fix: grants for database encryption
This commit is contained in:
kailixu
parent
c575d7a850
commit
e3442474cf
|
|
@ -820,14 +820,11 @@ static int32_t mndCheckDbEncryptKey(SMnode *pMnode, SCreateDbReq *pReq) {
|
|||
void *pIter = NULL;
|
||||
|
||||
#ifdef TD_ENTERPRISE
|
||||
if (pReq->encryptAlgorithm == TSDB_ENCRYPT_ALGO_NONE) goto _exit;
|
||||
if (grantCheck(TSDB_GRANT_DB_ENCRYPTION) != 0) {
|
||||
code = TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED;
|
||||
errno = code;
|
||||
mError("db:%s, failed to create db since %s", pReq->db, terrstr());
|
||||
goto _exit;
|
||||
}
|
||||
|
||||
if (pReq->encryptAlgorithm == TSDB_ENCRYPT_ALGO_NONE) goto _exit;
|
||||
if (tsEncryptionKeyStat != ENCRYPT_KEY_STAT_LOADED) {
|
||||
code = TSDB_CODE_MND_INVALID_ENCRYPT_KEY;
|
||||
mError("db:%s, failed to check encryption key:%" PRIi8 " in mnode leader since it's not loaded", pReq->db,
|
||||
|
|
@ -850,7 +847,6 @@ static int32_t mndCheckDbEncryptKey(SMnode *pMnode, SCreateDbReq *pReq) {
|
|||
}
|
||||
sdbRelease(pSdb, pDnode);
|
||||
}
|
||||
|
||||
#else
|
||||
if (pReq->encryptAlgorithm != TSDB_ENCRYPT_ALGO_NONE) {
|
||||
code = TSDB_CODE_MND_INVALID_DB_OPTION;
|
||||
|
|
|
|||
|
|
@ -259,7 +259,7 @@ TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_IN_CREATING, "Database in creating
|
|||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_ENCRYPT_NOT_ALLOW_CHANGE, "Encryption is not allowed to be changed after database is created")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_INCONSIST_ENCRYPT_KEY, "Inconsistent encryption key")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_INVALID_ENCRYPT_KEY, "The cluster has not been set properly for database encryption")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED, "The database encryption funtion grant expired")
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_DB_ENCRYPT_GRANT_EXPIRED, "The database encryption function grant expired")
|
||||
|
||||
// mnode-node
|
||||
TAOS_DEFINE_ERROR(TSDB_CODE_MND_MNODE_ALREADY_EXIST, "Mnode already exists")
|
||||
|
|
|
|||
Loading…
Reference in New Issue