Skip to content

T
TDengine

taosdata / TDengine
1 年多 前同步成功

通知 1185
Star 22016
Fork 4786
T
TDengine
切换分支/标签
查找文件 普通视图历史永久链接Permalink
parAuthenticator.c 4.3 KB
Newer Older
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 
/*
 * Copyright (c) 2019 TAOS Data, Inc. <jhtao@taosdata.com>
 *
 * This program is free software: you can use, redistribute, and/or modify
 * it under the terms of the GNU Affero General Public License, version 3
 * or later ("AGPL"), as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 */

#include "catalog.h"
X
fix: some problems of planner  
Xiaoyu Wang 已提交
17 
#include "cmdnodes.h"
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
18 19 20 
#include "parInt.h"

typedef struct SAuthCxt {
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
21 22 23 
  SParseContext*   pParseCxt;
  SParseMetaCache* pMetaCache;
  int32_t          errCode;
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
24 25 26 27 
} SAuthCxt;

static int32_t authQuery(SAuthCxt* pCxt, SNode* pStmt);
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
28 29 30 
static int32_t checkAuth(SAuthCxt* pCxt, const char* pDbName, AUTH_TYPE type) {
  SParseContext* pParseCxt = pCxt->pParseCxt;
  if (pParseCxt->isSuperUser) {
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
31 32 
    return TSDB_CODE_SUCCESS;
  }
X
fix: problem of sql command 'kill transaction'  
Xiaoyu Wang 已提交
33 
  SName name;
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
34 
  tNameSetDbName(&name, pParseCxt->acctId, pDbName, strlen(pDbName));
X
fix: problem of sql command 'kill transaction'  
Xiaoyu Wang 已提交
35 36 
  char dbFname[TSDB_DB_FNAME_LEN] = {0};
  tNameGetFullDbName(&name, dbFname);
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
37 
  int32_t code = TSDB_CODE_SUCCESS;
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
38 
  bool    pass = false;
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
39 40 41 
  if (NULL != pCxt->pMetaCache) {
    code = getUserAuthFromCache(pCxt->pMetaCache, pParseCxt->pUser, dbFname, type, &pass);
  } else {
X
feat: sql command 'insert ... select'  
Xiaoyu Wang 已提交
42 
    SRequestConnInfo conn = {.pTrans = pParseCxt->pTransporter,
D
update epset  
dapan1121 已提交
43 44 45 46 47 
                             .requestId = pParseCxt->requestId,
                             .requestObjRefId = pParseCxt->requestRid,
                             .mgmtEps = pParseCxt->mgmtEpSet};

    code = catalogChkAuth(pParseCxt->pCatalog, &conn, pParseCxt->pUser, dbFname, type, &pass);
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
48 
  }
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
49 50 51 52 53 54 55 56 57 58 
  return TSDB_CODE_SUCCESS == code ? (pass ? TSDB_CODE_SUCCESS : TSDB_CODE_PAR_PERMISSION_DENIED) : code;
}

static EDealRes authSubquery(SAuthCxt* pCxt, SNode* pStmt) {
  return TSDB_CODE_SUCCESS == authQuery(pCxt, pStmt) ? DEAL_RES_CONTINUE : DEAL_RES_ERROR;
}

static EDealRes authSelectImpl(SNode* pNode, void* pContext) {
  SAuthCxt* pCxt = pContext;
  if (QUERY_NODE_REAL_TABLE == nodeType(pNode)) {
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
59 
    pCxt->errCode = checkAuth(pCxt, ((SRealTableNode*)pNode)->table.dbName, AUTH_TYPE_READ);
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
60 61 62 63 64 65 66 67 68 69 70 71 
    return TSDB_CODE_SUCCESS == pCxt->errCode ? DEAL_RES_CONTINUE : DEAL_RES_ERROR;
  } else if (QUERY_NODE_TEMP_TABLE == nodeType(pNode)) {
    return authSubquery(pCxt, ((STempTableNode*)pNode)->pSubquery);
  }
  return DEAL_RES_CONTINUE;
}

static int32_t authSelect(SAuthCxt* pCxt, SSelectStmt* pSelect) {
  nodesWalkSelectStmt(pSelect, SQL_CLAUSE_FROM, authSelectImpl, pCxt);
  return pCxt->errCode;
}
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
72 73 74 75 76 77 78 79 
static int32_t authSetOperator(SAuthCxt* pCxt, SSetOperator* pSetOper) {
  int32_t code = authQuery(pCxt, pSetOper->pLeft);
  if (TSDB_CODE_SUCCESS == code) {
    code = authQuery(pCxt, pSetOper->pRight);
  }
  return code;
}
X
fix: some problems of planner  
Xiaoyu Wang 已提交
80 81 
static int32_t authDropUser(SAuthCxt* pCxt, SDropUserStmt* pStmt) {
  if (!pCxt->pParseCxt->isSuperUser || 0 == strcmp(pStmt->useName, TSDB_DEFAULT_USER)) {
X
fix: some problems of parser and planner  
Xiaoyu Wang 已提交
82 83 84 85 86 
    return TSDB_CODE_PAR_PERMISSION_DENIED;
  }
  return TSDB_CODE_SUCCESS;
}
X
feat: sql command 'delete from'  
Xiaoyu Wang 已提交
87 88 89 90 
static int32_t authDelete(SAuthCxt* pCxt, SDeleteStmt* pDelete) {
  return checkAuth(pCxt, ((SRealTableNode*)pDelete->pFromTable)->table.dbName, AUTH_TYPE_WRITE);
}
X
feat: sql command 'insert ... select'  
Xiaoyu Wang 已提交
91 92 93 94 95 96 97 98 
static int32_t authInsert(SAuthCxt* pCxt, SInsertStmt* pInsert) {
  int32_t code = checkAuth(pCxt, ((SRealTableNode*)pInsert->pTable)->table.dbName, AUTH_TYPE_WRITE);
  if (TSDB_CODE_SUCCESS == code) {
    code = authQuery(pCxt, pInsert->pQuery);
  }
  return code;
}
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
99 100 101 
static int32_t authQuery(SAuthCxt* pCxt, SNode* pStmt) {
  switch (nodeType(pStmt)) {
    case QUERY_NODE_SET_OPERATOR:
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
102 
      return authSetOperator(pCxt, (SSetOperator*)pStmt);
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
103 104 
    case QUERY_NODE_SELECT_STMT:
      return authSelect(pCxt, (SSelectStmt*)pStmt);
X
feat: parser adapts asynchronous interface  
Xiaoyu Wang 已提交
105 
    case QUERY_NODE_DROP_USER_STMT:
X
fix: some problems of planner  
Xiaoyu Wang 已提交
106 
      return authDropUser(pCxt, (SDropUserStmt*)pStmt);
X
feat: sql command 'delete from'  
Xiaoyu Wang 已提交
107 108 
    case QUERY_NODE_DELETE_STMT:
      return authDelete(pCxt, (SDeleteStmt*)pStmt);
X
feat: sql command 'insert ... select'  
Xiaoyu Wang 已提交
109 110 
    case QUERY_NODE_INSERT_STMT:
      return authInsert(pCxt, (SInsertStmt*)pStmt);
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
111 112 113 114 115 116 117 
    default:
      break;
  }

  return TSDB_CODE_SUCCESS;
}
X
fix: handle the memory leak of parser  
Xiaoyu Wang 已提交
118 119 
int32_t authenticate(SParseContext* pParseCxt, SQuery* pQuery, SParseMetaCache* pMetaCache) {
  SAuthCxt cxt = {.pParseCxt = pParseCxt, .pMetaCache = pMetaCache, .errCode = TSDB_CODE_SUCCESS};
X
feat: sql command 'grant', 'revoke', 'kill transaction' and 'show transactions'  
Xiaoyu Wang 已提交
120 121 
  return authQuery(&cxt, pQuery->pRoot);
}