This is an automated email from the ASF dual-hosted git repository.
jackietien pushed a commit to branch auth
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/auth by this push:
new 95d183307b2 fix with grant option check
95d183307b2 is described below
commit 95d183307b20d1f9162eda226f3adc907bace626
Author: JackieTien97 <[email protected]>
AuthorDate: Mon Sep 4 15:18:01 2023 +0800
fix with grant option check
---
.../org/apache/iotdb/confignode/persistence/AuthorInfo.java | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
index 1f8082631c7..5c1ab1e5cd2 100644
---
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
+++
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java
@@ -65,6 +65,8 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import static
org.apache.iotdb.commons.auth.entity.PrivilegeType.isPathRelevant;
+
public class AuthorInfo implements SnapshotProcessor {
// Works at config node.
@@ -199,7 +201,7 @@ public class AuthorInfo implements SnapshotProcessor {
break;
case GrantRole:
for (int permission : permissions) {
- if (!PrivilegeType.isPathRelevant(permission)) {
+ if (!isPathRelevant(permission)) {
authorizer.grantPrivilegeToRole(roleName, null, permission,
grantOpt);
continue;
}
@@ -210,7 +212,7 @@ public class AuthorInfo implements SnapshotProcessor {
break;
case GrantUser:
for (int permission : permissions) {
- if (!PrivilegeType.isPathRelevant(permission)) {
+ if (!isPathRelevant(permission)) {
authorizer.grantPrivilegeToUser(userName, null, permission,
grantOpt);
continue;
}
@@ -224,7 +226,7 @@ public class AuthorInfo implements SnapshotProcessor {
break;
case RevokeUser:
for (int permission : permissions) {
- if (!PrivilegeType.isPathRelevant(permission)) {
+ if (!isPathRelevant(permission)) {
authorizer.revokePrivilegeFromUser(userName, null, permission);
continue;
}
@@ -235,7 +237,7 @@ public class AuthorInfo implements SnapshotProcessor {
break;
case RevokeRole:
for (int permission : permissions) {
- if (!PrivilegeType.isPathRelevant(permission)) {
+ if (!isPathRelevant(permission)) {
authorizer.revokePrivilegeFromRole(roleName, null, permission);
continue;
}
@@ -459,7 +461,7 @@ public class AuthorInfo implements SnapshotProcessor {
return resp;
}
try {
- if (!paths.isEmpty()) {
+ if (isPathRelevant(permission)) {
for (PartialPath path : paths) {
if (user.checkPathPrivilegeGrantOpt(path, permission)) {
status = true;
