feat: table level privilege syntax
This commit is contained in:
Xiaoyu Wang
parent
6c1515624a
commit
daaf4871ac
|
|
@ -676,6 +676,8 @@ typedef struct {
|
|||
char user[TSDB_USER_LEN];
|
||||
char pass[TSDB_USET_PASSWORD_LEN];
|
||||
char objname[TSDB_DB_FNAME_LEN]; // db or topic
|
||||
char tabName[TSDB_TABLE_NAME_LEN];
|
||||
char* tagCond;
|
||||
} SAlterUserReq;
|
||||
|
||||
int32_t tSerializeSAlterUserReq(void* buf, int32_t bufLen, SAlterUserReq* pReq);
|
||||
|
|
@ -3187,9 +3189,9 @@ typedef struct {
|
|||
SArray* blockTbName;
|
||||
SArray* blockSchema;
|
||||
// the following attributes are extended from SMqDataRsp
|
||||
int32_t createTableNum;
|
||||
SArray* createTableLen;
|
||||
SArray* createTableReq;
|
||||
int32_t createTableNum;
|
||||
SArray* createTableLen;
|
||||
SArray* createTableReq;
|
||||
} STaosxRsp;
|
||||
|
||||
int32_t tEncodeSTaosxRsp(SEncoder* pEncoder, const STaosxRsp* pRsp);
|
||||
|
|
|
|||
|
|
@ -63,55 +63,55 @@
|
|||
#define TK_READ 45
|
||||
#define TK_WRITE 46
|
||||
#define TK_NK_DOT 47
|
||||
#define TK_DNODE 48
|
||||
#define TK_PORT 49
|
||||
#define TK_DNODES 50
|
||||
#define TK_NK_IPTOKEN 51
|
||||
#define TK_FORCE 52
|
||||
#define TK_LOCAL 53
|
||||
#define TK_QNODE 54
|
||||
#define TK_BNODE 55
|
||||
#define TK_SNODE 56
|
||||
#define TK_MNODE 57
|
||||
#define TK_DATABASE 58
|
||||
#define TK_USE 59
|
||||
#define TK_FLUSH 60
|
||||
#define TK_TRIM 61
|
||||
#define TK_COMPACT 62
|
||||
#define TK_IF 63
|
||||
#define TK_NOT 64
|
||||
#define TK_EXISTS 65
|
||||
#define TK_BUFFER 66
|
||||
#define TK_CACHEMODEL 67
|
||||
#define TK_CACHESIZE 68
|
||||
#define TK_COMP 69
|
||||
#define TK_DURATION 70
|
||||
#define TK_NK_VARIABLE 71
|
||||
#define TK_MAXROWS 72
|
||||
#define TK_MINROWS 73
|
||||
#define TK_KEEP 74
|
||||
#define TK_PAGES 75
|
||||
#define TK_PAGESIZE 76
|
||||
#define TK_TSDB_PAGESIZE 77
|
||||
#define TK_PRECISION 78
|
||||
#define TK_REPLICA 79
|
||||
#define TK_VGROUPS 80
|
||||
#define TK_SINGLE_STABLE 81
|
||||
#define TK_RETENTIONS 82
|
||||
#define TK_SCHEMALESS 83
|
||||
#define TK_WAL_LEVEL 84
|
||||
#define TK_WAL_FSYNC_PERIOD 85
|
||||
#define TK_WAL_RETENTION_PERIOD 86
|
||||
#define TK_WAL_RETENTION_SIZE 87
|
||||
#define TK_WAL_ROLL_PERIOD 88
|
||||
#define TK_WAL_SEGMENT_SIZE 89
|
||||
#define TK_STT_TRIGGER 90
|
||||
#define TK_TABLE_PREFIX 91
|
||||
#define TK_TABLE_SUFFIX 92
|
||||
#define TK_NK_COLON 93
|
||||
#define TK_MAX_SPEED 94
|
||||
#define TK_START 95
|
||||
#define TK_WITH 96
|
||||
#define TK_WITH 48
|
||||
#define TK_DNODE 49
|
||||
#define TK_PORT 50
|
||||
#define TK_DNODES 51
|
||||
#define TK_NK_IPTOKEN 52
|
||||
#define TK_FORCE 53
|
||||
#define TK_LOCAL 54
|
||||
#define TK_QNODE 55
|
||||
#define TK_BNODE 56
|
||||
#define TK_SNODE 57
|
||||
#define TK_MNODE 58
|
||||
#define TK_DATABASE 59
|
||||
