enhance: ip whitelist before debug
This commit is contained in:
shenglian zhou
parent
33966cf856
commit
b8205f23bf
|
|
@ -924,8 +924,15 @@ void nodesDestroyNode(SNode* pNode) {
|
|||
nodesDestroyNode((SNode*)pStmt->pVal);
|
||||
break;
|
||||
}
|
||||
case QUERY_NODE_CREATE_USER_STMT: // no pointer field
|
||||
case QUERY_NODE_ALTER_USER_STMT: // no pointer field
|
||||
case QUERY_NODE_CREATE_USER_STMT: {
|
||||
SCreateUserStmt* pStmt = (SCreateUserStmt*)pNode;
|
||||
taosMemoryFree(pStmt->pIpRanges);
|
||||
break;
|
||||
}
|
||||
case QUERY_NODE_ALTER_USER_STMT: {
|
||||
SAlterUserStmt* pStmt = (SAlterUserStmt*)pNode;
|
||||
taosMemoryFree(pStmt->pIpRanges);
|
||||
}
|
||||
case QUERY_NODE_DROP_USER_STMT: // no pointer field
|
||||
case QUERY_NODE_USE_DATABASE_STMT: // no pointer field
|
||||
case QUERY_NODE_CREATE_DNODE_STMT: // no pointer field
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ white_list_opt(A) ::= white_list(B).
|
|||
cmd ::= CREATE USER user_name(A) PASS NK_STRING(B) sysinfo_opt(C)
|
||||
white_list_opt(D). {
|
||||
pCxt->pRootNode = createCreateUserStmt(pCxt, &A, &B, C);
|
||||
addCreateUserStmtWhiteList(pCxt, pCxt->pRootNode, D);
|
||||
pCxt->pRootNode = addCreateUserStmtWhiteList(pCxt, pCxt->pRootNode, D);
|
||||
}
|
||||
cmd ::= ALTER USER user_name(A) PASS NK_STRING(B). { pCxt->pRootNode = createAlterUserStmt(pCxt, &A, TSDB_ALTER_USER_PASSWD, &B); }
|
||||
cmd ::= ALTER USER user_name(A) ENABLE NK_INTEGER(B). { pCxt->pRootNode = createAlterUserStmt(pCxt, &A, TSDB_ALTER_USER_ENABLE, &B); }
|
||||
|
|
|
|||
|
|
@ -1696,6 +1696,27 @@ static int32_t getIpV4RangeFromWhitelistItem(char* ipRange, SIpV4Range* pIpRange
|
|||
return TSDB_CODE_SUCCESS;
|
||||
}
|
||||
|
||||
static int32_t fillIpRangesFromWhiteList(SAstCreateContext* pCxt, SNodeList* pIpRangesNodeList, SIpV4Range* pIpRanges) {
|
||||
int32_t i = 0;
|
||||
int32_t code = 0;
|
||||
|
||||
SNode* pNode = NULL;
|
||||
FOREACH(pNode, pIpRangesNodeList) {
|
||||
if (QUERY_NODE_VALUE != nodeType(pNode)) {
|
||||
pCxt->errCode = TSDB_CODE_PAR_INVALID_IP_RANGE;
|
||||
return TSDB_CODE_PAR_INVALID_IP_RANGE;
|
||||
}
|
||||
SValueNode* pValNode = (SValueNode*)(pNode);
|
||||
code = getIpV4RangeFromWhitelistItem(pValNode->literal, pIpRanges + i);
|
||||
++i;
|
||||
if (code != TSDB_CODE_SUCCESS) {
|
||||
pCxt->errCode = generateSyntaxErrMsg(&pCxt->msgBuf, code, pValNode->literal);
|
||||
return code;
|
||||
}
|
||||
}
|
||||
return TSDB_CODE_SUCCESS;
|
||||
}
|
||||
|
||||
SNode* addCreateUserStmtWhiteList(SAstCreateContext* pCxt, SNode* pCreateUserStmt, SNodeList* pIpRangesNodeList) {
|
||||
if (pIpRangesNodeList == NULL) {
|
||||
return pCreateUserStmt;
|
||||
|
|
@ -1703,19 +1724,16 @@ SNode* addCreateUserStmtWhiteList(SAstCreateContext* pCxt, SNode* pCreateUserStm
|
|||
SCreateUserStmt* pCreateUser = (SCreateUserStmt*)pCreateUserStmt;
|
||||
pCreateUser->numIpRanges = LIST_LENGTH(pIpRangesNodeList);
|
||||
pCreateUser->pIpRanges = taosMemoryMalloc(pCreateUser->numIpRanges * sizeof(SIpV4Range));
|
||||
int32_t i = 0;
|
||||
int32_t code = 0;
|
||||
if (NULL == pCreateUser->pIpRanges) {
|
||||
pCxt->errCode = TSDB_CODE_OUT_OF_MEMORY;
|
||||
nodesDestroyNode(pCreateUserStmt);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
SNode* pNode = NULL;
|
||||
FOREACH(pNode, pIpRangesNodeList) {
|
||||
SValueNode* pValNode = (SValueNode*)(pNode);
|
||||
code = getIpV4RangeFromWhitelistItem(pValNode->literal, pCreateUser->pIpRanges + i);
|
||||
if (code != TSDB_CODE_SUCCESS) {
|
||||
//TODO: see check user name/pass to return error no
|
||||
taosMemoryFree(pCreateUser->pIpRanges);
|
||||
nodesDestroyNode(pCreateUserStmt);
|
||||
return NULL;
|
||||
}
|
||||
int32_t code = fillIpRangesFromWhiteList(pCxt, pIpRangesNodeList, pCreateUser->pIpRanges);
|
||||
if (TSDB_CODE_SUCCESS != code) {
|
||||
nodesDestroyNode(pCreateUserStmt);
|
||||
return NULL;
|
