You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by qi...@apache.org on 2022/11/22 11:54:58 UTC
[iotdb] branch master updated: [IOTDB-4993] Rename the storage group of permissions to database (#8054)
This is an automated email from the ASF dual-hosted git repository.
qiaojialin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/master by this push:
new 531577765b [IOTDB-4993] Rename the storage group of permissions to database (#8054)
531577765b is described below
commit 531577765beb230404af8dc42e6204f44029531e
Author: 任宇华 <79...@users.noreply.github.com>
AuthorDate: Tue Nov 22 19:54:53 2022 +0800
[IOTDB-4993] Rename the storage group of permissions to database (#8054)
---
.../main/antlr4/org/apache/iotdb/db/qp/sql/SqlLexer.g4 | 10 +++++++++-
.../Administration-Management/Administration.md | 4 ++--
.../Administration-Management/Administration.md | 4 ++--
docs/zh/UserGuide/Reference/Keywords.md | 2 +-
.../test/java/org/apache/iotdb/db/it/IoTDBAuthIT.java | 14 +++++++-------
.../iotdb/db/integration/IoTDBAuthorizationIT.java | 14 +++++++-------
.../iotdb/commons/auth/entity/PrivilegeType.java | 4 ++--
.../java/org/apache/iotdb/commons/utils/AuthUtils.java | 14 ++++++++++----
.../org/apache/iotdb/db/auth/AuthorityChecker.java | 8 ++++----
.../apache/iotdb/db/mpp/plan/parser/ASTVisitor.java | 9 +++++++--
.../metadata/DeleteStorageGroupStatement.java | 18 +++++++++++++++++-
.../org/apache/iotdb/db/auth/AuthorityCheckerTest.java | 2 +-
.../iotdb/db/qp/other/TSPlanContextAuthorTest.java | 8 ++++----
13 files changed, 73 insertions(+), 38 deletions(-)
diff --git a/antlr/src/main/antlr4/org/apache/iotdb/db/qp/sql/SqlLexer.g4 b/antlr/src/main/antlr4/org/apache/iotdb/db/qp/sql/SqlLexer.g4
index be2578da03..5df211d6c1 100644
--- a/antlr/src/main/antlr4/org/apache/iotdb/db/qp/sql/SqlLexer.g4
+++ b/antlr/src/main/antlr4/org/apache/iotdb/db/qp/sql/SqlLexer.g4
@@ -710,7 +710,7 @@ WRITABLE
// Privileges Keywords
PRIVILEGE_VALUE
- : SET_STORAGE_GROUP | DELETE_STORAGE_GROUP
+ : SET_STORAGE_GROUP | DELETE_STORAGE_GROUP | CREATE_DATABASE | DELETE_DATABASE
| CREATE_TIMESERIES | INSERT_TIMESERIES | READ_TIMESERIES | DELETE_TIMESERIES | ALTER_TIMESERIES
| CREATE_USER | DELETE_USER | MODIFY_PASSWORD | LIST_USER
| GRANT_USER_PRIVILEGE | REVOKE_USER_PRIVILEGE | GRANT_USER_ROLE | REVOKE_USER_ROLE
@@ -728,6 +728,14 @@ DELETE_STORAGE_GROUP
: D E L E T E '_' S T O R A G E '_' G R O U P
;
+CREATE_DATABASE
+ : C R E A T E '_' D A T A B A S E
+ ;
+
+DELETE_DATABASE
+ : D E L E T E '_' D A T A B A S E
+ ;
+
CREATE_TIMESERIES
: C R E A T E '_' T I M E S E R I E S
;
diff --git a/docs/UserGuide/Administration-Management/Administration.md b/docs/UserGuide/Administration-Management/Administration.md
index cc7504a976..9bdea3c2e2 100644
--- a/docs/UserGuide/Administration-Management/Administration.md
+++ b/docs/UserGuide/Administration-Management/Administration.md
@@ -367,8 +367,8 @@ At the same time, changes to roles are immediately reflected on all users who ow
|privilege Name|Interpretation|Example|
|:---|:---|----|
-|SET\_STORAGE\_GROUP|create database; set/unset database ttl; path dependent|Eg1: `CREATE DATABASE root.ln;`<br />Eg2:`set ttl to root.ln 3600000;`<br />Eg3:`unset ttl to root.ln;`|
-|DELETE\_STORAGE\_GROUP|delete databases; path dependent|Eg: `delete database root.ln;`|
+|CREATE\_DATABASE|create database; set/unset database ttl; path dependent|Eg1: `CREATE DATABASE root.ln;`<br />Eg2:`set ttl to root.ln 3600000;`<br />Eg3:`unset ttl to root.ln;`|
+|DELETE\_DATABASE|delete databases; path dependent|Eg: `delete database root.ln;`|
|CREATE\_TIMESERIES|create timeseries; path dependent|Eg1: create timeseries<br />`create timeseries root.ln.wf02.status with datatype=BOOLEAN,encoding=PLAIN;`<br />Eg2: create aligned timeseries<br />`create aligned timeseries root.ln.device1(latitude FLOAT encoding=PLAIN compressor=SNAPPY, longitude FLOAT encoding=PLAIN compressor=SNAPPY);`|
|INSERT\_TIMESERIES|insert data; path dependent|Eg1: `insert into root.ln.wf02(timestamp,status) values(1,true);`<br />Eg2: `insert into root.sg1.d1(time, s1, s2) aligned values(1, 1, 1)`|
|ALTER\_TIMESERIES|alter timeseries; path dependent|Eg1: `alter timeseries root.turbine.d1.s1 ADD TAGS tag3=v3, tag4=v4;`<br />Eg2: `ALTER timeseries root.turbine.d1.s1 UPSERT ALIAS=newAlias TAGS(tag2=newV2, tag3=v3) ATTRIBUTES(attr3=v3, attr4=v4);`|
diff --git a/docs/zh/UserGuide/Administration-Management/Administration.md b/docs/zh/UserGuide/Administration-Management/Administration.md
index 7351424c09..a70a775659 100644
--- a/docs/zh/UserGuide/Administration-Management/Administration.md
+++ b/docs/zh/UserGuide/Administration-Management/Administration.md
@@ -366,8 +366,8 @@ Eg: IoTDB > ALTER USER `tempuser` SET PASSWORD 'newpwd';
|权限名称|说明|示例|
|:---|:---|----|
-|SET\_STORAGE\_GROUP|创建 database。包含设置 database 的权限和TTL。路径相关|Eg1: `CREATE DATABASE root.ln;`<br />Eg2:`set ttl to root.ln 3600000;`<br />Eg3:`unset ttl to root.ln;`|
-|DELETE\_STORAGE\_GROUP|删除 database。路径相关|Eg: `delete database root.ln;`|
+|CREATE\_DATABASE|创建 database。包含设置 database 的权限和TTL。路径相关|Eg1: `CREATE DATABASE root.ln;`<br />Eg2:`set ttl to root.ln 3600000;`<br />Eg3:`unset ttl to root.ln;`|
+|DELETE\_DATABASE|删除 database。路径相关|Eg: `delete database root.ln;`|
|CREATE\_TIMESERIES|创建时间序列。路径相关|Eg1: 创建时间序列<br />`create timeseries root.ln.wf02.status with datatype=BOOLEAN,encoding=PLAIN;`<br />Eg2: 创建对齐时间序列<br />`create aligned timeseries root.ln.device1(latitude FLOAT encoding=PLAIN compressor=SNAPPY, longitude FLOAT encoding=PLAIN compressor=SNAPPY);`|
|INSERT\_TIMESERIES|插入数据。路径相关|Eg1: `insert into root.ln.wf02(timestamp,status) values(1,true);`<br />Eg2: `insert into root.sg1.d1(time, s1, s2) aligned values(1, 1, 1)`|
|ALTER\_TIMESERIES|修改时间序列标签。路径相关|Eg1: `alter timeseries root.turbine.d1.s1 ADD TAGS tag3=v3, tag4=v4;`<br />Eg2: `ALTER timeseries root.turbine.d1.s1 UPSERT ALIAS=newAlias TAGS(tag2=newV2, tag3=v3) ATTRIBUTES(attr3=v3, attr4=v4);`|
diff --git a/docs/zh/UserGuide/Reference/Keywords.md b/docs/zh/UserGuide/Reference/Keywords.md
index ff3c540a28..d5b29c6b2b 100644
--- a/docs/zh/UserGuide/Reference/Keywords.md
+++ b/docs/zh/UserGuide/Reference/Keywords.md
@@ -190,7 +190,7 @@
- WITHOUT
- WRITABLE
- 权限类型
- - SET_STORAGE_GROUP
+ - CREATE_DATABASE
- DELETE_STORAGE_GROUP
- CREATE_TIMESERIES
- INSERT_TIMESERIES
diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBAuthIT.java
index 091c19ccb0..d24bfc755e 100644
--- a/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBAuthIT.java
+++ b/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBAuthIT.java
@@ -123,7 +123,7 @@ public class IoTDBAuthIT {
Assert.assertThrows(
SQLException.class, () -> userStmt.execute("CREATE DATABASE root.sgtest"));
- adminStmt.execute("GRANT USER sgtest PRIVILEGES SET_STORAGE_GROUP ON root.*");
+ adminStmt.execute("GRANT USER sgtest PRIVILEGES CREATE_DATABASE ON root.*");
try {
userStmt.execute("CREATE DATABASE root.sgtest");
@@ -197,7 +197,7 @@ public class IoTDBAuthIT {
// grant a non-existing user
Assert.assertThrows(
SQLException.class,
- () -> adminStmt.execute("GRANT USER nulluser PRIVILEGES SET_STORAGE_GROUP on root.a"));
+ () -> adminStmt.execute("GRANT USER nulluser PRIVILEGES CREATE_DATABASE on root.a"));
// grant a non-existing privilege
Assert.assertThrows(
SQLException.class,
@@ -273,7 +273,7 @@ public class IoTDBAuthIT {
// grant and revoke the user the privilege to create time series
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
- adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
userStmt.execute("CREATE DATABASE root.a");
adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_TIMESERIES ON root.a.b");
userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");
@@ -282,13 +282,13 @@ public class IoTDBAuthIT {
// privilege already exists
Assert.assertThrows(
SQLException.class,
- () -> adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a"));
+ () -> adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a"));
// no privilege to create this one any more
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
// no privilege to create timeseries
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
- adminStmt.execute("REVOKE USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("REVOKE USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
// no privilege to create this one any more
Assert.assertThrows(
SQLException.class,
@@ -319,7 +319,7 @@ public class IoTDBAuthIT {
try (Connection userCon = EnvFactory.getEnv().getConnection("tempuser", "temppw");
Statement userStmt = userCon.createStatement()) {
- adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
userStmt.execute("CREATE DATABASE root.a");
adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_TIMESERIES ON root.a.b");
userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");
@@ -366,7 +366,7 @@ public class IoTDBAuthIT {
adminStmt.execute("CREATE ROLE admin");
adminStmt.execute(
- "GRANT ROLE admin PRIVILEGES SET_STORAGE_GROUP,CREATE_TIMESERIES,DELETE_TIMESERIES,READ_TIMESERIES,INSERT_TIMESERIES on root.**");
+ "GRANT ROLE admin PRIVILEGES CREATE_DATABASE,CREATE_TIMESERIES,DELETE_TIMESERIES,READ_TIMESERIES,INSERT_TIMESERIES on root.**");
adminStmt.execute("GRANT admin TO tempuser");
userStmt.execute("CREATE DATABASE root.a");
diff --git a/integration/src/test/java/org/apache/iotdb/db/integration/IoTDBAuthorizationIT.java b/integration/src/test/java/org/apache/iotdb/db/integration/IoTDBAuthorizationIT.java
index 98ef421acb..ba305fd321 100644
--- a/integration/src/test/java/org/apache/iotdb/db/integration/IoTDBAuthorizationIT.java
+++ b/integration/src/test/java/org/apache/iotdb/db/integration/IoTDBAuthorizationIT.java
@@ -98,7 +98,7 @@ public class IoTDBAuthorizationIT {
userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");
userStmt.execute("INSERT INTO root.a(timestamp, b) VALUES (100, 100)");
userStmt.execute("SELECT * from root.a");
- userStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ userStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
userStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_TIMESERIES ON root.b.b");
adminStmt.execute("REVOKE USER tempuser PRIVILEGES ALL on root.**");
@@ -349,7 +349,7 @@ public class IoTDBAuthorizationIT {
// grant a non-existing user
Assert.assertThrows(
SQLException.class,
- () -> adminStmt.execute("GRANT USER nulluser PRIVILEGES SET_STORAGE_GROUP on root.a"));
+ () -> adminStmt.execute("GRANT USER nulluser PRIVILEGES CREATE_DATABASE on root.a"));
// grant a non-existing privilege
Assert.assertThrows(
SQLException.class,
@@ -430,7 +430,7 @@ public class IoTDBAuthorizationIT {
// grant and revoke the user the privilege to create time series
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
- adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
userStmt.execute("CREATE DATABASE root.a");
adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_TIMESERIES ON root.a.b");
userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");
@@ -439,13 +439,13 @@ public class IoTDBAuthorizationIT {
// privilege already exists
Assert.assertThrows(
SQLException.class,
- () -> adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a"));
+ () -> adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a"));
// no privilege to create this one any more
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
// no privilege to create timeseries
Assert.assertThrows(SQLException.class, () -> userStmt.execute("CREATE DATABASE root.a"));
- adminStmt.execute("REVOKE USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("REVOKE USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
// no privilege to create this one any more
Assert.assertThrows(
SQLException.class,
@@ -499,7 +499,7 @@ public class IoTDBAuthorizationIT {
Config.IOTDB_URL_PREFIX + "127.0.0.1:6667/", "tempuser", "temppw");
Statement userStmt = userCon.createStatement()) {
- adminStmt.execute("GRANT USER tempuser PRIVILEGES SET_STORAGE_GROUP ON root.a");
+ adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_DATABASE ON root.a");
userStmt.execute("CREATE DATABASE root.a");
adminStmt.execute("GRANT USER tempuser PRIVILEGES CREATE_TIMESERIES ON root.a.b");
userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");
@@ -551,7 +551,7 @@ public class IoTDBAuthorizationIT {
adminStmt.execute("CREATE ROLE admin");
adminStmt.execute(
- "GRANT ROLE admin PRIVILEGES SET_STORAGE_GROUP,CREATE_TIMESERIES,DELETE_TIMESERIES,READ_TIMESERIES,INSERT_TIMESERIES on root.**");
+ "GRANT ROLE admin PRIVILEGES CREATE_DATABASE,CREATE_TIMESERIES,DELETE_TIMESERIES,READ_TIMESERIES,INSERT_TIMESERIES on root.**");
adminStmt.execute("GRANT admin TO tempuser");
userStmt.execute("CREATE DATABASE root.a");
diff --git a/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PrivilegeType.java b/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PrivilegeType.java
index 1d7c5eba1a..886d98d80b 100644
--- a/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PrivilegeType.java
+++ b/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PrivilegeType.java
@@ -21,7 +21,7 @@ package org.apache.iotdb.commons.auth.entity;
/** This enum class contains all available privileges in IoTDB. */
public enum PrivilegeType {
- SET_STORAGE_GROUP(true),
+ CREATE_DATABASE(true),
INSERT_TIMESERIES(true),
@Deprecated
UPDATE_TIMESERIES(true),
@@ -50,7 +50,7 @@ public enum PrivilegeType {
CREATE_CONTINUOUS_QUERY,
DROP_CONTINUOUS_QUERY,
ALL,
- DELETE_STORAGE_GROUP(true),
+ DELETE_DATABASE(true),
ALTER_TIMESERIES(true),
UPDATE_TEMPLATE,
READ_TEMPLATE,
diff --git a/node-commons/src/main/java/org/apache/iotdb/commons/utils/AuthUtils.java b/node-commons/src/main/java/org/apache/iotdb/commons/utils/AuthUtils.java
index 17bd3c109b..da39e03e65 100644
--- a/node-commons/src/main/java/org/apache/iotdb/commons/utils/AuthUtils.java
+++ b/node-commons/src/main/java/org/apache/iotdb/commons/utils/AuthUtils.java
@@ -146,8 +146,8 @@ public class AuthUtils {
validatePath(path);
switch (type) {
case READ_TIMESERIES:
- case SET_STORAGE_GROUP:
- case DELETE_STORAGE_GROUP:
+ case CREATE_DATABASE:
+ case DELETE_DATABASE:
case CREATE_TIMESERIES:
case DELETE_TIMESERIES:
case INSERT_TIMESERIES:
@@ -165,8 +165,8 @@ public class AuthUtils {
} else {
switch (type) {
case READ_TIMESERIES:
- case SET_STORAGE_GROUP:
- case DELETE_STORAGE_GROUP:
+ case CREATE_DATABASE:
+ case DELETE_DATABASE:
case CREATE_TIMESERIES:
case DELETE_TIMESERIES:
case INSERT_TIMESERIES:
@@ -373,6 +373,12 @@ public class AuthUtils {
for (String s : authorizationList) {
PrivilegeType[] types = PrivilegeType.values();
boolean legal = false;
+ if ("SET_STORAGE_GROUP".equalsIgnoreCase(s)) {
+ s = PrivilegeType.CREATE_DATABASE.name();
+ }
+ if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(s)) {
+ s = PrivilegeType.DELETE_DATABASE.name();
+ }
for (PrivilegeType privilegeType : types) {
if (s.equalsIgnoreCase(privilegeType.name())) {
result.add(privilegeType.ordinal());
diff --git a/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java b/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
index c5a57f3014..40fc04e1d2 100644
--- a/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
+++ b/server/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java
@@ -203,9 +203,9 @@ public class AuthorityChecker {
return PrivilegeType.REVOKE_USER_ROLE.ordinal();
case SET_STORAGE_GROUP:
case TTL:
- return PrivilegeType.SET_STORAGE_GROUP.ordinal();
+ return PrivilegeType.CREATE_DATABASE.ordinal();
case DELETE_STORAGE_GROUP:
- return PrivilegeType.DELETE_STORAGE_GROUP.ordinal();
+ return PrivilegeType.DELETE_DATABASE.ordinal();
case CREATE_TIMESERIES:
case CREATE_ALIGNED_TIMESERIES:
case CREATE_MULTI_TIMESERIES:
@@ -292,9 +292,9 @@ public class AuthorityChecker {
return PrivilegeType.REVOKE_USER_ROLE.ordinal();
case SET_STORAGE_GROUP:
case TTL:
- return PrivilegeType.SET_STORAGE_GROUP.ordinal();
+ return PrivilegeType.CREATE_DATABASE.ordinal();
case DELETE_STORAGE_GROUP:
- return PrivilegeType.DELETE_STORAGE_GROUP.ordinal();
+ return PrivilegeType.DELETE_DATABASE.ordinal();
case CREATE_TIMESERIES:
case CREATE_ALIGNED_TIMESERIES:
case CREATE_MULTI_TIMESERIES:
diff --git a/server/src/main/java/org/apache/iotdb/db/mpp/plan/parser/ASTVisitor.java b/server/src/main/java/org/apache/iotdb/db/mpp/plan/parser/ASTVisitor.java
index da4b06a49a..1be8cd3d0d 100644
--- a/server/src/main/java/org/apache/iotdb/db/mpp/plan/parser/ASTVisitor.java
+++ b/server/src/main/java/org/apache/iotdb/db/mpp/plan/parser/ASTVisitor.java
@@ -1676,7 +1676,6 @@ public class ASTVisitor extends IoTDBSqlParserBaseVisitor<Statement> {
/** Common Parsers */
// IoTDB Objects ========================================================================
-
private PartialPath parseFullPath(IoTDBSqlParser.FullPathContext ctx) {
List<IoTDBSqlParser.NodeNameWithoutWildcardContext> nodeNamesWithoutStar =
ctx.nodeNameWithoutWildcard();
@@ -1936,10 +1935,10 @@ public class ASTVisitor extends IoTDBSqlParserBaseVisitor<Statement> {
}
return alias;
}
+
/** Data Control Language (DCL) */
// Create User
-
@Override
public Statement visitCreateUser(IoTDBSqlParser.CreateUserContext ctx) {
AuthorStatement authorStatement = new AuthorStatement(AuthorOperator.AuthorType.CREATE_USER);
@@ -2062,6 +2061,12 @@ public class ASTVisitor extends IoTDBSqlParserBaseVisitor<Statement> {
boolean pathRelevant = true;
String errorPrivilegeName = "";
for (String privilege : privileges) {
+ if ("SET_STORAGE_GROUP".equalsIgnoreCase(privilege)) {
+ privilege = PrivilegeType.CREATE_DATABASE.name();
+ }
+ if ("DELETE_STORAGE_GROUP".equalsIgnoreCase(privilege)) {
+ privilege = PrivilegeType.DELETE_DATABASE.name();
+ }
if (!PrivilegeType.valueOf(privilege.toUpperCase()).isPathRelevant()) {
pathRelevant = false;
errorPrivilegeName = privilege.toUpperCase();
diff --git a/server/src/main/java/org/apache/iotdb/db/mpp/plan/statement/metadata/DeleteStorageGroupStatement.java b/server/src/main/java/org/apache/iotdb/db/mpp/plan/statement/metadata/DeleteStorageGroupStatement.java
index cc48d5697a..25ec719ac7 100644
--- a/server/src/main/java/org/apache/iotdb/db/mpp/plan/statement/metadata/DeleteStorageGroupStatement.java
+++ b/server/src/main/java/org/apache/iotdb/db/mpp/plan/statement/metadata/DeleteStorageGroupStatement.java
@@ -19,6 +19,7 @@
package org.apache.iotdb.db.mpp.plan.statement.metadata;
+import org.apache.iotdb.commons.exception.IllegalPathException;
import org.apache.iotdb.commons.path.PartialPath;
import org.apache.iotdb.db.mpp.plan.analyze.QueryType;
import org.apache.iotdb.db.mpp.plan.constant.StatementType;
@@ -26,9 +27,16 @@ import org.apache.iotdb.db.mpp.plan.statement.IConfigStatement;
import org.apache.iotdb.db.mpp.plan.statement.Statement;
import org.apache.iotdb.db.mpp.plan.statement.StatementVisitor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.ArrayList;
import java.util.List;
public class DeleteStorageGroupStatement extends Statement implements IConfigStatement {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(DeleteStorageGroupStatement.class);
+
private List<String> prefixPathList;
public DeleteStorageGroupStatement() {
@@ -38,7 +46,15 @@ public class DeleteStorageGroupStatement extends Statement implements IConfigSta
@Override
public List<PartialPath> getPaths() {
- return null;
+ List<PartialPath> paths = new ArrayList<>();
+ for (String prefixPath : prefixPathList) {
+ try {
+ paths.add(new PartialPath(prefixPath));
+ } catch (IllegalPathException e) {
+ LOGGER.error("{} is not a legal path", prefixPath, e);
+ }
+ }
+ return paths;
}
public List<String> getPrefixPath() {
diff --git a/server/src/test/java/org/apache/iotdb/db/auth/AuthorityCheckerTest.java b/server/src/test/java/org/apache/iotdb/db/auth/AuthorityCheckerTest.java
index ed2329dccd..d43bd6ae90 100644
--- a/server/src/test/java/org/apache/iotdb/db/auth/AuthorityCheckerTest.java
+++ b/server/src/test/java/org/apache/iotdb/db/auth/AuthorityCheckerTest.java
@@ -83,7 +83,7 @@ public class AuthorityCheckerTest {
authorizer.grantPrivilegeToUser(user.getName(), nodeName, PrivilegeType.DELETE_ROLE.ordinal());
authorizer.grantPrivilegeToUser(user.getName(), nodeName, PrivilegeType.DELETE_USER.ordinal());
authorizer.grantPrivilegeToUser(
- user.getName(), nodeName, PrivilegeType.SET_STORAGE_GROUP.ordinal());
+ user.getName(), nodeName, PrivilegeType.CREATE_DATABASE.ordinal());
authorizer.grantPrivilegeToUser(
user.getName(), nodeName, PrivilegeType.CREATE_TIMESERIES.ordinal());
authorizer.grantPrivilegeToUser(
diff --git a/server/src/test/java/org/apache/iotdb/db/qp/other/TSPlanContextAuthorTest.java b/server/src/test/java/org/apache/iotdb/db/qp/other/TSPlanContextAuthorTest.java
index 2b39495e2a..fb5ee9eb36 100644
--- a/server/src/test/java/org/apache/iotdb/db/qp/other/TSPlanContextAuthorTest.java
+++ b/server/src/test/java/org/apache/iotdb/db/qp/other/TSPlanContextAuthorTest.java
@@ -59,19 +59,19 @@ public class TSPlanContextAuthorTest {
{"CREATE ROLE rolename", emptyPaths},
{"DROP ROLE rolename", emptyPaths},
{
- "GRANT USER username PRIVILEGES SET_STORAGE_GROUP,INSERT_TIMESERIES ON root.node1.a.b",
+ "GRANT USER username PRIVILEGES CREATE_DATABASE,INSERT_TIMESERIES ON root.node1.a.b",
testPaths
},
{
- "REVOKE USER username PRIVILEGES SET_STORAGE_GROUP,INSERT_TIMESERIES ON root.node1.a.b",
+ "REVOKE USER username PRIVILEGES CREATE_DATABASE,INSERT_TIMESERIES ON root.node1.a.b",
testPaths
},
{
- "GRANT ROLE rolename PRIVILEGES SET_STORAGE_GROUP,INSERT_TIMESERIES ON root.node1.a.b",
+ "GRANT ROLE rolename PRIVILEGES CREATE_DATABASE,INSERT_TIMESERIES ON root.node1.a.b",
testPaths
},
{
- "REVOKE ROLE rolename PRIVILEGES SET_STORAGE_GROUP,INSERT_TIMESERIES ON root.node1.a.b",
+ "REVOKE ROLE rolename PRIVILEGES CREATE_DATABASE,INSERT_TIMESERIES ON root.node1.a.b",
testPaths
},
{"GRANT rolename TO username", emptyPaths},