Merge pull request #19057 from taosdata/fix/main_bugfix_wxy

fix: show tables/stables privilege error

Merge pull request #19057 from taosdata/fix/main_bugfix_wxy
fix: show tables/stables privilege error
bc7e3252 · Shengliang Guan · GitHub · 5441dae3 · 21af5e12 · bc7e3252
3 changed file
--- a/source/libs/parser/src/parAstParser.c
+++ b/source/libs/parser/src/parAstParser.c
@@ -434,7 +434,7 @@ static int32_t collectMetaKeyFromShowStables(SCollectMetaKeyCxt* pCxt, SShowStmt
                                         pCxt->pMetaCache);
  if (TSDB_CODE_SUCCESS == code) {
    code = reserveUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser,
-                                  ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ, pCxt->pMetaCache);
+                                  ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ_OR_WRITE, pCxt->pMetaCache);
  }
  return code;
 }
@@ -452,7 +452,7 @@ static int32_t collectMetaKeyFromShowTables(SCollectMetaKeyCxt* pCxt, SShowStmt*
  }
  if (TSDB_CODE_SUCCESS == code) {
    code = reserveUserAuthInCache(pCxt->pParseCxt->acctId, pCxt->pParseCxt->pUser,
-                                  ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ, pCxt->pMetaCache);
+                                  ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ_OR_WRITE, pCxt->pMetaCache);
  }
  return code;
 }

--- a/source/libs/parser/src/parAuthenticator.c
+++ b/source/libs/parser/src/parAuthenticator.c
@@ -97,7 +97,7 @@ static int32_t authInsert(SAuthCxt* pCxt, SInsertStmt* pInsert) {
 }

 static int32_t authShowTables(SAuthCxt* pCxt, SShowStmt* pStmt) {
-  return checkAuth(pCxt, ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ);
+  return checkAuth(pCxt, ((SValueNode*)pStmt->pDbName)->literal, AUTH_TYPE_READ_OR_WRITE);
 }

 static int32_t authShowCreateTable(SAuthCxt* pCxt, SShowCreateTableStmt* pStmt) {

--- a/tests/system-test/0-others/user_control.py
+++ b/tests/system-test/0-others/user_control.py
@@ -283,7 +283,7 @@ class TDTestCase:
                use.error(f"insert into {DBNAME}.{CTBNAME} (ts) values (now())")
            elif check_priv == PRIVILEGES_WRITE:
                use.query(f"use {DBNAME}")
-                use.error(f"show {DBNAME}.tables")
+                use.query(f"show {DBNAME}.tables")
                use.error(f"select * from {DBNAME}.{CTBNAME}")
                use.query(f"insert into {DBNAME}.{CTBNAME} (ts) values (now())")
            elif check_priv is None: