You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by ja...@apache.org on 2023/09/06 14:18:35 UTC
[iotdb] branch auth updated: Fix some bugs when read & write schema
This is an automated email from the ASF dual-hosted git repository.
jackietien pushed a commit to branch auth
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/auth by this push:
new 98bfde3b1f1 Fix some bugs when read & write schema
98bfde3b1f1 is described below
commit 98bfde3b1f1c3ce44830c8709170c84fd75f3758
Author: Weihao Li <60...@users.noreply.github.com>
AuthorDate: Wed Sep 6 22:18:28 2023 +0800
Fix some bugs when read & write schema
---
.../apache/iotdb/confignode/persistence/AuthorInfo.java | 1 +
.../org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java | 2 ++
.../plan/statement/metadata/AlterTimeSeriesStatement.java | 15 +++++++++++++++
3 files changed, 18 insertions(+)
diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
index 6904b2ac2a5..2b4d533112e 100644
--- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
+++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
@@ -152,6 +152,7 @@ public class AuthorInfo implements SnapshotProcessor {
}
} else {
result = AuthUtils.generateEmptyPermissionInfoResp();
+ result.setFailPos(failedList);
result.setStatus(RpcUtils.getStatus(TSStatusCode.NO_PERMISSION));
}
return result;
diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java
index 48acf3d8c92..410347e9c9b 100644
--- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java
+++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java
@@ -92,6 +92,8 @@ public class ClusterAuthorityFetcher implements IAuthorityFetcher {
if (!user.checkPathPrivilege(path, permission)) {
if (user.getRoleList().isEmpty()) {
posList.add(pos);
+ pos++;
+ continue;
}
boolean status = false;
for (String rolename : user.getRoleList()) {
diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/metadata/AlterTimeSeriesStatement.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/metadata/AlterTimeSeriesStatement.java
index 2375452a13f..1c78b73cdd1 100644
--- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/metadata/AlterTimeSeriesStatement.java
+++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/metadata/AlterTimeSeriesStatement.java
@@ -19,10 +19,14 @@
package org.apache.iotdb.db.queryengine.plan.statement.metadata;
+import org.apache.iotdb.common.rpc.thrift.TSStatus;
+import org.apache.iotdb.commons.auth.entity.PrivilegeType;
import org.apache.iotdb.commons.path.PartialPath;
+import org.apache.iotdb.db.auth.AuthorityChecker;
import org.apache.iotdb.db.queryengine.plan.statement.Statement;
import org.apache.iotdb.db.queryengine.plan.statement.StatementType;
import org.apache.iotdb.db.queryengine.plan.statement.StatementVisitor;
+import org.apache.iotdb.rpc.TSStatusCode;
import java.util.Collections;
import java.util.List;
@@ -128,6 +132,17 @@ public class AlterTimeSeriesStatement extends Statement {
return isAlterView;
}
+ @Override
+ public TSStatus checkPermissionBeforeProcess(String userName) {
+ if (AuthorityChecker.SUPER_USER.equals(userName)) {
+ return new TSStatus(TSStatusCode.SUCCESS_STATUS.getStatusCode());
+ }
+ return AuthorityChecker.getTSStatus(
+ AuthorityChecker.checkFullPathPermission(
+ userName, path, PrivilegeType.WRITE_SCHEMA.ordinal()),
+ PrivilegeType.WRITE_SCHEMA);
+ }
+
@Override
public <R, C> R accept(StatementVisitor<R, C> visitor, C context) {
return visitor.visitAlterTimeseries(this, context);