + } + + char* pJson = parseTagDatatoJson(pTag); + STagVal tagVal; + tagVal.cid = 0; + tagVal.type = TSDB_DATA_TYPE_JSON; + tagVal.pData = pJson; + tagVal.nData = strlen(pJson); + taosArrayPush(pTagVals, &tagVal); + } else { + CTG_ERR_JRET(tTagToValArray((const STag*)pRsp->pTags, &pTagVals)); + } - TSWAP(pTask->res, pTask->msgCtx.out); + pTask->res = pTagVals; _return: @@ -1971,7 +2025,10 @@ int32_t ctgLaunchGetTbCfgTask(SCtgTask* pTask) { if (pCtx->tbType <= 0) { CTG_ERR_JRET(ctgReadTbTypeFromCache(pCtg, dbFName, pCtx->pName->tname, &pCtx->tbType)); if (pCtx->tbType <= 0) { - CTG_ERR_JRET(ctgLaunchSubTask(pTask, CTG_TASK_GET_TB_META, ctgGetTbCfgCb, pCtx->pName)); + SCtgTbMetaParam param; + param.pName = pCtx->pName; + param.flag = 0; + CTG_ERR_JRET(ctgLaunchSubTask(pTask, CTG_TASK_GET_TB_META, ctgGetTbCfgCb, ¶m)); return TSDB_CODE_SUCCESS; } } @@ -2019,7 +2076,7 @@ int32_t ctgLaunchGetTbTagTask(SCtgTask* pTask) { if (NULL == pCtx->pVgInfo) { CTG_ERR_JRET(ctgGetTbHashVgroupFromCache(pCtg, pCtx->pName, &pCtx->pVgInfo)); if (NULL == pCtx->pVgInfo) { - CTG_ERR_JRET(ctgLaunchSubTask(pTask, CTG_TASK_GET_DB_VGROUP, ctgGetTbCfgCb, dbFName)); + CTG_ERR_JRET(ctgLaunchSubTask(pTask, CTG_TASK_GET_DB_VGROUP, ctgGetTbTagCb, dbFName)); return TSDB_CODE_SUCCESS; } } @@ -2189,7 +2246,10 @@ int32_t ctgLaunchGetUserTask(SCtgTask* pTask) { taosMemoryFreeClear(rsp.pRawRes); if (rsp.metaNotExists) { - CTG_ERR_RET(ctgLaunchSubTask(pTask, CTG_TASK_GET_TB_META, ctgGetTbCfgCb, &pCtx->user.tbName)); + SCtgTbMetaParam param; + param.pName = &pCtx->user.tbName; + param.flag = CTG_FLAG_SYNC_OP; + CTG_ERR_RET(ctgLaunchSubTask(pTask, CTG_TASK_GET_TB_META, ctgGetUserCb, ¶m)); } else { CTG_ERR_RET(ctgGetUserDbAuthFromMnode(pCtg, pConn, pCtx->user.user, NULL, pTask)); } @@ -2251,9 +2311,11 @@ int32_t ctgGetTbTagCb(SCtgTask* pTask) { SCtgTbTagCtx* pCtx = (SCtgTbTagCtx*)pTask->taskCtx; SDBVgInfo* pDb = (SDBVgInfo*)pTask->subRes.res; - pCtx->pVgInfo = taosMemoryCalloc(1, sizeof(SVgroupInfo)); - CTG_ERR_JRET(ctgGetVgInfoFromHashValue(pTask->pJob->pCtg, pDb, pCtx->pName, pCtx->pVgInfo)); - + if (NULL == pCtx->pVgInfo) { + pCtx->pVgInfo = taosMemoryCalloc(1, sizeof(SVgroupInfo)); + CTG_ERR_JRET(ctgGetVgInfoFromHashValue(pTask->pJob->pCtg, pDb, pCtx->pName, pCtx->pVgInfo)); + } + CTG_RET(ctgLaunchGetTbTagTask(pTask)); _return: @@ -2286,8 +2348,12 @@ int32_t ctgCompDbVgTasks(SCtgTask* pTask, void* param, bool* equal) { int32_t ctgCompTbMetaTasks(SCtgTask* pTask, void* param, bool* equal) { SCtgTbMetaCtx* ctx = pTask->taskCtx; + SCtgTbMetaParam* pParam = (SCtgTbMetaParam*)param; - *equal = tNameTbNameEqual(ctx->pName, (SName*)param); + *equal = tNameTbNameEqual(ctx->pName, (SName*)pParam->pName); + if (*equal) { + ctx->flag |= pParam->flag; + } return TSDB_CODE_SUCCESS; } diff --git a/source/libs/catalog/src/ctgCache.c b/source/libs/catalog/src/ctgCache.c index 592b6e9c72..ee864d985e 100644 --- a/source/libs/catalog/src/ctgCache.c +++ b/source/libs/catalog/src/ctgCache.c @@ -703,6 +703,29 @@ _return: CTG_RET(code); } +int32_t ctgGetCachedStbNameFromSuid(SCatalog* pCtg, char* dbFName, uint64_t suid, char **stbName) { + *stbName = NULL; + + SCtgDBCache *dbCache = NULL; + ctgAcquireDBCache(pCtg, dbFName, &dbCache); + if (NULL == dbCache) { + ctgDebug("db %s not in cache", dbFName); + return TSDB_CODE_SUCCESS; + } + + char *stb = taosHashAcquire(dbCache->stbCache, &suid, sizeof(suid)); + if (NULL == stb) { + ctgDebug("stb 0x%" PRIx64 " not in cache, dbFName:%s", suid, dbFName); + return TSDB_CODE_SUCCESS; + } + + *stbName = taosStrdup(stb); + + taosHashRelease(dbCache->stbCache, stb); + + return TSDB_CODE_SUCCESS; +} + int32_t ctgChkAuthFromCache(SCatalog *pCtg, SUserAuthInfo *pReq, bool *inCache, SCtgAuthRsp *pRes) { if (IS_SYS_DBNAME(pReq->tbName.dbname)) { *inCache = true; diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index b2b2b5a87e..7ef2e34d1e 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -486,6 +486,18 @@ void ctgFreeBatchHash(void* hash) { taosMemoryFreeClear(pRes->pRes); } +void ctgFreeJsonTagVal(void *val) { + if (NULL == val) { + return; + } + + STagVal *pVal = (STagVal *)val; + + if (TSDB_DATA_TYPE_JSON == pVal->type) { + taosMemoryFree(pVal->pData); + } +} + void ctgFreeTaskRes(CTG_TASK_TYPE type, void** pRes) { switch (type) { case CTG_TASK_GET_QNODE: @@ -526,6 +538,14 @@ void ctgFreeTaskRes(CTG_TASK_TYPE type, void** pRes) { taosMemoryFreeClear(*pRes); break; } + case CTG_TASK_GET_TB_TAG: { + if (1 == taosArrayGetSize(*pRes)) { + taosArrayDestroyEx(*pRes, ctgFreeJsonTagVal); + } else { + taosArrayDestroy(*pRes); + } + *pRes = NULL; + } case CTG_TASK_GET_TB_META_BATCH: { SArray* pArray = (SArray*)*pRes; int32_t num = taosArrayGetSize(pArray); @@ -679,6 +699,12 @@ void ctgFreeTaskCtx(SCtgTask* pTask) { taosMemoryFreeClear(pTask->taskCtx); break; } + case CTG_TASK_GET_TB_TAG: { + SCtgTbTagCtx* taskCtx = (SCtgTbTagCtx*)pTask->taskCtx; + taosMemoryFreeClear(taskCtx->pName); + taosMemoryFreeClear(taskCtx->pVgInfo); + break; + } case CTG_TASK_GET_DB_VGROUP: case CTG_TASK_GET_DB_CFG: case CTG_TASK_GET_DB_INFO: @@ -1336,54 +1362,69 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { STableMeta* pMeta = NULL; SGetUserAuthRsp* pInfo = &req->authInfo; SHashObj* pTbs = (AUTH_TYPE_READ == req->singleType) ? pInfo->readTbs : pInfo->writeTbs; + char* stbName = NULL; + + char tbFName[TSDB_TABLE_FNAME_LEN]; + char dbFName[TSDB_DB_FNAME_LEN]; + tNameExtractFullName(&req->pRawReq->tbName, tbFName); + tNameGetFullDbName(&req->pRawReq->tbName, dbFName); - char tbFullName[TSDB_TABLE_FNAME_LEN]; - tNameExtractFullName(&req->pRawReq->tbName, tbFullName); - char* pCond = taosHashGet(pTbs, tbFullName, strlen(tbFullName)); - if (pCond) { - if (strlen(pCond) > 1) { - CTG_ERR_RET(nodesStringToNode(pCond, &res->pRawRes->pCond)); + while (true) { + char* pCond = taosHashGet(pTbs, tbFName, strlen(tbFName)); + if (pCond) { + if (strlen(pCond) > 1) { + CTG_ERR_RET(nodesStringToNode(pCond, &res->pRawRes->pCond)); + } + + res->pRawRes->pass = true; + return TSDB_CODE_SUCCESS; } - res->pRawRes->pass = true; - return TSDB_CODE_SUCCESS; + if (stbName) { + res->pRawRes->pass = false; + goto _return; + } + + CTG_ERR_RET(catalogGetCachedTableMeta(pCtg, &req->pRawReq->tbName, &pMeta)); + if (NULL == pMeta) { + if (req->onlyCache) { + res->metaNotExists = true; + ctgDebug("db %s tb %s meta not in cache for auth", req->pRawReq->tbName.dbname, req->pRawReq->tbName.tname); + return TSDB_CODE_SUCCESS; + } + + SCtgTbMetaCtx ctx = {0}; + ctx.pName = (SName*)&req->pRawReq->tbName; + ctx.flag = CTG_FLAG_UNKNOWN_STB | CTG_FLAG_SYNC_OP; + + CTG_ERR_RET(ctgGetTbMeta(pCtg, req->pConn, &ctx, &pMeta)); + } + + if (TSDB_SUPER_TABLE == pMeta->tableType || TSDB_NORMAL_TABLE == pMeta->tableType) { + res->pRawRes->pass = false; + goto _return; + } + + if (TSDB_CHILD_TABLE == pMeta->tableType) { + CTG_ERR_JRET(ctgGetCachedStbNameFromSuid(pCtg, dbFName, pMeta->suid, &stbName)); + if (NULL == stbName) { + if (req->onlyCache) { + res->metaNotExists = true; + ctgDebug("suid %" PRIu64 " name not in cache for auth", pMeta->suid); + return TSDB_CODE_SUCCESS; + } + + continue; + } + + sprintf(tbFName, "%s.%s", dbFName, stbName); + continue; + } + + ctgError("Invalid table type %d for %s", pMeta->tableType, tbFName); + CTG_ERR_JRET(TSDB_CODE_INVALID_PARA); } - res->pRawRes->pass = false; - - // CTG_ERR_RET(catalogGetCachedTableMeta(pCtg, &req->pRawReq->tbName, &pMeta)); - // if (NULL == pMeta) { - // if (req->onlyCache) { - // res->metaNotExists = true; - // ctgDebug("db %s tb %s meta not in cache for auth", req->pRawReq->tbName.dbname, req->pRawReq->tbName.tname); - // return TSDB_CODE_SUCCESS; - // } - - // CTG_ERR_RET(catalogGetTableMeta(pCtg, req->pConn, &req->pRawReq->tbName, &pMeta)); - // } - - // if (TSDB_SUPER_TABLE == pMeta->tableType || TSDB_NORMAL_TABLE == pMeta->tableType) { - // res->pRawRes->pass = false; - // goto _return; - // } - - // if (TSDB_CHILD_TABLE == pMeta->tableType) { - // res->pRawRes->pass = true; - - // /* - // char stbName[TSDB_TABLE_NAME_LEN] = {0}; - // CTG_ERR_JRET(ctgGetCachedStbNameFromSuid(pCtg, pMeta->suid, stbName)); - // if (0 == stbName[0]) { - // if (req->onlyCache) { - // res->notExists = true; - // return TSDB_CODE_SUCCESS; - // } - - // CTG_ERR_RET(catalogRefreshTableMeta(pCtg, req->pConn, &req->pRawReq->tbName, 0)); - // } - // */ - // } - _return: taosMemoryFree(pMeta); @@ -1423,7 +1464,7 @@ int32_t ctgChkSetAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { if (pInfo->readTbs && taosHashGetSize(pInfo->readTbs) > 0) { req->singleType = AUTH_TYPE_READ; CTG_ERR_RET(ctgChkSetTbAuthRes(pCtg, req, res)); - if (pRes->pass) { + if (pRes->pass || res->metaNotExists) { return TSDB_CODE_SUCCESS; } } @@ -1439,7 +1480,7 @@ int32_t ctgChkSetAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { if (pInfo->writeTbs && taosHashGetSize(pInfo->writeTbs) > 0) { req->singleType = AUTH_TYPE_WRITE; CTG_ERR_RET(ctgChkSetTbAuthRes(pCtg, req, res)); - if (pRes->pass) { + if (pRes->pass || res->metaNotExists) { return TSDB_CODE_SUCCESS; } } From 4bb7a25fc7491f5f1722b8994c646f94fa3c6ec0 Mon Sep 17 00:00:00 2001 From: Xiaoyu Wang Date: Sun, 23 Apr 2023 16:30:28 +0800 Subject: [PATCH 03/11] feat: subtable level privilege --- include/common/tmsg.h | 1 + source/common/src/tmsg.c | 9 +- source/dnode/mnode/impl/src/mndUser.c | 2 + source/libs/catalog/src/ctgUtil.c | 9 +- source/libs/nodes/src/nodesUtilFuncs.c | 8 +- source/libs/parser/src/parAuthenticator.c | 15 +- source/libs/parser/src/parTranslater.c | 4 +- tests/script/tsim/user/privilege_table.sim | 280 +++++++++++++++++++++ 8 files changed, 307 insertions(+), 21 deletions(-) create mode 100644 tests/script/tsim/user/privilege_table.sim diff --git a/include/common/tmsg.h b/include/common/tmsg.h index 02c097b8d0..df76edffc9 100644 --- a/include/common/tmsg.h +++ b/include/common/tmsg.h @@ -689,6 +689,7 @@ typedef struct { int32_t tSerializeSAlterUserReq(void* buf, int32_t bufLen, SAlterUserReq* pReq); int32_t tDeserializeSAlterUserReq(void* buf, int32_t bufLen, SAlterUserReq* pReq); +void tFreeSAlterUserReq(SAlterUserReq* pReq); typedef struct { char user[TSDB_USER_LEN]; diff --git a/source/common/src/tmsg.c b/source/common/src/tmsg.c index d9802244b7..189fa1326f 100644 --- a/source/common/src/tmsg.c +++ b/source/common/src/tmsg.c @@ -1409,6 +1409,8 @@ int32_t tDeserializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq return 0; } +void tFreeSAlterUserReq(SAlterUserReq *pReq) { taosMemoryFreeClear(pReq->tagCond); } + int32_t tSerializeSGetUserAuthReq(void *buf, int32_t bufLen, SGetUserAuthReq *pReq) { SEncoder encoder = {0}; tEncoderInit(&encoder, buf, bufLen); @@ -1635,6 +1637,7 @@ int32_t tDeserializeSGetUserAuthRspImpl(SDecoder *pDecoder, SGetUserAuthRsp *pRs int32_t ref = 0; if (tDecodeI32(pDecoder, &ref) < 0) return -1; taosHashPut(pRsp->useDbs, key, strlen(key), &ref, sizeof(ref)); + taosMemoryFree(key); } } @@ -1831,7 +1834,6 @@ int32_t tSerializeSCreateFuncReq(void *buf, int32_t bufLen, SCreateFuncReq *pReq if (tEncodeCStr(&encoder, pReq->pComment) < 0) return -1; } - if (tEncodeI8(&encoder, pReq->orReplace) < 0) return -1; tEndEncode(&encoder); @@ -1876,7 +1878,6 @@ int32_t tDeserializeSCreateFuncReq(void *buf, int32_t bufLen, SCreateFuncReq *pR if (tDecodeCStrTo(&decoder, pReq->pComment) < 0) return -1; } - if (!tDecodeIsEnd(&decoder)) { if (tDecodeI8(&decoder, &pReq->orReplace) < 0) return -1; } else { @@ -2053,12 +2054,12 @@ int32_t tDeserializeSRetrieveFuncRsp(void *buf, int32_t bufLen, SRetrieveFuncRsp if (pRsp->pFuncExtraInfos == NULL) return -1; if (tDecodeIsEnd(&decoder)) { for (int32_t i = 0; i < pRsp->numOfFuncs; ++i) { - SFuncExtraInfo extraInfo = { 0 }; + SFuncExtraInfo extraInfo = {0}; taosArrayPush(pRsp->pFuncExtraInfos, &extraInfo); } } else { for (int32_t i = 0; i < pRsp->numOfFuncs; ++i) { - SFuncExtraInfo extraInfo = { 0 }; + SFuncExtraInfo extraInfo = {0}; if (tDecodeI32(&decoder, &extraInfo.funcVersion) < 0) return -1; if (tDecodeI64(&decoder, &extraInfo.funcCreatedTime) < 0) return -1; taosArrayPush(pRsp->pFuncExtraInfos, &extraInfo); diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c index d08227927a..523753d7c6 100644 --- a/source/dnode/mnode/impl/src/mndUser.c +++ b/source/dnode/mnode/impl/src/mndUser.c @@ -390,6 +390,7 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { SDB_GET_INT32(pRaw, dataPos, &ref, _OVER); taosHashPut(pUser->useDbs, key, keyLen, &ref, sizeof(ref)); + taosMemoryFree(key); } } @@ -956,6 +957,7 @@ _OVER: mError("user:%s, failed to alter since %s", alterReq.user, terrstr()); } + tFreeSAlterUserReq(&alterReq); mndReleaseUser(pMnode, pOperUser); mndReleaseUser(pMnode, pUser); mndUserFreeObj(&newUser); diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index 7ef2e34d1e..62896e4307 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -486,12 +486,12 @@ void ctgFreeBatchHash(void* hash) { taosMemoryFreeClear(pRes->pRes); } -void ctgFreeJsonTagVal(void *val) { +void ctgFreeJsonTagVal(void* val) { if (NULL == val) { return; } - STagVal *pVal = (STagVal *)val; + STagVal* pVal = (STagVal*)val; if (TSDB_DATA_TYPE_JSON == pVal->type) { taosMemoryFree(pVal->pData); @@ -545,6 +545,7 @@ void ctgFreeTaskRes(CTG_TASK_TYPE type, void** pRes) { taosArrayDestroy(*pRes); } *pRes = NULL; + break; } case CTG_TASK_GET_TB_META_BATCH: { SArray* pArray = (SArray*)*pRes; @@ -1363,7 +1364,7 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { SGetUserAuthRsp* pInfo = &req->authInfo; SHashObj* pTbs = (AUTH_TYPE_READ == req->singleType) ? pInfo->readTbs : pInfo->writeTbs; char* stbName = NULL; - + char tbFName[TSDB_TABLE_FNAME_LEN]; char dbFName[TSDB_DB_FNAME_LEN]; tNameExtractFullName(&req->pRawReq->tbName, tbFName); @@ -1396,7 +1397,7 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { SCtgTbMetaCtx ctx = {0}; ctx.pName = (SName*)&req->pRawReq->tbName; ctx.flag = CTG_FLAG_UNKNOWN_STB | CTG_FLAG_SYNC_OP; - + CTG_ERR_RET(ctgGetTbMeta(pCtg, req->pConn, &ctx, &pMeta)); } diff --git a/source/libs/nodes/src/nodesUtilFuncs.c b/source/libs/nodes/src/nodesUtilFuncs.c index 3f571e22ae..422a196c50 100644 --- a/source/libs/nodes/src/nodesUtilFuncs.c +++ b/source/libs/nodes/src/nodesUtilFuncs.c @@ -953,8 +953,12 @@ void nodesDestroyNode(SNode* pNode) { break; case QUERY_NODE_SPLIT_VGROUP_STMT: // no pointer field case QUERY_NODE_SYNCDB_STMT: // no pointer field - case QUERY_NODE_GRANT_STMT: // no pointer field - case QUERY_NODE_REVOKE_STMT: // no pointer field + break; + case QUERY_NODE_GRANT_STMT: + nodesDestroyNode(((SGrantStmt*)pNode)->pTagCond); + break; + case QUERY_NODE_REVOKE_STMT: + nodesDestroyNode(((SRevokeStmt*)pNode)->pTagCond); break; case QUERY_NODE_SHOW_DNODES_STMT: case QUERY_NODE_SHOW_MNODES_STMT: diff --git a/source/libs/parser/src/parAuthenticator.c b/source/libs/parser/src/parAuthenticator.c index b06d48a690..d182f5bd73 100644 --- a/source/libs/parser/src/parAuthenticator.c +++ b/source/libs/parser/src/parAuthenticator.c @@ -70,7 +70,7 @@ static EDealRes authSubquery(SAuthCxt* pCxt, SNode* pStmt) { return TSDB_CODE_SUCCESS == authQuery(pCxt, pStmt) ? DEAL_RES_CONTINUE : DEAL_RES_ERROR; } -static int32_t mergeStableTagCond(SNode** pWhere, SNode** pTagCond) { +static int32_t mergeStableTagCond(SNode** pWhere, SNode* pTagCond) { SLogicConditionNode* pLogicCond = (SLogicConditionNode*)nodesMakeNode(QUERY_NODE_LOGIC_CONDITION); if (NULL == pLogicCond) { return TSDB_CODE_OUT_OF_MEMORY; @@ -78,7 +78,7 @@ static int32_t mergeStableTagCond(SNode** pWhere, SNode** pTagCond) { pLogicCond->node.resType.type = TSDB_DATA_TYPE_BOOL; pLogicCond->node.resType.bytes = tDataTypes[TSDB_DATA_TYPE_BOOL].bytes; pLogicCond->condType = LOGIC_COND_TYPE_AND; - int32_t code = nodesListMakeStrictAppend(&pLogicCond->pParameterList, *pTagCond); + int32_t code = nodesListMakeStrictAppend(&pLogicCond->pParameterList, pTagCond); if (TSDB_CODE_SUCCESS == code) { code = nodesListMakeAppend(&pLogicCond->pParameterList, *pWhere); } @@ -91,22 +91,17 @@ static int32_t mergeStableTagCond(SNode** pWhere, SNode** pTagCond) { } static int32_t appendStableTagCond(SNode** pWhere, SNode* pTagCond) { - SNode* pTagCondCopy = nodesCloneNode(pTagCond); - if (NULL == pTagCondCopy) { - return TSDB_CODE_OUT_OF_MEMORY; - } - if (NULL == *pWhere) { - *pWhere = pTagCondCopy; + *pWhere = pTagCond; return TSDB_CODE_SUCCESS; } if (QUERY_NODE_LOGIC_CONDITION == nodeType(*pWhere) && LOGIC_COND_TYPE_AND == ((SLogicConditionNode*)*pWhere)->condType) { - return nodesListStrictAppend(((SLogicConditionNode*)*pWhere)->pParameterList, pTagCondCopy); + return nodesListStrictAppend(((SLogicConditionNode*)*pWhere)->pParameterList, pTagCond); } - return mergeStableTagCond(pWhere, &pTagCondCopy); + return mergeStableTagCond(pWhere, pTagCond); } static EDealRes authSelectImpl(SNode* pNode, void* pContext) { diff --git a/source/libs/parser/src/parTranslater.c b/source/libs/parser/src/parTranslater.c index b44c36dde1..200206755b 100644 --- a/source/libs/parser/src/parTranslater.c +++ b/source/libs/parser/src/parTranslater.c @@ -1310,7 +1310,8 @@ static EDealRes translateOperator(STranslateContext* pCxt, SOperatorNode* pOp) { } static EDealRes haveVectorFunction(SNode* pNode, void* pContext) { - if (isAggFunc(pNode) || isIndefiniteRowsFunc(pNode) || isWindowPseudoColumnFunc(pNode) || isInterpPseudoColumnFunc(pNode)) { + if (isAggFunc(pNode) || isIndefiniteRowsFunc(pNode) || isWindowPseudoColumnFunc(pNode) || + isInterpPseudoColumnFunc(pNode)) { *((bool*)pContext) = true; return DEAL_RES_END; } @@ -6617,6 +6618,7 @@ static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) { if (TSDB_CODE_SUCCESS == code) { code = buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &req); } + tFreeSAlterUserReq(&req); return code; } diff --git a/tests/script/tsim/user/privilege_table.sim b/tests/script/tsim/user/privilege_table.sim new file mode 100644 index 0000000000..5256cdd21d --- /dev/null +++ b/tests/script/tsim/user/privilege_table.sim @@ -0,0 +1,280 @@ +system sh/stop_dnodes.sh +system sh/deploy.sh -n dnode1 -i 1 +system sh/exec.sh -n dnode1 -s start +sql connect + +print =============== init env +sql drop database if exists test; +sql create database test vgroups 1; +sql use test; +sql create stable st1(ts timestamp, i int) tags(id int, loc varchar(20)); +sql create table st1s1 using st1 tags(1, 'beijing'); +sql create table st1s2 using st1 tags(2, 'shanghai'); +sql insert into st1s1 values(now, 1) st1s2 values(now, 2); +sql create stable st2(ts timestamp, i int) tags(id int, loc varchar(20)); +sql create table st2s1 using st2 tags(1, 'beijing'); +sql create table st2s2 using st2 tags(2, 'shanghai'); +sql insert into st2s1 values(now, 1) st2s2 values(now, 2); +sql create user wxy pass 'taosdata'; + +print =============== case 1: database unauthorized and table unauthorized +sql close +sql connect wxy + +sql reset query cache; +sql_error select * from test.st1; +sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + + +print =============== case 2: database unauthorized and table read privilege +sql close +sql connect + +sql grant read on test.st1 to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql select * from test.st1; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 3: database unauthorized and table read privilege with condition +sql close +sql connect + +sql revoke read on test.st1 from wxy; +sql grant read on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql select * from test.st1; +if $rows != 1 then + return -1 +endi +sql_error insert into test.st1s1 values(now, 10); +sql_error insert into test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 4: database unauthorized and table write privilege +sql close +sql connect + +sql revoke read on test.st1 with id = 1 from wxy; +sql grant write on test.st1 to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql_error select tbname, * from test.st1; +sql insert into test.st1s1 values(now, 10); +sql insert into test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 5: database unauthorized and table write privilege with condition +sql close +sql connect + +sql revoke write on test.st1 from wxy; +sql grant write on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql_error select tbname, * from test.st1; +sql insert into test.st1s1 values(now, 10); +sql_error insert into test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 6: database read privilege and table unauthorized +sql close +sql connect + +sql revoke write on test.st1 with id = 1 from wxy; +sql grant read on test.* to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql select * from test.st1; +if $rows != 5 then + return -1 +endi +sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql select * from test.st2; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 7: database read privilege and table read privilege +sql close +sql connect + +sql grant read on test.st1 to wxy; + +sql close +sql connect wxy + +sql reset query cache; +sql select * from test.st1; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql select * from test.st2; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 8: database read privilege and table read privilege with condition +sql close +sql connect + +sql revoke read on test.st1 from wxy; +sql grant read on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql select * from test.st1; +if $rows != 1 then + return -1 +endi +sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql select * from test.st2; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 9: database read privilege and table write privilege +sql close +sql connect + +sql revoke read on test.st1 with id = 1 from wxy; +sql grant write on test.st1 to wxy; + +sql close +sql connect wxy + +sql select * from test.st1; +if $rows != 2 then + return -1 +endi +sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql select * from test.st2; +if $rows != 2 then + return -1 +endi +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 10: database read privilege and table write privilege with condition +sql close +sql connect + +sql revoke write on test.st1 from wxy; +sql grant write on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql select * from test.st1; +sql insert into test.st1s1 values(now, 10); +sql_error insert into test.st1s2 values(now, 20); +sql select * from test.st2; +sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 11: database write privilege and table unauthorized +sql close +sql connect + +sql revoke read on test.* from wxy; +sql revoke write on test.st1 with id = 1 from wxy; +sql grant write on test.* to wxy; + +sql close +sql connect wxy + +sql_error select * from test.st1; +sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 12: database write privilege and table read privilege +sql close +sql connect + +sql grant read on test.st1 to wxy; + +sql close +sql connect wxy + +sql select * from test.st1; +sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 13: database write privilege and table read privilege with condition +sql close +sql connect + +sql revoke read on test.st1 from wxy; +sql grant read on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql select * from test.st1; +sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 14: database write privilege and table write privilege +sql close +sql connect + +sql revoke read on test.st1 with id = 1 from wxy; +sql grant write on test.st1 to wxy; + +sql close +sql connect wxy + +sql_error select * from test.st1; +sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +print =============== case 15: database write privilege and table write privilege with condition +sql close +sql connect + +sql revoke write on test.st1 from wxy; +sql grant write on test.st1 with id = 1 to wxy; + +sql close +sql connect wxy + +sql_error select * from test.st1; +sql insert into test.st1s1 values(now, 10); +sql_error insert into test.st1s2 values(now, 20); +sql_error select * from test.st2; +sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); + +system sh/exec.sh -n dnode1 -s stop -x SIGINT From d23ae400b849f931ccae3db2ff3cd1bdaca00200 Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 09:22:59 +0800 Subject: [PATCH 04/11] fix: table meta double free issue --- source/libs/catalog/inc/catalogInt.h | 1 + source/libs/catalog/src/ctgAsync.c | 69 ++++++++++++++++++++++++++++ source/libs/catalog/src/ctgCache.c | 3 +- 3 files changed, 72 insertions(+), 1 deletion(-) diff --git a/source/libs/catalog/inc/catalogInt.h b/source/libs/catalog/inc/catalogInt.h index 1eaf45dafe..c548a6c696 100644 --- a/source/libs/catalog/inc/catalogInt.h +++ b/source/libs/catalog/inc/catalogInt.h @@ -359,6 +359,7 @@ typedef struct SCtgSubRes { struct SCtgTask { CTG_TASK_TYPE type; + bool subTask; int32_t taskId; SCtgJob* pJob; void* taskCtx; diff --git a/source/libs/catalog/src/ctgAsync.c b/source/libs/catalog/src/ctgAsync.c index affcfeb8ac..56c79eac1f 100644 --- a/source/libs/catalog/src/ctgAsync.c +++ b/source/libs/catalog/src/ctgAsync.c @@ -699,6 +699,10 @@ _return: } int32_t ctgDumpTbMetaRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableMeta) { pJob->jobRes.pTableMeta = taosArrayInit(pJob->tbMetaNum, sizeof(SMetaRes)); @@ -714,6 +718,10 @@ int32_t ctgDumpTbMetaRes(SCtgTask* pTask) { } int32_t ctgDumpTbMetasRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; pJob->jobRes.pTableMeta = pTask->res; @@ -722,6 +730,10 @@ int32_t ctgDumpTbMetasRes(SCtgTask* pTask) { } int32_t ctgDumpDbVgRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pDbVgroup) { pJob->jobRes.pDbVgroup = taosArrayInit(pJob->dbVgNum, sizeof(SMetaRes)); @@ -737,6 +749,10 @@ int32_t ctgDumpDbVgRes(SCtgTask* pTask) { } int32_t ctgDumpTbHashRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableHash) { pJob->jobRes.pTableHash = taosArrayInit(pJob->tbHashNum, sizeof(SMetaRes)); @@ -752,6 +768,10 @@ int32_t ctgDumpTbHashRes(SCtgTask* pTask) { } int32_t ctgDumpTbHashsRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; pJob->jobRes.pTableHash = pTask->res; @@ -760,6 +780,10 @@ int32_t ctgDumpTbHashsRes(SCtgTask* pTask) { } int32_t ctgDumpTbIndexRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableIndex) { SArray* pRes = taosArrayInit(pJob->tbIndexNum, sizeof(SMetaRes)); @@ -779,6 +803,10 @@ int32_t ctgDumpTbIndexRes(SCtgTask* pTask) { } int32_t ctgDumpTbCfgRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableCfg) { SArray* pRes = taosArrayInit(pJob->tbCfgNum, sizeof(SMetaRes)); @@ -798,6 +826,10 @@ int32_t ctgDumpTbCfgRes(SCtgTask* pTask) { } int32_t ctgDumpTbTagRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pTableTag) { SArray* pRes = taosArrayInit(pJob->tbTagNum, sizeof(SMetaRes)); @@ -818,6 +850,10 @@ int32_t ctgDumpTbTagRes(SCtgTask* pTask) { int32_t ctgDumpIndexRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pIndex) { pJob->jobRes.pIndex = taosArrayInit(pJob->indexNum, sizeof(SMetaRes)); @@ -833,6 +869,10 @@ int32_t ctgDumpIndexRes(SCtgTask* pTask) { } int32_t ctgDumpQnodeRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pQnodeList) { pJob->jobRes.pQnodeList = taosArrayInit(1, sizeof(SMetaRes)); @@ -848,6 +888,10 @@ int32_t ctgDumpQnodeRes(SCtgTask* pTask) { } int32_t ctgDumpDnodeRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pDnodeList) { pJob->jobRes.pDnodeList = taosArrayInit(1, sizeof(SMetaRes)); @@ -863,6 +907,10 @@ int32_t ctgDumpDnodeRes(SCtgTask* pTask) { } int32_t ctgDumpDbCfgRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pDbCfg) { pJob->jobRes.pDbCfg = taosArrayInit(pJob->dbCfgNum, sizeof(SMetaRes)); @@ -878,6 +926,10 @@ int32_t ctgDumpDbCfgRes(SCtgTask* pTask) { } int32_t ctgDumpDbInfoRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pDbInfo) { pJob->jobRes.pDbInfo = taosArrayInit(pJob->dbInfoNum, sizeof(SMetaRes)); @@ -893,6 +945,10 @@ int32_t ctgDumpDbInfoRes(SCtgTask* pTask) { } int32_t ctgDumpUdfRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pUdfList) { pJob->jobRes.pUdfList = taosArrayInit(pJob->udfNum, sizeof(SMetaRes)); @@ -908,6 +964,10 @@ int32_t ctgDumpUdfRes(SCtgTask* pTask) { } int32_t ctgDumpUserRes(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pUser) { pJob->jobRes.pUser = taosArrayInit(pJob->userNum, sizeof(SMetaRes)); @@ -923,6 +983,10 @@ int32_t ctgDumpUserRes(SCtgTask* pTask) { } int32_t ctgDumpSvrVer(SCtgTask* pTask) { + if (pTask->subTask) { + return TSDB_CODE_SUCCESS; + } + SCtgJob* pJob = pTask->pJob; if (NULL == pJob->jobRes.pSvrVer) { pJob->jobRes.pSvrVer = taosMemoryCalloc(1, sizeof(SMetaRes)); @@ -2239,6 +2303,8 @@ int32_t ctgLaunchGetUserTask(SCtgTask* pTask) { if (inCache) { pTask->res = rsp.pRawRes; + ctgTaskDebug("Final res got, pass:%d, pCond:%p", rsp.pRawRes->pass, rsp.pRawRes->pCond); + CTG_ERR_RET(ctgHandleTaskEnd(pTask, 0)); return TSDB_CODE_SUCCESS; } @@ -2475,6 +2541,9 @@ int32_t ctgLaunchSubTask(SCtgTask* pTask, CTG_TASK_TYPE type, ctgSubTaskCbFp fp, } SCtgTask* pSub = taosArrayGet(pJob->pTasks, subTaskId); + if (newTask) { + pSub->subTask = true; + } CTG_ERR_RET(ctgSetSubTaskCb(pSub, pTask)); diff --git a/source/libs/catalog/src/ctgCache.c b/source/libs/catalog/src/ctgCache.c index ee864d985e..0be2a78d48 100644 --- a/source/libs/catalog/src/ctgCache.c +++ b/source/libs/catalog/src/ctgCache.c @@ -765,8 +765,9 @@ _return: *inCache = false; CTG_CACHE_NHIT_INC(CTG_CI_USER, 1); + ctgDebug("Get user from cache failed, user:%s, metaNotExists:%d, code:%d", pReq->user, pRes->metaNotExists, code); - return TSDB_CODE_SUCCESS; + return code; } void ctgDequeue(SCtgCacheOperation **op) { From 4b166e567e1ee6eb77c1bdeffa494b59e32db563 Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 10:14:02 +0800 Subject: [PATCH 05/11] fix: fix client retry issue --- source/client/src/clientMain.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/source/client/src/clientMain.c b/source/client/src/clientMain.c index 60c7b44b3d..54ae1ab4b3 100644 --- a/source/client/src/clientMain.c +++ b/source/client/src/clientMain.c @@ -975,8 +975,10 @@ void doAsyncQuery(SRequestObj *pRequest, bool updateMetaForce) { if (TSDB_CODE_SUCCESS == code) { pRequest->stmtType = pRequest->pQuery->pRoot->type; - phaseAsyncQuery(pWrapper); - } else { + code = phaseAsyncQuery(pWrapper); + } + + if (TSDB_CODE_SUCCESS != code) { tscError("0x%" PRIx64 " error happens, code:%d - %s, reqId:0x%" PRIx64, pRequest->self, code, tstrerror(code), pRequest->requestId); destorySqlCallbackWrapper(pWrapper); From 3b8e8018b2991107b542c7c5830cbaae078d696b Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 10:34:07 +0800 Subject: [PATCH 06/11] fix: get user errcode issue --- source/libs/catalog/src/ctgCache.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/source/libs/catalog/src/ctgCache.c b/source/libs/catalog/src/ctgCache.c index 0be2a78d48..ec087c1168 100644 --- a/source/libs/catalog/src/ctgCache.c +++ b/source/libs/catalog/src/ctgCache.c @@ -727,6 +727,7 @@ int32_t ctgGetCachedStbNameFromSuid(SCatalog* pCtg, char* dbFName, uint64_t suid } int32_t ctgChkAuthFromCache(SCatalog *pCtg, SUserAuthInfo *pReq, bool *inCache, SCtgAuthRsp *pRes) { + int32_t code = 0; if (IS_SYS_DBNAME(pReq->tbName.dbname)) { *inCache = true; pRes->pRawRes->pass = true; @@ -751,7 +752,7 @@ int32_t ctgChkAuthFromCache(SCatalog *pCtg, SUserAuthInfo *pReq, bool *inCache, CTG_LOCK(CTG_READ, &pUser->lock); memcpy(&req.authInfo, &pUser->userAuth, sizeof(pUser->userAuth)); - int32_t code = ctgChkSetAuthRes(pCtg, &req, pRes); + code = ctgChkSetAuthRes(pCtg, &req, pRes); CTG_UNLOCK(CTG_READ, &pUser->lock); CTG_ERR_JRET(code); From 905df6f7ac9b233b973d343b3e7990d79eef9b2a Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 10:37:58 +0800 Subject: [PATCH 07/11] fix: memory leak issue --- source/libs/catalog/src/ctgUtil.