Merge branch 'main' of github.com:taosdata/TDengine into szhou/cenc

f95856be · shenglian zhou · f4ef8dc7 · 998b45ef · f95856be · f95856be
10 changed file
--- a/source/dnode/mgmt/node_mgmt/src/dmNodes.c
+++ b/source/dnode/mgmt/node_mgmt/src/dmNodes.c
@@ -149,10 +149,13 @@ int32_t dmRunDnode(SDnode *pDnode) {
      return 0;
    }

-    if (count == 0) osUpdate();
-
-    count %= 10;
-    count++;
+    if (count == 10) {
+      osUpdate();
+      count = 0;
+    } else {
+      count++;
+    }
+    
    taosMsleep(100);
  }
 }
--- a/source/dnode/mnode/impl/src/mndConsumer.c
+++ b/source/dnode/mnode/impl/src/mndConsumer.c
@@ -554,14 +554,6 @@ static int32_t mndProcessSubscribeReq(SRpcMsg *pMsg) {
      goto SUBSCRIBE_OVER;
    }

-    // check topic only
-#if 0
-    if (mndCheckDbPrivilegeByName(pMnode, pMsg->info.conn.user, MND_OPER_READ_DB, pTopic->db) != 0) {
-      mndReleaseTopic(pMnode, pTopic);
-      goto SUBSCRIBE_OVER;
-    }
-#endif
-
    if (mndCheckTopicPrivilege(pMnode, pMsg->info.conn.user, MND_OPER_SUBSCRIBE, pTopic) != 0) {
      mndReleaseTopic(pMnode, pTopic);
      goto SUBSCRIBE_OVER;

--- a/source/dnode/mnode/impl/src/mndMain.c
+++ b/source/dnode/mnode/impl/src/mndMain.c
@@ -213,6 +213,8 @@ static void mndSetVgroupOffline(SMnode *pMnode, int32_t dnodeId, int64_t curMs)
 }

 static void mndCheckDnodeOffline(SMnode *pMnode) {
+  if (mndAcquireRpc(pMnode) != 0) return;
+
  SSdb   *pSdb = pMnode->pSdb;
  int64_t curMs = taosGetTimestampMs();

@@ -230,6 +232,8 @@ static void mndCheckDnodeOffline(SMnode *pMnode) {

    sdbRelease(pSdb, pDnode);
  }
+
+  mndReleaseRpc(pMnode);
 }

 static void *mndThreadFp(void *param) {

--- a/source/libs/parser/inc/sql.y
+++ b/source/libs/parser/inc/sql.y
@@ -232,7 +232,7 @@ alter_db_option(A) ::= KEEP integer_list(B).
 alter_db_option(A) ::= KEEP variable_list(B).                                     { A.type = DB_OPTION_KEEP; A.pList = B; }
 alter_db_option(A) ::= PAGES NK_INTEGER(B).                                       { A.type = DB_OPTION_PAGES; A.val = B; }
 alter_db_option(A) ::= REPLICA NK_INTEGER(B).                                     { A.type = DB_OPTION_REPLICA; A.val = B; }
-alter_db_option(A) ::= STRICT NK_STRING(B).                                       { A.type = DB_OPTION_STRICT; A.val = B; }
+//alter_db_option(A) ::= STRICT NK_STRING(B).                                       { A.type = DB_OPTION_STRICT; A.val = B; }
 alter_db_option(A) ::= WAL_LEVEL NK_INTEGER(B).                                   { A.type = DB_OPTION_WAL; A.val = B; }
 alter_db_option(A) ::= STT_TRIGGER NK_INTEGER(B).                                 { A.type = DB_OPTION_STT_TRIGGER; A.val = B; }


--- a/source/libs/parser/src/parTranslater.c
+++ b/source/libs/parser/src/parTranslater.c
@@ -2837,7 +2837,7 @@ static int32_t rewriteProjectAlias(SNodeList* pProjectionList) {
  return TSDB_CODE_SUCCESS;
 }

-static int32_t checkProjectAlias(STranslateContext* pCxt, SNodeList* pProjectionList) {
+static int32_t checkProjectAlias(STranslateContext* pCxt, SNodeList* pProjectionList, SHashObj** pOutput) {
  SHashObj* pUserAliasSet = taosHashInit(LIST_LENGTH(pProjectionList),
                                         taosGetDefaultHashFunction(TSDB_DATA_TYPE_BINARY), false, HASH_NO_LOCK);
  SNode*    pProject = NULL;
@@ -2849,13 +2849,17 @@ static int32_t checkProjectAlias(STranslateContext* pCxt, SNodeList* pProjection
    }
    taosHashPut(pUserAliasSet, pExpr->userAlias, strlen(pExpr->userAlias), &pExpr, POINTER_BYTES);
  }
-  taosHashCleanup(pUserAliasSet);
+  if (NULL == pOutput) {
+    taosHashCleanup(pUserAliasSet);
+  } else {
+    *pOutput = pUserAliasSet;
+  }
  return TSDB_CODE_SUCCESS;
 }

 static int32_t translateProjectionList(STranslateContext* pCxt, SSelectStmt* pSelect) {
  if (pSelect->isSubquery) {
-    return checkProjectAlias(pCxt, pSelect->pProjectionList);
+    return checkProjectAlias(pCxt, pSelect->pProjectionList, NULL);
  }
  return rewriteProjectAlias(pSelect->pProjectionList);
 }
@@ -3888,8 +3892,7 @@ static int32_t checkDbKeepOption(STranslateContext* pCxt, SDatabaseOptions* pOpt
      pOptions->keep[0] > tsdbMaxKeep || pOptions->keep[1] > tsdbMaxKeep || pOptions->keep[2] > tsdbMaxKeep) {
    return generateSyntaxErrMsgExt(&pCxt->msgBuf, TSDB_CODE_PAR_INVALID_DB_OPTION,
                                   "Invalid option keep: %" PRId64 ", %" PRId64 ", %" PRId64 " valid range: [%dm, %dm]",
-                                   pOptions->keep[0], pOptions->keep[1], pOptions->keep[2], TSDB_MIN_KEEP,
-                                   tsdbMaxKeep);
+                                   pOptions->keep[0], pOptions->keep[1], pOptions->keep[2], TSDB_MIN_KEEP, tsdbMaxKeep);
  }

  if (!((pOptions->keep[0] <= pOptions->keep[1]) && (pOptions->keep[1] <= pOptions->keep[2]))) {
@@ -4044,7 +4047,7 @@ static int32_t checkDatabaseOptions(STranslateContext* pCxt, const char* pDbName
    code = checkDbPrecisionOption(pCxt, pOptions);
  }
  if (TSDB_CODE_SUCCESS == code) {
-    code = checkDbKeepOption(pCxt, pOptions); // use precision
+    code = checkDbKeepOption(pCxt, pOptions);  // use precision
  }
  if (TSDB_CODE_SUCCESS == code) {
    code = checkDbRangeOption(pCxt, "pages", pOptions->pages, TSDB_MIN_PAGES_PER_VNODE, TSDB_MAX_PAGES_PER_VNODE);
@@ -5504,9 +5507,24 @@ static void getSourceDatabase(SNode* pStmt, int32_t acctId, char* pDbFName) {
  tNameGetFullDbName(&name, pDbFName);
 }

