From 5ea1f3512fcfc907a0a0e5f23b313ab980d8de9a Mon Sep 17 00:00:00 2001 From: Shengliang Guan Date: Wed, 15 Jun 2022 14:43:30 +0800 Subject: [PATCH] feat: increase enable and sysinfo limits for user privilege --- include/common/tmsg.h | 9 +++++++ source/common/src/systable.c | 4 ++- source/common/src/tmsg.c | 14 ++++++++++ source/dnode/mnode/impl/inc/mndDef.h | 3 +++ source/dnode/mnode/impl/src/mndUser.c | 36 +++++++++++++++++++++----- source/libs/parser/src/parTranslater.c | 2 ++ 6 files changed, 60 insertions(+), 8 deletions(-) diff --git a/include/common/tmsg.h b/include/common/tmsg.h index fb32cb382a..6474147eca 100644 --- a/include/common/tmsg.h +++ b/include/common/tmsg.h @@ -135,6 +135,8 @@ typedef enum _mgmt_table { #define TSDB_ALTER_USER_REMOVE_WRITE_DB 0x6 #define TSDB_ALTER_USER_ADD_ALL_DB 0x7 #define TSDB_ALTER_USER_REMOVE_ALL_DB 0x8 +#define TSDB_ALTER_USER_ENABLE 0x9 +#define TSDB_ALTER_USER_SYSINFO 0xA #define TSDB_ALTER_USER_PRIVILEGES 0x2 @@ -534,6 +536,8 @@ int32_t tDeserializeSDropUserReq(void* buf, int32_t bufLen, SDropUserReq* pReq); typedef struct { int8_t createType; int8_t superUser; // denote if it is a super user or not + int8_t sysInfo; + int8_t enable; char user[TSDB_USER_LEN]; char pass[TSDB_USET_PASSWORD_LEN]; } SCreateUserReq; @@ -544,6 +548,8 @@ int32_t tDeserializeSCreateUserReq(void* buf, int32_t bufLen, SCreateUserReq* pR typedef struct { int8_t alterType; int8_t superUser; + int8_t sysInfo; + int8_t enable; char user[TSDB_USER_LEN]; char pass[TSDB_USET_PASSWORD_LEN]; char dbname[TSDB_DB_FNAME_LEN]; @@ -563,6 +569,9 @@ typedef struct { char user[TSDB_USER_LEN]; int32_t version; int8_t superAuth; + int8_t sysInfo; + int8_t enable; + int8_t reserve; SHashObj* createdDbs; SHashObj* readDbs; SHashObj* writeDbs; diff --git a/source/common/src/systable.c b/source/common/src/systable.c index 08977abd61..12afb4999b 100644 --- a/source/common/src/systable.c +++ b/source/common/src/systable.c @@ -170,7 +170,9 @@ static const SSysDbTableSchema userTblDistSchema[] = { static const SSysDbTableSchema userUsersSchema[] = { {.name = "name", .bytes = TSDB_USER_LEN + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR}, - {.name = "privilege", .bytes = 10 + VARSTR_HEADER_SIZE, .type = TSDB_DATA_TYPE_VARCHAR}, + {.name = "super", .bytes = 1, .type = TSDB_DATA_TYPE_TINYINT}, + {.name = "enable", .bytes = 1, .type = TSDB_DATA_TYPE_TINYINT}, + {.name = "sysinfo", .bytes = 1, .type = TSDB_DATA_TYPE_TINYINT}, {.name = "create_time", .bytes = 8, .type = TSDB_DATA_TYPE_TIMESTAMP}, }; diff --git a/source/common/src/tmsg.c b/source/common/src/tmsg.c index 2f7ca249ef..0ba4c0056b 100644 --- a/source/common/src/tmsg.c +++ b/source/common/src/tmsg.c @@ -1160,6 +1160,8 @@ int32_t tSerializeSCreateUserReq(void *buf, int32_t bufLen, SCreateUserReq *pReq if (tStartEncode(&encoder) < 0) return -1; if (tEncodeI8(&encoder, pReq->createType) < 0) return -1; if (tEncodeI8(&encoder, pReq->superUser) < 0) return -1; + if (tEncodeI8(&encoder, pReq->sysInfo) < 0) return -1; + if (tEncodeI8(&encoder, pReq->enable) < 0) return -1; if (tEncodeCStr(&encoder, pReq->user) < 0) return -1; if (tEncodeCStr(&encoder, pReq->pass) < 0) return -1; tEndEncode(&encoder); @@ -1176,6 +1178,8 @@ int32_t tDeserializeSCreateUserReq(void *buf, int32_t bufLen, SCreateUserReq *pR if (tStartDecode(&decoder) < 0) return -1; if (tDecodeI8(&decoder, &pReq->createType) < 0) return -1; if (tDecodeI8(&decoder, &pReq->superUser) < 0) return -1; + if (tDecodeI8(&decoder, &pReq->sysInfo) < 0) return -1; + if (tDecodeI8(&decoder, &pReq->enable) < 0) return -1; if (tDecodeCStrTo(&decoder, pReq->user) < 0) return -1; if (tDecodeCStrTo(&decoder, pReq->pass) < 0) return -1; tEndDecode(&decoder); @@ -1191,6 +1195,8 @@ int32_t tSerializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq) if (tStartEncode(&encoder) < 0) return -1; if (tEncodeI8(&encoder, pReq->alterType) < 0) return -1; if (tEncodeI8(&encoder, pReq->superUser) < 0) return -1; + if (tEncodeI8(&encoder, pReq->sysInfo) < 0) return -1; + if (tEncodeI8(&encoder, pReq->enable) < 0) return -1; if (tEncodeCStr(&encoder, pReq->user) < 0) return -1; if (tEncodeCStr(&encoder, pReq->pass) < 0) return -1; if (tEncodeCStr(&encoder, pReq->dbname) < 0) return -1; @@ -1208,6 +1214,8 @@ int32_t tDeserializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq if (tStartDecode(&decoder) < 0) return -1; if (tDecodeI8(&decoder, &pReq->alterType) < 0) return -1; if (tDecodeI8(&decoder, &pReq->superUser) < 0) return -1; + if (tDecodeI8(&decoder, &pReq->sysInfo) < 0) return -1; + if (tDecodeI8(&decoder, &pReq->enable) < 0) return -1; if (tDecodeCStrTo(&decoder, pReq->user) < 0) return -1; if (tDecodeCStrTo(&decoder, pReq->pass) < 0) return -1; if (tDecodeCStrTo(&decoder, pReq->dbname) < 0) return -1; @@ -1245,6 +1253,9 @@ int32_t tDeserializeSGetUserAuthReq(void *buf, int32_t bufLen, SGetUserAuthReq * int32_t tSerializeSGetUserAuthRspImpl(SEncoder *pEncoder, SGetUserAuthRsp *pRsp) { if (tEncodeCStr(pEncoder, pRsp->user) < 0) return -1; if (tEncodeI8(pEncoder, pRsp->superAuth) < 0) return -1; + if (tEncodeI8(pEncoder, pRsp->sysInfo) < 0) return -1; + if (tEncodeI8(pEncoder, pRsp->enable) < 0) return -1; + if (tEncodeI8(pEncoder, pRsp->reserve) < 0) return -1; if (tEncodeI32(pEncoder, pRsp->version) < 0) return -1; int32_t numOfCreatedDbs = taosHashGetSize(pRsp->createdDbs); @@ -1300,6 +1311,9 @@ int32_t tDeserializeSGetUserAuthRspImpl(SDecoder *pDecoder, SGetUserAuthRsp *pRs if (tDecodeCStrTo(pDecoder, pRsp->user) < 0) return -1; if (tDecodeI8(pDecoder, &pRsp->superAuth) < 0) return -1; + if (tDecodeI8(pDecoder, &pRsp->sysInfo) < 0) return -1; + if (tDecodeI8(pDecoder, &pRsp->enable) < 0) return -1; + if (tDecodeI8(pDecoder, &pRsp->reserve) < 0) return -1; if (tDecodeI32(pDecoder, &pRsp->version) < 0) return -1; int32_t numOfCreatedDbs = 0; diff --git a/source/dnode/mnode/impl/inc/mndDef.h b/source/dnode/mnode/impl/inc/mndDef.h index 6dd5d1622c..0e0846ef84 100644 --- a/source/dnode/mnode/impl/inc/mndDef.h +++ b/source/dnode/mnode/impl/inc/mndDef.h @@ -226,6 +226,9 @@ typedef struct { int64_t createdTime; int64_t updateTime; int8_t superUser; + int8_t sysInfo; + int8_t enable; + int8_t reserve; int32_t acctId; int32_t authVersion; SHashObj* readDbs; diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c index 345d756f43..a86b9c904e 100644 --- a/source/dnode/mnode/impl/src/mndUser.c +++ b/source/dnode/mnode/impl/src/mndUser.c @@ -68,6 +68,8 @@ static int32_t mndCreateDefaultUser(SMnode *pMnode, char *acct, char *user, char tstrncpy(userObj.acct, acct, TSDB_USER_LEN); userObj.createdTime = taosGetTimestampMs(); userObj.updateTime = userObj.createdTime; + userObj.sysInfo = 1; + userObj.enable = 1; if (strcmp(user, TSDB_DEFAULT_USER) == 0) { userObj.superUser = 1; @@ -128,6 +130,9 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { SDB_SET_INT64(pRaw, dataPos, pUser->createdTime, _OVER) SDB_SET_INT64(pRaw, dataPos, pUser->updateTime, _OVER) SDB_SET_INT8(pRaw, dataPos, pUser->superUser, _OVER) + SDB_SET_INT8(pRaw, dataPos, pUser->sysInfo, _OVER) + SDB_SET_INT8(pRaw, dataPos, pUser->enable, _OVER) + SDB_SET_INT8(pRaw, dataPos, pUser->reserve, _OVER) SDB_SET_INT32(pRaw, dataPos, pUser->authVersion, _OVER) SDB_SET_INT32(pRaw, dataPos, numOfReadDbs, _OVER) SDB_SET_INT32(pRaw, dataPos, numOfWriteDbs, _OVER) @@ -184,6 +189,9 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { SDB_GET_INT64(pRaw, dataPos, &pUser->createdTime, _OVER) SDB_GET_INT64(pRaw, dataPos, &pUser->updateTime, _OVER) SDB_GET_INT8(pRaw, dataPos, &pUser->superUser, _OVER) + SDB_GET_INT8(pRaw, dataPos, &pUser->sysInfo, _OVER) + SDB_GET_INT8(pRaw, dataPos, &pUser->enable, _OVER) + SDB_GET_INT8(pRaw, dataPos, &pUser->reserve, _OVER) SDB_GET_INT32(pRaw, dataPos, &pUser->authVersion, _OVER) int32_t numOfReadDbs = 0; @@ -256,6 +264,8 @@ static int32_t mndUserActionUpdate(SSdb *pSdb, SUserObj *pOld, SUserObj *pNew) { taosWLockLatch(&pOld->lock); pOld->updateTime = pNew->updateTime; pOld->authVersion = pNew->authVersion; + pOld->sysInfo = pNew->sysInfo; + pOld->enable = pNew->enable; memcpy(pOld->pass, pNew->pass, TSDB_PASSWORD_LEN); TSWAP(pOld->readDbs, pNew->readDbs); TSWAP(pOld->writeDbs, pNew->writeDbs); @@ -286,6 +296,8 @@ static int32_t mndCreateUser(SMnode *pMnode, char *acct, SCreateUserReq *pCreate userObj.createdTime = taosGetTimestampMs(); userObj.updateTime = userObj.createdTime; userObj.superUser = pCreate->superUser; + userObj.sysInfo = pCreate->sysInfo; + userObj.enable = pCreate->enable; STrans *pTrans = mndTransCreate(pMnode, TRN_POLICY_ROLLBACK, TRN_CONFLICT_NOTHING, pReq); if (pTrans == NULL) { @@ -481,6 +493,14 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { newUser.superUser = alterReq.superUser; } + if (alterReq.alterType == TSDB_ALTER_USER_ENABLE) { + newUser.enable = alterReq.enable; + } + + if (alterReq.alterType == TSDB_ALTER_USER_SYSINFO) { + newUser.sysInfo = alterReq.sysInfo; + } + if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_DB || alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB) { if (strcmp(alterReq.dbname, "1.*") != 0) { int32_t len = strlen(alterReq.dbname) + 1; @@ -740,19 +760,21 @@ static int32_t mndRetrieveUsers(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock *pBl cols = 0; SColumnInfoData *pColInfo = taosArrayGet(pBlock->pDataBlock, cols); - - char name[TSDB_USER_LEN + VARSTR_HEADER_SIZE] = {0}; + char name[TSDB_USER_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(name, pUser->user, pShow->pMeta->pSchemas[cols].bytes); - colDataAppend(pColInfo, numOfRows, (const char *)name, false); cols++; pColInfo = taosArrayGet(pBlock->pDataBlock, cols); + colDataAppend(pColInfo, numOfRows, (const char *)&pUser->superUser, false); - const char *src = pUser->superUser ? "super" : "normal"; - char b[10 + VARSTR_HEADER_SIZE] = {0}; - STR_WITH_SIZE_TO_VARSTR(b, src, strlen(src)); - colDataAppend(pColInfo, numOfRows, (const char *)b, false); + cols++; + pColInfo = taosArrayGet(pBlock->pDataBlock, cols); + colDataAppend(pColInfo, numOfRows, (const char *)&pUser->enable, false); + + cols++; + pColInfo = taosArrayGet(pBlock->pDataBlock, cols); + colDataAppend(pColInfo, numOfRows, (const char *)&pUser->sysInfo, false); cols++; pColInfo = taosArrayGet(pBlock->pDataBlock, cols); diff --git a/source/libs/parser/src/parTranslater.c b/source/libs/parser/src/parTranslater.c index 52abeadac9..389a96dfb7 100644 --- a/source/libs/parser/src/parTranslater.c +++ b/source/libs/parser/src/parTranslater.c @@ -3253,6 +3253,8 @@ static int32_t translateCreateUser(STranslateContext* pCxt, SCreateUserStmt* pSt strcpy(createReq.user, pStmt->useName); createReq.createType = 0; createReq.superUser = 0; + createReq.sysInfo = 1; + createReq.enable = 1; strcpy(createReq.pass, pStmt->password); return buildCmdMsg(pCxt, TDMT_MND_CREATE_USER, (FSerializeFunc)tSerializeSCreateUserReq, &createReq);