#define TK_USE 60
|
||||
#define TK_FLUSH 61
|
||||
#define TK_TRIM 62
|
||||
#define TK_COMPACT 63
|
||||
#define TK_IF 64
|
||||
#define TK_NOT 65
|
||||
#define TK_EXISTS 66
|
||||
#define TK_BUFFER 67
|
||||
#define TK_CACHEMODEL 68
|
||||
#define TK_CACHESIZE 69
|
||||
#define TK_COMP 70
|
||||
#define TK_DURATION 71
|
||||
#define TK_NK_VARIABLE 72
|
||||
#define TK_MAXROWS 73
|
||||
#define TK_MINROWS 74
|
||||
#define TK_KEEP 75
|
||||
#define TK_PAGES 76
|
||||
#define TK_PAGESIZE 77
|
||||
#define TK_TSDB_PAGESIZE 78
|
||||
#define TK_PRECISION 79
|
||||
#define TK_REPLICA 80
|
||||
#define TK_VGROUPS 81
|
||||
#define TK_SINGLE_STABLE 82
|
||||
#define TK_RETENTIONS 83
|
||||
#define TK_SCHEMALESS 84
|
||||
#define TK_WAL_LEVEL 85
|
||||
#define TK_WAL_FSYNC_PERIOD 86
|
||||
#define TK_WAL_RETENTION_PERIOD 87
|
||||
#define TK_WAL_RETENTION_SIZE 88
|
||||
#define TK_WAL_ROLL_PERIOD 89
|
||||
#define TK_WAL_SEGMENT_SIZE 90
|
||||
#define TK_STT_TRIGGER 91
|
||||
#define TK_TABLE_PREFIX 92
|
||||
#define TK_TABLE_SUFFIX 93
|
||||
#define TK_NK_COLON 94
|
||||
#define TK_MAX_SPEED 95
|
||||
#define TK_START 96
|
||||
#define TK_TIMESTAMP 97
|
||||
#define TK_END 98
|
||||
#define TK_TABLE 99
|
||||
|
|
|
|||
|
|
@ -456,7 +456,9 @@ typedef struct SGrantStmt {
|
|||
ENodeType type;
|
||||
char userName[TSDB_USER_LEN];
|
||||
char objName[TSDB_DB_NAME_LEN]; // db or topic
|
||||
char tabName[TSDB_TABLE_NAME_LEN];
|
||||
int64_t privileges;
|
||||
SNode* pTagCond;
|
||||
} SGrantStmt;
|
||||
|
||||
typedef SGrantStmt SRevokeStmt;
|
||||
|
|
|
|||
|
|
@ -1150,7 +1150,7 @@ int32_t tDeserializeSStatusReq(void *buf, int32_t bufLen, SStatusReq *pReq) {
|
|||
if (tDecodeI64(&decoder, &vload.compStorage) < 0) return -1;
|
||||
if (tDecodeI64(&decoder, &vload.pointsWritten) < 0) return -1;
|
||||
if (tDecodeI32(&decoder, &vload.numOfCachedTables) < 0) return -1;
|
||||
if (tDecodeI32(&decoder, (int32_t*)&reserved) < 0) return -1;
|
||||
if (tDecodeI32(&decoder, (int32_t *)&reserved) < 0) return -1;
|
||||
if (tDecodeI64(&decoder, &reserved) < 0) return -1;
|
||||
if (tDecodeI64(&decoder, &reserved) < 0) return -1;
|
||||
if (taosArrayPush(pReq->pVloads, &vload) == NULL) {
|
||||
|
|
@ -1368,6 +1368,16 @@ int32_t tSerializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq)
|
|||
if (tEncodeCStr(&encoder, pReq->user) < 0) return -1;
|
||||
if (tEncodeCStr(&encoder, pReq->pass) < 0) return -1;
|
||||
if (tEncodeCStr(&encoder, pReq->objname) < 0) return -1;
|
||||
int32_t len = strlen(pReq->tabName);
|
||||
if (tEncodeI32(&encoder, len) < 0) return -1;
|
||||
if (len > 0) {
|
||||
if (tEncodeCStr(&encoder, pReq->tabName) < 0) return -1;
|
||||
}
|
||||
len = (NULL == pReq->tagCond ? 0 : strlen(pReq->tagCond));
|
||||
if (tEncodeI32(&encoder, len) < 0) return -1;
|
||||
if (len > 0) {
|
||||
