diff --git a/include/common/tmsg.h b/include/common/tmsg.h index 38ab2910e5..e43931b4bb 100644 --- a/include/common/tmsg.h +++ b/include/common/tmsg.h @@ -173,26 +173,10 @@ typedef enum _mgmt_table { #define TSDB_ALTER_USER_SUPERUSER 0x2 #define TSDB_ALTER_USER_ENABLE 0x3 #define TSDB_ALTER_USER_SYSINFO 0x4 -#define TSDB_ALTER_USER_PRIVILEGES 0x5 -#define TSDB_ALTER_USER_ADD_WHITE_LIST 0x6 -#define TSDB_ALTER_USER_DROP_WHITE_LIST 0x7 - -#define ALTER_USER_PRIVILEGE_ADD_READ_DB(_type, _priv) (_type) == TSDB_ALTER_USER_PRIVILEGES && (_priv) -#define TSDB_ALTER_USER_ADD_READ_DB 0x3 -#define TSDB_ALTER_USER_REMOVE_READ_DB 0x4 -#define TSDB_ALTER_USER_ADD_WRITE_DB 0x5 -#define TSDB_ALTER_USER_REMOVE_WRITE_DB 0x6 -#define TSDB_ALTER_USER_ADD_ALL_DB 0x7 -#define TSDB_ALTER_USER_REMOVE_ALL_DB 0x8 -#define TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC 0xB -#define TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC 0xC -#define TSDB_ALTER_USER_ADD_READ_TABLE 0xD -#define TSDB_ALTER_USER_REMOVE_READ_TABLE 0xE -#define TSDB_ALTER_USER_ADD_WRITE_TABLE 0xF -#define TSDB_ALTER_USER_REMOVE_WRITE_TABLE 0x10 -#define TSDB_ALTER_USER_ADD_ALL_TABLE 0x11 -#define TSDB_ALTER_USER_REMOVE_ALL_TABLE 0x12 - +#define TSDB_ALTER_USER_ADD_PRIVILEGES 0x5 +#define TSDB_ALTER_USER_DEL_PRIVILEGES 0x6 +#define TSDB_ALTER_USER_ADD_WHITE_LIST 0x7 +#define TSDB_ALTER_USER_DROP_WHITE_LIST 0x8 #define TSDB_KILL_MSG_LEN 30 @@ -990,6 +974,7 @@ typedef struct { SHashObj* writeDbs; SHashObj* readTbs; SHashObj* writeTbs; + SHashObj* alterTbs; SHashObj* useDbs; int64_t whiteListVer; } SGetUserAuthRsp; diff --git a/include/libs/catalog/catalog.h b/include/libs/catalog/catalog.h index e018ac0efd..418b6ee7dd 100644 --- a/include/libs/catalog/catalog.h +++ b/include/libs/catalog/catalog.h @@ -45,6 +45,7 @@ enum { typedef enum { AUTH_TYPE_READ = 1, AUTH_TYPE_WRITE, + AUTH_TYPE_ALTER, AUTH_TYPE_OTHER, AUTH_TYPE_READ_OR_WRITE, } AUTH_TYPE; @@ -374,6 +375,8 @@ int32_t catalogUpdateViewMeta(SCatalog* pCtg, SViewMetaRsp* pMsg); int32_t catalogAsyncUpdateViewMeta(SCatalog* pCtg, SViewMetaRsp* pMsg); +int32_t catalogGetViewMeta(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pViewName, STableMeta** pTableMeta); + int32_t ctgdEnableDebug(char* option, bool enable); int32_t ctgdHandleDbgCommand(char* command); diff --git a/include/libs/nodes/cmdnodes.h b/include/libs/nodes/cmdnodes.h index 2f19742e41..e903462a4d 100644 --- a/include/libs/nodes/cmdnodes.h +++ b/include/libs/nodes/cmdnodes.h @@ -503,10 +503,6 @@ typedef struct SDropFunctionStmt { bool ignoreNotExists; } SDropFunctionStmt; -typedef struct SQueryResInfo { - -} SQueryResInfo; - typedef struct SCreateViewStmt { ENodeType type; char dbName[TSDB_DB_NAME_LEN]; diff --git a/source/common/src/tmsg.c b/source/common/src/tmsg.c index 3ad3c52e88..c7804ffc4c 100644 --- a/source/common/src/tmsg.c +++ b/source/common/src/tmsg.c @@ -1804,10 +1804,12 @@ int32_t tSerializeSGetUserAuthRspImpl(SEncoder *pEncoder, SGetUserAuthRsp *pRsp) int32_t numOfReadTbs = taosHashGetSize(pRsp->readTbs); int32_t numOfWriteTbs = taosHashGetSize(pRsp->writeTbs); - int32_t numOfUseTbs = taosHashGetSize(pRsp->useDbs); + int32_t numOfAlterTbs = taosHashGetSize(pRsp->alterTbs); + int32_t numOfUseDbs = taosHashGetSize(pRsp->useDbs); if (tEncodeI32(pEncoder, numOfReadTbs) < 0) return -1; if (tEncodeI32(pEncoder, numOfWriteTbs) < 0) return -1; - if (tEncodeI32(pEncoder, numOfUseTbs) < 0) return -1; + if (tEncodeI32(pEncoder, numOfAlterTbs) < 0) return -1; + if (tEncodeI32(pEncoder, numOfUseDbs) < 0) return -1; char *tb = taosHashIterate(pRsp->readTbs, NULL); while (tb != NULL) { @@ -1839,6 +1841,21 @@ int32_t tSerializeSGetUserAuthRspImpl(SEncoder *pEncoder, SGetUserAuthRsp *pRsp) tb = taosHashIterate(pRsp->writeTbs, tb); } + tb = taosHashIterate(pRsp->alterTbs, NULL); + while (tb != NULL) { + size_t keyLen = 0; + void *key = taosHashGetKey(tb, &keyLen); + if (tEncodeI32(pEncoder, keyLen) < 0) return -1; + if (tEncodeCStr(pEncoder, key) < 0) return -1; + + size_t valueLen = 0; + valueLen = strlen(tb); + if (tEncodeI32(pEncoder, valueLen) < 0) return -1; + if (tEncodeCStr(pEncoder, tb) < 0) return -1; + + tb = taosHashIterate(pRsp->alterTbs, tb); + } + int32_t *useDb = taosHashIterate(pRsp->useDbs, NULL); while (useDb != NULL) { size_t keyLen = 0; @@ -1878,9 +1895,10 @@ int32_t tDeserializeSGetUserAuthRspImpl(SDecoder *pDecoder, SGetUserAuthRsp *pRs pRsp->writeDbs = taosHashInit(4, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pRsp->readTbs = taosHashInit(4, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pRsp->writeTbs = taosHashInit(4, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + pRsp->alterTbs = taosHashInit(4, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pRsp->useDbs = taosHashInit(4, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); if (pRsp->createdDbs == NULL || pRsp->readDbs == NULL || pRsp->writeDbs == NULL || pRsp->readTbs == NULL || - pRsp->writeTbs == NULL || pRsp->useDbs == NULL) { + pRsp->writeTbs == NULL || pRsp->alterTbs == NULL || pRsp->useDbs == NULL) { goto _err; } @@ -1922,9 +1940,11 @@ int32_t tDeserializeSGetUserAuthRspImpl(SDecoder *pDecoder, SGetUserAuthRsp *pRs if (!tDecodeIsEnd(pDecoder)) { int32_t numOfReadTbs = 0; int32_t numOfWriteTbs = 0; + int32_t numOfAlterTbs = 0; int32_t numOfUseDbs = 0; if (tDecodeI32(pDecoder, &numOfReadTbs) < 0) goto _err; if (tDecodeI32(pDecoder, &numOfWriteTbs) < 0) goto _err; + if (tDecodeI32(pDecoder, &numOfAlterTbs) < 0) goto _err; if (tDecodeI32(pDecoder, &numOfUseDbs) < 0) goto _err; for (int32_t i = 0; i < numOfReadTbs; ++i) { @@ -1965,6 +1985,25 @@ int32_t tDeserializeSGetUserAuthRspImpl(SDecoder *pDecoder, SGetUserAuthRsp *pRs taosMemoryFreeClear(value); } + for (int32_t i = 0; i < numOfAlterTbs; ++i) { + int32_t keyLen = 0; + if (tDecodeI32(pDecoder, &keyLen) < 0) goto _err; + + key = taosMemoryCalloc(keyLen + 1, sizeof(char)); + if (tDecodeCStrTo(pDecoder, key) < 0) goto _err; + + int32_t valuelen = 0; + if (tDecodeI32(pDecoder, &valuelen) < 0) goto _err; + + value = taosMemoryCalloc(valuelen + 1, sizeof(char)); + if (tDecodeCStrTo(pDecoder, value) < 0) goto _err; + + taosHashPut(pRsp->alterTbs, key, strlen(key), value, valuelen + 1); + + taosMemoryFreeClear(key); + taosMemoryFreeClear(value); + } + for (int32_t i = 0; i < numOfUseDbs; ++i) { int32_t keyLen = 0; if (tDecodeI32(pDecoder, &keyLen) < 0) goto _err; @@ -2024,6 +2063,7 @@ void tFreeSGetUserAuthRsp(SGetUserAuthRsp *pRsp) { taosHashCleanup(pRsp->writeDbs); taosHashCleanup(pRsp->writeTbs); taosHashCleanup(pRsp->readTbs); + taosHashCleanup(pRsp->alterTbs); taosHashCleanup(pRsp->useDbs); } diff --git a/source/dnode/mnode/impl/inc/mndDef.h b/source/dnode/mnode/impl/inc/mndDef.h index 04e7ba26ed..a3fdc3a757 100644 --- a/source/dnode/mnode/impl/inc/mndDef.h +++ b/source/dnode/mnode/impl/inc/mndDef.h @@ -297,6 +297,10 @@ typedef struct { SHashObj* topics; SHashObj* readTbs; SHashObj* writeTbs; + SHashObj* alterTbs; + SHashObj* readViews; + SHashObj* writeViews; + SHashObj* alterViews; SHashObj* useDbs; SRWLatch lock; } SUserObj; @@ -737,6 +741,7 @@ typedef struct { char fullname[TSDB_VIEW_FNAME_LEN]; char name[TSDB_VIEW_NAME_LEN]; char dbFName[TSDB_DB_FNAME_LEN]; + char user[TSDB_USER_LEN]; char* querySql; char* parameters; void** defaultValues; diff --git a/source/dnode/mnode/impl/inc/mndUser.h b/source/dnode/mnode/impl/inc/mndUser.h index