Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
taosdata
TDengine
提交
57923c69
T
TDengine
项目概览
taosdata
/
TDengine
大约 1 年 前同步成功
通知
1184
Star
22015
Fork
4786
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
TDengine
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
57923c69
编写于
12月 12, 2019
作者:
S
slguan
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[TBASE-1305]
上级
69db6f24
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
120 addition
and
33 deletion
+120
-33
src/system/detail/src/mgmtShell.c
src/system/detail/src/mgmtShell.c
+120
-33
未找到文件。
src/system/detail/src/mgmtShell.c
浏览文件 @
57923c69
...
...
@@ -677,77 +677,164 @@ int mgmtProcessAlterUserMsg(char *pMsg, int msgLen, SConnObj *pConn) {
SAlterUserMsg
*
pAlter
=
(
SAlterUserMsg
*
)
pMsg
;
int
code
=
0
;
SUserObj
*
pUser
;
SUserObj
*
pOperUser
;
if
(
mgmtCheckRedirectMsg
(
pConn
,
TSDB_MSG_TYPE_ALTER_USER_RSP
)
!=
0
)
{
return
0
;
}
pUser
=
mgmtGetUser
(
pAlter
->
user
);
pOperUser
=
mgmtGetUser
(
pConn
->
pUser
->
user
);
if
(
pUser
==
NULL
)
{
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
TSDB_CODE_INVALID_USER
);
return
0
;
}
if
(
strcmp
(
pUser
->
user
,
"monitor"
)
==
0
||
strcmp
(
pUser
->
user
,
"stream"
)
==
0
)
{
if
(
pOperUser
==
NULL
)
{
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
TSDB_CODE_INVALID_USER
);
return
0
;
}
if
(
strcmp
(
pUser
->
user
,
"monitor"
)
==
0
||
(
strcmp
(
pUser
->
user
+
1
,
pUser
->
acct
)
==
0
&&
pUser
->
user
[
0
]
==
'_'
))
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
else
if
((
strcmp
(
pUser
->
user
,
pConn
->
pUser
->
user
)
==
0
)
||
((
strcmp
(
pUser
->
acct
,
pConn
->
pAcct
->
user
)
==
0
)
&&
pConn
->
superAuth
)
||
(
strcmp
(
pConn
->
pUser
->
user
,
"root"
)
==
0
))
{
if
((
pAlter
->
flag
&
TSDB_ALTER_USER_PASSWD
)
!=
0
)
{
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
code
);
return
0
;
}
if
((
pAlter
->
flag
&
TSDB_ALTER_USER_PASSWD
)
!=
0
)
{
bool
hasRight
=
false
;
if
(
strcmp
(
pOperUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
true
;
}
else
if
(
strcmp
(
pUser
->
user
,
pOperUser
->
user
)
==
0
)
{
hasRight
=
true
;
}
else
if
(
pOperUser
->
superAuth
)
{
if
(
strcmp
(
pUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
strcmp
(
pOperUser
->
acct
,
pUser
->
acct
)
!=
0
)
{
hasRight
=
false
;
}
else
{
hasRight
=
true
;
}
}
if
(
hasRight
)
{
memset
(
pUser
->
pass
,
0
,
sizeof
(
pUser
->
pass
));
taosEncryptPass
(
pAlter
->
pass
,
strlen
(
pAlter
->
pass
),
pUser
->
pass
);
code
=
mgmtUpdateUser
(
pUser
);
mLPrint
(
"user:%s password is altered by %s, code:%d"
,
pAlter
->
user
,
pConn
->
pUser
->
user
,
code
);
}
else
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
if
((
pAlter
->
flag
&
TSDB_ALTER_USER_PRIVILEGES
)
!=
0
)
{
if
(
pAlter
->
privilege
==
1
)
{
// super
pUser
->
superAuth
=
1
;
pUser
->
writeAuth
=
1
;
}
if
(
pAlter
->
privilege
==
2
)
{
// read
pUser
->
superAuth
=
0
;
pUser
->
writeAuth
=
0
;
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
code
);
return
0
;
}
if
((
pAlter
->
flag
&
TSDB_ALTER_USER_PRIVILEGES
)
!=
0
)
{
bool
hasRight
=
false
;
if
(
strcmp
(
pUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
strcmp
(
pOperUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
true
;
}
else
if
(
strcmp
(
pUser
->
user
,
pOperUser
->
user
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
pOperUser
->
superAuth
)
{
if
(
strcmp
(
pUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
strcmp
(
pOperUser
->
acct
,
pUser
->
acct
)
!=
0
)
{
hasRight
=
false
;
}
else
{
hasRight
=
true
;
}
if
(
pAlter
->
privilege
==
3
)
{
// write
pUser
->
superAuth
=
0
;
pUser
->
writeAuth
=
1
;
}
if
(
hasRight
)
{
if
((
pAlter
->
flag
&
TSDB_ALTER_USER_PRIVILEGES
)
!=
0
)
{
if
(
pAlter
->
privilege
==
1
)
{
// super
pUser
->
superAuth
=
1
;
pUser
->
writeAuth
=
1
;
}
if
(
pAlter
->
privilege
==
2
)
{
// read
pUser
->
superAuth
=
0
;
pUser
->
writeAuth
=
0
;
}
if
(
pAlter
->
privilege
==
3
)
{
// write
pUser
->
superAuth
=
0
;
pUser
->
writeAuth
=
1
;
}
}
code
=
mgmtUpdateUser
(
pUser
);
mLPrint
(
"user:%s privilege is altered by %s, code:%d"
,
pAlter
->
user
,
pConn
->
pUser
->
user
,
code
);
}
else
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
code
=
mgmtUpdateUser
(
pUser
);
mLPrint
(
"user:%s is altered by %s"
,
pAlter
->
user
,
pConn
->
pUser
->
user
);
}
else
{
code
=
TSDB_CODE_NO_RIGHTS
;
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
code
);
return
0
;
}
code
=
TSDB_CODE_NO_RIGHTS
;
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_ALTER_USER_RSP
,
code
);
return
0
;
}
int
mgmtProcessDropUserMsg
(
char
*
pMsg
,
int
msgLen
,
SConnObj
*
pConn
)
{
SDropUserMsg
*
pDrop
=
(
SDropUserMsg
*
)
pMsg
;
int
code
=
0
;
SUserObj
*
pUser
;
SUserObj
*
pOperUser
;
if
(
mgmtCheckRedirectMsg
(
pConn
,
TSDB_MSG_TYPE_DROP_USER_RSP
)
!=
0
)
{
return
0
;
}
if
(
strcmp
(
pConn
->
pUser
->
user
,
pDrop
->
user
)
==
0
)
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
else
if
(
strcmp
(
pDrop
->
user
,
"monitor"
)
==
0
||
strcmp
(
pDrop
->
user
,
"stream"
)
==
0
)
{
pUser
=
mgmtGetUser
(
pDrop
->
user
);
pOperUser
=
mgmtGetUser
(
pConn
->
pUser
->
user
);
if
(
pUser
==
NULL
)
{
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_DROP_USER_RSP
,
TSDB_CODE_INVALID_USER
);
return
0
;
}
if
(
pOperUser
==
NULL
)
{
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_DROP_USER_RSP
,
TSDB_CODE_INVALID_USER
);
return
0
;
}
if
(
strcmp
(
pUser
->
user
,
"monitor"
)
==
0
||
(
strcmp
(
pUser
->
user
+
1
,
pUser
->
acct
)
==
0
&&
pUser
->
user
[
0
]
==
'_'
))
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
else
{
if
(
pConn
->
superAuth
)
{
code
=
mgmtDropUser
(
pConn
->
pAcct
,
pDrop
->
user
);
if
(
code
==
0
)
{
mLPrint
(
"user:%s is dropped by %s"
,
pDrop
->
user
,
pConn
->
pUser
->
user
);
}
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_DROP_USER_RSP
,
code
);
return
0
;
}
bool
hasRight
=
false
;
if
(
strcmp
(
pUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
strcmp
(
pOperUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
true
;
}
else
if
(
strcmp
(
pUser
->
user
,
pOperUser
->
user
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
pOperUser
->
superAuth
)
{
if
(
strcmp
(
pUser
->
user
,
"root"
)
==
0
)
{
hasRight
=
false
;
}
else
if
(
strcmp
(
pOperUser
->
acct
,
pUser
->
acct
)
!=
0
)
{
hasRight
=
false
;
}
else
{
code
=
TSDB_CODE_NO_RIGHTS
;
hasRight
=
true
;
}
}
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_DROP_USER_RSP
,
code
);
if
(
hasRight
)
{
code
=
mgmtDropUser
(
pConn
->
pAcct
,
pDrop
->
user
);
if
(
code
==
0
)
{
mLPrint
(
"user:%s is dropped by %s"
,
pDrop
->
user
,
pConn
->
pUser
->
user
);
}
}
else
{
code
=
TSDB_CODE_NO_RIGHTS
;
}
taosSendSimpleRsp
(
pConn
->
thandle
,
TSDB_MSG_TYPE_DROP_USER_RSP
,
code
);
return
0
;
}
...
...
@@ -1121,7 +1208,7 @@ void mgmtEstablishConn(SConnObj *pConn) {
atomic_fetch_add_32
(
&
sdbExtConns
,
1
);
pConn
->
stime
=
taosGetTimestampMs
();
if
(
strcmp
(
pConn
->
pUser
->
user
,
"root"
)
==
0
||
strcmp
(
pConn
->
pUser
->
user
,
pConn
->
pAcct
->
user
)
==
0
)
{
if
(
strcmp
(
pConn
->
pUser
->
user
,
"root"
)
==
0
)
{
pConn
->
superAuth
=
1
;
pConn
->
writeAuth
=
1
;
}
else
{
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