-static int32_t addWstartTsToCreateStreamQuery(SNode* pStmt) {
-  SSelectStmt* pSelect = (SSelectStmt*)pStmt;
-  SNode*       pProj = nodesListGetNode(pSelect->pProjectionList, 0);
+static void getStreamQueryFirstProjectAliasName(SHashObj* pUserAliasSet, char* aliasName, int32_t len) {
+  if (NULL == taosHashGet(pUserAliasSet, "_wstart", strlen("_wstart"))) {
+    snprintf(aliasName, len, "%s", "_wstart");
+    return;
+  }
+  if (NULL == taosHashGet(pUserAliasSet, "ts", strlen("ts"))) {
+    snprintf(aliasName, len, "%s", "ts");
+    return;
+  }
+  do {
+    taosRandStr(aliasName, len - 1);
+    aliasName[len - 1] = '\0';
+  } while (NULL != taosHashGet(pUserAliasSet, aliasName, strlen(aliasName)));
+  return;
+}
+
+static int32_t addWstartTsToCreateStreamQueryImpl(SSelectStmt* pSelect, SHashObj* pUserAliasSet) {
+  SNode* pProj = nodesListGetNode(pSelect->pProjectionList, 0);
  if (NULL == pSelect->pWindow ||
      (QUERY_NODE_FUNCTION == nodeType(pProj) && 0 == strcmp("_wstart", ((SFunctionNode*)pProj)->functionName))) {
    return TSDB_CODE_SUCCESS;
@@ -5516,7 +5534,7 @@ static int32_t addWstartTsToCreateStreamQuery(SNode* pStmt) {
    return TSDB_CODE_OUT_OF_MEMORY;
  }
  strcpy(pFunc->functionName, "_wstart");
-  strcpy(pFunc->node.aliasName, pFunc->functionName);
+  getStreamQueryFirstProjectAliasName(pUserAliasSet, pFunc->node.aliasName, sizeof(pFunc->node.aliasName));
  int32_t code = nodesListPushFront(pSelect->pProjectionList, (SNode*)pFunc);
  if (TSDB_CODE_SUCCESS != code) {
    nodesDestroyNode((SNode*)pFunc);
@@ -5524,6 +5542,17 @@ static int32_t addWstartTsToCreateStreamQuery(SNode* pStmt) {
  return code;
 }

+static int32_t addWstartTsToCreateStreamQuery(STranslateContext* pCxt, SNode* pStmt) {
+  SSelectStmt* pSelect = (SSelectStmt*)pStmt;
+  SHashObj*    pUserAliasSet = NULL;
+  int32_t      code = checkProjectAlias(pCxt, pSelect->pProjectionList, &pUserAliasSet);
+  if (TSDB_CODE_SUCCESS == code) {
+    code = addWstartTsToCreateStreamQueryImpl(pSelect, pUserAliasSet);
+  }
+  taosHashCleanup(pUserAliasSet);
+  return code;
+}
+
 static int32_t addTagsToCreateStreamQuery(STranslateContext* pCxt, SCreateStreamStmt* pStmt, SSelectStmt* pSelect) {
  if (NULL == pStmt->pTags) {
    return TSDB_CODE_SUCCESS;
@@ -5626,7 +5655,7 @@ static int32_t checkStreamQuery(STranslateContext* pCxt, SSelectStmt* pSelect) {

 static int32_t buildCreateStreamQuery(STranslateContext* pCxt, SCreateStreamStmt* pStmt, SCMCreateStreamReq* pReq) {
  pCxt->createStream = true;
-  int32_t code = addWstartTsToCreateStreamQuery(pStmt->pQuery);
+  int32_t code = addWstartTsToCreateStreamQuery(pCxt, pStmt->pQuery);
  if (TSDB_CODE_SUCCESS == code) {
    code = addSubtableInfoToCreateStreamQuery(pCxt, pStmt);
  }

--- a/source/libs/parser/src/sql.c
+++ b/source/libs/parser/src/sql.c
--- a/source/libs/transport/src/trans.c
+++ b/source/libs/transport/src/trans.c
@@ -47,6 +47,10 @@ void* rpcOpen(const SRpcInit* pInit) {
  }

  pRpc->compressSize = pInit->compressSize;
+  if (pRpc->compressSize < 0) {
+    pRpc->compressSize = -1;
+  }
+
  pRpc->encryption = pInit->encryption;
  pRpc->retryLimit = pInit->retryLimit;
  pRpc->retryInterval = pInit->retryInterval;

--- a/source/libs/transport/src/transCli.c
+++ b/source/libs/transport/src/transCli.c
@@ -604,6 +604,7 @@ static int32_t allocConnRef(SCliConn* conn, bool update) {

 static int32_t specifyConnRef(SCliConn* conn, bool update, int64_t handle) {
  if (update) {
+    transReleaseExHandle(transGetRefMgt(), conn->refId);
    transRemoveExHandle(transGetRefMgt(), conn->refId);
    conn->refId = -1;
  }
@@ -956,7 +957,6 @@ static void cliHandleRelease(SCliMsg* pMsg, SCliThrd* pThrd) {

  SCliConn* conn = exh->handle;
  transReleaseExHandle(transGetRefMgt(), refId);
-
  tDebug("%s conn %p start to release to inst", CONN_GET_INST_LABEL(conn), conn);

  if (T_REF_VAL_GET(conn) == 2) {
@@ -1574,6 +1574,9 @@ bool cliGenRetryRule(SCliConn* pConn, STransMsg* pResp, SCliMsg* pMsg) {
    pCtx->retryStep = 0;
    pCtx->retryInit = true;
    pCtx->retryCode = TSDB_CODE_SUCCESS;
+
+    // already retry, not use handle specified by app;
+    pMsg->msg.info.handle = 0;
  }

  if (-1 != pCtx->retryMaxTimeout && taosGetTimestampMs() - pCtx->retryInitTimestamp >= pCtx->retryMaxTimeout) {

--- a/tests/parallel_test/cases.task
+++ b/tests/parallel_test/cases.task
@@ -10,6 +10,7 @@
 ,,y,script,./test.sh -f tsim/user/password.sim
 ,,y,script,./test.sh -f tsim/user/privilege_db.sim
 ,,y,script,./test.sh -f tsim/user/privilege_sysinfo.sim
+,,y,script,./test.sh -f tsim/user/privilege_topic.sim
 ,,y,script,./test.sh -f tsim/db/alter_option.sim
 ,,y,script,./test.sh -f tsim/db/alter_replica_13.sim
 ,,y,script,./test.sh -f tsim/db/alter_replica_31.sim

