From 33966cf8563ce056a4dc8ed8536b5c71f94d7d41 Mon Sep 17 00:00:00 2001
From: shenglian zhou <shenglian_zhou@163.com>
Date: Tue, 29 Aug 2023 17:35:03 +0800
Subject: [PATCH] enhance: continue coding

---
 include/common/tmsg.h                  | 10 ++++++
 include/libs/nodes/cmdnodes.h          |  4 +++
 include/util/taoserror.h               |  1 +
 source/common/src/tmsg.c               | 33 ++++++++++++++++-
 source/dnode/mnode/impl/src/mndUser.c  |  2 +-
 source/libs/parser/src/parAstCreater.c | 49 +++++++++++++++++++++++---
 6 files changed, 93 insertions(+), 6 deletions(-)

diff --git a/include/common/tmsg.h b/include/common/tmsg.h
index 8ba2cf1cc5..c2e6aecd67 100644
--- a/include/common/tmsg.h
+++ b/include/common/tmsg.h
@@ -884,6 +884,11 @@ typedef struct {
 int32_t tSerializeSDropUserReq(void* buf, int32_t bufLen, SDropUserReq* pReq);
 int32_t tDeserializeSDropUserReq(void* buf, int32_t bufLen, SDropUserReq* pReq);
 
+typedef struct SIpV4Range{
+  uint32_t ip;
+  uint32_t mask;
+} SIpV4Range;
+
 typedef struct {
   int8_t createType;
   int8_t superUser;  // denote if it is a super user or not
@@ -893,10 +898,13 @@ typedef struct {
   char   pass[TSDB_USET_PASSWORD_LEN];
   int32_t sqlLen;
   char*   sql;
+  int32_t numIpRanges;
+  SIpV4Range* pIpRanges;
 } SCreateUserReq;
 
 int32_t tSerializeSCreateUserReq(void* buf, int32_t bufLen, SCreateUserReq* pReq);
 int32_t tDeserializeSCreateUserReq(void* buf, int32_t bufLen, SCreateUserReq* pReq);
+void    tFreeSCreateUserReq(SCreateUserReq* pReq);
 
 typedef struct {
   int8_t  alterType;
@@ -911,6 +919,8 @@ typedef struct {
   int32_t tagCondLen;
   int32_t sqlLen;
   char*   sql;
+  int32_t numIpRanges;
+  SIpV4Range* pIpRanges;
 } SAlterUserReq;
 
 int32_t tSerializeSAlterUserReq(void* buf, int32_t bufLen, SAlterUserReq* pReq);
diff --git a/include/libs/nodes/cmdnodes.h b/include/libs/nodes/cmdnodes.h
index f0a715e651..59b66eafd9 100644
--- a/include/libs/nodes/cmdnodes.h
+++ b/include/libs/nodes/cmdnodes.h
@@ -222,6 +222,8 @@ typedef struct SCreateUserStmt {
   char      userName[TSDB_USER_LEN];
   char      password[TSDB_USET_PASSWORD_LEN];
   int8_t    sysinfo;
+  int32_t numIpRanges;
+  SIpV4Range* pIpRanges;
 } SCreateUserStmt;
 
 typedef struct SAlterUserStmt {
@@ -231,6 +233,8 @@ typedef struct SAlterUserStmt {
   char      password[TSDB_USET_PASSWORD_LEN];
   int8_t    enable;
   int8_t    sysinfo;
+  int32_t numIpRanges;
+  SIpV4Range* pIpRanges;
 } SAlterUserStmt;
 
 typedef struct SDropUserStmt {
diff --git a/include/util/taoserror.h b/include/util/taoserror.h
index 4a3f0d3a70..ccd5d63263 100644
--- a/include/util/taoserror.h
+++ b/include/util/taoserror.h
@@ -710,6 +710,7 @@ int32_t* taosGetErrno();
 #define TSDB_CODE_PAR_SYSTABLE_NOT_ALLOWED_FUNC TAOS_DEF_ERROR_CODE(0, 0x2668)
 #define TSDB_CODE_PAR_SYSTABLE_NOT_ALLOWED      TAOS_DEF_ERROR_CODE(0, 0x2669)
 #define TSDB_CODE_PAR_INVALID_VARBINARY         TAOS_DEF_ERROR_CODE(0, 0x266A)
+#define TSDB_CODE_PAR_INVALID_IP_RANGE          TAOS_DEF_ERROR_CODE(0, 0x266B)
 #define TSDB_CODE_PAR_INTERNAL_ERROR            TAOS_DEF_ERROR_CODE(0, 0x26FF)
 
 //planner
diff --git a/source/common/src/tmsg.c b/source/common/src/tmsg.c
index 9a21563abe..7bf6520140 100644
--- a/source/common/src/tmsg.c
+++ b/source/common/src/tmsg.c
@@ -1380,6 +1380,11 @@ int32_t tSerializeSCreateUserReq(void *buf, int32_t bufLen, SCreateUserReq *pReq
   if (tEncodeI8(&encoder, pReq->enable) < 0) return -1;
   if (tEncodeCStr(&encoder, pReq->user) < 0) return -1;
   if (tEncodeCStr(&encoder, pReq->pass) < 0) return -1;
+  if (tEncodeI32(&encoder, pReq->numIpRanges) < 0) return -1;
+  for (int32_t i = 0; i < pReq->numIpRanges; ++i) {
+    if (tEncodeU32(&encoder, pReq->pIpRanges[i].ip) < 0) return -1;
+    if (tEncodeU32(&encoder, pReq->pIpRanges[i].mask) < 0) return -1;
+  }
   tEndEncode(&encoder);
 
   int32_t tlen = encoder.pos;
@@ -1398,12 +1403,23 @@ int32_t tDeserializeSCreateUserReq(void *buf, int32_t bufLen, SCreateUserReq *pR
   if (tDecodeI8(&decoder, &pReq->enable) < 0) return -1;
   if (tDecodeCStrTo(&decoder, pReq->user) < 0) return -1;
   if (tDecodeCStrTo(&decoder, pReq->pass) < 0) return -1;
+  if (tDecodeI32(&decoder, &pReq->numIpRanges) < 0) return -1;
+  pReq->pIpRanges = taosMemoryMalloc(pReq->numIpRanges * sizeof(SIpV4Range));
+  if (pReq->pIpRanges == NULL) return -1;
+  for (int32_t i = 0; i < pReq->numIpRanges; ++i) {
+    if (tDecodeU32(&decoder, &(pReq->pIpRanges[i].ip)) < 0) return -1;
+    if (tDecodeU32(&decoder, &(pReq->pIpRanges[i].mask)) < 0) return -1;
+  }
   tEndDecode(&decoder);
 
   tDecoderClear(&decoder);
   return 0;
 }
 
+void tFreeSCreateUserReq(SCreateUserReq* pReq) {
+  taosMemoryFree(pReq->pIpRanges);
+}
+
 int32_t tSerializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq) {
   SEncoder encoder = {0};
   tEncoderInit(&encoder, buf, bufLen);
@@ -1422,6 +1438,11 @@ int32_t tSerializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq)
     if (tEncodeCStr(&encoder, pReq->tabName) < 0) return -1;
   }
   if (tEncodeBinary(&encoder, pReq->tagCond, pReq->tagCondLen) < 0) return -1;
+  if (tEncodeI32(&encoder, pReq->numIpRanges) < 0) return -1;
+  for (int32_t i = 0; i < pReq->numIpRanges; ++i) {
+    if (tEncodeU32(&encoder, pReq->pIpRanges[i].ip) < 0) return -1;
+    if (tEncodeU32(&encoder, pReq->pIpRanges[i].mask) < 0) return -1;
+  }
   tEndEncode(&encoder);
 
   int32_t tlen = encoder.pos;
@@ -1451,13 +1472,23 @@ int32_t tDeserializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq
     if (tDecodeBinaryAlloc(&decoder, (void **)&pReq->tagCond, &tagCondLen) < 0) return -1;
     pReq->tagCondLen = tagCondLen;
   }
+  if (tDecodeI32(&decoder, &pReq->numIpRanges) < 0) return -1;
+  pReq->pIpRanges = taosMemoryMalloc(pReq->numIpRanges * sizeof(SIpV4Range));
+  if (pReq->pIpRanges == NULL) return -1;
+  for (int32_t i = 0; i < pReq->numIpRanges; ++i) {
+    if (tDecodeU32(&decoder, &(pReq->pIpRanges[i].ip)) < 0) return -1;
+    if (tDecodeU32(&decoder, &(pReq->pIpRanges[i].mask)) < 0) return -1;
+  }
   tEndDecode(&decoder);
 
