From e3442474cfccfb0293a78cbf904339b18a0065ee Mon Sep 17 00:00:00 2001
From: kailixu <klxu@taosdata.com>
Date: Sun, 12 May 2024 23:09:56 +0800
Subject: [PATCH] fix: grants for database encryption

---
 source/dnode/mnode/impl/src/mndDb.c | 8 ++------
 source/util/src/terror.c            | 2 +-
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/source/dnode/mnode/impl/src/mndDb.c b/source/dnode/mnode/impl/src/mndDb.c
index 9dc06c802c..f254fb16a5 100644
--- a/source/dnode/mnode/impl/src/mndDb.c
+++ b/source/dnode/mnode/impl/src/mndDb.c
@@ -820,14 +820,11 @@ static int32_t mndCheckDbEncryptKey(SMnode *pMnode, SCreateDbReq *pReq) {
   void      *pIter = NULL;
 
 #ifdef TD_ENTERPRISE
-  if(grantCheck(TSDB_GRANT_DB_ENCRYPTION) != 0){
+  if (pReq->encryptAlgorithm == TSDB_ENCRYPT_ALGO_NONE) goto _exit;
+  if (grantCheck(TSDB_GRANT_DB_ENCRYPTION) != 0) {
     code = TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED;
-    errno = code;
-    mError("db:%s, failed to create db since %s", pReq->db, terrstr());
     goto _exit;
   }
-
-  if (pReq->encryptAlgorithm == TSDB_ENCRYPT_ALGO_NONE) goto _exit;
   if (tsEncryptionKeyStat != ENCRYPT_KEY_STAT_LOADED) {
     code = TSDB_CODE_MND_INVALID_ENCRYPT_KEY;
     mError("db:%s, failed to check encryption key:%" PRIi8 " in mnode leader since it's not loaded", pReq->db,
@@ -850,7 +847,6 @@ static int32_t mndCheckDbEncryptKey(SMnode *pMnode, SCreateDbReq *pReq) {
     }
     sdbRelease(pSdb, pDnode);
   }
-
 #else
   if (pReq->encryptAlgorithm != TSDB_ENCRYPT_ALGO_NONE) {
     code = TSDB_CODE_MND_INVALID_DB_OPTION;
diff --git a/source/util/src/terror.c b/source/util/src/terror.c
index a0b4a74ca7..daf0d2fe78 100644
--- a/source/util/src/terror.c
+++ b/source/util/src/terror.c
@@ -259,7 +259,7 @@ TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_IN_CREATING,           "Database in creating
 TAOS_DEFINE_ERROR(TSDB_CODE_MND_ENCRYPT_NOT_ALLOW_CHANGE, "Encryption is not allowed to be changed after database is created")
 TAOS_DEFINE_ERROR(TSDB_CODE_MND_INCONSIST_ENCRYPT_KEY,    "Inconsistent encryption key")
 TAOS_DEFINE_ERROR(TSDB_CODE_MND_INVALID_ENCRYPT_KEY,      "The cluster has not been set properly for database encryption")
-TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED, "The database encryption funtion grant expired")
+TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED, "The database encryption function grant expired")
 
 // mnode-node
 TAOS_DEFINE_ERROR(TSDB_CODE_MND_MNODE_ALREADY_EXIST,      "Mnode already exists")