This is an automated email from the ASF dual-hosted git repository.
morningman pushed a commit to branch branch-2.1
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/branch-2.1 by this push:
new 22d37ba3fe6 [fix](auth)Auth support case insensitive (#36381) (#36557)
22d37ba3fe6 is described below
commit 22d37ba3fe64fe0d319548dcd21d771b72cdcd39
Author: zhangdong <[email protected]>
AuthorDate: Thu Jun 20 18:31:30 2024 +0800
[fix](auth)Auth support case insensitive (#36381) (#36557)
pick from: #36381
---
.../main/java/org/apache/doris/catalog/Env.java | 4 ++
.../doris/mysql/privilege/TablePrivEntry.java | 3 +-
.../org/apache/doris/mysql/privilege/AuthTest.java | 50 ++++++++++++++++++++++
3 files changed, 56 insertions(+), 1 deletion(-)
diff --git a/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
b/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
index 4209eeaa532..09cb46fdf27 100755
--- a/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/catalog/Env.java
@@ -5921,6 +5921,10 @@ public class Env {
return GlobalVariable.lowerCaseTableNames == 2;
}
+ public static boolean isTableNamesCaseSensitive() {
+ return GlobalVariable.lowerCaseTableNames == 0;
+ }
+
private static void getTableMeta(OlapTable olapTable, TGetMetaDBMeta
dbMeta) {
if (LOG.isDebugEnabled()) {
LOG.debug("get table meta. table: {}", olapTable.getName());
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/TablePrivEntry.java
b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/TablePrivEntry.java
index c89104cde1c..27693bbf6a3 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/TablePrivEntry.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/TablePrivEntry.java
@@ -17,6 +17,7 @@
package org.apache.doris.mysql.privilege;
+import org.apache.doris.catalog.Env;
import org.apache.doris.common.AnalysisException;
import org.apache.doris.common.CaseSensibility;
import org.apache.doris.common.PatternMatcher;
@@ -58,7 +59,7 @@ public class TablePrivEntry extends DbPrivEntry {
ctl, CaseSensibility.CATALOG.getCaseSensibility(),
ctl.equals(ANY_CTL));
PatternMatcher tblPattern = PatternMatcher.createFlatPattern(
- tbl, CaseSensibility.TABLE.getCaseSensibility(),
tbl.equals(ANY_TBL));
+ tbl, Env.isTableNamesCaseSensitive(), tbl.equals(ANY_TBL));
if (privs.containsNodePriv() || privs.containsResourcePriv()) {
throw new AnalysisException("Table privilege can not contains
global or resource privileges: " + privs);
diff --git
a/fe/fe-core/src/test/java/org/apache/doris/mysql/privilege/AuthTest.java
b/fe/fe-core/src/test/java/org/apache/doris/mysql/privilege/AuthTest.java
index 43737066748..baedd1483d4 100644
--- a/fe/fe-core/src/test/java/org/apache/doris/mysql/privilege/AuthTest.java
+++ b/fe/fe-core/src/test/java/org/apache/doris/mysql/privilege/AuthTest.java
@@ -2373,6 +2373,56 @@ public class AuthTest {
revoke(revokeStmt);
}
+ @Test
+ public void testTableNamesCaseSensitive() throws UserException {
+ new Expectations() {
+ {
+ Env.isTableNamesCaseSensitive();
+ minTimes = 0;
+ result = true;
+ }
+ };
+ UserIdentity userIdentity = new UserIdentity("sensitiveUser", "%");
+ createUser(userIdentity);
+ // `load_priv` and `select_priv` can not `show create view`
+ GrantStmt grantStmt = new GrantStmt(userIdentity, null, new
TablePattern("sensitivedb", "sensitiveTable"),
+ Lists.newArrayList(new
AccessPrivilegeWithCols(AccessPrivilege.SELECT_PRIV)));
+ grant(grantStmt);
+ Assert.assertTrue(accessManager
+ .checkTblPriv(userIdentity,
InternalCatalog.INTERNAL_CATALOG_NAME, "sensitivedb", "sensitiveTable",
+ PrivPredicate.SELECT));
+
+ Assert.assertFalse(accessManager
+ .checkTblPriv(userIdentity,
InternalCatalog.INTERNAL_CATALOG_NAME, "sensitivedb", "sensitivetable",
+ PrivPredicate.SELECT));
+ dropUser(userIdentity);
+ }
+
+ @Test
+ public void testTableNamesCaseInsensitive() throws UserException {
+ new Expectations() {
+ {
+ Env.isTableNamesCaseSensitive();
+ minTimes = 0;
+ result = false;
+ }
+ };
+ UserIdentity userIdentity = new UserIdentity("sensitiveUser1", "%");
+ createUser(userIdentity);
+ // `load_priv` and `select_priv` can not `show create view`
+ GrantStmt grantStmt = new GrantStmt(userIdentity, null, new
TablePattern("sensitivedb1", "sensitiveTable"),
+ Lists.newArrayList(new
AccessPrivilegeWithCols(AccessPrivilege.SELECT_PRIV)));
+ grant(grantStmt);
+ Assert.assertTrue(accessManager
+ .checkTblPriv(userIdentity,
InternalCatalog.INTERNAL_CATALOG_NAME, "sensitivedb1", "sensitiveTable",
+ PrivPredicate.SELECT));
+
+ Assert.assertTrue(accessManager
+ .checkTblPriv(userIdentity,
InternalCatalog.INTERNAL_CATALOG_NAME, "sensitivedb1", "sensitivetable",
+ PrivPredicate.SELECT));
+ dropUser(userIdentity);
+ }
+
@Test
public void testSetInitialRootPassword() {
// Skip set root password if `initial_root_password` set to empty
string
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
