Caideyipi commented on code in PR #13158:
URL: https://github.com/apache/iotdb/pull/13158#discussion_r1904879982
##########
iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/parser/AstBuilder.java:
##########
@@ -1298,6 +1301,236 @@ public Node
visitExplainAnalyze(RelationalSqlParser.ExplainAnalyzeContext ctx) {
getLocation(ctx), ctx.VERBOSE() != null, (Statement)
visit(ctx.query()));
}
+ // ********************** author expressions ********************
+
+ private String stripQuotes(String text) {
+ if (text != null && text.length() >= 2 && text.startsWith("'") &&
text.endsWith("'")) {
+ return text.substring(1, text.length() - 1).replace("''", "'");
+ }
+ return text;
+ }
+
+ @Override
+ public Node
visitCreateUserStatement(RelationalSqlParser.CreateUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_USER);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setPassword(stripQuotes(ctx.password.getText()));
+ return stmt;
+ }
+
+ @Override
+ public Node
visitCreateRoleStatement(RelationalSqlParser.CreateRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropUserStatement(RelationalSqlParser.DropUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_USER);
+ stmt.setUserName(ctx.userName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropRoleStatement(RelationalSqlParser.DropRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitAlterUserStatement(RelationalSqlParser.AlterUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.UPDATE_USER);
+ stmt.setRoleName(ctx.userName.getText());
+ stmt.setPassword(stripQuotes(ctx.password.getText()));
+ return stmt;
+ }
+
+ @Override
+ public Node
visitGrantUserRoleStatement(RelationalSqlParser.GrantUserRoleStatementContext
ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.GRANT_USER_ROLE);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitRevokeUserRoleStatement(RelationalSqlParser.RevokeUserRoleStatementContext
ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.REVOKE_USER_ROLE);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node visitListUserPrivilegeStatement(
+ RelationalSqlParser.ListUserPrivilegeStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.LIST_USER_PRIV);
+ stmt.setUserName(ctx.userName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node visitListRolePrivilegeStatement(
+ RelationalSqlParser.ListRolePrivilegeStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.LIST_ROLE_PRIV);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitListUserStatement(RelationalSqlParser.ListUserStatementContext ctx) {
+ return new RelationalAuthorStatement(AuthorRType.LIST_USER);
+ }
+
+ @Override
+ public Node
visitListRoleStatement(RelationalSqlParser.ListRoleStatementContext ctx) {
+ return new RelationalAuthorStatement(AuthorRType.LIST_ROLE);
+ }
+
+ @Override
+ public Node visitGrantStatement(RelationalSqlParser.GrantStatementContext
ctx) {
+ boolean toUser;
+ String name;
+ toUser = ctx.holderType().getText().equalsIgnoreCase("user");
+ name = ctx.holderName.getText();
+ boolean grantOption = ctx.grantOpt() != null;
+ boolean toTable;
+ // SYSTEM PRIVILEGES
+ if (ctx.privilegeObjectScope().ON() == null) {
+ String privilegeText =
ctx.privilegeObjectScope().systemPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ if (!priv.isSystemPrivilege() || !priv.forRelationalSys()) {
+ throw new SemanticException(priv + " is not System privilege");
+ }
+ return new RelationalAuthorStatement(
+ toUser ? AuthorRType.GRANT_USER_SYS : AuthorRType.GRANT_ROLE_SYS,
+ priv,
+ toUser ? name : "",
+ toUser ? "" : name,
+ grantOption);
+ } else {
+ String privilegeText =
ctx.privilegeObjectScope().objectPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ if (!priv.isRelationalPrivilege()) {
+ throw new SemanticException(priv + "is not Relational privilege");
+ }
+ // ON TABLE / DB
+ if (ctx.privilegeObjectScope().objectType() != null) {
+ toTable =
ctx.privilegeObjectScope().objectType().getText().equalsIgnoreCase("table");
+ String databaseName = "";
+ if (toTable) {
+ databaseName = clientSession.getDatabaseName();
+ if (databaseName == null) {
+ throw new SemanticException("Database is set yet.");
Review Comment:
……
##########
iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/parser/AstBuilder.java:
##########
@@ -1298,6 +1301,236 @@ public Node
visitExplainAnalyze(RelationalSqlParser.ExplainAnalyzeContext ctx) {
getLocation(ctx), ctx.VERBOSE() != null, (Statement)
visit(ctx.query()));
}
+ // ********************** author expressions ********************
+
+ private String stripQuotes(String text) {
+ if (text != null && text.length() >= 2 && text.startsWith("'") &&
text.endsWith("'")) {
+ return text.substring(1, text.length() - 1).replace("''", "'");
+ }
+ return text;
+ }
+
+ @Override
+ public Node
visitCreateUserStatement(RelationalSqlParser.CreateUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_USER);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setPassword(stripQuotes(ctx.password.getText()));
+ return stmt;
+ }
+
+ @Override
+ public Node
visitCreateRoleStatement(RelationalSqlParser.CreateRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropUserStatement(RelationalSqlParser.DropUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_USER);
+ stmt.setUserName(ctx.userName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropRoleStatement(RelationalSqlParser.DropRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitAlterUserStatement(RelationalSqlParser.AlterUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.UPDATE_USER);
+ stmt.setRoleName(ctx.userName.getText());
+ stmt.setPassword(stripQuotes(ctx.password.getText()));
+ return stmt;
+ }
+
+ @Override
+ public Node
visitGrantUserRoleStatement(RelationalSqlParser.GrantUserRoleStatementContext
ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.GRANT_USER_ROLE);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitRevokeUserRoleStatement(RelationalSqlParser.RevokeUserRoleStatementContext
ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.REVOKE_USER_ROLE);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node visitListUserPrivilegeStatement(
+ RelationalSqlParser.ListUserPrivilegeStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.LIST_USER_PRIV);
+ stmt.setUserName(ctx.userName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node visitListRolePrivilegeStatement(
+ RelationalSqlParser.ListRolePrivilegeStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.LIST_ROLE_PRIV);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitListUserStatement(RelationalSqlParser.ListUserStatementContext ctx) {
+ return new RelationalAuthorStatement(AuthorRType.LIST_USER);
+ }
+
+ @Override
+ public Node
visitListRoleStatement(RelationalSqlParser.ListRoleStatementContext ctx) {
+ return new RelationalAuthorStatement(AuthorRType.LIST_ROLE);
+ }
+
+ @Override
+ public Node visitGrantStatement(RelationalSqlParser.GrantStatementContext
ctx) {
+ boolean toUser;
+ String name;
+ toUser = ctx.holderType().getText().equalsIgnoreCase("user");
+ name = ctx.holderName.getText();
+ boolean grantOption = ctx.grantOpt() != null;
+ boolean toTable;
+ // SYSTEM PRIVILEGES
+ if (ctx.privilegeObjectScope().ON() == null) {
+ String privilegeText =
ctx.privilegeObjectScope().systemPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ if (!priv.isSystemPrivilege() || !priv.forRelationalSys()) {
+ throw new SemanticException(priv + " is not System privilege");
+ }
+ return new RelationalAuthorStatement(
+ toUser ? AuthorRType.GRANT_USER_SYS : AuthorRType.GRANT_ROLE_SYS,
+ priv,
+ toUser ? name : "",
+ toUser ? "" : name,
+ grantOption);
+ } else {
+ String privilegeText =
ctx.privilegeObjectScope().objectPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ if (!priv.isRelationalPrivilege()) {
+ throw new SemanticException(priv + "is not Relational privilege");
+ }
+ // ON TABLE / DB
+ if (ctx.privilegeObjectScope().objectType() != null) {
+ toTable =
ctx.privilegeObjectScope().objectType().getText().equalsIgnoreCase("table");
+ String databaseName = "";
+ if (toTable) {
+ databaseName = clientSession.getDatabaseName();
+ if (databaseName == null) {
+ throw new SemanticException("Database is set yet.");
+ }
+ }
+ String obj = ctx.privilegeObjectScope().objectName.getText();
+ return new RelationalAuthorStatement(
+ toUser
+ ? toTable ? AuthorRType.GRANT_USER_TB :
AuthorRType.GRANT_USER_DB
+ : toTable ? AuthorRType.GRANT_ROLE_TB :
AuthorRType.GRANT_ROLE_DB,
+ toUser ? name : "",
+ toUser ? "" : name,
+ toTable ? databaseName.toLowerCase() : obj.toLowerCase(),
+ toTable ? obj.toLowerCase() : "",
+ priv,
+ grantOption,
+ "");
+ } else if (ctx.privilegeObjectScope().objectScope() != null) {
+ String db =
ctx.privilegeObjectScope().objectScope().dbname.getText().toLowerCase();
+ String tb =
ctx.privilegeObjectScope().objectScope().tbname.getText().toLowerCase();
+ return new RelationalAuthorStatement(
+ toUser ? AuthorRType.GRANT_USER_TB : AuthorRType.GRANT_ROLE_TB,
+ toUser ? name : "",
+ toUser ? "" : name,
+ db,
+ tb,
+ priv,
+ grantOption,
+ "");
+ } else if (ctx.privilegeObjectScope().ANY() != null) {
+ return new RelationalAuthorStatement(
+ toUser ? AuthorRType.GRANT_USER_ANY : AuthorRType.GRANT_ROLE_ANY,
+ priv,
+ toUser ? name : "",
+ toUser ? "" : name,
+ grantOption);
+ }
+ }
+ // will not get here.
+ throw new SemanticException("author statement parser error");
+ }
+
+ public Node visitRevokeStatement(RelationalSqlParser.RevokeStatementContext
ctx) {
+ boolean fromUser;
+ String name;
+ fromUser = ctx.holderType().getText().equalsIgnoreCase("user");
+ name = ctx.holderName.getText();
+ boolean grantOption = ctx.revokeGrantOpt() != null;
+ boolean fromTable;
+
+ // SYSTEM PRIVILEGES
+ if (ctx.privilegeObjectScope().ON() == null) {
+ String privilegeText =
ctx.privilegeObjectScope().systemPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ return new RelationalAuthorStatement(
+ fromUser ? AuthorRType.REVOKE_USER_SYS : AuthorRType.REVOKE_ROLE_SYS,
+ priv,
+ fromUser ? name : "",
+ fromUser ? "" : name,
+ grantOption);
+ } else {
+ String privilegeText =
ctx.privilegeObjectScope().objectPrivilege().getText();
+ PrivilegeType priv = PrivilegeType.valueOf(privilegeText.toUpperCase());
+ // ON TABLE / DB
+ if (ctx.privilegeObjectScope().objectType() != null) {
+ fromTable =
ctx.privilegeObjectScope().objectType().getText().equalsIgnoreCase("table");
+ String databaseName = "";
+ if (fromTable) {
+ databaseName = clientSession.getDatabaseName();
+ if (databaseName == null) {
+ throw new SemanticException("Database is set yet.");
Review Comment:
Same as above
##########
iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/parser/AstBuilder.java:
##########
@@ -1298,6 +1301,236 @@ public Node
visitExplainAnalyze(RelationalSqlParser.ExplainAnalyzeContext ctx) {
getLocation(ctx), ctx.VERBOSE() != null, (Statement)
visit(ctx.query()));
}
+ // ********************** author expressions ********************
+
+ private String stripQuotes(String text) {
+ if (text != null && text.length() >= 2 && text.startsWith("'") &&
text.endsWith("'")) {
+ return text.substring(1, text.length() - 1).replace("''", "'");
+ }
+ return text;
+ }
+
+ @Override
+ public Node
visitCreateUserStatement(RelationalSqlParser.CreateUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_USER);
+ stmt.setUserName(ctx.userName.getText());
+ stmt.setPassword(stripQuotes(ctx.password.getText()));
+ return stmt;
+ }
+
+ @Override
+ public Node
visitCreateRoleStatement(RelationalSqlParser.CreateRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.CREATE_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropUserStatement(RelationalSqlParser.DropUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_USER);
+ stmt.setUserName(ctx.userName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitDropRoleStatement(RelationalSqlParser.DropRoleStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.DROP_ROLE);
+ stmt.setRoleName(ctx.roleName.getText());
+ return stmt;
+ }
+
+ @Override
+ public Node
visitAlterUserStatement(RelationalSqlParser.AlterUserStatementContext ctx) {
+ RelationalAuthorStatement stmt = new
RelationalAuthorStatement(AuthorRType.UPDATE_USER);
+ stmt.setRoleName(ctx.userName.getText());
Review Comment:
Why "roleName" here?
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PathPrivilege.java:
##########
@@ -167,34 +194,32 @@ public int hashCode() {
public String toString() {
StringBuilder builder = new StringBuilder(path.getFullPath());
builder.append(" :");
- for (Integer privilegeId : privileges) {
- builder.append(" ").append(PrivilegeType.values()[privilegeId]);
- if (grantOpts.contains(privilegeId)) {
+ List<PrivilegeType> sortedPrivileges = new ArrayList<>(privileges);
Review Comment:
Better change line 185 BTW
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/PathPrivilege.java:
##########
@@ -24,29 +24,25 @@
import org.apache.iotdb.commons.utils.AuthUtils;
import org.apache.iotdb.commons.utils.SerializeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashSet;
+import java.util.List;
import java.util.Objects;
import java.util.Set;
/** This class represents a privilege on a specific seriesPath. */
public class PathPrivilege {
- private static final Logger LOGGER =
LoggerFactory.getLogger(PathPrivilege.class);
-
- private static final int PATH_PRI_SIZE = PrivilegeType.getPathPriCount();
- private Set<Integer> privileges;
- // grantopt show whether the privileges can be grant to / revoke from others.
- // The privilege that can be grant to others must exist in privileges.
- // The set of grantopt must be a subset of privileges.
- private Set<Integer> grantOpts;
private PartialPath path;
+ private Set<PrivilegeType> privileges;
+ private Set<PrivilegeType> grantOpts;
+
+ private final int PRI_SIZE =
PrivilegeType.getPrivilegeCount(PrivilegeModelType.TREE);
Review Comment:
May be static
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
