Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
taosdata
TDengine
提交
6825b196
T
TDengine
项目概览
taosdata
/
TDengine
大约 2 年 前同步成功
通知
1192
Star
22018
Fork
4786
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
TDengine
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
6825b196
编写于
4月 04, 2023
作者:
X
Xiaoyu Wang
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
feat: table level write privilege check
上级
248e931b
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
123 addition
and
6 deletion
+123
-6
include/common/tmsg.h
include/common/tmsg.h
+2
-0
source/libs/parser/src/parInsertSql.c
source/libs/parser/src/parInsertSql.c
+115
-0
source/libs/parser/src/parTranslater.c
source/libs/parser/src/parTranslater.c
+6
-6
未找到文件。
include/common/tmsg.h
浏览文件 @
6825b196
...
...
@@ -185,6 +185,8 @@ typedef enum _mgmt_table {
#define TSDB_ALTER_USER_REMOVE_READ_TAG 0x12
#define TSDB_ALTER_USER_ADD_WRITE_TAG 0x13
#define TSDB_ALTER_USER_REMOVE_WRITE_TAG 0x14
#define TSDB_ALTER_USER_ADD_ALL_TABLE 0x15
#define TSDB_ALTER_USER_REMOVE_ALL_TABLE 0x16
#define TSDB_ALTER_USER_PRIVILEGES 0x2
...
...
source/libs/parser/src/parInsertSql.c
浏览文件 @
6825b196
...
...
@@ -15,6 +15,7 @@
#include "parInsertUtil.h"
#include "parToken.h"
#include "scalar.h"
#include "tglobal.h"
#include "ttime.h"
...
...
@@ -565,6 +566,120 @@ static int32_t checkAndTrimValue(SToken* pToken, char* tmpTokenBuf, SMsgBuf* pMs
return
TSDB_CODE_SUCCESS
;
}
typedef
struct
SRewriteTagCondCxt
{
SArray
*
pTagVals
;
SArray
*
pTagName
;
int32_t
code
;
}
SRewriteTagCondCxt
;
static
int32_t
rewriteTagCondColumnImpl
(
STagVal
*
pVal
,
SNode
**
pNode
)
{
SValueNode
*
pValue
=
(
SValueNode
*
)
nodesMakeNode
(
QUERY_NODE_VALUE
);
if
(
NULL
==
pValue
)
{
return
TSDB_CODE_OUT_OF_MEMORY
;
}
pValue
->
node
.
resType
.
type
=
pVal
->
type
;
switch
(
pVal
->
type
)
{
case
TSDB_DATA_TYPE_BOOL
:
pValue
->
datum
.
b
=
*
(
int8_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_TINYINT
:
pValue
->
datum
.
i
=
*
(
int8_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_SMALLINT
:
pValue
->
datum
.
i
=
*
(
int16_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_INT
:
pValue
->
datum
.
i
=
*
(
int32_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_BIGINT
:
pValue
->
datum
.
i
=
pVal
->
i64
;
break
;
case
TSDB_DATA_TYPE_FLOAT
:
pValue
->
datum
.
d
=
*
(
float
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_DOUBLE
:
pValue
->
datum
.
d
=
*
(
double
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_VARCHAR
:
case
TSDB_DATA_TYPE_NCHAR
:
pValue
->
datum
.
p
=
taosMemoryCalloc
(
1
,
pVal
->
nData
+
VARSTR_HEADER_SIZE
);
if
(
NULL
==
pValue
->
datum
.
p
)
{
return
TSDB_CODE_OUT_OF_MEMORY
;
}
varDataSetLen
(
pValue
->
datum
.
p
,
pVal
->
nData
);
memcpy
(
varDataVal
(
pValue
->
datum
.
p
),
pVal
->
pData
,
pVal
->
nData
);
break
;
case
TSDB_DATA_TYPE_TIMESTAMP
:
pValue
->
datum
.
i
=
pVal
->
i64
;
break
;
case
TSDB_DATA_TYPE_UTINYINT
:
pValue
->
datum
.
i
=
*
(
uint8_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_USMALLINT
:
pValue
->
datum
.
i
=
*
(
uint16_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_UINT
:
pValue
->
datum
.
i
=
*
(
uint32_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_UBIGINT
:
pValue
->
datum
.