c01741b350..907ec86623 100644 --- a/source/dnode/mnode/impl/inc/mndUser.h +++ b/source/dnode/mnode/impl/inc/mndUser.h @@ -41,6 +41,7 @@ int32_t mndValidateUserAuthInfo(SMnode *pMnode, SUserAuthVersion *pUsers, int3 int32_t *pRspLen); int32_t mndUserRemoveDb(SMnode *pMnode, STrans *pTrans, char *db); int32_t mndUserRemoveStb(SMnode *pMnode, STrans *pTrans, char *stb); +int32_t mndUserRemoveView(SMnode *pMnode, STrans *pTrans, char *view); int32_t mndUserRemoveTopic(SMnode *pMnode, STrans *pTrans, char *topic); int32_t mndUserDupObj(SUserObj *pUser, SUserObj *pNew); diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c index 2789f5a9d4..5077820148 100644 --- a/source/dnode/mnode/impl/src/mndUser.c +++ b/source/dnode/mnode/impl/src/mndUser.c @@ -28,9 +28,53 @@ // clang-format on -#define USER_VER_NUMBER 5 +#define USER_VER_NUMBER 6 #define USER_RESERVE_SIZE 64 +#define BIT_FLAG_MASK(n) (1 << n) +#define BIT_FLAG_SET_MASK(val, mask) ((val) |= (mask)) +#define BIT_FLAG_TEST_MASK(val, mask) (((val) & (mask)) != 0) + +#define PRIVILEGE_TYPE_ALL BIT_FLAG_MASK(0) +#define PRIVILEGE_TYPE_READ BIT_FLAG_MASK(1) +#define PRIVILEGE_TYPE_WRITE BIT_FLAG_MASK(2) +#define PRIVILEGE_TYPE_SUBSCRIBE BIT_FLAG_MASK(3) +#define PRIVILEGE_TYPE_ALTER BIT_FLAG_MASK(4) + +#define ALTER_USER_ADD_PRIVS(_type) ((_type) == TSDB_ALTER_USER_ADD_PRIVILEGES) +#define ALTER_USER_DEL_PRIVS(_type) ((_type) == TSDB_ALTER_USER_DEL_PRIVILEGES) + +#define ALTER_USER_ALL_PRIV(_priv) (BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALL)) +#define ALTER_USER_READ_PRIV(_priv) (BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_READ) || BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALL)) +#define ALTER_USER_WRITE_PRIV(_priv) (BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_WRITE) || BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALL)) +#define ALTER_USER_ALTER_PRIV(_priv) (BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALTER) || BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALL)) +#define ALTER_USER_SUBSCRIBE_PRIV(_priv) (BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_SUBSCRIBE) || BIT_FLAG_TEST_MASK((_priv), PRIVILEGE_TYPE_ALL)) + +#define ALTER_USER_TARGET_DB(_tbname) (0 == (_tbname)[0]) +#define ALTER_USER_TARGET_TB(_tbname) (0 != (_tbname)[0]) + +#define ALTER_USER_ADD_READ_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_READ_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_DEL_READ_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_READ_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_ADD_WRITE_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_WRITE_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_DEL_WRITE_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_WRITE_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_ADD_ALTER_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_ALTER_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_DEL_ALTER_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_ALTER_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_ADD_ALL_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_ALL_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) +#define ALTER_USER_DEL_ALL_DB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_ALL_PRIV(_priv) && ALTER_USER_TARGET_DB(_tbname)) + +#define ALTER_USER_ADD_READ_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_READ_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_DEL_READ_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_READ_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_ADD_WRITE_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_WRITE_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_DEL_WRITE_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_WRITE_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_ADD_ALTER_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_ALTER_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_DEL_ALTER_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_ALTER_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_ADD_ALL_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_ALL_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) +#define ALTER_USER_DEL_ALL_TB_PRIV(_type, _priv, _tbname) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_ALL_PRIV(_priv) && ALTER_USER_TARGET_TB(_tbname)) + +#define ALTER_USER_ADD_SUBSCRIBE_TOPIC_PRIV(_type, _priv) (ALTER_USER_ADD_PRIVS(_type) && ALTER_USER_SUBSCRIBE_PRIV(_priv)) +#define ALTER_USER_DEL_SUBSCRIBE_TOPIC_PRIV(_type, _priv) (ALTER_USER_DEL_PRIVS(_type) && ALTER_USER_SUBSCRIBE_PRIV(_priv)) + + static SIpWhiteList *createDefaultIpWhiteList(); SIpWhiteList *createIpWhiteList(void *buf, int32_t len); static bool updateIpWhiteList(SIpWhiteList *pOld, SIpWhiteList *pNew); @@ -656,8 +700,9 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { pUser->pIpWhiteList ? (sizeof(SIpV4Range) * pUser->pIpWhiteList->num + sizeof(SIpWhiteList) + 4) : 16; int32_t numOfReadDbs = taosHashGetSize(pUser->readDbs); int32_t numOfWriteDbs = taosHashGetSize(pUser->writeDbs); - int32_t numOfReadStbs = taosHashGetSize(pUser->readTbs); - int32_t numOfWriteStbs = taosHashGetSize(pUser->writeTbs); + int32_t numOfReadTbs = taosHashGetSize(pUser->readTbs); + int32_t numOfWriteTbs = taosHashGetSize(pUser->writeTbs); + int32_t numOfAlterTbs = taosHashGetSize(pUser->alterTbs); int32_t numOfTopics = taosHashGetSize(pUser->topics); int32_t numOfUseDbs = taosHashGetSize(pUser->useDbs); int32_t size = sizeof(SUserObj) + USER_RESERVE_SIZE + @@ -692,6 +737,20 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { stb = taosHashIterate(pUser->writeTbs, stb); } + stb = taosHashIterate(pUser->alterTbs, NULL); + while (stb != NULL) { + size_t keyLen = 0; + void *key = taosHashGetKey(stb, &keyLen); + size += sizeof(int32_t); + size += keyLen; + + size_t valueLen = 0; + valueLen = strlen(stb); + size += sizeof(int32_t); + size += valueLen; + stb = taosHashIterate(pUser->alterTbs, stb); + } + SSdbRaw *pRaw = sdbAllocRaw(SDB_USER, USER_VER_NUMBER, size); if (pRaw == NULL) goto _OVER; @@ -729,8 +788,9 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { topic = taosHashIterate(pUser->topics, topic); } - SDB_SET_INT32(pRaw, dataPos, numOfReadStbs, _OVER) - SDB_SET_INT32(pRaw, dataPos, numOfWriteStbs, _OVER) + SDB_SET_INT32(pRaw, dataPos, numOfReadTbs, _OVER) + SDB_SET_INT32(pRaw, dataPos, numOfWriteTbs, _OVER) + SDB_SET_INT32(pRaw, dataPos, numOfAlterTbs, _OVER) SDB_SET_INT32(pRaw, dataPos, numOfUseDbs, _OVER) stb = taosHashIterate(pUser->readTbs, NULL); @@ -761,6 +821,20 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { stb = taosHashIterate(pUser->writeTbs, stb); } + stb = taosHashIterate(pUser->alterTbs, NULL); + while (stb != NULL) { + size_t keyLen = 0; + void *key = taosHashGetKey(stb, &keyLen); + SDB_SET_INT32(pRaw, dataPos, keyLen, _OVER) + SDB_SET_BINARY(pRaw, dataPos, key, keyLen, _OVER); + + size_t valueLen = 0; + valueLen = strlen(stb) + 1; + SDB_SET_INT32(pRaw, dataPos, valueLen, _OVER) + SDB_SET_BINARY(pRaw, dataPos, stb, valueLen, _OVER); + stb = taosHashIterate(pUser->alterTbs, stb); + } + int32_t *useDb = taosHashIterate(pUser->useDbs, NULL); while (useDb != NULL) { size_t keyLen = 0; @@ -873,20 +947,27 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { } if (sver >= 3) { - int32_t numOfReadStbs = 0; - int32_t numOfWriteStbs = 0; + int32_t numOfReadTbs = 0; + int32_t