(doris) branch branch-3.0 updated: branch-3.0: [fix](auth)Only treat admin@% and root@% as system users. #50904 (#52282)

Mon, 30 Jun 2025 01:06:19 -0700 

This is an automated email from the ASF dual-hosted git repository.

dataroaring pushed a commit to branch branch-3.0
in repository https://gitbox.apache.org/repos/asf/doris.git


The following commit(s) were added to refs/heads/branch-3.0 by this push:
     new 1b794ddff2c branch-3.0: [fix](auth)Only treat admin@% and root@% as 
system users. #50904 (#52282)
1b794ddff2c is described below

commit 1b794ddff2c49f28eea16fa1b0ea4b5802486f1a
Author: github-actions[bot] 
<41898282+github-actions[bot]@users.noreply.github.com>
AuthorDate: Mon Jun 30 15:56:29 2025 +0800

    branch-3.0: [fix](auth)Only treat admin@% and root@% as system users. 
#50904 (#52282)
    
    Cherry-picked from #50904
    
    Co-authored-by: zhangdong <[email protected]>
---
 .../org/apache/doris/analysis/UserIdentity.java    |  4 +--
 .../suites/account_p0/test_system_user.groovy      | 38 ++++++++++++++++++++++
 2 files changed, 40 insertions(+), 2 deletions(-)

diff --git 
a/fe/fe-core/src/main/java/org/apache/doris/analysis/UserIdentity.java 
b/fe/fe-core/src/main/java/org/apache/doris/analysis/UserIdentity.java
index 6898915dab7..c954c164470 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/analysis/UserIdentity.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/UserIdentity.java
@@ -182,11 +182,11 @@ public class UserIdentity implements Writable, 
GsonPostProcessable {
     }
 
     public boolean isRootUser() {
-        return user.equals(Auth.ROOT_USER);
+        return this.equals(ROOT);
     }
 
     public boolean isAdminUser() {
-        return user.equals(Auth.ADMIN_USER);
+        return this.equals(ADMIN);
     }
 
     public boolean isSystemUser() {
diff --git a/regression-test/suites/account_p0/test_system_user.groovy 
b/regression-test/suites/account_p0/test_system_user.groovy
index 5993e1d238b..d7b3ad213fb 100644
--- a/regression-test/suites/account_p0/test_system_user.groovy
+++ b/regression-test/suites/account_p0/test_system_user.groovy
@@ -62,4 +62,42 @@ suite("test_system_user","p0,auth") {
         revoke select_priv on *.*.* from  `admin`;
     """
 
+     sql """
+          create user `root`@'8.8.8.8';
+      """
+     sql """
+         grant select_priv on *.*.* to  `root`@'8.8.8.8';
+     """
+     sql """
+         revoke select_priv on *.*.* from  `root`@'8.8.8.8';
+     """
+     test {
+               sql """
+                   grant 'operator' to `root`@'8.8.8.8';
+               """
+               exception "Can not grant role: operator"
+         }
+    sql """
+            drop user `root`@'8.8.8.8';
+        """
+
+    sql """
+          create user `admin`@'8.8.8.8';
+      """
+     sql """
+         grant select_priv on *.*.* to  `admin`@'8.8.8.8';
+     """
+     sql """
+         revoke select_priv on *.*.* from  `admin`@'8.8.8.8';
+     """
+
+   sql """
+       grant 'admin' to `admin`@'8.8.8.8';
+   """
+    sql """
+           revoke 'admin' from `admin`@'8.8.8.8';
+       """
+    sql """
+            drop user `admin`@'8.8.8.8';
+        """
 }


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to