if (tEncodeCStr(&encoder, pReq->tagCond) < 0) return -1;
|
||||
}
|
||||
tEndEncode(&encoder);
|
||||
|
||||
int32_t tlen = encoder.pos;
|
||||
|
|
@ -1387,6 +1397,17 @@ int32_t tDeserializeSAlterUserReq(void *buf, int32_t bufLen, SAlterUserReq *pReq
|
|||
if (tDecodeCStrTo(&decoder, pReq->user) < 0) return -1;
|
||||
if (tDecodeCStrTo(&decoder, pReq->pass) < 0) return -1;
|
||||
if (tDecodeCStrTo(&decoder, pReq->objname) < 0) return -1;
|
||||
if (!tDecodeIsEnd(&decoder)) {
|
||||
int32_t len = 0;
|
||||
if (tDecodeI32(&decoder, &len) < 0) return -1;
|
||||
if (len > 0) {
|
||||
if (tDecodeCStrTo(&decoder, pReq->tabName) < 0) return -1;
|
||||
}
|
||||
if (tDecodeI32(&decoder, &len) < 0) return -1;
|
||||
if (len > 0) {
|
||||
if (tDecodeCStrAlloc(&decoder, &pReq->tagCond) < 0) return -1;
|
||||
}
|
||||
}
|
||||
tEndDecode(&decoder);
|
||||
|
||||
tDecoderClear(&decoder);
|
||||
|
|
@ -6824,7 +6845,7 @@ int32_t tDecodeSMqDataRsp(SDecoder *pDecoder, SMqDataRsp *pRsp) {
|
|||
}
|
||||
|
||||
void tDeleteSMqDataRsp(SMqDataRsp *pRsp) {
|
||||
pRsp->blockDataLen = taosArrayDestroy(pRsp->blockDataLen);;
|
||||
pRsp->blockDataLen = taosArrayDestroy(pRsp->blockDataLen);
|
||||
taosArrayDestroyP(pRsp->blockData, (FDelete)taosMemoryFree);
|
||||
pRsp->blockData = NULL;
|
||||
taosArrayDestroyP(pRsp->blockSchema, (FDelete)tDeleteSSchemaWrapper);
|
||||
|
|
|
|||
|
|
@ -82,6 +82,11 @@ typedef struct SAlterOption {
|
|||
SNodeList* pList;
|
||||
} SAlterOption;
|
||||
|
||||
typedef struct STokenPair {
|
||||
SToken first;
|
||||
SToken second;
|
||||
} STokenPair;
|
||||
|
||||
extern SToken nil_token;
|
||||
|
||||
void initAstCreateContext(SParseContext* pParseCxt, SAstCreateContext* pCxt);
|
||||
|
|
@ -227,8 +232,10 @@ SNode* createMergeVgroupStmt(SAstCreateContext* pCxt, const SToken* pVgId1, cons
|
|||
SNode* createRedistributeVgroupStmt(SAstCreateContext* pCxt, const SToken* pVgId, SNodeList* pDnodes);
|
||||
SNode* createSplitVgroupStmt(SAstCreateContext* pCxt, const SToken* pVgId);
|
||||
SNode* createSyncdbStmt(SAstCreateContext* pCxt, const SToken* pDbName);
|
||||
SNode* createGrantStmt(SAstCreateContext* pCxt, int64_t privileges, SToken* pDbName, SToken* pUserName);
|
||||
SNode* createRevokeStmt(SAstCreateContext* pCxt, int64_t privileges, SToken* pDbName, SToken* pUserName);
|
||||
SNode* createGrantStmt(SAstCreateContext* pCxt, int64_t privileges, STokenPair* pPrivLevel, SToken* pUserName,
|
||||
SNode* pTagCond);
|
||||
SNode* createRevokeStmt(SAstCreateContext* pCxt, int64_t privileges, STokenPair* pPrivLevel, SToken* pUserName,
|
||||
SNode* pTagCond);
|
||||
SNode* createDeleteStmt(SAstCreateContext* pCxt, SNode* pTable, SNode* pWhere);
|
||||
SNode* createInsertStmt(SAstCreateContext* pCxt, SNode* pTable, SNodeList* pCols, SNode* pQuery);
|
||||
|
||||
|
|
|
|||
|
|
@ -94,8 +94,8 @@ sysinfo_opt(A) ::= .