numOfWriteTbs = 0; + int32_t numOfAlterTbs = 0; int32_t numOfUseDbs = 0; - SDB_GET_INT32(pRaw, dataPos, &numOfReadStbs, _OVER) - SDB_GET_INT32(pRaw, dataPos, &numOfWriteStbs, _OVER) + SDB_GET_INT32(pRaw, dataPos, &numOfReadTbs, _OVER) + SDB_GET_INT32(pRaw, dataPos, &numOfWriteTbs, _OVER) + if (sver >= 6) { + SDB_GET_INT32(pRaw, dataPos, &numOfAlterTbs, _OVER) + } SDB_GET_INT32(pRaw, dataPos, &numOfUseDbs, _OVER) pUser->readTbs = - taosHashInit(numOfReadStbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + taosHashInit(numOfReadTbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pUser->writeTbs = - taosHashInit(numOfWriteStbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + taosHashInit(numOfWriteTbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + pUser->alterTbs = + taosHashInit(numOfAlterTbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + pUser->useDbs = taosHashInit(numOfUseDbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); - for (int32_t i = 0; i < numOfReadStbs; ++i) { + for (int32_t i = 0; i < numOfReadTbs; ++i) { int32_t keyLen = 0; SDB_GET_INT32(pRaw, dataPos, &keyLen, _OVER); @@ -906,7 +987,7 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { taosMemoryFree(value); } - for (int32_t i = 0; i < numOfWriteStbs; ++i) { + for (int32_t i = 0; i < numOfWriteTbs; ++i) { int32_t keyLen = 0; SDB_GET_INT32(pRaw, dataPos, &keyLen, _OVER); @@ -926,6 +1007,28 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { taosMemoryFree(value); } + if (sver >= 6) { + for (int32_t i = 0; i < numOfAlterTbs; ++i) { + int32_t keyLen = 0; + SDB_GET_INT32(pRaw, dataPos, &keyLen, _OVER); + + char *key = taosMemoryCalloc(keyLen, sizeof(char)); + memset(key, 0, keyLen); + SDB_GET_BINARY(pRaw, dataPos, key, keyLen, _OVER); + + int32_t valuelen = 0; + SDB_GET_INT32(pRaw, dataPos, &valuelen, _OVER); + char *value = taosMemoryCalloc(valuelen, sizeof(char)); + memset(value, 0, valuelen); + SDB_GET_BINARY(pRaw, dataPos, value, valuelen, _OVER) + + taosHashPut(pUser->alterTbs, key, keyLen, value, valuelen); + + taosMemoryFree(key); + taosMemoryFree(value); + } + } + for (int32_t i = 0; i < numOfUseDbs; ++i) { int32_t keyLen = 0; SDB_GET_INT32(pRaw, dataPos, &keyLen, _OVER); @@ -975,6 +1078,7 @@ _OVER: taosHashCleanup(pUser->topics); taosHashCleanup(pUser->readTbs); taosHashCleanup(pUser->writeTbs); + taosHashCleanup(pUser->alterTbs); taosHashCleanup(pUser->useDbs); taosMemoryFreeClear(pUser->pIpWhiteList); } @@ -1062,6 +1166,7 @@ int32_t mndUserDupObj(SUserObj *pUser, SUserObj *pNew) { pNew->writeDbs = mndDupDbHash(pUser->writeDbs); pNew->readTbs = mndDupTableHash(pUser->readTbs); pNew->writeTbs = mndDupTableHash(pUser->writeTbs); + pNew->alterTbs = mndDupTableHash(pUser->alterTbs); pNew->topics = mndDupTopicHash(pUser->topics); pNew->useDbs = mndDupUseDbHash(pUser->useDbs); pNew->pIpWhiteList = cloneIpWhiteList(pUser->pIpWhiteList); @@ -1080,6 +1185,7 @@ void mndUserFreeObj(SUserObj *pUser) { taosHashCleanup(pUser->topics); taosHashCleanup(pUser->readTbs); taosHashCleanup(pUser->writeTbs); + taosHashCleanup(pUser->alterTbs); taosHashCleanup(pUser->useDbs); taosMemoryFreeClear(pUser->pIpWhiteList); pUser->readDbs = NULL; @@ -1087,6 +1193,7 @@ void mndUserFreeObj(SUserObj *pUser) { pUser->topics = NULL; pUser->readTbs = NULL; pUser->writeTbs = NULL; + pUser->alterTbs = NULL; pUser->useDbs = NULL; } @@ -1110,6 +1217,7 @@ static int32_t mndUserActionUpdate(SSdb *pSdb, SUserObj *pOld, SUserObj *pNew) { TSWAP(pOld->topics, pNew->topics); TSWAP(pOld->readTbs, pNew->readTbs); TSWAP(pOld->writeTbs, pNew->writeTbs); + TSWAP(pOld->alterTbs, pNew->alterTbs); TSWAP(pOld->useDbs, pNew->useDbs); int32_t sz = sizeof(SIpWhiteList) + pNew->pIpWhiteList->num * sizeof(SIpV4Range); @@ -1481,60 +1589,150 @@ static char *mndUserAuditTypeStr(int32_t type) { if (type == TSDB_ALTER_USER_SUPERUSER) { return "changeSuperUser"; } - if (type == TSDB_ALTER_USER_ADD_READ_DB) { - return "addReadToDB"; - } - if (type == TSDB_ALTER_USER_ADD_READ_DB) { - return "addReadToDB"; - } - if (type == TSDB_ALTER_USER_REMOVE_READ_DB) { - return "removeReadFromDB"; - } - if (type == TSDB_ALTER_USER_ADD_WRITE_DB) { - return "addWriteToDB"; - } - if (type == TSDB_ALTER_USER_REMOVE_WRITE_DB) { - return "removeWriteFromDB"; - } - if (type == TSDB_ALTER_USER_ADD_ALL_DB) { - return "addToAllDB"; - } - if (type == TSDB_ALTER_USER_REMOVE_ALL_DB) { - return "removeFromAllDB"; - } if (type == TSDB_ALTER_USER_ENABLE) { return "enableUser"; } if (type == TSDB_ALTER_USER_SYSINFO) { return "userSysInfo"; } - if (type == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC) { - return "addSubscribeTopic"; - } - if (type == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC) { - return "removeSubscribeTopic"; - } - if (type == TSDB_ALTER_USER_ADD_READ_TABLE) { - return "addReadToTable"; - } - if (type == TSDB_ALTER_USER_REMOVE_READ_TABLE) { - return "removeReadFromTable"; - } - if (type == TSDB_ALTER_USER_ADD_WRITE_TABLE) { - return "addWriteToTable"; - } - if (type == TSDB_ALTER_USER_REMOVE_WRITE_TABLE) { - return "removeWriteFromTable"; - } - if (type == TSDB_ALTER_USER_ADD_ALL_TABLE) { - return "addToAllTable"; - } - if (type == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { - return "removeFromAllTable"; - } return "error"; } +static int32_t mndProcessAlterUserPrivilegesReq(SAlterUserReq *pAlterReq, SMnode *pMnode, SUserObj* pNewUser) { + SSdb *pSdb = pMnode->pSdb; + void *pIter = NULL; + + if (ALTER_USER_ADD_READ_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || + ALTER_USER_ADD_ALL_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (strcmp(pAlterReq->objname, "1.*") != 0) { + int32_t len = strlen(pAlterReq->objname) + 1; + SDbObj *pDb = mndAcquireDb(pMnode, pAlterReq->objname); + if (pDb == NULL) { + mndReleaseDb(pMnode, pDb); + return -1; + } + if (taosHashPut(pNewUser->readDbs, pAlterReq->objname, len, pAlterReq->objname, TSDB_DB_FNAME_LEN) != 0) { + mndReleaseDb(pMnode, pDb); + return -1; + } + mndReleaseDb(pMnode, pDb); + } else { + while (1) { + SDbObj *pDb = NULL; + pIter = sdbFetch(pSdb, SDB_DB, pIter, (void **)&pDb); + if (pIter == NULL) break; + int32_t len = strlen(pDb->name) + 1; + taosHashPut(pNewUser->readDbs, pDb->name, len, pDb->name, TSDB_DB_FNAME_LEN); + sdbRelease(pSdb, pDb); + } + } + } + + if (ALTER_USER_ADD_WRITE_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_ADD_ALL_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (strcmp(pAlterReq->objname, "1.*") != 0) { + int32_t len = strlen(pAlterReq->objname) + 1; + SDbObj *pDb = mndAcquireDb(pMnode, pAlterReq->objname); + if (pDb == NULL) { + mndReleaseDb(pMnode, pDb); + return -1; + } + if (taosHashPut(pNewUser->writeDbs, pAlterReq->objname, len, pAlterReq->objname, TSDB_DB_FNAME_LEN) != 0) { + mndReleaseDb(pMnode, pDb); + return -1; + } + mndReleaseDb(pMnode, pDb); + } else { + while (1) { + SDbObj *pDb = NULL; + pIter = sdbFetch(pSdb, SDB_DB, pIter, (void **)&pDb); + if (pIter == NULL) break; + int32_t len = strlen(pDb->name) + 1; + taosHashPut(pNewUser->writeDbs, pDb->name, len, pDb->name, TSDB_DB_FNAME_LEN); + sdbRelease(pSdb, pDb); + } + } + } + + if (ALTER_USER_DEL_READ_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_DEL_ALL_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (strcmp(pAlterReq->objname, "1.*") != 0) { + int32_t len = strlen(pAlterReq->objname) + 1; + SDbObj *pDb = mndAcquireDb(pMnode, pAlterReq->objname); + if (pDb == NULL) { + mndReleaseDb(pMnode, pDb); + return -1; + } + taosHashRemove(pNewUser->readDbs, pAlterReq->objname, len); + mndReleaseDb(pMnode, pDb); + } else { + taosHashClear(pNewUser->readDbs); + } + } + + if (ALTER_USER_DEL_WRITE_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_DEL_ALL_DB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (strcmp(pAlterReq->objname, "1.*") != 0) { + int32_t len = strlen(pAlterReq->objname) + 1; + SDbObj *pDb = mndAcquireDb(pMnode, pAlterReq->objname); + if (pDb == NULL) { + mndReleaseDb(pMnode, pDb); + return -1; + } + taosHashRemove(pNewUser->writeDbs, pAlterReq->objname, len); + mndReleaseDb(pMnode, pDb); + } else { + taosHashClear(pNewUser->writeDbs); + } + } + + if (ALTER_USER_ADD_READ_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_ADD_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndTablePriviledge(pMnode, pNewUser->readTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_ADD_WRITE_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_ADD_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndTablePriviledge(pMnode, pNewUser->writeTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_ADD_ALTER_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || ALTER_USER_ADD_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndTablePriviledge(pMnode, pNewUser->alterTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_DEL_READ_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || + ALTER_USER_DEL_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndRemoveTablePriviledge(pMnode, pNewUser->readTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_DEL_WRITE_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || + ALTER_USER_DEL_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndRemoveTablePriviledge(pMnode, pNewUser->writeTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_DEL_ALTER_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName) || + ALTER_USER_DEL_ALL_TB_PRIV(pAlterReq->alterType, pAlterReq->privileges, pAlterReq->tabName)) { + if (mndRemoveTablePriviledge(pMnode, pNewUser->alterTbs, pNewUser->useDbs, pAlterReq, pSdb) != 0) return -1; + } + + if (ALTER_USER_ADD_SUBSCRIBE_TOPIC_PRIV(pAlterReq->alterType, pAlterReq->privileges)) { + int32_t len = strlen(pAlterReq->objname) + 1; + SMqTopicObj *pTopic = mndAcquireTopic(pMnode, pAlterReq->objname); + if (pTopic == NULL) { + mndReleaseTopic(pMnode, pTopic); + return -1; + } + taosHashPut(pNewUser->topics, pTopic->name, len, pTopic->name, TSDB_TOPIC_FNAME_LEN); + } + + if (ALTER_USER_DEL_SUBSCRIBE_TOPIC_PRIV(pAlterReq->alterType, pAlterReq->privileges)) { + int32_t len = strlen(pAlterReq->objname) + 1; + SMqTopicObj *pTopic = mndAcquireTopic(pMnode, pAlterReq->objname); + if (pTopic == NULL) { + mndReleaseTopic(pMnode, pTopic); + return -1; + } + taosHashRemove(pNewUser->topics, pAlterReq->objname, len); + } + + return TSDB_CODE_SUCCESS; +} + static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { SMnode *pMnode = pReq->info.node; SSdb *pSdb = pMnode->pSdb; @@ -1602,122 +1800,8 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { newUser.sysInfo = alterReq.sysInfo; } - if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_DB || alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB) { - if (strcmp(alterReq.objname, "1.*") != 0) { - int32_t len = strlen(alterReq.objname) + 1; - SDbObj *pDb = mndAcquireDb(pMnode, alterReq.objname); - if (pDb == NULL) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - if (taosHashPut(newUser.readDbs, alterReq.objname, len, alterReq.objname, TSDB_DB_FNAME_LEN) != 0) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - mndReleaseDb(pMnode, pDb); - } else { - while (1) { - SDbObj *pDb = NULL; - pIter = sdbFetch(pSdb, SDB_DB, pIter, (void **)&pDb); - if (pIter == NULL) break; - int32_t len = strlen(pDb->name) + 1; - taosHashPut(newUser.readDbs, pDb->name, len, pDb->name, TSDB_DB_FNAME_LEN); - sdbRelease(pSdb, pDb); - } - } - } - - if (alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_DB || alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB) { - if (strcmp(alterReq.objname, "1.*") != 0) { - int32_t len = strlen(alterReq.objname) + 1; - SDbObj *pDb = mndAcquireDb(pMnode, alterReq.objname); - if (pDb == NULL) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - if (taosHashPut(newUser.writeDbs, alterReq.objname, len, alterReq.objname, TSDB_DB_FNAME_LEN) != 0) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - mndReleaseDb(pMnode, pDb); - } else { - while (1) { - SDbObj *pDb = NULL; - pIter = sdbFetch(pSdb, SDB_DB, pIter, (void **)&pDb); - if (pIter == NULL) break; - int32_t len = strlen(pDb->name) + 1; - taosHashPut(newUser.writeDbs, pDb->name, len, pDb->name, TSDB_DB_FNAME_LEN); - sdbRelease(pSdb, pDb); - } - } - } - - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_DB || alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_DB) { - if (strcmp(alterReq.objname, "1.*") != 0) { - int32_t len = strlen(alterReq.objname) + 1; - SDbObj *pDb = mndAcquireDb(pMnode, alterReq.objname); - if (pDb == NULL) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - taosHashRemove(newUser.readDbs, alterReq.objname, len); - mndReleaseDb(pMnode, pDb); - } else { - taosHashClear(newUser.readDbs); - } - } - - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_DB || alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_DB) { - if (strcmp(alterReq.objname, "1.*") != 0) { - int32_t len = strlen(alterReq.objname) + 1; - SDbObj *pDb = mndAcquireDb(pMnode, alterReq.objname); - if (pDb == NULL) { - mndReleaseDb(pMnode, pDb); - goto _OVER; - } - taosHashRemove(newUser.writeDbs, alterReq.objname, len); - mndReleaseDb(pMnode, pDb); - } else { - taosHashClear(newUser.writeDbs); - } - } - - if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TABLE || alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_TABLE) { - if (mndTablePriviledge(pMnode, newUser.readTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; - } - - if (alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TABLE || alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_TABLE) { - if (mndTablePriviledge(pMnode, newUser.writeTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; - } - - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TABLE || - alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { - if (mndRemoveTablePriviledge(pMnode, newUser.readTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; - } - - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TABLE || - alterReq.alterType == TSDB_ALTER_USER_REMOVE_ALL_TABLE) { - if (mndRemoveTablePriviledge(pMnode, newUser.writeTbs, newUser.useDbs, &alterReq, pSdb) != 0) goto _OVER; - } - - if (alterReq.alterType == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC) { - int32_t len = strlen(alterReq.objname) + 1; - SMqTopicObj *pTopic = mndAcquireTopic(pMnode, alterReq.objname); - if (pTopic == NULL) { - mndReleaseTopic(pMnode, pTopic); - goto _OVER; - } - taosHashPut(newUser.topics, pTopic->name, len, pTopic->name, TSDB_TOPIC_FNAME_LEN); - } - - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC) { - int32_t len = strlen(alterReq.objname) + 1; - SMqTopicObj *pTopic = mndAcquireTopic(pMnode, alterReq.objname); - if (pTopic == NULL) { - mndReleaseTopic(pMnode, pTopic); - goto _OVER; - } - taosHashRemove(newUser.topics, alterReq.objname, len); + if (ALTER_USER_ADD_PRIVS(alterReq.alterType) || ALTER_USER_DEL_PRIVS(alterReq.alterType)) { + if (0 != mndProcessAlterUserPrivilegesReq(&alterReq, pMnode, &newUser)) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_ADD_WHITE_LIST) { @@ -1827,12 +1911,12 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { alterReq.alterType == TSDB_ALTER_USER_SYSINFO){ auditRecord(pReq, pMnode->clusterId, "alterUser", alterReq.user, "", alterReq.sql, alterReq.sqlLen); } - else if(alterReq.alterType == TSDB_ALTER_USER_ADD_READ_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_DB|| - alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TABLE|| - alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TABLE|| - alterReq.alterType == TSDB_ALTER_USER_ADD_ALL_TABLE){ + else if(ALTER_USER_ADD_READ_DB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)|| + ALTER_USER_ADD_WRITE_DB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)|| + ALTER_USER_ADD_ALL_DB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)|| + ALTER_USER_ADD_READ_TB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)|| + ALTER_USER_ADD_WRITE_TB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)|| + ALTER_USER_ADD_ALL_TB_PRIV(alterReq.alterType, alterReq.privileges, alterReq.tabName)){ if (strcmp(alterReq.objname, "1.*") != 0){ SName name = {0}; tNameFromString(&name, alterReq.objname, T_NAME_ACCT | T_NAME_DB); @@ -1843,11 +1927,11 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { alterReq.sql, alterReq.sqlLen); } } - else if(alterReq.alterType == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC){ + else if(ALTER_USER_ADD_SUBSCRIBE_TOPIC_PRIV(alterReq.alterType, alterReq.privileges)){ auditRecord(pReq, pMnode->clusterId, "GrantPrivileges", alterReq.user, alterReq.objname, alterReq.sql, alterReq.sqlLen); } - else if(alterReq.alterType == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC){ + else if(ALTER_USER_DEL_SUBSCRIBE_TOPIC_PRIV(alterReq.alterType, alterReq.privileges)){ auditRecord(pReq, pMnode->clusterId, "RevokePrivileges", alterReq.user, alterReq.objname, alterReq.sql, alterReq.sqlLen); } @@ -2155,11 +2239,12 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock int32_t numOfTopics = taosHashGetSize(pUser->topics); int32_t numOfReadTbs = taosHashGetSize(pUser->readTbs); int32_t numOfWriteTbs = taosHashGetSize(pUser->writeTbs); - if (numOfRows + numOfReadDbs + numOfWriteDbs + numOfTopics + numOfReadTbs + numOfWriteTbs >= rows) { + int32_t numOfAlterTbs = taosHashGetSize(pUser->alterTbs); + if (numOfRows + numOfReadDbs + numOfWriteDbs + numOfTopics + numOfReadTbs + numOfWriteTbs + numOfAlterTbs >= rows) { mInfo( "will restore. current num of rows: %d, read dbs %d, write dbs %d, topics %d, read tables %d, write tables " - "%d", - numOfRows, numOfReadDbs, numOfWriteDbs, numOfTopics, numOfReadTbs, numOfWriteTbs); + "%d, alter tables %d", + numOfRows, numOfReadDbs, numOfWriteDbs, numOfTopics, numOfReadTbs, numOfWriteTbs, numOfAlterTbs); pShow->restore = true; sdbRelease(pSdb, pUser); break; @@ -2272,6 +2357,8 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock mndLoopHash(pUser->writeTbs, "write", pBlock, &numOfRows, pUser->user, pShow); + mndLoopHash(pUser->alterTbs, "alter", pBlock, &numOfRows, pUser->user, pShow); + char *topic = taosHashIterate(pUser->topics, NULL); while (topic != NULL) { cols = 0; @@ -2450,9 +2537,11 @@ int32_t mndUserRemoveStb(SMnode *pMnode, STrans *pTrans, char *stb) { bool inRead = (taosHashGet(newUser.readTbs, stb, len) != NULL); bool inWrite = (taosHashGet(newUser.writeTbs, stb, len) != NULL); - if (inRead || inWrite) { + bool inAlter = (taosHashGet(newUser.alterTbs, stb, len) != NULL); + if (inRead || inWrite || inAlter) { (void)taosHashRemove(newUser.readTbs, stb, len); (void)taosHashRemove(newUser.writeTbs, stb, len); + (void)taosHashRemove(newUser.alterTbs, stb, len); SSdbRaw *pCommitRaw = mndUserActionEncode(&newUser); if (pCommitRaw == NULL || mndTransAppendCommitlog(pTrans, pCommitRaw) != 0) { @@ -2472,6 +2561,50 @@ int32_t mndUserRemoveStb(SMnode *pMnode, STrans *pTrans, char *stb) { return code; } +int32_t mndUserRemoveView(SMnode *pMnode, STrans *pTrans, char *view) { + int32_t code = 0; + SSdb *pSdb = pMnode->pSdb; + int32_t len = strlen(view) + 1; + void *pIter = NULL; + SUserObj *pUser = NULL; + SUserObj newUser = {0}; + + while (1) { + pIter = sdbFetch(pSdb, SDB_USER, pIter, (void **)&pUser); + if (pIter == NULL) break; + + code = -1; + if (mndUserDupObj(pUser, &newUser) != 0) { + break; + } + + bool inRead = (taosHashGet(newUser.readViews, view, len) != NULL); + bool inWrite = (taosHashGet(newUser.writeViews, view, len) != NULL); + bool inAlter = (taosHashGet(newUser.alterViews, view, len) != NULL); + if (inRead || inWrite || inAlter) { + (void)taosHashRemove(newUser.readViews, view, len); + (void)taosHashRemove(newUser.writeViews, view, len); + (void)taosHashRemove(newUser.alterViews, view, len); + + SSdbRaw *pCommitRaw = mndUserActionEncode(&newUser); + if (pCommitRaw == NULL || mndTransAppendCommitlog(pTrans, pCommitRaw) != 0) { + break; + } + (void)sdbSetRawStatus(pCommitRaw, SDB_STATUS_READY); + } + + mndUserFreeObj(&newUser); + sdbRelease(pSdb, pUser); + code = 0; + } + + if (pUser != NULL) sdbRelease(pSdb, pUser); + if (pIter != NULL) sdbCancelFetch(pSdb, pIter); + mndUserFreeObj(&newUser); + return code; +} + + int32_t mndUserRemoveTopic(SMnode *pMnode, STrans *pTrans, char *topic) { int32_t code = 0; SSdb *pSdb = pMnode->pSdb; diff --git a/source/dnode/mnode/impl/test/user/user.cpp b/source/dnode/mnode/impl/test/user/user.cpp index eb8b1d18e9..997b14822e 100644 --- a/source/dnode/mnode/impl/test/user/user.cpp +++ b/source/dnode/mnode/impl/test/user/user.cpp @@ -250,7 +250,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_REMOVE_ALL_DB; + alterReq.alterType = TSDB_ALTER_USER_DEL_PRIVILEGES; + alterReq.privileges = PRIVILEGE_TYPE_ALL; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "1.*"); @@ -266,7 +267,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_REMOVE_ALL_DB; + alterReq.alterType = TSDB_ALTER_USER_DEL_PRIVILEGES; + alterReq.privileges = PRIVILEGE_TYPE_ALL; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "1.*"); @@ -282,7 +284,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_ADD_READ_DB; + alterReq.alterType = TSDB_ALTER_USER_ADD_PRIVILEGES; + alterReq.privileges = PRIVILEGE_TYPE_READ; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "d1"); @@ -329,7 +332,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_ADD_READ_DB; + alterReq.alterType = TSDB_ALTER_USER_ADD_PRIVILEGES; + alterReq.privileges = PRIVILEGE_TYPE_READ; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "1.d2"); @@ -345,7 +349,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_ADD_READ_DB; + alterReq.alterType = TSDB_ALTER_USER_ADD_PRIVILEGES; + alterReq.privileges = PRIVILEGE_TYPE_READ; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "1.d2"); @@ -388,7 +393,8 @@ TEST_F(MndTestUser, 03_Alter_User) { { SAlterUserReq alterReq = {0}; - alterReq.alterType = TSDB_ALTER_USER_REMOVE_READ_DB; + alterReq.alterType = TSDB_ALTER_USER_DEL_PRIVILEGES; + alterReq.alterType = PRIVILEGE_TYPE_READ; strcpy(alterReq.user, "u3"); strcpy(alterReq.pass, "1"); strcpy(alterReq.dbname, "1.d2"); diff --git a/source/libs/catalog/src/catalog.c b/source/libs/catalog/src/catalog.c index 2c75438c14..d24b2ad425 100644 --- a/source/libs/catalog/src/catalog.c +++ b/source/libs/catalog/src/catalog.c @@ -1762,6 +1762,11 @@ _return: CTG_API_LEAVE(code); } +int32_t catalogGetViewMeta(SCatalog* pCtg, SRequestConnInfo* pConn, const SName* pViewName, STableMeta** pTableMeta) { + CTG_API_ENTER(); + + CTG_API_LEAVE(TSDB_CODE_OPS_NOT_SUPPORT); +} int32_t catalogClearCache(void) { CTG_API_ENTER_NOLOCK(); diff --git a/source/libs/catalog/src/ctgCache.c b/source/libs/catalog/src/ctgCache.c index 95e0d94bd2..37f05304d4 100644 --- a/source/libs/catalog/src/ctgCache.c +++ b/source/libs/catalog/src/ctgCache.c @@ -2177,6 +2177,7 @@ int32_t ctgOpUpdateUser(SCtgCacheOperation *operation) { taosHashCleanup(pUser->userAuth.writeDbs); taosHashCleanup(pUser->userAuth.readTbs); taosHashCleanup(pUser->userAuth.writeTbs); + taosHashCleanup(pUser->userAuth.alterTbs); taosHashCleanup(pUser->userAuth.useDbs); memcpy(&pUser->userAuth, &msg->userAuth, sizeof(msg->userAuth)); @@ -2186,6 +2187,7 @@ int32_t ctgOpUpdateUser(SCtgCacheOperation *operation) { msg->userAuth.writeDbs = NULL; msg->userAuth.readTbs = NULL; msg->userAuth.writeTbs = NULL; + msg->userAuth.alterTbs = NULL; msg->userAuth.useDbs = NULL; CTG_UNLOCK(CTG_WRITE, &pUser->lock); @@ -2199,6 +2201,7 @@ _return: taosHashCleanup(msg->userAuth.writeDbs); taosHashCleanup(msg->userAuth.readTbs); taosHashCleanup(msg->userAuth.writeTbs); + taosHashCleanup(msg->userAuth.alterTbs); taosHashCleanup(msg->userAuth.useDbs); taosMemoryFreeClear(msg); @@ -2536,6 +2539,7 @@ void ctgFreeCacheOperationData(SCtgCacheOperation *op) { taosHashCleanup(msg->userAuth.writeDbs); taosHashCleanup(msg->userAuth.readTbs); taosHashCleanup(msg->userAuth.writeTbs); + taosHashCleanup(msg->userAuth.alterTbs); taosHashCleanup(msg->userAuth.useDbs); taosMemoryFreeClear(op->data); break; diff --git a/source/libs/catalog/src/ctgUtil.c b/source/libs/catalog/src/ctgUtil.c index f6dc902928..1fa31e0eac 100644 --- a/source/libs/catalog/src/ctgUtil.c +++ b/source/libs/catalog/src/ctgUtil.c @@ -195,6 +195,7 @@ void ctgFreeSCtgUserAuth(SCtgUserAuth* userCache) { taosHashCleanup(userCache->userAuth.writeDbs); taosHashCleanup(userCache->userAuth.readTbs); taosHashCleanup(userCache->userAuth.writeTbs); + taosHashCleanup(userCache->userAuth.alterTbs); taosHashCleanup(userCache->userAuth.useDbs); } @@ -565,6 +566,7 @@ void ctgFreeMsgCtx(SCtgMsgCtx* pCtx) { taosHashCleanup(pOut->writeDbs); taosHashCleanup(pOut->readTbs); taosHashCleanup(pOut->writeTbs); + taosHashCleanup(pOut->alterTbs); taosHashCleanup(pOut->useDbs); taosMemoryFreeClear(pCtx->out); break; @@ -1967,6 +1969,15 @@ uint64_t ctgGetUserCacheSize(SGetUserAuthRsp *pAuth) { p = taosHashIterate(pAuth->writeTbs, p); } + p = taosHashIterate(pAuth->alterTbs, NULL); + while (p != NULL) { + size_t len = 0; + void* key = taosHashGetKey(p, &len); + cacheSize += len + strlen(p); + + p = taosHashIterate(pAuth->alterTbs, p); + } + int32_t *ref = taosHashIterate(pAuth->useDbs, NULL); while (ref != NULL) { size_t len = 0; diff --git a/source/libs/parser/inc/parInt.h b/source/libs/parser/inc/parInt.h index 68cf578572..ab1cb908af 100644 --- a/source/libs/parser/inc/parInt.h +++ b/source/libs/parser/inc/parInt.h @@ -43,7 +43,7 @@ int32_t getMetaDataFromHash(const char* pKey, int32_t len, SHashObj* pHash, void #ifdef TD_ENTERPRISE int32_t translateView(STranslateContext* pCxt, SNode** pTable, SName* pName); -int32_t getViewMeta(STranslateContext* pCxt, SName* pName, SViewMeta** ppViewMeta); +int32_t getViewMetaFromMetaCache(STranslateContext* pCxt, SName* pName, SViewMeta** ppViewMeta); #endif #ifdef __cplusplus } diff --git a/source/libs/parser/src/parAstParser.c b/source/libs/parser/src/parAstParser.c index a7e4525053..235520d29c 100644 --- a/source/libs/parser/src/parAstParser.c +++ b/source/libs/parser/src/parAstParser.c @@ -701,11 +701,15 @@ static int32_t collectMetaKeyFromCreateViewStmt(SCollectMetaKeyCxt* pCxt, SCreat code = reserveUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser, pStmt->dbName, NULL, AUTH_TYPE_WRITE, pCxt->pMetaCache); } + if (TSDB_CODE_SUCCESS == code) { + code = reserveViewUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser, pStmt->dbName, pStmt->viewName, AUTH_TYPE_ALTER, + pCxt->pMetaCache); + } return code; } static int32_t collectMetaKeyFromDropViewStmt(SCollectMetaKeyCxt* pCxt, SDropViewStmt* pStmt) { - int32_t code = reserveViewUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser, pStmt->dbName, pStmt->viewName, AUTH_TYPE_WRITE, + int32_t code = reserveViewUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser, pStmt->dbName, pStmt->viewName, AUTH_TYPE_ALTER, pCxt->pMetaCache); return code; } diff --git a/source/libs/parser/src/parAuthenticator.c b/source/libs/parser/src/parAuthenticator.c index 525ccacc9e..eb885c1c75 100644 --- a/source/libs/parser/src/parAuthenticator.c +++ b/source/libs/parser/src/parAuthenticator.c @@ -77,7 +77,7 @@ static int32_t checkAuth(SAuthCxt* pCxt, const char* pDbName, const char* pTabNa } static int32_t checkViewAuth(SAuthCxt* pCxt, const char* pDbName, const char* pTabName, AUTH_TYPE type, SNode** pCond) { - return checkAuthImpl(pCxt, pDbName, pTabName, type, pCond, true); + return checkAuthImpl(pCxt, pDbName, pTabName, type, NULL, true); } @@ -208,9 +208,11 @@ static int32_t authShowCreateTable(SAuthCxt* pCxt, SShowCreateTableStmt* pStmt) } static int32_t authShowCreateView(SAuthCxt* pCxt, SShowCreateViewStmt* pStmt) { - SNode* pTagCond = NULL; - // todo check tag condition for subtable - return checkViewAuth(pCxt, pStmt->dbName, pStmt->viewName, AUTH_TYPE_READ, &pTagCond); +#ifndef TD_ENTERPRISE + return TSDB_CODE_OPS_NOT_SUPPORT; +#endif + + return TSDB_CODE_SUCCESS; } static int32_t authCreateTable(SAuthCxt* pCxt, SCreateTableStmt* pStmt) { @@ -256,10 +258,26 @@ static int32_t authAlterTable(SAuthCxt* pCxt, SAlterTableStmt* pStmt) { } static int32_t authCreateView(SAuthCxt* pCxt, SCreateViewStmt* pStmt) { - return checkAuth(pCxt, pStmt->dbName, NULL, AUTH_TYPE_WRITE, NULL); +#ifndef TD_ENTERPRISE + return TSDB_CODE_OPS_NOT_SUPPORT; +#endif + int32_t code = checkAuth(pCxt, pStmt->dbName, NULL, AUTH_TYPE_WRITE, NULL); + if (TSDB_CODE_SUCCESS == code) { + code = checkViewAuth(pCxt, pStmt->dbName, pStmt->viewName, AUTH_TYPE_ALTER, NULL); + if (TSDB_CODE_SUCCESS != code) { + if (TSDB_CODE_PAR_TABLE_NOT_EXIST == code) { + return TSDB_CODE_SUCCESS; + } + return code; + } + } + return code; } static int32_t authDropView(SAuthCxt* pCxt, SDropViewStmt* pStmt) { +#ifndef TD_ENTERPRISE + return TSDB_CODE_OPS_NOT_SUPPORT; +#endif return checkViewAuth(pCxt, pStmt->dbName, pStmt->viewName, AUTH_TYPE_WRITE, NULL); } @@ -308,8 +326,8 @@ static int32_t authQuery(SAuthCxt* pCxt, SNode* pStmt) { case QUERY_NODE_SHOW_CREATE_TABLE_STMT: case QUERY_NODE_SHOW_CREATE_STABLE_STMT: return authShowCreateTable(pCxt, (SShowCreateTableStmt*)pStmt); - case QUERY_NODE_SHOW_CREATE_VIEW_STMT: - return authShowCreateView(pCxt, (SShowCreateViewStmt*)pStmt); +// case QUERY_NODE_SHOW_CREATE_VIEW_STMT: +// return authShowCreateView(pCxt, (SShowCreateViewStmt*)pStmt); case QUERY_NODE_CREATE_VIEW_STMT: return authCreateView(pCxt, (SCreateViewStmt*)pStmt); case QUERY_NODE_DROP_VIEW_STMT: diff --git a/source/libs/parser/src/parInsertSql.c b/source/libs/parser/src/parInsertSql.c index 0e007e127e..5046c2ef5c 100644 --- a/source/libs/parser/src/parInsertSql.c +++ b/source/libs/parser/src/parInsertSql.c @@ -1168,7 +1168,14 @@ static int32_t parseUsingTableName(SInsertParseContext* pCxt, SVnodeModifyOpStmt } static