diff --git a/source/dnode/mnode/impl/src/mndPrivilege.c b/source/dnode/mnode/impl/src/mndPrivilege.c index ccb4140b83bc6bcc58eacdd52b357fc19ed3455b..de0374c6e89c506ce1b9cad966e2a4dd8905b7b7 100644 --- a/source/dnode/mnode/impl/src/mndPrivilege.c +++ b/source/dnode/mnode/impl/src/mndPrivilege.c @@ -35,6 +35,7 @@ int32_t mndCheckTopicPrivilegeByName(SMnode *pMnode, const char *user, EOperType int32_t mndSetUserAuthRsp(SMnode *pMnode, SUserObj *pUser, SGetUserAuthRsp *pRsp) { memcpy(pRsp->user, pUser->user, TSDB_USER_LEN); pRsp->superAuth = 1; + pRsp->enable = pUser->enable; pRsp->version = pUser->authVersion; return 0; } diff --git a/source/dnode/mnode/impl/src/mndUser.c b/source/dnode/mnode/impl/src/mndUser.c index 243053751ec2600bff800db7dc2103337efe37d9..5e562806a2523ae60e2748c662d78359cdd6322e 100644 --- a/source/dnode/mnode/impl/src/mndUser.c +++ b/source/dnode/mnode/impl/src/mndUser.c @@ -18,10 +18,10 @@ #include "mndDb.h" #include "mndPrivilege.h" #include "mndShow.h" +#include "mndStb.h" #include "mndTopic.h" #include "mndTrans.h" #include "tbase64.h" -#include "mndStb.h" #define USER_VER_NUMBER 3 #define USER_RESERVE_SIZE 64 @@ -128,8 +128,7 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { int32_t numOfReadStbs = taosHashGetSize(pUser->readTbs); int32_t numOfWriteStbs = taosHashGetSize(pUser->writeTbs); int32_t numOfTopics = taosHashGetSize(pUser->topics); - int32_t size = sizeof(SUserObj) + USER_RESERVE_SIZE + - (numOfReadDbs + numOfWriteDbs ) * TSDB_DB_FNAME_LEN + + int32_t size = sizeof(SUserObj) + USER_RESERVE_SIZE + (numOfReadDbs + numOfWriteDbs) * TSDB_DB_FNAME_LEN + numOfTopics * TSDB_TOPIC_FNAME_LEN; char *stb = taosHashIterate(pUser->readTbs, NULL); @@ -152,7 +151,7 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { void *key = taosHashGetKey(stb, &keyLen); size += sizeof(int32_t); size += keyLen; - + size_t valueLen = 0; valueLen = strlen(stb); size += sizeof(int32_t); @@ -206,7 +205,7 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { SDB_SET_BINARY(pRaw, dataPos, key, keyLen, _OVER); size_t valueLen = 0; - valueLen = strlen(stb)+1; + valueLen = strlen(stb) + 1; SDB_SET_INT32(pRaw, dataPos, valueLen, _OVER) SDB_SET_BINARY(pRaw, dataPos, stb, valueLen, _OVER); stb = taosHashIterate(pUser->readTbs, stb); @@ -218,9 +217,9 @@ SSdbRaw *mndUserActionEncode(SUserObj *pUser) { void *key = taosHashGetKey(stb, &keyLen); SDB_SET_INT32(pRaw, dataPos, keyLen, _OVER) SDB_SET_BINARY(pRaw, dataPos, key, keyLen, _OVER); - + size_t valueLen = 0; - valueLen = strlen(stb)+1; + valueLen = strlen(stb) + 1; SDB_SET_INT32(pRaw, dataPos, valueLen, _OVER) SDB_SET_BINARY(pRaw, dataPos, stb, valueLen, _OVER); stb = taosHashIterate(pUser->writeTbs, stb); @@ -283,7 +282,7 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { if (sver >= 2) { SDB_GET_INT32(pRaw, dataPos, &numOfTopics, _OVER) } - if(sver >= 3){ + if (sver >= 3) { SDB_GET_INT32(pRaw, dataPos, &numOfReadStbs, _OVER) SDB_GET_INT32(pRaw, dataPos, &numOfWriteStbs, _OVER) } @@ -292,7 +291,8 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { pUser->writeDbs = taosHashInit(numOfWriteDbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pUser->topics = taosHashInit(numOfTopics, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); - pUser->readTbs = taosHashInit(numOfReadStbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); + pUser->readTbs = + taosHashInit(numOfReadStbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); pUser->writeTbs = taosHashInit(numOfWriteStbs, taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), true, HASH_ENTRY_LOCK); if (pUser->readDbs == NULL || pUser->writeDbs == NULL || pUser->topics == NULL) goto _OVER; @@ -320,7 +320,7 @@ static SSdbRow *mndUserActionDecode(SSdbRaw *pRaw) { } } - if(sver >= 3){ + if (sver >= 3) { for (int32_t i = 0; i < numOfReadStbs; ++i) { int32_t keyLen = 0; SDB_GET_INT32(pRaw, dataPos, &keyLen, _OVER); @@ -411,7 +411,7 @@ SHashObj *mndDupTableHash(SHashObj *pOld) { char *tb = taosHashIterate(pOld, NULL); while (tb != NULL) { size_t keyLen = 0; - char *key = taosHashGetKey(tb, &keyLen); + char *key = taosHashGetKey(tb, &keyLen); int32_t valueLen = strlen(tb) + 1; if (taosHashPut(pNew, key, keyLen, tb, valueLen) != 0) { @@ -647,7 +647,7 @@ SHashObj *mndDupDbHash(SHashObj *pOld) { return mndDupObjHash(pOld, TSDB_DB_FNAM SHashObj *mndDupTopicHash(SHashObj *pOld) { return mndDupObjHash(pOld, TSDB_TOPIC_FNAME_LEN); } -static int32_t mndTagPriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq){ +static int32_t mndTagPriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq) { char tbFName[TSDB_TABLE_FNAME_LEN] = {0}; snprintf(tbFName, TSDB_TABLE_FNAME_LEN, "%s.%s", alterReq->objname, alterReq->tabName); int32_t len = strlen(tbFName) + 1; @@ -657,13 +657,13 @@ static int32_t mndTagPriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *a mndReleaseStb(pMnode, pStb); return -1; } - if(alterReq->tagCond == NULL){ + if (alterReq->tagCond == NULL) { mndReleaseStb(pMnode, pStb); return -1; } char *value = taosHashGet(hash, tbFName, len); - if(value != NULL){ + if (value != NULL) { mndReleaseStb(pMnode, pStb); terrno = TSDB_CODE_MND_PRIVILEDGE_EXIST; return -1; @@ -678,16 +678,16 @@ static int32_t mndTagPriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *a return 0; } -static int32_t mndTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq, SSdb *pSdb){ - void *pIter = NULL; - char tbFName[TSDB_TABLE_FNAME_LEN] = {0}; +static int32_t mndTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq, SSdb *pSdb) { + void *pIter = NULL; + char tbFName[TSDB_TABLE_FNAME_LEN] = {0}; snprintf(tbFName, sizeof(tbFName), "%s.%s", alterReq->objname, alterReq->tabName); int32_t len = strlen(tbFName) + 1; - if(alterReq->tagCond != NULL && alterReq->tagCondLen != 0){ + if (alterReq->tagCond != NULL && alterReq->tagCondLen != 0) { char *value = taosHashGet(hash, tbFName, len); - if(value != NULL){ + if (value != NULL) { terrno = TSDB_CODE_MND_PRIVILEDGE_EXIST; return -1; } @@ -696,8 +696,7 @@ static int32_t mndTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq if (taosHashPut(hash, tbFName, len, alterReq->tagCond, condLen) != 0) { return -1; } - } - else{ + } else { if (taosHashPut(hash, tbFName, len, "t", 2) != 0) { return -1; } @@ -706,9 +705,9 @@ static int32_t mndTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq return 0; } -static int32_t mndRemoveTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq, SSdb *pSdb){ - void *pIter = NULL; - char tbFName[TSDB_TABLE_FNAME_LEN] = {0}; +static int32_t mndRemoveTablePriviledge(SMnode *pMnode, SHashObj *hash, SAlterUserReq *alterReq, SSdb *pSdb) { + void *pIter = NULL; + char tbFName[TSDB_TABLE_FNAME_LEN] = {0}; snprintf(tbFName, sizeof(tbFName), "%s.%s", alterReq->objname, alterReq->tabName); int32_t len = strlen(tbFName) + 1; @@ -859,21 +858,21 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { } if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TABLE) { - if(mndTablePriviledge(pMnode, newUser.readTbs, &alterReq, pSdb) != 0) goto _OVER; + if (mndTablePriviledge(pMnode, newUser.readTbs, &alterReq, pSdb) != 0) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TABLE) { - if(mndTablePriviledge(pMnode, newUser.writeTbs, &alterReq, pSdb) != 0) goto _OVER; + if (mndTablePriviledge(pMnode, newUser.writeTbs, &alterReq, pSdb) != 0) goto _OVER; } - if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TABLE || + if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TABLE || alterReq.alterType == TSDB_ALTER_USER_REMOVE_READ_TAG) { - if(mndRemoveTablePriviledge(pMnode, newUser.readTbs, &alterReq, pSdb) != 0) goto _OVER; + if (mndRemoveTablePriviledge(pMnode, newUser.readTbs, &alterReq, pSdb) != 0) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TABLE || - alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TAG ) { - if(mndRemoveTablePriviledge(pMnode, newUser.writeTbs, &alterReq, pSdb) != 0) goto _OVER; + alterReq.alterType == TSDB_ALTER_USER_REMOVE_WRITE_TAG) { + if (mndRemoveTablePriviledge(pMnode, newUser.writeTbs, &alterReq, pSdb) != 0) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC) { @@ -887,11 +886,11 @@ static int32_t mndProcessAlterUserReq(SRpcMsg *pReq) { } if (alterReq.alterType == TSDB_ALTER_USER_ADD_READ_TAG) { - if(mndTagPriviledge(pMnode, newUser.readTbs, &alterReq) != 0) goto _OVER; + if (mndTagPriviledge(pMnode, newUser.readTbs, &alterReq) != 0) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_ADD_WRITE_TAG) { - if(mndTagPriviledge(pMnode, newUser.writeTbs, &alterReq) != 0) goto _OVER; + if (mndTagPriviledge(pMnode, newUser.writeTbs, &alterReq) != 0) goto _OVER; } if (alterReq.alterType == TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC) { @@ -1077,10 +1076,11 @@ static void mndCancelGetNextUser(SMnode *pMnode, void *pIter) { sdbCancelFetch(pSdb, pIter); } -static void mndLoopHash(SHashObj * hash, char *priType, SSDataBlock *pBlock, int32_t *numOfRows, char *user, SShowObj *pShow){ - char *value = taosHashIterate(hash, NULL); +static void mndLoopHash(SHashObj *hash, char *priType, SSDataBlock *pBlock, int32_t *numOfRows, char *user, + SShowObj *pShow) { + char *value = taosHashIterate(hash, NULL); int32_t cols = 0; - + while (value != NULL) { cols = 0; char userName[TSDB_USER_LEN + VARSTR_HEADER_SIZE] = {0}; @@ -1092,53 +1092,51 @@ static void mndLoopHash(SHashObj * hash, char *priType, SSDataBlock *pBlock, int STR_WITH_MAXSIZE_TO_VARSTR(privilege, priType, pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)privilege, false); - + size_t keyLen = 0; void *key = taosHashGetKey(value, &keyLen); - char dbName[TSDB_DB_NAME_LEN] = {0}; + char dbName[TSDB_DB_NAME_LEN] = {0}; mndExtractShortDbNameFromStbFullName(key, dbName); - char dbNameContent[TSDB_DB_NAME_LEN + VARSTR_HEADER_SIZE] = {0}; + char dbNameContent[TSDB_DB_NAME_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(dbNameContent, dbName, pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)dbNameContent, false); - char tableName[TSDB_TABLE_NAME_LEN] = {0}; + char tableName[TSDB_TABLE_NAME_LEN] = {0}; mndExtractTbNameFromStbFullName(key, tableName, TSDB_TABLE_NAME_LEN); - char tableNameContent[TSDB_TABLE_NAME_LEN + VARSTR_HEADER_SIZE] = {0}; + char tableNameContent[TSDB_TABLE_NAME_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(tableNameContent, tableName, pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)tableNameContent, false); - if(strcmp("t", value) != 0){ + if (strcmp("t", value) != 0) { SNode *pAst = NULL; int32_t sqlLen = 0; - char sql[TSDB_EXPLAIN_RESULT_ROW_SIZE] = {0}; + char sql[TSDB_EXPLAIN_RESULT_ROW_SIZE] = {0}; - if(nodesStringToNode(value, &pAst) == 0) { + if (nodesStringToNode(value, &pAst) == 0) { nodesNodeToSQL(pAst, sql, TSDB_EXPLAIN_RESULT_ROW_SIZE, &sqlLen); nodesDestroyNode(pAst); - } - else{ + } else { sqlLen = 5; sprintf(sql, "error"); } - //char *obj = taosMemoryMalloc(sqlLen + VARSTR_HEADER_SIZE + 1); - char obj[TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE] = {0}; + // char *obj = taosMemoryMalloc(sqlLen + VARSTR_HEADER_SIZE + 1); + char obj[TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(obj, sql, pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)obj, false); - //taosMemoryFree(obj); - } - else{ + // taosMemoryFree(obj); + } else { char condition[20] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, *numOfRows, (const char *)condition, false); } - + (*numOfRows)++; value = taosHashIterate(hash, value); } @@ -1180,12 +1178,12 @@ static int32_t mndRetrievePrivileges(SRpcMsg *pReq, SShowObj *pShow, SSDataBlock pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)objName, false); - char tableName[20] = {0}; + char tableName[TSDB_TABLE_NAME_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(tableName, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)tableName, false); - char condition[20] = {0}; + char condition[TSDB_PRIVILEDGE_CONDITION_LEN + VARSTR_HEADER_SIZE] = {0}; STR_WITH_MAXSIZE_TO_VARSTR(condition, "", pShow->pMeta->pSchemas[cols].bytes); pColInfo = taosArrayGet(pBlock->pDataBlock, cols++); colDataSetVal(pColInfo, numOfRows, (const char *)condition, false); diff --git a/source/libs/parser/src/parInsertSql.c b/source/libs/parser/src/parInsertSql.c index c97090dd48475c0e0eac5353f71f3cdbc6f0cec2..d734479b9852f85f0d83536c8dcde5a5bc84de98 100644 --- a/source/libs/parser/src/parInsertSql.c +++ b/source/libs/parser/src/parInsertSql.c @@ -837,32 +837,31 @@ static int32_t parseUsingClauseBottom(SInsertParseContext* pCxt, SVnodeModifyOpS return code; } +static void setUserAuthInfo(SParseContext* pCxt, SName* pTbName, SUserAuthInfo* pInfo) { + snprintf(pInfo->user, sizeof(pInfo->user), "%s", pCxt->pUser); + memcpy(&pInfo->tbName, pTbName, sizeof(SName)); + pInfo->type = AUTH_TYPE_WRITE; +} + static int32_t checkAuth(SParseContext* pCxt, SName* pTbName, bool* pMissCache) { - char dbFName[TSDB_DB_FNAME_LEN]; - tNameGetFullDbName(pTbName, dbFName); - int32_t code = TSDB_CODE_SUCCESS; - bool pass = true; - bool exists = true; + int32_t code = TSDB_CODE_SUCCESS; + SUserAuthInfo authInfo = {0}; + setUserAuthInfo(pCxt, pTbName, &authInfo); + SUserAuthRes authRes = {0}; + bool exists = true; if (pCxt->async) { - SUserAuthInfo authInfo = {0}; - SUserAuthRes authRes = {0}; -// code = catalogChkAuthFromCache(pCxt->pCatalog, pCxt->pUser, dbFName, AUTH_TYPE_WRITE, &pass, &exists); code = catalogChkAuthFromCache(pCxt->pCatalog, &authInfo, &authRes, &exists); } else { SRequestConnInfo conn = {.pTrans = pCxt->pTransporter, .requestId = pCxt->requestId, .requestObjRefId = pCxt->requestRid, .mgmtEps = pCxt->mgmtEpSet}; - SUserAuthInfo authInfo = {0}; - SUserAuthRes authRes = {0}; - //code = catalogChkAuth(pCxt->pCatalog, &conn, pCxt->pUser, dbFName, AUTH_TYPE_WRITE, &pass); code = catalogChkAuth(pCxt->pCatalog, &conn, &authInfo, &authRes); - } if (TSDB_CODE_SUCCESS == code) { if (!exists) { *pMissCache = true; - } else if (!pass) { + } else if (!authRes.pass) { code = TSDB_CODE_PAR_PERMISSION_DENIED; } } @@ -2023,7 +2022,7 @@ static int32_t buildInsertUserAuthReq(const char* pUser, SName* pName, SArray** SUserAuthInfo userAuth = {.type = AUTH_TYPE_WRITE}; snprintf(userAuth.user, sizeof(userAuth.user), "%s", pUser); - //tNameGetFullDbName(pName, userAuth.dbFName); + // tNameGetFullDbName(pName, userAuth.dbFName); taosArrayPush(*pUserAuth, &userAuth); return TSDB_CODE_SUCCESS; diff --git a/source/libs/parser/src/parTranslater.c b/source/libs/parser/src/parTranslater.c index cf621ef166922548ca3fabdf6f9d96c7900d28c3..b8b445a33547a8b6c6c95e8212459f9a038d329c 100644 --- a/source/libs/parser/src/parTranslater.c +++ b/source/libs/parser/src/parTranslater.c @@ -976,7 +976,8 @@ static EDealRes translateColumnUseAlias(STranslateContext* pCxt, SColumnNode** p } static EDealRes translateColumn(STranslateContext* pCxt, SColumnNode** pCol) { - if (NULL == pCxt->pCurrStmt || isSelectStmt(pCxt->pCurrStmt) && NULL == ((SSelectStmt*)pCxt->pCurrStmt)->pFromTable) { + if (NULL == pCxt->pCurrStmt || + (isSelectStmt(pCxt->pCurrStmt) && NULL == ((SSelectStmt*)pCxt->pCurrStmt)->pFromTable)) { return generateDealNodeErrMsg(pCxt, TSDB_CODE_PAR_INVALID_COLUMN, (*pCol)->colName); } @@ -6449,6 +6450,48 @@ static int32_t translateDropFunction(STranslateContext* pCxt, SDropFunctionStmt* return buildCmdMsg(pCxt, TDMT_MND_DROP_FUNC, (FSerializeFunc)tSerializeSDropFuncReq, &req); } +static int32_t createRealTableForGrantTable(SGrantStmt* pStmt, SRealTableNode** pTable) { + SRealTableNode* pRealTable = (SRealTableNode*)nodesMakeNode(QUERY_NODE_REAL_TABLE); + if (NULL == pRealTable) { + return TSDB_CODE_OUT_OF_MEMORY; + } + strcpy(pRealTable->table.dbName, pStmt->objName); + strcpy(pRealTable->table.tableName, pStmt->tabName); + strcpy(pRealTable->table.tableAlias, pStmt->tabName); + *pTable = pRealTable; + return TSDB_CODE_SUCCESS; +} + +static int32_t translateGrantTagCond(STranslateContext* pCxt, SGrantStmt* pStmt, SAlterUserReq* pReq) { + if (NULL == pStmt->pTagCond) { + return TSDB_CODE_SUCCESS; + } + if ('\0' == pStmt->tabName[0] || '*' == pStmt->tabName[0]) { + return generateSyntaxErrMsgExt(&pCxt->msgBuf, TSDB_CODE_PAR_SYNTAX_ERROR, + "The With clause can only be used for table level privilege"); + } + + pCxt->pCurrStmt = (SNode*)pStmt; + SRealTableNode* pTable = NULL; + int32_t code = createRealTableForGrantTable(pStmt, &pTable); + if (TSDB_CODE_SUCCESS == code) { + SName name; + code = getTableMetaImpl(pCxt, toName(pCxt->pParseCxt->acctId, pTable->table.dbName, pTable->table.tableName, &name), + &(pTable->pMeta)); + } + if (TSDB_CODE_SUCCESS == code) { + code = addNamespace(pCxt, pTable); + } + if (TSDB_CODE_SUCCESS == code) { + code = translateExpr(pCxt, &pStmt->pTagCond); + } + if (TSDB_CODE_SUCCESS == code) { + code = nodesNodeToString(pStmt->pTagCond, false, &pReq->tagCond, &pReq->tagCondLen); + } + nodesDestroyNode((SNode*)pTable); + return code; +} + static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) { SAlterUserReq req = {0}; if (BIT_FLAG_TEST_MASK(pStmt->privileges, PRIVILEGE_TYPE_ALL) || @@ -6465,10 +6508,7 @@ static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) { strcpy(req.user, pStmt->userName); sprintf(req.objname, "%d.%s", pCxt->pParseCxt->acctId, pStmt->objName); sprintf(req.tabName, "%s", pStmt->tabName); - int32_t code = TSDB_CODE_SUCCESS; - if (NULL != pStmt->pTagCond) { - code = nodesNodeToString(pStmt->pTagCond, false, &req.tagCond, &req.tagCondLen); - } + int32_t code = translateGrantTagCond(pCxt, pStmt, &req); if (TSDB_CODE_SUCCESS == code) { code = buildCmdMsg(pCxt, TDMT_MND_ALTER_USER, (FSerializeFunc)tSerializeSAlterUserReq, &req); }