--- a/tests/script/tsim/user/privilege_topic.sim
+++ b/tests/script/tsim/user/privilege_topic.sim
+system sh/stop_dnodes.sh
+system sh/deploy.sh -n dnode1 -i 1
+system sh/exec.sh -n dnode1 -s start
+sql connect
+
+print =============== create db
+sql create database root_d1 vgroups 1;
+sql create database root_d2 vgroups 1;
+sql create database root_d3 vgroups 1;
+
+sql show user privileges
+if $rows != 1 then 
+  return -1
+endi
+if $data(root)[1] != all then 
+  return -1
+endi
+if $data(root)[2] != all then 
+  return -1
+endi
+
+print =============== create users
+sql create user user1 PASS 'taosdata'
+sql create user user2 PASS 'taosdata'
+sql create user user3 PASS 'taosdata'
+sql create user user4 PASS 'taosdata'
+sql create user user5 PASS 'taosdata'
+sql create user user6 PASS 'taosdata'
+sql alter user user1 sysinfo 0
+
+sql select * from information_schema.ins_users
+if $rows != 7 then 
+  return -1
+endi
+
+sql GRANT read ON root_d1.* to user1;
+sql GRANT write ON root_d2.* to user2;
+sql GRANT read ON root_d3.* to user3;
+sql GRANT write ON root_d3.* to user3;
+
+sql show user privileges
+if $rows != 5 then 
+  return -1
+endi
+if $data(user1)[1] != read then 
+  return -1
+endi
+if $data(user1)[2] != root_d1 then 
+  return -1
+endi
+if $data(user2)[1] != write then 
+  return -1
+endi
+if $data(user2)[2] != root_d2 then 
+  return -1
+endi
+
+print =============== create topis
+sql use root_d1
+sql create table root_d1_stb (ts timestamp, i int) tags (j int)
+sql create topic root_d1_topic1 as select ts, i from root_d1_stb
+sql create topic root_d1_topic2 as select ts, i from root_d1_stb
+sql create topic root_d1_topic3 as select ts, i from root_d1_stb
+sql create topic root_d1_topic4 as select ts, i from root_d1_stb
+
+sql show user privileges
+if $rows != 5 then 
+  return -1
+endi
+
+sql GRANT subscribe ON root_d1_topic1 TO user4
+sql GRANT subscribe ON root_d1_topic2 TO user5
+sql GRANT subscribe ON root_d1_topic3 TO user6
+sql show user privileges
+if $rows != 8 then 
+  return -1
+endi
+
+if $data(user4)[1] != subscribe then 
+  return -1
+endi
+if $data(user4)[2] != root_d1_topic1 then 
+  return -1
+endi
+if $data(user5)[1] != subscribe then 
+  return -1
+endi
+if $data(user5)[2] != root_d1_topic2 then 
+  return -1
+endi
+if $data(user6)[1] != subscribe then 
+  return -1
+endi
+if $data(user6)[2] != root_d1_topic3 then 
+  return -1
+endi
+
+sql REVOKE subscribe ON root_d1_topic3 from user6
+sql show user privileges
+if $rows != 7 then 
+  return -1
+endi
+if $data(user4)[1] != subscribe then 
+  return -1
+endi
+if $data(user4)[2] != root_d1_topic1 then 
+  return -1
+endi
+if $data(user5)[1] != subscribe then 
+  return -1
+endi
+if $data(user5)[2] != root_d1_topic2 then 
+  return -1
+endi
+
+print =============== repeat revoke/grant or invalid revoke/grant
+sql GRANT subscribe ON root_d1_topic1 to user4
+sql GRANT subscribe ON root_d1_topic2 to user4
+sql GRANT subscribe ON root_d1_topic3 to user4
+sql GRANT subscribe ON root_d1_topic1 to user5
+sql GRANT subscribe ON root_d1_topic2 to user5
+sql GRANT subscribe ON root_d1_topic3 to user5
+sql GRANT subscribe ON root_d1_topic1 to user6
+sql GRANT subscribe ON root_d1_topic2 to user6
+sql GRANT subscribe ON root_d1_topic3 to user6
+sql REVOKE subscribe ON root_d1_topic1 from user4
+sql REVOKE subscribe ON root_d1_topic2 from user4
+sql REVOKE subscribe ON root_d1_topic3 from user4
+sql REVOKE subscribe ON root_d1_topic1 from user5
+sql REVOKE subscribe ON root_d1_topic2 from user5
+sql REVOKE subscribe ON root_d1_topic3 from user5
+sql REVOKE subscribe ON root_d1_topic1 from user6
+sql REVOKE subscribe ON root_d1_topic2 from user6
+sql REVOKE subscribe ON root_d1_topic3 from user6
+
+print =============== invalid revoke/grant
+sql_error GRANT subscribe ON root_d1_topicx from user5
+sql_error REVOKE subscribe ON root_d1_topicx from user5
+
+print =============== check 
+sql GRANT subscribe ON root_d1_topic1 TO user4
+sql GRANT subscribe ON root_d1_topic2 TO user5
+sql GRANT subscribe ON root_d1_topic3 TO user6
+sql show user privileges
+if $rows != 8 then 
+  return -1
+endi
+
+print =============== re connect
+print user u1 login
+sql close
+sql connect user1
+
+sql_error show user privileges
+
+system sh/exec.sh -n dnode1 -s stop -x SIGINT