|
|||
sysinfo_opt(A) ::= SYSINFO NK_INTEGER(B). { A = taosStr2Int8(B.z, NULL, 10); }
|
||||
|
||||
/************************************************ grant/revoke ********************************************************/
|
||||
cmd ::= GRANT privileges(A) ON priv_level(B) TO user_name(C). { pCxt->pRootNode = createGrantStmt(pCxt, A, &B, &C); }
|
||||
cmd ::= REVOKE privileges(A) ON priv_level(B) FROM user_name(C). { pCxt->pRootNode = createRevokeStmt(pCxt, A, &B, &C); }
|
||||
cmd ::= GRANT privileges(A) ON priv_level(B) with_opt(D) TO user_name(C). { pCxt->pRootNode = createGrantStmt(pCxt, A, &B, &C, D); }
|
||||
cmd ::= REVOKE privileges(A) ON priv_level(B) with_opt(D) FROM user_name(C). { pCxt->pRootNode = createRevokeStmt(pCxt, A, &B, &C, D); }
|
||||
|
||||
%type privileges { int64_t }
|
||||
%destructor privileges { }
|
||||
|
|
@ -113,11 +113,15 @@ priv_type_list(A) ::= priv_type_list(B) NK_COMMA priv_type(C).
|
|||
priv_type(A) ::= READ. { A = PRIVILEGE_TYPE_READ; }
|
||||
priv_type(A) ::= WRITE. { A = PRIVILEGE_TYPE_WRITE; }
|
||||
|
||||
%type priv_level { SToken }
|
||||
%type priv_level { STokenPair }
|
||||
%destructor priv_level { }
|
||||
priv_level(A) ::= NK_STAR(B) NK_DOT NK_STAR. { A = B; }
|
||||
priv_level(A) ::= db_name(B) NK_DOT NK_STAR. { A = B; }
|
||||
priv_level(A) ::= topic_name(B). { A = B; }
|
||||
priv_level(A) ::= NK_STAR(B) NK_DOT NK_STAR(C). { A.first = B; A.second = C; }
|
||||
priv_level(A) ::= db_name(B) NK_DOT NK_STAR(C). { A.first = B; A.second = C; }
|
||||
priv_level(A) ::= db_name(B) NK_DOT table_name(C). { A.first = B; A.second = C; }
|
||||
priv_level(A) ::= topic_name(B). { A.first = B; A.second = nil_token; }
|
||||
|
||||
with_opt(A) ::= . { A = NULL; }
|
||||
with_opt(A) ::= WITH search_condition(B). { A = B; }
|
||||
|
||||
/************************************************ create/drop/alter dnode *********************************************/
|
||||
cmd ::= CREATE DNODE dnode_endpoint(A). { pCxt->pRootNode = createCreateDnodeStmt(pCxt, &A, NULL); }
|
||||
|
|
|
|||
|
|
@ -1961,29 +1961,39 @@ SNode* createSyncdbStmt(SAstCreateContext* pCxt, const SToken* pDbName) {
|
|||
return pStmt;
|
||||
}
|
||||
|
||||
SNode* createGrantStmt(SAstCreateContext* pCxt, int64_t privileges, SToken* pDbName, SToken* pUserName) {
|
||||
SNode* createGrantStmt(SAstCreateContext* pCxt, int64_t privileges, STokenPair* pPrivLevel, SToken* pUserName,
|
||||
SNode* pTagCond) {
|
||||
CHECK_PARSER_STATUS(pCxt);
|
||||
if (!checkDbName(pCxt, pDbName, false) || !checkUserName(pCxt, pUserName)) {
|
||||
if (!checkDbName(pCxt, &pPrivLevel->first, false) || !checkUserName(pCxt, pUserName)) {
|
||||
return NULL;
|
||||
}
|
||||
SGrantStmt* pStmt = (SGrantStmt*)nodesMakeNode(QUERY_NODE_GRANT_STMT);
|
||||
CHECK_OUT_OF_MEM(pStmt);
|
||||
pStmt->privileges = privileges;
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->objName, pDbName);
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->objName, &pPrivLevel->first);
|
||||
if (TK_NK_NIL != pPrivLevel->second.type && TK_NK_STAR != pPrivLevel->second.type) {
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->tabName, &pPrivLevel->second);
|
||||
}
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->userName, pUserName);
|
||||
pStmt->pTagCond = pTagCond;
|
||||
return (SNode*)pStmt;
|
||||
}
|
||||
|
||||
SNode* createRevokeStmt(SAstCreateContext* pCxt, int64_t privileges, SToken* pDbName, SToken* pUserName) {
|
||||
SNode* createRevokeStmt(SAstCreateContext* pCxt, int64_t privileges, STokenPair* pPrivLevel, SToken* pUserName,
|
||||
SNode* pTagCond) {
|
||||
CHECK_PARSER_STATUS(pCxt);
|
||||
if (!checkDbName(pCxt, pDbName, false) || !checkUserName(pCxt, pUserName)) {
|
||||
if (!checkDbName(pCxt, &pPrivLevel->first, false) || !checkUserName(pCxt, pUserName)) {
|
||||
return NULL;
|
||||
}
|
||||
SRevokeStmt* pStmt = (SRevokeStmt*)nodesMakeNode(QUERY_NODE_REVOKE_STMT);
|
||||
CHECK_OUT_OF_MEM(pStmt);
|
||||
pStmt->privileges = privileges;
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->objName, pDbName);
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->objName, &pPrivLevel->first);
|
||||
if (TK_NK_NIL != pPrivLevel->second.type && TK_NK_STAR != pPrivLevel->second.type) {
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->tabName, &pPrivLevel->second);
|
||||
}
|
||||
COPY_STRING_FORM_ID_TOKEN(pStmt->userName, pUserName);
|
||||
pStmt->pTagCond = pTagCond;
|
||||
return (SNode*)pStmt;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6464,7 +6464,15 @@ static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) {
|
|||
}
|
||||
strcpy(req.user, pStmt->userName);
|
||||
sprintf(req.objname, "%d.%s", pCxt->pParseCxt->acctId, pStmt->objName);
|
||||
return buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &req);
|
||||
sprintf(req.tabName, "%s", pStmt->tabName);
|
||||
int32_t code = TSDB_CODE_SUCCESS;
|
||||
if (NULL != pStmt->pTagCond) {
|
||||
code = nodesNodeToString(pStmt->pTagCond, false, &req.tagCond, NULL);
|
||||
}
|
||||
if (TSDB_CODE_SUCCESS == code) {
|
||||
code = buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &req);
|
||||
}
|
||||
return code;
|
||||
}
|
||||
|
||||
static int32_t translateRevoke(STranslateContext* pCxt, SRevokeStmt* pStmt) {
|
||||
|
|
@ -6482,6 +6490,7 @@ static int32_t translateRevoke(STranslateContext* pCxt, SRevokeStmt* pStmt) {
|
|||
}
|
||||
strcpy(req.user, pStmt->userName);
|
||||
sprintf(req.objname, "%d.%s", pCxt->pParseCxt->acctId, pStmt->objName);
|
||||
sprintf(req.tabName, "%s", pStmt->tabName);
|
||||
return buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &req);
|
||||
}
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue