This is an automated email from the ASF dual-hosted git repository. jackietien pushed a commit to branch MaintainAuth in repository https://gitbox.apache.org/repos/asf/iotdb.git
commit 66cea45d1fe95f5cdb632ffb2d8b2e8908da4e13 Author: JackieTien97 <[email protected]> AuthorDate: Fri Feb 7 19:56:14 2025 +0800 Support authentication for maintain statement --- .../it/query/recent/IoTDBMaintainAuthIT.java | 52 ++++++++++++++++++++-- 1 file changed, 49 insertions(+), 3 deletions(-) diff --git a/integration-test/src/test/java/org/apache/iotdb/relational/it/query/recent/IoTDBMaintainAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/relational/it/query/recent/IoTDBMaintainAuthIT.java index df340a46cd0..a46cccc1974 100644 --- a/integration-test/src/test/java/org/apache/iotdb/relational/it/query/recent/IoTDBMaintainAuthIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/relational/it/query/recent/IoTDBMaintainAuthIT.java @@ -188,16 +188,18 @@ public class IoTDBMaintainAuthIT { // case 12: show queries // user1 with select on information_schema.queries - tableExecuteTest("show queries", USER_1, PASSWORD); + expectedHeader = + new String[] {"query_id", "start_time", "datanode_id", "elapsed_time", "statement"}; + tableQueryNoVerifyResultTest("SHOW QUERIES", expectedHeader, USER_1, PASSWORD, DATABASE_NAME); // user2 without select on information_schema.queries tableAssertTestFail( - "show queries", + "SHOW QUERIES", TSStatusCode.NO_PERMISSION.getStatusCode() + ": Access Denied: No permissions for this operation, please add privilege SELECT ON information_schema.queries", USER_2, PASSWORD); - // case 12: kill query + // case 13: kill query // user1 with MAINTAIN tableAssertTestFail( "kill query '20250206_093300_00001_100'", @@ -211,5 +213,49 @@ public class IoTDBMaintainAuthIT { + ": Access Denied: No permissions for this operation, please add privilege MAINTAIN", USER_2, PASSWORD); + + // case 14: load configuration + // user1 with MAINTAIN + tableExecuteTest("LOAD CONFIGURATION", USER_1, PASSWORD); + // user2 without MAINTAIN + tableAssertTestFail( + "LOAD CONFIGURATION", + TSStatusCode.NO_PERMISSION.getStatusCode() + + ": Access Denied: No permissions for this operation, please add privilege MAINTAIN", + USER_2, + PASSWORD); + + // case 15: set system status + // user1 with MAINTAIN + tableExecuteTest("SET SYSTEM TO RUNNING", USER_1, PASSWORD); + // user2 without MAINTAIN + tableAssertTestFail( + "SET SYSTEM TO RUNNING", + TSStatusCode.NO_PERMISSION.getStatusCode() + + ": Access Denied: No permissions for this operation, please add privilege MAINTAIN", + USER_2, + PASSWORD); + + // case 16: start repair data + // user1 with MAINTAIN + tableExecuteTest("START REPAIR DATA", USER_1, PASSWORD); + // user2 without MAINTAIN + tableAssertTestFail( + "START REPAIR DATA", + TSStatusCode.NO_PERMISSION.getStatusCode() + + ": Access Denied: No permissions for this operation, please add privilege MAINTAIN", + USER_2, + PASSWORD); + + // case 17: stop repair data + // user1 with MAINTAIN + tableExecuteTest("STOP REPAIR DATA", USER_1, PASSWORD); + // user2 without MAINTAIN + tableAssertTestFail( + "STOP REPAIR DATA", + TSStatusCode.NO_PERMISSION.getStatusCode() + + ": Access Denied: No permissions for this operation, please add privilege MAINTAIN", + USER_2, + PASSWORD); } }
