This is an automated email from the ASF dual-hosted git repository.
yiguolei pushed a commit to branch branch-2.1
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/branch-2.1 by this push:
new 2560a8ec569 [test](auth)add grant show_view_priv to new user (#49307)
2560a8ec569 is described below
commit 2560a8ec569e7125676c5e442b8d033b53a4dec9
Author: zfr95 <[email protected]>
AuthorDate: Thu Mar 20 23:04:43 2025 +0800
[test](auth)add grant show_view_priv to new user (#49307)
---
.../test_account_management_user_auth.groovy | 3 +-
.../test_grant_show_view_priv_auth.groovy | 94 ++++++++++++++++++++++
2 files changed, 96 insertions(+), 1 deletion(-)
diff --git
a/regression-test/suites/auth_call/test_account_management_user_auth.groovy
b/regression-test/suites/auth_call/test_account_management_user_auth.groovy
index e6b0c203dd3..936071b1e9d 100644
--- a/regression-test/suites/auth_call/test_account_management_user_auth.groovy
+++ b/regression-test/suites/auth_call/test_account_management_user_auth.groovy
@@ -23,7 +23,7 @@ suite("test_account_management_user_auth","p0,auth_call") {
String user = 'test_account_management_user_auth_user'
String pwd = 'C123_567p'
String dbName = 'test_account_management_user_auth_db'
- String user_derive = 'test_account_management_user_derive_role'
+ String user_derive = 'test_account_management_user_derive_user'
//cloud-mode
if (isCloudMode()) {
@@ -68,6 +68,7 @@ suite("test_account_management_user_auth","p0,auth_call") {
}
}
sql """grant grant_priv on *.*.* to '${user}'"""
+
connect(user=user, password="${pwd}", url=context.config.jdbcUrl) {
sql """CREATE USER ${user_derive} IDENTIFIED BY '${pwd}';"""
sql """ALTER USER ${user_derive} IDENTIFIED BY "${pwd}";"""
diff --git
a/regression-test/suites/auth_call/test_grant_show_view_priv_auth.groovy
b/regression-test/suites/auth_call/test_grant_show_view_priv_auth.groovy
new file mode 100644
index 00000000000..3a736fe4703
--- /dev/null
+++ b/regression-test/suites/auth_call/test_grant_show_view_priv_auth.groovy
@@ -0,0 +1,94 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+import org.junit.Assert;
+import org.codehaus.groovy.runtime.IOGroovyMethods
+
+suite("test_grant_show_view_priv_auth","p0,auth_call") {
+
+ String user = 'test_grant_show_view_priv_user'
+ String pwd = 'C123_567p'
+ String dbName = 'test_grant_show_view_priv_auth_db'
+ String user_derive = 'test_grant_show_view_priv_derive_user'
+ String tableName = 'test_grant_show_view_priv_auth_tb'
+ String viewName = 'test_grant_show_view_priv_auth_view'
+
+ //cloud-mode
+ if (isCloudMode()) {
+ def clusters = sql " SHOW CLUSTERS; "
+ assertTrue(!clusters.isEmpty())
+ def validCluster = clusters[0][0]
+ sql """GRANT USAGE_PRIV ON CLUSTER ${validCluster} TO ${user}""";
+ }
+
+ try_sql("DROP USER ${user}")
+ try_sql("DROP USER ${user_derive}")
+ try_sql """drop database if exists ${dbName}"""
+
+ sql """CREATE USER '${user}' IDENTIFIED BY '${pwd}'"""
+ sql """grant select_priv on regression_test to ${user}"""
+ sql """create database ${dbName}"""
+ sql """create table ${dbName}.${tableName} (
+ id BIGINT,
+ username VARCHAR(20)
+ )
+ DISTRIBUTED BY HASH(id) BUCKETS 2
+ PROPERTIES (
+ "replication_num" = "1"
+ );"""
+ sql """
+ INSERT INTO ${dbName}.${tableName} (id, username)
+ VALUES (1, "111"),
+ (2, "222"),
+ (3, "333")
+ """
+ sql """CREATE VIEW ${dbName}.${viewName} (k1, v1)
+ AS
+ SELECT id as k1, SUM(id) FROM ${dbName}.${tableName}
+ WHERE id = 1 GROUP BY k1;
+ """
+
+ sql """grant grant_priv on *.*.* to '${user}'"""
+ sql """grant SHOW_VIEW_PRIV on ${dbName}.${viewName} to ${user}"""
+ connect(user, "${pwd}", context.config.jdbcUrl) {
+ sql """CREATE USER ${user_derive} IDENTIFIED BY '${pwd}';"""
+ sql """grant select_priv on regression_test to ${user_derive}"""
+
+ connect(user_derive, "${pwd}", context.config.jdbcUrl) {
+ test {
+ sql """show create table ${dbName}.${viewName};"""
+ exception "denied"
+ }
+ test {
+ sql """select * from ${dbName}.${viewName};"""
+ exception "denied"
+ }
+ }
+ sql """grant SHOW_VIEW_PRIV on ${dbName}.${viewName} to
${user_derive}"""
+ connect(user_derive, "${pwd}", context.config.jdbcUrl) {
+ sql """show create table ${dbName}.${viewName};"""
+ test {
+ sql """select * from ${dbName}.${viewName};"""
+ exception "denied"
+ }
+ }
+ }
+
+ sql """drop database if exists ${dbName}"""
+ try_sql("DROP USER ${user}")
+ try_sql("DROP role ${user_derive}")
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