int32_t preParseTargetTableName(SInsertParseContext* pCxt, SVnodeModifyOpStmt* pStmt, SToken* pTbName) { - return insCreateSName(&pStmt->targetTableName, pTbName, pCxt->pComCxt->acctId, pCxt->pComCxt->db, &pCxt->msg); + int32_t code = insCreateSName(&pStmt->targetTableName, pTbName, pCxt->pComCxt->acctId, pCxt->pComCxt->db, &pCxt->msg); + if (TSDB_CODE_SUCCESS == code) { + if (IS_SYS_DBNAME(pStmt->targetTableName.dbname)) { + return TSDB_CODE_PAR_SYSTABLE_NOT_ALLOWED; + } + } + + return code; } // input pStmt->pSql: diff --git a/source/libs/parser/src/parTranslater.c b/source/libs/parser/src/parTranslater.c index decb63c47b..e586423c77 100644 --- a/source/libs/parser/src/parTranslater.c +++ b/source/libs/parser/src/parTranslater.c @@ -339,31 +339,67 @@ static int32_t collectUseTable(const SName* pName, SHashObj* pTable) { return taosHashPut(pTable, fullName, strlen(fullName), pName, sizeof(SName)); } -static int32_t getTableMetaImpl(STranslateContext* pCxt, const SName* pName, STableMeta** pMeta, bool couldBeView) { +static int32_t getViewMetaImpl(SParseContext* pParCxt, SParseMetaCache* pMetaCache, const SName* pName, STableMeta** pMeta) { +#ifndef TD_ENTERPRISE + return TSDB_CODE_PAR_TABLE_NOT_EXIST; +#endif + + int32_t code = TSDB_CODE_SUCCESS; + + if (pParCxt->async) { + code = getViewMetaFromCache(pMetaCache, pName, pMeta); + } else { + SRequestConnInfo conn = {.pTrans = pParCxt->pTransporter, + .requestId = pParCxt->requestId, + .requestObjRefId = pParCxt->requestRid, + .mgmtEps = pParCxt->mgmtEpSet}; + code = catalogGetViewMeta(pParCxt->pCatalog, &conn, pName, pMeta); + } + + if (TSDB_CODE_SUCCESS != code && TSDB_CODE_PAR_TABLE_NOT_EXIST != code) { + parserError("0x%" PRIx64 " catalogGetViewMeta error, code:%s, dbName:%s, viewName:%s", pParCxt->requestId, + tstrerror(code), pName->dbname, pName->tname); + } + return code; +} + +static int32_t getTargetMetaImpl(SParseContext* pParCxt, SParseMetaCache* pMetaCache, const SName* pName, STableMeta** pMeta, bool couldBeView) { + int32_t code = TSDB_CODE_SUCCESS; + + if (pParCxt->async) { + code = getTableMetaFromCache(pMetaCache, pName, pMeta); +#ifdef TD_ENTERPRISE + if (TSDB_CODE_PAR_TABLE_NOT_EXIST == code && couldBeView) { + int32_t origCode = code; + code = getViewMetaFromCache(pMetaCache, pName, pMeta); + if (TSDB_CODE_SUCCESS != code) { + code = origCode; + } + } +#endif + } else { + SRequestConnInfo conn = {.pTrans = pParCxt->pTransporter, + .requestId = pParCxt->requestId, + .requestObjRefId = pParCxt->requestRid, + .mgmtEps = pParCxt->mgmtEpSet}; + code = catalogGetTableMeta(pParCxt->pCatalog, &conn, pName, pMeta); + } + + if (TSDB_CODE_SUCCESS != code && TSDB_CODE_PAR_TABLE_NOT_EXIST != code) { + parserError("0x%" PRIx64 " catalogGetTableMeta error, code:%s, dbName:%s, tbName:%s", pParCxt->requestId, + tstrerror(code), pName->dbname, pName->tname); + } + return code; +} + +static int32_t getTargetMeta(STranslateContext* pCxt, const SName* pName, STableMeta** pMeta, bool couldBeView) { SParseContext* pParCxt = pCxt->pParseCxt; int32_t code = collectUseDatabase(pName, pCxt->pDbs); if (TSDB_CODE_SUCCESS == code) { code = collectUseTable(pName, pCxt->pTables); } if (TSDB_CODE_SUCCESS == code) { - if (pParCxt->async) { - code = getTableMetaFromCache(pCxt->pMetaCache, pName, pMeta); -#ifdef TD_ENTERPRISE - if (TSDB_CODE_PAR_TABLE_NOT_EXIST == code && couldBeView) { - int32_t origCode = code; - code = getViewMetaFromCache(pCxt->pMetaCache, pName, pMeta); - if (TSDB_CODE_SUCCESS != code) { - code = origCode; - } - } -#endif - } else { - SRequestConnInfo conn = {.pTrans = pParCxt->pTransporter, - .requestId = pParCxt->requestId, - .requestObjRefId = pParCxt->requestRid, - .mgmtEps = pParCxt->mgmtEpSet}; - code = catalogGetTableMeta(pParCxt->pCatalog, &conn, pName, pMeta); - } + code = getTargetMetaImpl(pParCxt, pCxt->pMetaCache, pName, pMeta, couldBeView); } if (TSDB_CODE_SUCCESS != code && TSDB_CODE_PAR_TABLE_NOT_EXIST != code) { parserError("0x%" PRIx64 " catalogGetTableMeta error, code:%s, dbName:%s, tbName:%s", pCxt->pParseCxt->requestId, @@ -374,7 +410,7 @@ static int32_t getTableMetaImpl(STranslateContext* pCxt, const SName* pName, STa static int32_t getTableMeta(STranslateContext* pCxt, const char* pDbName, const char* pTableName, STableMeta** pMeta) { SName name; - return getTableMetaImpl(pCxt, toName(pCxt->pParseCxt->acctId, pDbName, pTableName, &name), pMeta, false); + return getTargetMeta(pCxt, toName(pCxt->pParseCxt->acctId, pDbName, pTableName, &name), pMeta, false); } static int32_t getTableCfg(STranslateContext* pCxt, const SName* pName, STableCfg** pCfg) { @@ -2777,7 +2813,7 @@ int32_t translateTable(STranslateContext* pCxt, SNode** pTable) { // The SRealTableNode created through ROLLUP already has STableMeta. if (NULL == pRealTable->pMeta) { SName name; - code = getTableMetaImpl( + code = getTargetMeta( pCxt, toName(pCxt->pParseCxt->acctId, pRealTable->table.dbName, pRealTable->table.tableName, &name), &(pRealTable->pMeta), true); if (TSDB_CODE_SUCCESS != code) { @@ -6414,7 +6450,7 @@ static int32_t buildQueryForTableTopic(STranslateContext* pCxt, SCreateTopicStmt .mgmtEps = pParCxt->mgmtEpSet}; SName name; STableMeta* pMeta = NULL; - int32_t code = getTableMetaImpl(pCxt, toName(pParCxt->acctId, pStmt->subDbName, pStmt->subSTbName, &name), &pMeta, false); + int32_t code = getTargetMeta(pCxt, toName(pParCxt->acctId, pStmt->subDbName, pStmt->subSTbName, &name), &pMeta, false); if (code) { taosMemoryFree(pMeta); return code; @@ -6596,7 +6632,7 @@ static int32_t checkCreateStream(STranslateContext* pCxt, SCreateStreamStmt* pSt #ifdef TD_ENTERPRISE SRealTableNode* pRealTable = (SRealTableNode*)((SSelectStmt*)pStmt->pQuery)->pFromTable; SName name; - int32_t code = getTableMetaImpl( + int32_t code = getTargetMeta( pCxt, toName(pCxt->pParseCxt->acctId, pRealTable->table.dbName, pRealTable->table.tableName, &name), &(pRealTable->pMeta), true); if (TSDB_CODE_SUCCESS != code) { @@ -7619,7 +7655,7 @@ static int32_t translateGrantTagCond(STranslateContext* pCxt, SGrantStmt* pStmt, int32_t code = createRealTableForGrantTable(pStmt, &pTable); if (TSDB_CODE_SUCCESS == code) { SName name; - code = getTableMetaImpl(pCxt, toName(pCxt->pParseCxt->acctId, pTable->table.dbName, pTable->table.tableName, &name), + code = getTargetMeta(pCxt, toName(pCxt->pParseCxt->acctId, pTable->table.dbName, pTable->table.tableName, &name), &(pTable->pMeta), false); if (code) { nodesDestroyNode((SNode*)pTable); @@ -7655,7 +7691,7 @@ static int32_t translateGrantTagCond(STranslateContext* pCxt, SGrantStmt* pStmt, static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) { SAlterUserReq req = {0}; - req.alterType = TSDB_ALTER_USER_PRIVILEGES; + req.alterType = TSDB_ALTER_USER_ADD_PRIVILEGES; req.privileges = pStmt->privileges; strcpy(req.user, pStmt->userName); @@ -7671,17 +7707,9 @@ static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) { static int32_t translateRevoke(STranslateContext* pCxt, SRevokeStmt* pStmt) { SAlterUserReq req = {0}; - if (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_ALL) || - (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_READ) && - BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_WRITE))) { - req.alterType = ('\0' == pStmt->tabName[0] ? TSDB_ALTER_USER_REMOVE_ALL_DB : TSDB_ALTER_USER_REMOVE_ALL_TABLE); - } else if (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_READ)) { - req.alterType = ('\0' == pStmt->tabName[0] ? TSDB_ALTER_USER_REMOVE_READ_DB : TSDB_ALTER_USER_REMOVE_READ_TABLE); - } else if (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_WRITE)) { - req.alterType = ('\0' == pStmt->tabName[0] ? TSDB_ALTER_USER_REMOVE_WRITE_DB : TSDB_ALTER_USER_REMOVE_WRITE_TABLE); - } else if (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_SUBSCRIBE)) { - req.alterType = TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC; - } + req.alterType = TSDB_ALTER_USER_DEL_PRIVILEGES; + req.privileges = pStmt->privileges; + strcpy(req.user, pStmt->userName); sprintf(req.objname, "%d.