Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
2dot5
ClickHouse
提交
29a9d418
C
ClickHouse
项目概览
2dot5
/
ClickHouse
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
C
ClickHouse
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
29a9d418
编写于
6月 24, 2020
作者:
V
Vitaly Baranov
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix using current database while checking access rights.
上级
f7f16fdb
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
50 addition
and
31 deletion
+50
-31
src/Interpreters/Context.cpp
src/Interpreters/Context.cpp
+1
-1
tests/integration/helpers/client.py
tests/integration/helpers/client.py
+10
-7
tests/integration/helpers/cluster.py
tests/integration/helpers/cluster.py
+8
-8
tests/integration/test_create_user_and_login/test.py
tests/integration/test_create_user_and_login/test.py
+31
-15
未找到文件。
src/Interpreters/Context.cpp
浏览文件 @
29a9d418
...
...
@@ -1062,8 +1062,8 @@ void Context::setCurrentDatabase(const String & name)
{
DatabaseCatalog
::
instance
().
assertDatabaseExists
(
name
);
auto
lock
=
getLock
();
calculateAccessRights
();
current_database
=
name
;
calculateAccessRights
();
}
...
...
tests/integration/helpers/client.py
浏览文件 @
29a9d418
...
...
@@ -17,11 +17,11 @@ class Client:
self
.
command
+=
[
'--host'
,
self
.
host
,
'--port'
,
str
(
self
.
port
),
'--stacktrace'
]
def
query
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
ignore_error
=
False
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
ignore_error
=
ignore_error
).
get_answer
()
def
query
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
,
ignore_error
=
False
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
,
ignore_error
=
ignore_error
).
get_answer
()
def
get_query_request
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
ignore_error
=
False
):
def
get_query_request
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
,
ignore_error
=
False
):
command
=
self
.
command
[:]
if
stdin
is
None
:
...
...
@@ -40,15 +40,18 @@ class Client:
if
password
is
not
None
:
command
+=
[
'--password'
,
password
]
if
database
is
not
None
:
command
+=
[
'--database'
,
database
]
return
CommandRequest
(
command
,
stdin
,
timeout
,
ignore_error
)
def
query_and_get_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
).
get_error
()
def
query_and_get_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
).
get_error
()
def
query_and_get_answer_with_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
).
get_answer_and_error
()
def
query_and_get_answer_with_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
):
return
self
.
get_query_request
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
).
get_answer_and_error
()
class
QueryTimeoutExceedException
(
Exception
):
pass
...
...
tests/integration/helpers/cluster.py
浏览文件 @
29a9d418
...
...
@@ -737,15 +737,15 @@ class ClickHouseInstance:
return
"-fsanitize=thread"
in
build_opts
# Connects to the instance via clickhouse-client, sends a query (1st argument) and returns the answer
def
query
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
ignore_error
=
False
):
return
self
.
client
.
query
(
sql
,
stdin
,
timeout
,
settings
,
user
,
password
,
ignore_error
)
def
query
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
,
ignore_error
=
False
):
return
self
.
client
.
query
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
,
ignore_error
=
ignore_error
)
def
query_with_retry
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
ignore_error
=
False
,
def
query_with_retry
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
,
ignore_error
=
False
,
retry_count
=
20
,
sleep_time
=
0.5
,
check_callback
=
lambda
x
:
True
):
result
=
None
for
i
in
range
(
retry_count
):
try
:
result
=
self
.
query
(
sql
,
stdin
,
timeout
,
settings
,
user
,
password
,
ignore_error
)
result
=
self
.
query
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
,
ignore_error
=
ignore_error
)
if
check_callback
(
result
):
return
result
time
.
sleep
(
sleep_time
)
...
...
@@ -762,12 +762,12 @@ class ClickHouseInstance:
return
self
.
client
.
get_query_request
(
*
args
,
**
kwargs
)
# Connects to the instance via clickhouse-client, sends a query (1st argument), expects an error and return its code
def
query_and_get_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
):
return
self
.
client
.
query_and_get_error
(
sql
,
stdin
,
timeout
,
settings
,
user
,
password
)
def
query_and_get_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
):
return
self
.
client
.
query_and_get_error
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
)
# The same as query_and_get_error but ignores successful query.
def
query_and_get_answer_with_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
):
return
self
.
client
.
query_and_get_answer_with_error
(
sql
,
stdin
,
timeout
,
settings
,
user
,
password
)
def
query_and_get_answer_with_error
(
self
,
sql
,
stdin
=
None
,
timeout
=
None
,
settings
=
None
,
user
=
None
,
password
=
None
,
database
=
None
):
return
self
.
client
.
query_and_get_answer_with_error
(
sql
,
stdin
=
stdin
,
timeout
=
timeout
,
settings
=
settings
,
user
=
user
,
password
=
password
,
database
=
database
)
# Connects to the instance via HTTP interface, sends a query and returns the answer
def
http_query
(
self
,
sql
,
data
=
None
,
params
=
None
,
user
=
None
,
password
=
None
,
expect_fail_and_get_error
=
False
):
...
...
tests/integration/test_create_user_and_login/test.py
浏览文件 @
29a9d418
...
...