i
=
*
(
uint64_t
*
)(
&
pVal
->
i64
);
break
;
case
TSDB_DATA_TYPE_JSON
:
case
TSDB_DATA_TYPE_VARBINARY
:
case
TSDB_DATA_TYPE_DECIMAL
:
case
TSDB_DATA_TYPE_BLOB
:
case
TSDB_DATA_TYPE_MEDIUMBLOB
:
default:
return
TSDB_CODE_FAILED
;
}
return
TSDB_CODE_SUCCESS
;
}
static
int32_t
rewriteTagCondColumn
(
SArray
*
pTagVals
,
SArray
*
pTagName
,
SNode
**
pNode
)
{
SColumnNode
*
pCol
=
(
SColumnNode
*
)
*
pNode
;
int32_t
ntags
=
taosArrayGetSize
(
pTagName
);
for
(
int32_t
i
=
0
;
i
<
ntags
;
++
i
)
{
char
*
pTagColName
=
taosArrayGet
(
pTagName
,
i
);
if
(
0
==
strcmp
(
pTagColName
,
pCol
->
colName
))
{
return
rewriteTagCondColumnImpl
(
taosArrayGet
(
pTagVals
,
i
),
pNode
);
}
}
return
TSDB_CODE_PAR_PERMISSION_DENIED
;
}
static
EDealRes
rewriteTagCond
(
SNode
**
pNode
,
void
*
pContext
)
{
if
(
QUERY_NODE_COLUMN
==
nodeType
(
*
pNode
))
{
SRewriteTagCondCxt
*
pCxt
=
pContext
;
pCxt
->
code
=
rewriteTagCondColumn
(
pCxt
->
pTagVals
,
pCxt
->
pTagName
,
pNode
);
return
(
TSDB_CODE_SUCCESS
==
pCxt
->
code
?
DEAL_RES_IGNORE_CHILD
:
DEAL_RES_ERROR
);
}
return
DEAL_RES_CONTINUE
;
}
static
int32_t
setTagVal
(
SArray
*
pTagVals
,
SArray
*
pTagName
,
SNode
*
pCond
)
{
SRewriteTagCondCxt
cxt
=
{.
code
=
TSDB_CODE_SUCCESS
,
.
pTagVals
=
pTagVals
,
.
pTagName
=
pTagName
};
nodesRewriteExpr
(
&
pCond
,
rewriteTagCond
,
&
cxt
);
return
cxt
.
code
;
}
static
int32_t
checkTagCondResult
(
SNode
*
pResult
)
{
return
(
QUERY_NODE_VALUE
==
nodeType
(
pResult
)
&&
((
SValueNode
*
)
pResult
)
->
datum
.
b
)
?
TSDB_CODE_SUCCESS
:
TSDB_CODE_PAR_PERMISSION_DENIED
;
}
int32_t
checkSubtablePrivilege
(
SArray
*
pTagVals
,
SArray
*
pTagName
,
SNode
*
pCond
)
{
int32_t
code
=
setTagVal
(
pTagVals
,
pTagName
,
pCond
);
SNode
*
pNew
=
NULL
;
if
(
TSDB_CODE_SUCCESS
==
code
)
{
code
=
scalarCalculateConstants
(
pCond
,
&
pNew
);
}
if
(
TSDB_CODE_SUCCESS
==
code
)
{
code
=
checkTagCondResult
(
pNew
);
}
nodesDestroyNode
(
pNew
);
return
code
;
}
// pSql -> tag1_value, ...)
static
int32_t
parseTagsClauseImpl
(
SInsertParseContext
*
pCxt
,
SVnodeModifyOpStmt
*
pStmt
)
{
int32_t
code
=
TSDB_CODE_SUCCESS
;
...
...
source/libs/parser/src/parTranslater.c
浏览文件 @
6825b196
...
...
@@ -6454,11 +6454,11 @@ static int32_t translateGrant(STranslateContext* pCxt, SGrantStmt* pStmt) {
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_ALL
)
||
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_READ
)
&&
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_WRITE
)))
{
req
.
alterType
=
TSDB_ALTER_USER_ADD_ALL_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_ADD_ALL_DB
:
TSDB_ALTER_USER_ADD_ALL_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_READ
))
{
req
.
alterType
=
TSDB_ALTER_USER_ADD_READ_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_ADD_READ_DB
:
TSDB_ALTER_USER_ADD_READ_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_WRITE
))
{
req
.
alterType
=
TSDB_ALTER_USER_ADD_WRITE_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_ADD_WRITE_DB
:
TSDB_ALTER_USER_ADD_WRITE_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_SUBSCRIBE
))
{
req
.
alterType
=
TSDB_ALTER_USER_ADD_SUBSCRIBE_TOPIC
;
}
...
...
@@ -6480,11 +6480,11 @@ static int32_t translateRevoke(STranslateContext* pCxt, SRevokeStmt* pStmt) {
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_ALL
)
||
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_READ
)
&&
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_WRITE
)))
{
req
.
alterType
=
TSDB_ALTER_USER_REMOVE_ALL_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_REMOVE_ALL_DB
:
TSDB_ALTER_USER_REMOVE_ALL_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_READ
))
{
req
.
alterType
=
TSDB_ALTER_USER_REMOVE_READ_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_REMOVE_READ_DB
:
TSDB_ALTER_USER_REMOVE_READ_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_WRITE
))
{
req
.
alterType
=
TSDB_ALTER_USER_REMOVE_WRITE_DB
;
req
.
alterType
=
(
'\0'
==
pStmt
->
tabName
[
0
]
?
TSDB_ALTER_USER_REMOVE_WRITE_DB
:
TSDB_ALTER_USER_REMOVE_WRITE_TABLE
)
;
}
else
if
(
BIT_FLAG_TEST_MASK
(
pStmt
->
privileges
,
PRIVILEGE_TYPE_SUBSCRIBE
))
{
req
.
alterType
=
TSDB_ALTER_USER_REMOVE_SUBSCRIBE_TOPIC
;
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