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index 62896e4307..4a5ddbac34 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -1371,6 +1371,8 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { tNameGetFullDbName(&req->pRawReq->tbName, dbFName); while (true) { + taosMemoryFreeClear(pMeta); + char* pCond = taosHashGet(pTbs, tbFName, strlen(tbFName)); if (pCond) { if (strlen(pCond) > 1) { @@ -1412,7 +1414,7 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { if (req->onlyCache) { res->metaNotExists = true; ctgDebug("suid %" PRIu64 " name not in cache for auth", pMeta->suid); - return TSDB_CODE_SUCCESS; + goto _return; } continue; From 8480c42234a2a948f296b5d318dd2125eeaafa5c Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 10:41:28 +0800 Subject: [PATCH 08/11] fix: memory leak issue --- source/libs/catalog/src/ctgUtil.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index 4a5ddbac34..0ec7a92b84 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -1376,11 +1376,11 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { char* pCond = taosHashGet(pTbs, tbFName, strlen(tbFName)); if (pCond) { if (strlen(pCond) > 1) { - CTG_ERR_RET(nodesStringToNode(pCond, &res->pRawRes->pCond)); + CTG_ERR_JRET(nodesStringToNode(pCond, &res->pRawRes->pCond)); } res->pRawRes->pass = true; - return TSDB_CODE_SUCCESS; + goto _return; } if (stbName) { @@ -1388,19 +1388,19 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { goto _return; } - CTG_ERR_RET(catalogGetCachedTableMeta(pCtg, &req->pRawReq->tbName, &pMeta)); + CTG_ERR_JRET(catalogGetCachedTableMeta(pCtg, &req->pRawReq->tbName, &pMeta)); if (NULL == pMeta) { if (req->onlyCache) { res->metaNotExists = true; ctgDebug("db %s tb %s meta not in cache for auth", req->pRawReq->tbName.dbname, req->pRawReq->tbName.tname); - return TSDB_CODE_SUCCESS; + goto _return; } SCtgTbMetaCtx ctx = {0}; ctx.pName = (SName*)&req->pRawReq->tbName; ctx.flag = CTG_FLAG_UNKNOWN_STB | CTG_FLAG_SYNC_OP; - CTG_ERR_RET(ctgGetTbMeta(pCtg, req->pConn, &ctx, &pMeta)); + CTG_ERR_JRET(ctgGetTbMeta(pCtg, req->pConn, &ctx, &pMeta)); } if (TSDB_SUPER_TABLE == pMeta->tableType || TSDB_NORMAL_TABLE == pMeta->tableType) { @@ -1431,6 +1431,7 @@ int32_t ctgChkSetTbAuthRes(SCatalog* pCtg, SCtgAuthReq* req, SCtgAuthRsp* res) { _return: taosMemoryFree(pMeta); + taosMemoryFree(stbName); CTG_RET(code); } From 24aff3d680d3cb2abd9d1fae2145bfcd2a935b7c Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 10:46:32 +0800 Subject: [PATCH 09/11] fix: memory leak issue --- source/libs/catalog/src/ctgUtil.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index 0ec7a92b84..a42a189e75 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -528,11 +528,18 @@ void ctgFreeTaskRes(CTG_TASK_TYPE type, void** pRes) { } break; } + case CTG_TASK_GET_USER: { + if (*pRes) { + SUserAuthRes* pAuth = (SUserAuthRes *)*pRes; + nodesDestroyNode(pAuth->pCond); + taosMemoryFreeClear(*pRes); + } + break; + } case CTG_TASK_GET_TB_HASH: case CTG_TASK_GET_DB_INFO: case CTG_TASK_GET_INDEX_INFO: case CTG_TASK_GET_UDF: - case CTG_TASK_GET_USER: case CTG_TASK_GET_SVR_VER: case CTG_TASK_GET_TB_META: { taosMemoryFreeClear(*pRes); From 8c4b73a351b3f5e8c05b9babe9fd42298abc865a Mon Sep 17 00:00:00 2001 From: dapan1121 Date: Mon, 24 Apr 2023 19:19:12 +0800 Subject: [PATCH 10/11] feat: add get table tag sync API --- include/libs/catalog/catalog.h | 2 ++ source/libs/catalog/src/catalog.c | 57 +++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+) diff --git a/include/libs/catalog/catalog.h b/include/libs/catalog/catalog.h index 6f2fb4eb6b..429e7ffa73 100644 --- a/include/libs/catalog/catalog.h +++ b/include/libs/catalog/catalog.h @@ -314,6 +314,8 @@ int32_t catalogGetIndexMeta(SCatalog* pCtg, SRequestConnInfo* pConn, const char* int32_t catalogGetTableIndex(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pTableName, SArray** pRes); +int32_t catalogGetTableTag(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pTableName, SArray** pRes); + int32_t catalogRefreshGetTableCfg(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pTableName, STableCfg** pCfg); int32_t catalogUpdateTableIndex(SCatalog* pCtg, STableIndexRsp* pRsp); diff --git a/source/libs/catalog/src/catalog.c b/source/libs/catalog/src/catalog.c index b263654e70..976a38c03d 100644 --- a/source/libs/catalog/src/catalog.c +++ b/source/libs/catalog/src/catalog.c @@ -429,6 +429,48 @@ int32_t ctgGetTbCfg(SCatalog* pCtg, SRequestConnInfo* pConn, SName* pTableName, CTG_RET(TSDB_CODE_SUCCESS); } +int32_t ctgGetTbTag(SCatalog* pCtg, SRequestConnInfo* pConn, SName* pTableName, SArray** pRes) { + SVgroupInfo vgroupInfo = {0}; + STableCfg* pCfg = NULL; + int32_t code = 0; + + CTG_ERR_RET(ctgGetTbHashVgroup(pCtg, pConn, pTableName, &vgroupInfo, NULL)); + CTG_ERR_RET(ctgGetTableCfgFromVnode(pCtg, pConn, pTableName, &vgroupInfo, &pCfg, NULL)); + + if (NULL == pCfg->pTags || pCfg->tagsLen <= 0) { + ctgError("invalid tag in tbCfg rsp, pTags:%p, len:%d", pCfg->pTags, pCfg->tagsLen); + CTG_ERR_JRET(TSDB_CODE_INVALID_MSG); + } + + SArray* pTagVals = NULL; + STag* pTag = (STag*)pCfg->pTags; + + if (tTagIsJson(pTag)) { + pTagVals = taosArrayInit(1, sizeof(STagVal)); + if (NULL == pTagVals) { + CTG_ERR_JRET(TSDB_CODE_OUT_OF_MEMORY); + } + + char* pJson = parseTagDatatoJson(pTag); + STagVal tagVal; + tagVal.cid = 0; + tagVal.type = TSDB_DATA_TYPE_JSON; + tagVal.pData = pJson; + tagVal.nData = strlen(pJson); + taosArrayPush(pTagVals, &tagVal); + } else { + CTG_ERR_JRET(tTagToValArray((const STag*)pCfg->pTags, &pTagVals)); + } + + *pRes = pTagVals; + +_return: + + tFreeSTableCfgRsp((STableCfgRsp*)pCfg); + + CTG_RET(code); +} + int32_t ctgGetTbDistVgInfo(SCatalog* pCtg, SRequestConnInfo* pConn, SName* pTableName, SArray** pVgList) { STableMeta* tbMeta = NULL; int32_t code = 0; @@ -1414,6 +1456,21 @@ _return: CTG_API_LEAVE(code); } +int32_t catalogGetTableTag(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pTableName, SArray** pRes) { + CTG_API_ENTER(); + + if (NULL == pCtg || NULL == pConn || NULL == pTableName || NULL == pRes) { + CTG_API_LEAVE(TSDB_CODE_CTG_INVALID_INPUT); + } + + int32_t code = 0; + CTG_ERR_JRET(ctgGetTbTag(pCtg, pConn, (SName*)pTableName, pRes)); + +_return: + + CTG_API_LEAVE(code); +} + int32_t catalogRefreshGetTableCfg(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pTableName, STableCfg** pCfg) { CTG_API_ENTER(); From e584bb3ea17e272135a5cbfdb8b13b94749d991c Mon Sep 17 00:00:00 2001 From: Xiaoyu Wang Date: Tue, 25 Apr 2023 17:39:28 +0800 Subject: [PATCH 11/11] feat: subtable level privilege --- include/libs/nodes/querynodes.h | 2 + source/client/src/clientMain.c | 32 +++--- source/libs/catalog/src/ctgUtil.c | 6 +- source/libs/nodes/src/nodesUtilFuncs.c | 2 + source/libs/parser/src/parAuthenticator.c | 11 +- source/libs/parser/src/parInsertSql.c | 114 ++++++++++++++++++--- source/libs/scalar/src/scalar.c | 26 ++--- tests/parallel_test/cases.task | 1 + tests/script/tsim/user/privilege_table.sim | 34 ++++-- tests/script/win-test-file | 1 + 10 files changed, 177 insertions(+), 52 deletions(-) diff --git a/include/libs/nodes/querynodes.h b/include/libs/nodes/querynodes.h index 480912a8cf..9569cfe055 100644 --- a/include/libs/nodes/querynodes.h +++ b/include/libs/nodes/querynodes.h @@ -379,6 +379,8 @@ typedef struct SVnodeModifyOpStmt { SName usingTableName; const char* pBoundCols; struct STableMeta* pTableMeta; + SNode* pTagCond; + SArray* pTableTag; SHashObj* pVgroupsHashObj; SHashObj* pTableBlockHashObj; // SHashObj SHashObj* pSubTableHashObj; diff --git a/source/client/src/clientMain.c b/source/client/src/clientMain.c index 54ae1ab4b3..2ebc8e7379 100644 --- a/source/client/src/clientMain.c +++ b/source/client/src/clientMain.c @@ -108,7 +108,7 @@ TAOS *taos_connect(const char *ip, const char *user, const char *pass, const cha if (pass == NULL) { pass = TSDB_DEFAULT_PASS; } - + STscObj *pObj = taos_connect_internal(ip, user, pass, NULL, db, port, CONN_TYPE__QUERY); if (pObj) { int64_t *rid = taosMemoryCalloc(1, sizeof(int64_t)); @@ -359,11 +359,11 @@ int taos_print_row(char *str, TAOS_ROW row, TAOS_FIELD *fields, int num_fields) case TSDB_DATA_TYPE_NCHAR: { int32_t charLen = varDataLen((char *)row[i] - VARSTR_HEADER_SIZE); if (fields[i].type == TSDB_DATA_TYPE_BINARY) { - if(ASSERT(charLen <= fields[i].bytes && charLen >= 0)){ + if (ASSERT(charLen <= fields[i].bytes && charLen >= 0)) { tscError("taos_print_row error binary. charLen:%d, fields[i].bytes:%d", charLen, fields[i].bytes); } } else { - if(ASSERT(charLen <= fields[i].bytes * TSDB_NCHAR_SIZE && charLen >= 0)){ + if (ASSERT(charLen <= fields[i].bytes * TSDB_NCHAR_SIZE && charLen >= 0)) { tscError("taos_print_row error. charLen:%d, fields[i].bytes:%d", charLen, fields[i].bytes); } } @@ -705,16 +705,16 @@ int taos_get_current_db(TAOS *taos, char *database, int len, int *required) { int code = TSDB_CODE_SUCCESS; taosThreadMutexLock(&pTscObj->mutex); - if(database == NULL || len <= 0){ - if(required != NULL) *required = strlen(pTscObj->db) + 1; + if (database == NULL || len <= 0) { + if (required != NULL) *required = strlen(pTscObj->db) + 1; terrno = TSDB_CODE_INVALID_PARA; code = -1; - }else if(len < strlen(pTscObj->db) + 1){ + } else if (len < strlen(pTscObj->db) + 1) { tstrncpy(database, pTscObj->db, len); - if(required) *required = strlen(pTscObj->db) + 1; + if (required) *required = strlen(pTscObj->db) + 1; terrno = TSDB_CODE_INVALID_PARA; code = -1; - }else{ + } else { strcpy(database, pTscObj->db); code = 0; } @@ -741,6 +741,7 @@ static void destoryCatalogReq(SCatalogReq *pCatalogReq) { taosArrayDestroy(pCatalogReq->pUser); taosArrayDestroy(pCatalogReq->pTableIndex); taosArrayDestroy(pCatalogReq->pTableCfg); + taosArrayDestroy(pCatalogReq->pTableTag); taosMemoryFree(pCatalogReq); } @@ -976,7 +977,7 @@ void doAsyncQuery(SRequestObj *pRequest, bool updateMetaForce) { if (TSDB_CODE_SUCCESS == code) { pRequest->stmtType = pRequest->pQuery->pRoot->type; code = phaseAsyncQuery(pWrapper); - } + } if (TSDB_CODE_SUCCESS != code) { tscError("0x%" PRIx64 " error happens, code:%d - %s, reqId:0x%" PRIx64, pRequest->self, code, tstrerror(code), @@ -1044,11 +1045,11 @@ static void fetchCallback(void *pResult, void *param, int32_t code) { } void taos_fetch_rows_a(TAOS_RES *res, __taos_async_fn_t fp, void *param) { - if(ASSERT(res != NULL && fp != NULL)){ + if (ASSERT(res != NULL && fp != NULL)) { tscError("taos_fetch_rows_a invalid paras"); return; } - if(ASSERT(TD_RES_QUERY(res))){ + if (ASSERT(TD_RES_QUERY(res))) { tscError("taos_fetch_rows_a res is NULL"); return; } @@ -1094,11 +1095,11 @@ void taos_fetch_rows_a(TAOS_RES *res, __taos_async_fn_t fp, void *param) { } void taos_fetch_raw_block_a(TAOS_RES *res, __taos_async_fn_t fp, void *param) { - if(ASSERT(res != NULL && fp != NULL)){ + if (ASSERT(res != NULL && fp != NULL)) { tscError("taos_fetch_rows_a invalid paras"); return; } - if(ASSERT(TD_RES_QUERY(res))){ + if (ASSERT(TD_RES_QUERY(res))) { tscError("taos_fetch_rows_a res is NULL"); return; } @@ -1113,11 +1114,11 @@ void taos_fetch_raw_block_a(TAOS_RES *res, __taos_async_fn_t fp, void *param) { } const void *taos_get_raw_block(TAOS_RES *res) { - if(ASSERT(res != NULL)){ + if (ASSERT(res != NULL)) { tscError("taos_fetch_rows_a invalid paras"); return NULL; } - if(ASSERT(TD_RES_QUERY(res))){ + if (ASSERT(TD_RES_QUERY(res))) { tscError("taos_fetch_rows_a res is NULL"); return NULL; } @@ -1275,7 +1276,6 @@ _return: return code; } - int taos_load_table_info(TAOS *taos, const char *tableNameList) { if (NULL == taos) { terrno = TSDB_CODE_TSC_DISCONNECTED; diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index a42a189e75..9274c1ef92 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -170,6 +170,9 @@ void ctgFreeSMetaData(SMetaData* pData) { taosArrayDestroy(pData->pTableCfg); pData->pTableCfg = NULL; + taosArrayDestroy(pData->pTableTag); + pData->pTableTag = NULL; + taosMemoryFreeClear(pData->pSvrVer); } @@ -530,7 +533,7 @@ void ctgFreeTaskRes(CTG_TASK_TYPE type, void** pRes) { } case CTG_TASK_GET_USER: { if (*pRes) { - SUserAuthRes* pAuth = (SUserAuthRes *)*pRes; + SUserAuthRes* pAuth = (SUserAuthRes*)*pRes; nodesDestroyNode(pAuth->pCond); taosMemoryFreeClear(*pRes); } @@ -711,6 +714,7 @@ void ctgFreeTaskCtx(SCtgTask* pTask) { SCtgTbTagCtx* taskCtx = (SCtgTbTagCtx*)pTask->taskCtx; taosMemoryFreeClear(taskCtx->pName); taosMemoryFreeClear(taskCtx->pVgInfo); + taosMemoryFreeClear(taskCtx); break; } case CTG_TASK_GET_DB_VGROUP: diff --git a/source/libs/nodes/src/nodesUtilFuncs.c b/source/libs/nodes/src/nodesUtilFuncs.c index 422a196c50..f71eef7969 100644 --- a/source/libs/nodes/src/nodesUtilFuncs.c +++ b/source/libs/nodes/src/nodesUtilFuncs.c @@ -827,6 +827,8 @@ void nodesDestroyNode(SNode* pNode) { SVnodeModifyOpStmt* pStmt = (SVnodeModifyOpStmt*)pNode; destroyVgDataBlockArray(pStmt->pDataBlocks); taosMemoryFreeClear(pStmt->pTableMeta); + nodesDestroyNode(pStmt->pTagCond); + taosArrayDestroy(pStmt->pTableTag); taosHashCleanup(pStmt->pVgroupsHashObj); taosHashCleanup(pStmt->pSubTableHashObj); taosHashCleanup(pStmt->pTableNameHashObj); diff --git a/source/libs/parser/src/parAuthenticator.c b/source/libs/parser/src/parAuthenticator.c index d182f5bd73..1586d8128b 100644 --- a/source/libs/parser/src/parAuthenticator.c +++ b/source/libs/parser/src/parAuthenticator.c @@ -91,17 +91,22 @@ static int32_t mergeStableTagCond(SNode** pWhere, SNode* pTagCond) { } static int32_t appendStableTagCond(SNode** pWhere, SNode* pTagCond) { + SNode* pTagCondCopy = nodesCloneNode(pTagCond); + if (NULL == pTagCondCopy) { + return TSDB_CODE_OUT_OF_MEMORY; + } + if (NULL == *pWhere) { - *pWhere = pTagCond; + *pWhere = pTagCondCopy; return TSDB_CODE_SUCCESS; } if (QUERY_NODE_LOGIC_CONDITION == nodeType(*pWhere) && LOGIC_COND_TYPE_AND == ((SLogicConditionNode*)*pWhere)->condType) { - return nodesListStrictAppend(((SLogicConditionNode*)*pWhere)->pParameterList, pTagCond); + return nodesListStrictAppend(((SLogicConditionNode*)*pWhere)->pParameterList, pTagCondCopy); } - return mergeStableTagCond(pWhere, pTagCond); + return mergeStableTagCond(pWhere, pTagCondCopy); } static EDealRes authSelectImpl(SNode* pNode, void* pContext) { diff --git a/source/libs/parser/src/parInsertSql.c b/source/libs/parser/src/parInsertSql.c index eb2efd573d..02de9f227d 100644 --- a/source/libs/parser/src/parInsertSql.c +++ b/source/libs/parser/src/parInsertSql.c @@ -53,6 +53,7 @@ typedef struct SInsertParseContext { bool missCache; bool usingDuplicateTable; bool forceUpdate; + bool needTableTagVal; } SInsertParseContext; typedef int32_t (*_row_append_fn_t)(SMsgBuf* pMsgBuf, const void* value, int32_t len, void* param); @@ -577,28 +578,39 @@ static int32_t rewriteTagCondColumnImpl(STagVal* pVal, SNode** pNode) { if (NULL == pValue) { return TSDB_CODE_OUT_OF_MEMORY; } - pValue->node.resType.type = pVal->type; + + pValue->node.resType = ((SColumnNode*)*pNode)->node.resType; + nodesDestroyNode(*pNode); + *pNode = (SNode*)pValue; + switch (pVal->type) { case TSDB_DATA_TYPE_BOOL: pValue->datum.b = *(int8_t*)(&pVal->i64); + *(bool*)&pValue->typeData = pValue->datum.b; break; case TSDB_DATA_TYPE_TINYINT: pValue->datum.i = *(int8_t*)(&pVal->i64); + *(int8_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_SMALLINT: pValue->datum.i = *(int16_t*)(&pVal->i64); + *(int16_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_INT: pValue->datum.i = *(int32_t*)(&pVal->i64); + *(int32_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_BIGINT: pValue->datum.i = pVal->i64; + pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_FLOAT: pValue->datum.d = *(float*)(&pVal->i64); + *(float*)&pValue->typeData = pValue->datum.d; break; case TSDB_DATA_TYPE_DOUBLE: pValue->datum.d = *(double*)(&pVal->i64); + *(double*)&pValue->typeData = pValue->datum.d; break; case TSDB_DATA_TYPE_VARCHAR: case TSDB_DATA_TYPE_NCHAR: @@ -611,18 +623,23 @@ static int32_t rewriteTagCondColumnImpl(STagVal* pVal, SNode** pNode) { break; case TSDB_DATA_TYPE_TIMESTAMP: pValue->datum.i = pVal->i64; + pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_UTINYINT: pValue->datum.i = *(uint8_t*)(&pVal->i64); + *(uint8_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_USMALLINT: pValue->datum.i = *(uint16_t*)(&pVal->i64); + *(uint16_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_UINT: pValue->datum.i = *(uint32_t*)(&pVal->i64); + *(uint32_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_UBIGINT: pValue->datum.i = *(uint64_t*)(&pVal->i64); + *(uint64_t*)&pValue->typeData = pValue->datum.i; break; case TSDB_DATA_TYPE_JSON: case TSDB_DATA_TYPE_VARBINARY: @@ -667,16 +684,15 @@ static int32_t checkTagCondResult(SNode* pResult) { : TSDB_CODE_PAR_PERMISSION_DENIED; } -int32_t checkSubtablePrivilege(SArray* pTagVals, SArray* pTagName, SNode* pCond) { - int32_t code = setTagVal(pTagVals, pTagName, pCond); - SNode* pNew = NULL; +static int32_t checkSubtablePrivilege(SArray* pTagVals, SArray* pTagName, SNode** pCond) { + int32_t code = setTagVal(pTagVals, pTagName, *pCond); if (TSDB_CODE_SUCCESS == code) { - code = scalarCalculateConstants(pCond, &pNew); + code = scalarCalculateConstants(*pCond, pCond); } if (TSDB_CODE_SUCCESS == code) { - code = checkTagCondResult(pNew); + code = checkTagCondResult(*pCond); } - nodesDestroyNode(pNew); + NODES_DESTORY_NODE(*pCond); return code; } @@ -716,6 +732,10 @@ static int32_t parseTagsClauseImpl(SInsertParseContext* pCxt, SVnodeModifyOpStmt } } + if (TSDB_CODE_SUCCESS == code && NULL != pStmt->pTagCond) { + code = checkSubtablePrivilege(pTagVals, pTagName, &pStmt->pTagCond); + } + if (TSDB_CODE_SUCCESS == code && !isParseBindParam && !isJson) { code = tTagNew(pTagVals, 1, false, &pTag); } @@ -843,7 +863,7 @@ static void setUserAuthInfo(SParseContext* pCxt, SName* pTbName, SUserAuthInfo* pInfo->type = AUTH_TYPE_WRITE; } -static int32_t checkAuth(SParseContext* pCxt, SName* pTbName, bool* pMissCache) { +static int32_t checkAuth(SParseContext* pCxt, SName* pTbName, bool* pMissCache, SNode** pTagCond) { int32_t code = TSDB_CODE_SUCCESS; SUserAuthInfo authInfo = {0}; setUserAuthInfo(pCxt, pTbName, &authInfo); @@ -863,11 +883,28 @@ static int32_t checkAuth(SParseContext* pCxt, SName* pTbName, bool* pMissCache) *pMissCache = true; } else if (!authRes.pass) { code = TSDB_CODE_PAR_PERMISSION_DENIED; + } else if (NULL != authRes.pCond) { + *pTagCond = authRes.pCond; } } return code; } +static int32_t checkAuthForTable(SParseContext* pCxt, SName* pTbName, bool* pMissCache, bool* pNeedTableTagVal) { + SNode* pTagCond = NULL; + int32_t code = checkAuth(pCxt, pTbName, pMissCache, &pTagCond); + if (TSDB_CODE_SUCCESS == code) { + *pNeedTableTagVal = ((*pMissCache) || (NULL != pTagCond)); + *pMissCache = (NULL != pTagCond); + } + nodesDestroyNode(pTagCond); + return code; +} + +static int32_t checkAuthForStable(SParseContext* pCxt, SName* pTbName, bool* pMissCache, SNode** pTagCond) { + return checkAuth(pCxt, pTbName, pMissCache, pTagCond); +} + static int32_t getTableMeta(SInsertParseContext* pCxt, SName* pTbName, bool isStb, STableMeta** pTableMeta, bool* pMissCache) { SParseContext* pComCxt = pCxt->pComCxt; @@ -970,7 +1007,7 @@ static int32_t getTargetTableSchema(SInsertParseContext* pCxt, SVnodeModifyOpStm return TSDB_CODE_SUCCESS; } - int32_t code = checkAuth(pCxt->pComCxt, &pStmt->targetTableName, &pCxt->missCache); + int32_t code = checkAuthForTable(pCxt->pComCxt, &pStmt->targetTableName, &pCxt->missCache, &pCxt->needTableTagVal); if (TSDB_CODE_SUCCESS == code && !pCxt->missCache) { code = getTableMetaAndVgroup(pCxt, pStmt, &pCxt->missCache); } @@ -993,7 +1030,7 @@ static int32_t getUsingTableSchema(SInsertParseContext* pCxt, SVnodeModifyOpStmt return TSDB_CODE_SUCCESS; } - int32_t code = checkAuth(pCxt->pComCxt, &pStmt->targetTableName, &pCxt->missCache); + int32_t code = checkAuthForStable(pCxt->pComCxt, &pStmt->usingTableName, &pCxt->missCache, &pStmt->pTagCond); if (TSDB_CODE_SUCCESS == code && !pCxt->missCache) { code = getTableMeta(pCxt, &pStmt->usingTableName, true, &pStmt->pTableMeta, &pCxt->missCache); } @@ -1606,6 +1643,8 @@ static int32_t parseInsertTableClauseBottom(SInsertParseContext* pCxt, SVnodeMod static void resetEnvPreTable(SInsertParseContext* pCxt, SVnodeModifyOpStmt* pStmt) { insDestroyBoundColInfo(&pCxt->tags); taosMemoryFreeClear(pStmt->pTableMeta); + nodesDestroyNode(pStmt->pTagCond); + taosArrayDestroy(pStmt->pTableTag); tdDestroySVCreateTbReq(pStmt->pCreateTblReq); taosMemoryFreeClear(pStmt->pCreateTblReq); pCxt->missCache = false; @@ -1780,14 +1819,18 @@ static int32_t createInsertQuery(SInsertParseContext* pCxt, SQuery** pOutput) { return code; } -static int32_t checkAuthFromMetaData(const SArray* pUsers) { +static int32_t checkAuthFromMetaData(const SArray* pUsers, SNode** pTagCond) { if (1 != taosArrayGetSize(pUsers)) { return TSDB_CODE_FAILED; } SMetaRes* pRes = taosArrayGet(pUsers, 0); if (TSDB_CODE_SUCCESS == pRes->code) { - return (*(bool*)pRes->pRes) ? TSDB_CODE_SUCCESS : TSDB_CODE_PAR_PERMISSION_DENIED; + SUserAuthRes* pAuth = pRes->pRes; + if (NULL != pAuth->pCond) { + *pTagCond = nodesCloneNode(pAuth->pCond); + } + return pAuth->pass ? TSDB_CODE_SUCCESS : TSDB_CODE_PAR_PERMISSION_DENIED; } return pRes->code; } @@ -1826,9 +1869,40 @@ static int32_t getTableVgroupFromMetaData(const SArray* pTables, SVnodeModifyOpS sizeof(SVgroupInfo)); } +static int32_t buildTagNameFromMeta(STableMeta* pMeta, SArray** pTagName) { + *pTagName = taosArrayInit(pMeta->tableInfo.numOfTags, TSDB_COL_NAME_LEN); + if (NULL == *pTagName) { + return TSDB_CODE_OUT_OF_MEMORY; + } + SSchema* pSchema = getTableTagSchema(pMeta); + for (int32_t i = 0; i < pMeta->tableInfo.numOfTags; ++i) { + taosArrayPush(*pTagName, pSchema[i].name); + } + return TSDB_CODE_SUCCESS; +} + +static int32_t checkSubtablePrivilegeForTable(const SArray* pTables, SVnodeModifyOpStmt* pStmt) { + if (1 != taosArrayGetSize(pTables)) { + return TSDB_CODE_FAILED; + } + + SMetaRes* pRes = taosArrayGet(pTables, 0); + if (TSDB_CODE_SUCCESS != pRes->code) { + return pRes->code; + } + + SArray* pTagName = NULL; + int32_t code = buildTagNameFromMeta(pStmt->pTableMeta, &pTagName); + if (TSDB_CODE_SUCCESS == code) { + code = checkSubtablePrivilege((SArray*)pRes->pRes, pTagName, &pStmt->pTagCond); + } + taosArrayDestroy(pTagName); + return code; +} + static int32_t getTableSchemaFromMetaData(SInsertParseContext* pCxt, const SMetaData* pMetaData, SVnodeModifyOpStmt* pStmt, bool isStb) { - int32_t code = checkAuthFromMetaData(pMetaData->pUser); + int32_t code = checkAuthFromMetaData(pMetaData->pUser, &pStmt->pTagCond); if (TSDB_CODE_SUCCESS == code) { code = getTableMetaFromMetaData(pMetaData->pTableMeta, &pStmt->pTableMeta); } @@ -1841,6 +1915,9 @@ static int32_t getTableSchemaFromMetaData(SInsertParseContext* pCxt, const SMeta if (TSDB_CODE_SUCCESS == code) { code = getTableVgroupFromMetaData(pMetaData->pTableHash, pStmt, isStb); } + if (TSDB_CODE_SUCCESS == code && !isStb && NULL != pStmt->pTagCond) { + code = checkSubtablePrivilegeForTable(pMetaData->pTableTag, pStmt); + } return code; } @@ -1860,6 +1937,8 @@ static void clearCatalogReq(SCatalogReq* pCatalogReq) { pCatalogReq->pTableHash = NULL; taosArrayDestroy(pCatalogReq->pUser); pCatalogReq->pUser = NULL; + taosArrayDestroy(pCatalogReq->pTableTag); + pCatalogReq->pTableTag = NULL; } static int32_t setVnodeModifOpStmt(SInsertParseContext* pCxt, SCatalogReq* pCatalogReq, const SMetaData* pMetaData, @@ -2033,8 +2112,15 @@ static int32_t buildInsertUserAuthReq(const char* pUser, SName* pName, SArray** return TSDB_CODE_SUCCESS; } +static int32_t buildInsertTableTagReq(SName* pName, SArray** pTables) { return buildInsertTableReq(pName, pTables); } + static int32_t buildInsertCatalogReq(SInsertParseContext* pCxt, SVnodeModifyOpStmt* pStmt, SCatalogReq* pCatalogReq) { - int32_t code = buildInsertUserAuthReq(pCxt->pComCxt->pUser, &pStmt->targetTableName, &pCatalogReq->pUser); + int32_t code = buildInsertUserAuthReq( + pCxt->pComCxt->pUser, (0 == pStmt->usingTableName.type ? &pStmt->targetTableName : &pStmt->usingTableName), + &pCatalogReq->pUser); + if (TSDB_CODE_SUCCESS == code && pCxt->needTableTagVal) { + code = buildInsertTableTagReq(&pStmt->targetTableName, &pCatalogReq->pTableTag); + } if (TSDB_CODE_SUCCESS == code) { if (0 == pStmt->usingTableName.type) { code = buildInsertDbReq(&pStmt->targetTableName, &pCatalogReq->pTableMeta); diff --git a/source/libs/scalar/src/scalar.c b/source/libs/scalar/src/scalar.c index 0521076d23..d9295656e8 100644 --- a/source/libs/scalar/src/scalar.c +++ b/source/libs/scalar/src/scalar.c @@ -53,6 +53,7 @@ int32_t sclCreateColumnInfoData(SDataType *pType, int32_t numOfRows, SScalarPara int32_t code = colInfoDataEnsureCapacity(pColumnData, numOfRows, true); if (code != TSDB_CODE_SUCCESS) { terrno = TSDB_CODE_OUT_OF_MEMORY; + colDataDestroy(pColumnData); taosMemoryFree(pColumnData); return terrno; } @@ -1061,17 +1062,20 @@ int32_t sclConvertOpValueNodeTs(SOperatorNode *node, SScalarCtx *ctx) { if (node->pLeft && SCL_IS_VAR_VALUE_NODE(node->pLeft)) { if (node->pRight && (TSDB_DATA_TYPE_TIMESTAMP == ((SExprNode *)node->pRight)->resType.type)) { - SCL_ERR_JRET(sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, node->pRight), (SValueNode*)node->pLeft)); + SCL_ERR_JRET( + sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, node->pRight), (SValueNode *)node->pLeft)); } } else if (node->pRight && SCL_IS_NOTNULL_CONST_NODE(node->pRight)) { if (node->pLeft && (TSDB_DATA_TYPE_TIMESTAMP == ((SExprNode *)node->pLeft)->resType.type)) { if (SCL_IS_VAR_VALUE_NODE(node->pRight)) { - SCL_ERR_JRET(sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, node->pRight), (SValueNode*)node->pRight)); + SCL_ERR_JRET(sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, node->pRight), + (SValueNode *)node->pRight)); } else if (QUERY_NODE_NODE_LIST == node->pRight->type) { - SNode* pNode; - FOREACH(pNode, ((SNodeListNode*)node->pRight)->pNodeList) { + SNode *pNode; + FOREACH(pNode, ((SNodeListNode *)node->pRight)->pNodeList) { if (SCL_IS_VAR_VALUE_NODE(pNode)) { - SCL_ERR_JRET(sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, pNode), (SValueNode*)pNode)); + SCL_ERR_JRET( + sclConvertToTsValueNode(sclGetOpValueNodeTsPrecision(node->pLeft, pNode), (SValueNode *)pNode)); } } } @@ -1086,8 +1090,6 @@ _return: return DEAL_RES_ERROR; } - - int32_t sclConvertCaseWhenValueNodeTs(SCaseWhenNode *node, SScalarCtx *ctx) { int32_t code = 0; @@ -1096,19 +1098,20 @@ int32_t sclConvertCaseWhenValueNodeTs(SCaseWhenNode *node, SScalarCtx *ctx) { } if (SCL_IS_VAR_VALUE_NODE(node->pCase)) { - SNode* pNode; + SNode *pNode; FOREACH(pNode, node->pWhenThenList) { SExprNode *pExpr = (SExprNode *)((SWhenThenNode *)pNode)->pWhen; if (TSDB_DATA_TYPE_TIMESTAMP == pExpr->resType.type) { - SCL_ERR_JRET(sclConvertToTsValueNode(pExpr->resType.precision, (SValueNode*)node->pCase)); + SCL_ERR_JRET(sclConvertToTsValueNode(pExpr->resType.precision, (SValueNode *)node->pCase)); break; } } } else if (TSDB_DATA_TYPE_TIMESTAMP == ((SExprNode *)node->pCase)->resType.type) { - SNode* pNode; + SNode *pNode; FOREACH(pNode, node->pWhenThenList) { if (SCL_IS_VAR_VALUE_NODE(((SWhenThenNode *)pNode)->pWhen)) { - SCL_ERR_JRET(sclConvertToTsValueNode(((SExprNode *)node->pCase)->resType.precision, (SValueNode*)((SWhenThenNode *)pNode)->pWhen)); + SCL_ERR_JRET(sclConvertToTsValueNode(((SExprNode *)node->pCase)->resType.precision, + (SValueNode *)((SWhenThenNode *)pNode)->pWhen)); } } } @@ -1271,7 +1274,6 @@ EDealRes sclRewriteLogic(SNode **pNode, SScalarCtx *ctx) { return DEAL_RES_CONTINUE; } - EDealRes sclRewriteOperator(SNode **pNode, SScalarCtx *ctx) { SOperatorNode *node = (SOperatorNode *)*pNode; diff --git a/tests/parallel_test/cases.task b/tests/parallel_test/cases.task index dda4ec3e84..8ea13e741c 100644 --- a/tests/parallel_test/cases.task +++ b/tests/parallel_test/cases.task @@ -722,6 +722,7 @@ ,,y,script,./test.sh -f tsim/user/privilege_db.sim ,,y,script,./test.sh -f tsim/user/privilege_sysinfo.sim ,,y,script,./test.sh -f tsim/user/privilege_topic.sim +,,y,script,./test.sh -f tsim/user/privilege_table.sim ,,y,script,./test.sh -f tsim/db/alter_option.sim ,,y,script,./test.sh -f tsim/db/alter_replica_31.sim ,,y,script,./test.sh -f tsim/db/basic1.sim diff --git a/tests/script/tsim/user/privilege_table.sim b/tests/script/tsim/user/privilege_table.sim index 5256cdd21d..05f91ff5b0 100644 --- a/tests/script/tsim/user/privilege_table.sim +++ b/tests/script/tsim/user/privilege_table.sim @@ -96,7 +96,9 @@ sql connect wxy sql reset query cache; sql_error select tbname, * from test.st1; sql insert into test.st1s1 values(now, 10); +sql insert into test.st1s3 using test.st1 tags(1, 'dachang') values(now, 100); sql_error insert into test.st1s2 values(now, 20); +sql_error insert into test.st1s4 using test.st1 tags(3, 'dachang') values(now, 300); sql_error select * from test.st2; sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); @@ -112,7 +114,7 @@ sql connect wxy sql reset query cache; sql select * from test.st1; -if $rows != 5 then +if $rows != 6 then return -1 endi sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); @@ -133,7 +135,7 @@ sql connect wxy sql reset query cache; sql select * from test.st1; -if $rows != 2 then +if $rows != 6 then return -1 endi sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); @@ -153,8 +155,9 @@ sql grant read on test.st1 with id = 1 to wxy; sql close sql connect wxy +sql reset query cache; sql select * from test.st1; -if $rows != 1 then +if $rows != 4 then return -1 endi sql_error insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); @@ -174,8 +177,9 @@ sql grant write on test.st1 to wxy; sql close sql connect wxy +sql reset query cache; sql select * from test.st1; -if $rows != 2 then +if $rows != 6 then return -1 endi sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); @@ -195,10 +199,17 @@ sql grant write on test.st1 with id = 1 to wxy; sql close sql connect wxy -sql select * from test.st1; +sql reset query cache; +sql select * from test.st1; +if $rows != 8 then + return -1 +endi sql insert into test.st1s1 values(now, 10); sql_error insert into test.st1s2 values(now, 20); -sql select * from test.st2; +sql select * from test.st2; +if $rows != 2 then + return -1 +endi sql_error insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); print =============== case 11: database write privilege and table unauthorized @@ -212,6 +223,7 @@ sql grant write on test.* to wxy; sql close sql connect wxy +sql reset query cache; sql_error select * from test.st1; sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); sql_error select * from test.st2; @@ -226,7 +238,11 @@ sql grant read on test.st1 to wxy; sql close sql connect wxy +sql reset query cache; sql select * from test.st1; +if $rows != 11 then + return -1 +endi sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); sql_error select * from test.st2; sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); @@ -241,7 +257,11 @@ sql grant read on test.st1 with id = 1 to wxy; sql close sql connect wxy +sql reset query cache; sql select * from test.st1; +if $rows != 8 then + return -1 +endi sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); sql_error select * from test.st2; sql insert into test.st2s1 values(now, 10) test.st2s2 values(now, 20); @@ -256,6 +276,7 @@ sql grant write on test.st1 to wxy; sql close sql connect wxy +sql reset query cache; sql_error select * from test.st1; sql insert into test.st1s1 values(now, 10) test.st1s2 values(now, 20); sql_error select * from test.st2; @@ -271,6 +292,7 @@ sql grant write on test.st1 with id = 1 to wxy; sql close sql connect wxy +sql reset query cache; sql_error select * from test.st1; sql insert into test.st1s1 values(now, 10); sql_error insert into test.st1s2 values(now, 20); diff --git a/tests/script/win-test-file b/tests/script/win-test-file index 2d5a1b3108..3b358993fa 100644 --- a/tests/script/win-test-file +++ b/tests/script/win-test-file @@ -3,6 +3,7 @@ ./test.sh -f tsim/user/privilege_db.sim ./test.sh -f tsim/user/privilege_sysinfo.sim ./test.sh -f tsim/user/privilege_topic.sim +./test.sh -f tsim/user/privilege_table.sim ./test.sh -f tsim/db/alter_option.sim rem ./test.sh -f tsim/db/alter_replica_13.sim ./test.sh -f tsim/db/alter_replica_31.sim