@@ -12,9 +12,10 @@ def started_cluster():
try
:
cluster
.
start
()
instance
.
query
(
"CREATE TABLE test_table(x UInt32, y UInt32) ENGINE = MergeTree ORDER BY tuple()"
)
instance
.
query
(
"INSERT INTO test_table VALUES (1,5), (2,10)"
)
instance
.
query
(
"CREATE DATABASE test"
)
instance
.
query
(
"CREATE TABLE test.table(x UInt32, y UInt32) ENGINE = MergeTree ORDER BY tuple()"
)
instance
.
query
(
"INSERT INTO test.table VALUES (1,5), (2,10)"
)
yield
cluster
finally
:
...
...
@@ -27,6 +28,7 @@ def cleanup_after_test():
yield
finally
:
instance
.
query
(
"DROP USER IF EXISTS A, B"
)
instance
.
query
(
"DROP TABLE IF EXISTS default.table"
)
def
test_login
():
...
...
@@ -38,28 +40,28 @@ def test_login():
def
test_grant_and_revoke
():
instance
.
query
(
"CREATE USER A"
)
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"SELECT * FROM test
_
table"
,
user
=
'A'
)
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"SELECT * FROM test
.
table"
,
user
=
'A'
)
instance
.
query
(
'GRANT SELECT ON test
_
table TO A'
)
assert
instance
.
query
(
"SELECT * FROM test
_
table"
,
user
=
'A'
)
==
"1
\t
5
\n
2
\t
10
\n
"
instance
.
query
(
'GRANT SELECT ON test
.
table TO A'
)
assert
instance
.
query
(
"SELECT * FROM test
.
table"
,
user
=
'A'
)
==
"1
\t
5
\n
2
\t
10
\n
"
instance
.
query
(
'REVOKE SELECT ON test
_
table FROM A'
)
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"SELECT * FROM test
_
table"
,
user
=
'A'
)
instance
.
query
(
'REVOKE SELECT ON test
.
table FROM A'
)
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"SELECT * FROM test
.
table"
,
user
=
'A'
)
def
test_grant_option
():
instance
.
query
(
"CREATE USER A"
)
instance
.
query
(
"CREATE USER B"
)
instance
.
query
(
'GRANT SELECT ON test
_
table TO A'
)
assert
instance
.
query
(
"SELECT * FROM test
_
table"
,
user
=
'A'
)
==
"1
\t
5
\n
2
\t
10
\n
"
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"GRANT SELECT ON test
_
table TO B"
,
user
=
'A'
)
instance
.
query
(
'GRANT SELECT ON test
.
table TO A'
)
assert
instance
.
query
(
"SELECT * FROM test
.
table"
,
user
=
'A'
)
==
"1
\t
5
\n
2
\t
10
\n
"
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"GRANT SELECT ON test
.
table TO B"
,
user
=
'A'
)
instance
.
query
(
'GRANT SELECT ON test
_
table TO A WITH GRANT OPTION'
)
instance
.
query
(
"GRANT SELECT ON test
_
table TO B"
,
user
=
'A'
)
assert
instance
.
query
(
"SELECT * FROM test
_
table"
,
user
=
'B'
)
==
"1
\t
5
\n
2
\t
10
\n
"
instance
.
query
(
'GRANT SELECT ON test
.
table TO A WITH GRANT OPTION'
)
instance
.
query
(
"GRANT SELECT ON test
.
table TO B"
,
user
=
'A'
)
assert
instance
.
query
(
"SELECT * FROM test
.
table"
,
user
=
'B'
)
==
"1
\t
5
\n
2
\t
10
\n
"
instance
.
query
(
'REVOKE SELECT ON test
_
table FROM A, B'
)
instance
.
query
(
'REVOKE SELECT ON test
.
table FROM A, B'
)
def
test_introspection
():
...
...
@@ -100,3 +102,17 @@ def test_introspection():
TSV
([[
"A"
,
"\N"
,
"SELECT"
,
"test"
,
"table"
,
"\N"
,
0
,
0
],
[
"B"
,
"\N"
,
"CREATE"
,
"\N"
,
"\N"
,
"\N"
,
0
,
0
],
[
"B"
,
"\N"
,
"CREATE"
,
"\N"
,
"\N"
,
"\N"
,
0
,
1
]])
def
test_current_database
():
instance
.
query
(
"CREATE USER A"
)
instance
.
query
(
"GRANT SELECT ON table TO A"
,
database
=
"test"
)
assert
instance
.
query
(
"SHOW GRANTS FOR A"
)
==
TSV
([
"GRANT SELECT ON test.table TO A"
])
assert
instance
.
query
(
"SHOW GRANTS FOR A"
,
database
=
"test"
)
==
TSV
([
"GRANT SELECT ON test.table TO A"
])
assert
instance
.
query
(
"SELECT * FROM test.table"
,
user
=
'A'
)
==
"1
\t
5
\n
2
\t
10
\n
"
assert
instance
.
query
(
"SELECT * FROM table"
,
user
=
'A'
,
database
=
'test'
)
==
"1
\t
5
\n
2
\t
10
\n
"
instance
.
query
(
"CREATE TABLE default.table(x UInt32, y UInt32) ENGINE = MergeTree ORDER BY tuple()"
)
assert
"Not enough privileges"
in
instance
.
query_and_get_error
(
"SELECT * FROM table"
,
user
=
'A'
)
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录