||||
}
|
||||
return pCreateUserStmt;
|
||||
}
|
||||
|
|
@ -1753,13 +1771,20 @@ SNode* createAlterUserStmt(SAstCreateContext* pCxt, SToken* pUserName, int8_t al
|
|||
case TSDB_ALTER_USER_ADD_WHITE_LIST:
|
||||
case TSDB_ALTER_USER_DROP_WHITE_LIST: {
|
||||
SNodeList* pIpRangesNodeList = pAlterInfo;
|
||||
SNode* pNode = NULL;
|
||||
FOREACH(pNode, pIpRangesNodeList) {
|
||||
char* pStr = NULL;
|
||||
nodesNodeToString(pNode, false, &pStr, NULL);
|
||||
printf("%s\n", pStr);
|
||||
taosMemoryFree(pStr);
|
||||
pStmt->numIpRanges = LIST_LENGTH(pIpRangesNodeList);
|
||||
pStmt->pIpRanges = taosMemoryMalloc(pStmt->numIpRanges * sizeof(SIpV4Range));
|
||||
if (NULL == pStmt->pIpRanges) {
|
||||
pCxt->errCode = TSDB_CODE_OUT_OF_MEMORY;
|
||||
nodesDestroyNode(pStmt);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int32_t code = fillIpRangesFromWhiteList(pCxt, pIpRangesNodeList, pStmt->pIpRanges);
|
||||
if (TSDB_CODE_SUCCESS != code) {
|
||||
nodesDestroyNode(pStmt);
|
||||
return NULL;
|
||||
}
|
||||
break;
|
||||
}
|
||||
default:
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -5712,6 +5712,9 @@ static int32_t translateCreateUser(STranslateContext* pCxt, SCreateUserStmt* pSt
|
|||
createReq.sysInfo = pStmt->sysinfo;
|
||||
createReq.enable = 1;
|
||||
strcpy(createReq.pass, pStmt->password);
|
||||
createReq.numIpRanges = pStmt->numIpRanges;
|
||||
createReq.pIpRanges = taosMemoryMalloc(createReq.numIpRanges);
|
||||
memcpy(createReq.pIpRanges, pStmt->pIpRanges, sizeof(SIpV4Range) * createReq.numIpRanges);
|
||||
|
||||
return buildCmdMsg(pCxt, TDMT_MND_CREATE_USER, (FSerializeFunc)tSerializeSCreateUserReq, &createReq);
|
||||
}
|
||||
|
|
@ -5727,6 +5730,9 @@ static int32_t translateAlterUser(STranslateContext* pCxt, SAlterUserStmt* pStmt
|
|||
if (NULL != pCxt->pParseCxt->db) {
|
||||
snprintf(alterReq.objname, sizeof(alterReq.objname), "%s", pCxt->pParseCxt->db);
|
||||
}
|
||||
alterReq.numIpRanges = pStmt->numIpRanges;
|
||||
alterReq.pIpRanges = taosMemoryMalloc(alterReq.numIpRanges);
|
||||
memcpy(alterReq.pIpRanges, pStmt->pIpRanges, sizeof(SIpV4Range) * alterReq.numIpRanges);
|
||||
|
||||
return buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &alterReq);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -556,7 +556,6 @@ TAOS_DEFINE_ERROR(TSDB_CODE_PAR_NOT_ALLOWED_WIN_QUERY, "Window query not su
|
|||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_DROP_COL, "No columns can be dropped")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_COL_JSON, "Only tag can be json type")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_VALUE_TOO_LONG, "Value too long for column/tag")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_VARBINARY, "Invalidate varbinary type")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_DELETE_WHERE, "The DELETE statement must have a definite time window range")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_REDISTRIBUTE_VG, "The REDISTRIBUTE VGROUP statement only support 1 to 3 dnodes")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_FILL_NOT_ALLOWED_FUNC, "Fill not allowed")
|
||||
|
|
@ -573,6 +572,8 @@ TAOS_DEFINE_ERROR(TSDB_CODE_PAR_GET_META_ERROR, "Fail to get table i
|
|||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_NOT_UNIQUE_TABLE_ALIAS, "Not unique table/alias")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_SYSTABLE_NOT_ALLOWED_FUNC, "System table not allowed")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_SYSTABLE_NOT_ALLOWED, "System table not allowed")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_VARBINARY, "Invalidate varbinary type")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INVALID_IP_RANGE, "Invalid IPV4 address ranges")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_PAR_INTERNAL_ERROR, "Parser internal error")
|
||||
|
||||
//planner
|
||||
|
|
|
|||
Loading…
Reference in New Issue