%s", pCxt->pParseCxt->acctId, pStmt->objName); sprintf(req.tabName, "%s", pStmt->tabName); @@ -7793,7 +7821,7 @@ static int32_t translateShowCreateView(STranslateContext* pCxt, SShowCreateViewS #else SName name; toName(pCxt->pParseCxt->acctId, pStmt->dbName, pStmt->viewName, &name); - return getViewMeta(pCxt, &name, (SViewMeta**)&pStmt->pViewMeta); + return getViewMetaFromMetaCache(pCxt, &name, (SViewMeta**)&pStmt->pViewMeta); #endif } @@ -9151,7 +9179,7 @@ static int32_t buildDropTableVgroupHashmap(STranslateContext* pCxt, SDropTableCl SName name; toName(pCxt->pParseCxt->acctId, pClause->dbName, pClause->tableName, &name); STableMeta* pTableMeta = NULL; - int32_t code = getTableMetaImpl(pCxt, &name, &pTableMeta, false); + int32_t code = getTargetMeta(pCxt, &name, &pTableMeta, false); if (TSDB_CODE_SUCCESS == code) { code = collectUseTable(&name, pCxt->pTargetTables); } diff --git a/source/libs/parser/test/parExplainToSyncdbTest.cpp b/source/libs/parser/test/parExplainToSyncdbTest.cpp index 014374af7e..fbb9ce227c 100644 --- a/source/libs/parser/test/parExplainToSyncdbTest.cpp +++ b/source/libs/parser/test/parExplainToSyncdbTest.cpp @@ -36,8 +36,10 @@ TEST_F(ParserExplainToSyncdbTest, grant) { SAlterUserReq expect = {0}; - auto setAlterUserReq = [&](int8_t alterType, const string& user, const string& obj) { + auto setAlterUserReq = [&](int8_t alterType, int64_t privileges, const string& user, const string& obj) { expect.alterType = alterType; + expect.privileges = privileges; + expect.tabName[0] = 0; snprintf(expect.user, sizeof(expect.user), "%s", user.c_str()); snprintf(expect.objname, sizeof(expect.objname), "%s", obj.c_str()); }; @@ -52,19 +54,22 @@ TEST_F(ParserExplainToSyncdbTest, grant) { ASSERT_EQ(string(req.objname), string(expect.objname)); }); - setAlterUserReq(TSDB_ALTER_USER_ADD_ALL_DB, "wxy", "0.*"); + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_ALL, "wxy", "0.*"); run("GRANT ALL ON *.* TO wxy"); - setAlterUserReq(TSDB_ALTER_USER_ADD_READ_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_READ, "wxy", "0.test"); run("GRANT READ ON test.* TO wxy"); - setAlterUserReq(TSDB_ALTER_USER_ADD_WRITE_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_WRITE, "wxy", "0.test"); run("GRANT WRITE ON test.* TO wxy"); - setAlterUserReq(TSDB_ALTER_USER_ADD_ALL_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_ALTER, "wxy", "0.test"); + run("GRANT ALTER ON test.* TO wxy"); + + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_READ | PRIVILEGE_TYPE_WRITE, "wxy", "0.test"); run("GRANT READ, WRITE ON test.* TO wxy"); - setAlterUserReq(TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC, "wxy", "0.tp1"); + setAlterUserReq(TSDB_ALTER_USER_ADD_PRIVILEGES, PRIVILEGE_TYPE_SUBSCRIBE, "wxy", "0.tp1"); run("GRANT SUBSCRIBE ON tp1 TO wxy"); } @@ -251,8 +256,10 @@ TEST_F(ParserExplainToSyncdbTest, revoke) { SAlterUserReq expect = {0}; - auto setAlterUserReq = [&](int8_t alterType, const string& user, const string& obj) { + auto setAlterUserReq = [&](int8_t alterType, int64_t privileges, const string& user, const string& obj) { expect.alterType = alterType; + expect.privileges = privileges; + expect.tabName[0] = 0; snprintf(expect.user, sizeof(expect.user), "%s", user.c_str()); snprintf(expect.objname, sizeof(expect.objname), "%s", obj.c_str()); }; @@ -267,19 +274,22 @@ TEST_F(ParserExplainToSyncdbTest, revoke) { ASSERT_EQ(string(req.objname), string(expect.objname)); }); - setAlterUserReq(TSDB_ALTER_USER_REMOVE_ALL_DB, "wxy", "0.*"); + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_ALL, "wxy", "0.*"); run("REVOKE ALL ON *.* FROM wxy"); - setAlterUserReq(TSDB_ALTER_USER_REMOVE_READ_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_READ, "wxy", "0.test"); run("REVOKE READ ON test.* FROM wxy"); - setAlterUserReq(TSDB_ALTER_USER_REMOVE_WRITE_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_WRITE, "wxy", "0.test"); run("REVOKE WRITE ON test.* FROM wxy"); - setAlterUserReq(TSDB_ALTER_USER_REMOVE_ALL_DB, "wxy", "0.test"); + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_ALTER, "wxy", "0.test"); + run("REVOKE ALTER ON test.* FROM wxy"); + + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_READ|PRIVILEGE_TYPE_WRITE, "wxy", "0.test"); run("REVOKE READ, WRITE ON test.* FROM wxy"); - setAlterUserReq(TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC, "wxy", "0.tp1"); + setAlterUserReq(TSDB_ALTER_USER_DEL_PRIVILEGES, PRIVILEGE_TYPE_SUBSCRIBE, "wxy", "0.tp1"); run("REVOKE SUBSCRIBE ON tp1 FROM wxy"); } diff --git a/tests/script/tsim/view/create_drop_view.sim b/tests/script/tsim/view/create_drop_view.sim index 8d31ae3a40..2d86aed7be 100644 --- a/tests/script/tsim/view/create_drop_view.sim +++ b/tests/script/tsim/view/create_drop_view.sim @@ -32,3 +32,9 @@ sql_error create view view1 as show tables; sql_error create view view1 as desc sta1; sql_error create view view1 as select * from st; sql_error create view view1 as select count(*) from sta1 group by f interval(1s); + +sql use information_schema; +sql create view view1 as select * from ins_tables; +sql drop view view1; +sql create view information_schema.view1 as select * from ins_tags; +sql drop view information_schema.view1; diff --git a/tests/script/tsim/view/query_view.sim b/tests/script/tsim/view/query_view.sim index a7bde5c852..d6a8899656 100644 --- a/tests/script/tsim/view/query_view.sim +++ b/tests/script/tsim/view/query_view.sim @@ -75,5 +75,19 @@ endi sql drop view view1; sql drop view view2; +sql use information_schema; +sql create view view1 as select * from ins_views; +sql select * from view1; +if $rows != 1 then + return -1 +endi +sql drop view view1; +sql use testa; +sql create view information_schema.view1 as select * from information_schema.ins_views; +sql select * from information_schema.view1; +if $rows != 1 then + return -1 +endi +sql drop view information_schema.view1; #system sh/exec.sh -n dnode1 -s stop -x SIGINT diff --git a/tests/script/tsim/view/show_desc_view.sim b/tests/script/tsim/view/show_desc_view.sim index e01ee26e47..9bff63f6cc 100644 --- a/tests/script/tsim/view/show_desc_view.sim +++ b/tests/script/tsim/view/show_desc_view.sim @@ -19,4 +19,25 @@ sql drop view view3; sql_error create view view5 as select * from view3; sql drop view view4; + +sql use information_schema; +sql create view view1 as select * from ins_views; +sql show views; +if $rows != 1 then + return -1 +endi +sql describe view1; +sql show create view view1; +sql drop view view1; +sql use testa; +sql create view information_schema.view1 as select * from information_schema.ins_views; +sql show views; +if $rows != 0 then + return -1 +endi +sql describe information_schema.view1; +sql show create view information_schema.view1; +sql drop view information_schema.view1; + + system sh/exec.sh -n dnode1 -s stop -x SIGINT