   tDecoderClear(&decoder);
   return 0;
 }
 
-void tFreeSAlterUserReq(SAlterUserReq *pReq) { taosMemoryFreeClear(pReq->tagCond); }
+void tFreeSAlterUserReq(SAlterUserReq *pReq) {
+  taosMemoryFreeClear(pReq->tagCond);
+  taosMemoryFree(pReq->pIpRanges);
+}
 
 int32_t tSerializeSGetUserAuthReq(void *buf, int32_t bufLen, SGetUserAuthReq *pReq) {
   SEncoder encoder = {0};
diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c
index 8afc73bef6..832e2b0da7 100644
--- a/source/dnode/mnode/impl/src/mndUser.c
+++ b/source/dnode/mnode/impl/src/mndUser.c
@@ -665,7 +665,7 @@ _OVER:
 
   mndReleaseUser(pMnode, pUser);
   mndReleaseUser(pMnode, pOperUser);
-
+  tFreeSCreateUserReq(&createReq);
   return code;
 }
 
diff --git a/source/libs/parser/src/parAstCreater.c b/source/libs/parser/src/parAstCreater.c
index cc2e11fea2..94e678b0bc 100644
--- a/source/libs/parser/src/parAstCreater.c
+++ b/source/libs/parser/src/parAstCreater.c
@@ -14,6 +14,7 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include <arpa/inet.h>
 #include <regex.h>
 
 #include "parAst.h"
@@ -1665,16 +1666,56 @@ SNode* createCreateUserStmt(SAstCreateContext* pCxt, SToken* pUserName, const ST
   return (SNode*)pStmt;
 }
 
+static int32_t getIpV4RangeFromWhitelistItem(char* ipRange, SIpV4Range* pIpRange) {
+  struct in_addr addr;
+
+  char* ipCopy = strdup(ipRange);
+  char* slash = strchr(ipCopy, '/');
+  if (slash) {
+    *slash = '\0';
+    if (inet_pton(AF_INET, ipCopy, &addr) == 1) {
+      int prefix = atoi(slash + 1);
+      pIpRange->ip = addr.s_addr;
+      uint32_t mask = (1 << (32 - prefix)) - 1;
+      mask = htonl(~mask);
+      pIpRange->mask = mask;
+      if (prefix < 0 || prefix > 32) {
+        return TSDB_CODE_PAR_INVALID_IP_RANGE;
+      }
+    } else {
+      return TSDB_CODE_PAR_INVALID_IP_RANGE;
+    }
+  } else {
+    if (inet_pton(AF_INET, ipCopy, &addr) == 1) {
+      pIpRange->ip = addr.s_addr;
+      pIpRange->mask = 0xFFFFFFFF;
+    } else {
+      return TSDB_CODE_PAR_INVALID_IP_RANGE;
+    }
+  }
+  return TSDB_CODE_SUCCESS;
+}
+
 SNode* addCreateUserStmtWhiteList(SAstCreateContext* pCxt, SNode* pCreateUserStmt, SNodeList* pIpRangesNodeList) {
   if (pIpRangesNodeList == NULL) {
     return pCreateUserStmt;
   }
+  SCreateUserStmt* pCreateUser = (SCreateUserStmt*)pCreateUserStmt;
+  pCreateUser->numIpRanges = LIST_LENGTH(pIpRangesNodeList);
+  pCreateUser->pIpRanges = taosMemoryMalloc(pCreateUser->numIpRanges * sizeof(SIpV4Range));
+  int32_t i = 0;
+  int32_t code = 0;
+
   SNode* pNode = NULL;
   FOREACH(pNode, pIpRangesNodeList) {
-    char* pStr = NULL;
-    nodesNodeToString(pNode, false, &pStr, NULL);
-    printf("%s\n", pStr);
-    taosMemoryFree(pStr);  
+    SValueNode* pValNode = (SValueNode*)(pNode);
+    code = getIpV4RangeFromWhitelistItem(pValNode->literal, pCreateUser->pIpRanges + i);
+    if (code != TSDB_CODE_SUCCESS) {
+      //TODO: see check user name/pass to return error no
+      taosMemoryFree(pCreateUser->pIpRanges);
+      nodesDestroyNode(pCreateUserStmt);
+      return NULL;
+    }
   }
   return pCreateUserStmt;
 }