Caideyipi commented on code in PR #13158:
URL: https://github.com/apache/iotdb/pull/13158#discussion_r1924639577
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java:
##########
@@ -66,31 +85,164 @@ public List<PathPrivilege> getPathPrivilegeList() {
return pathPrivilegeList;
}
- public Set<Integer> getSysPrivilege() {
+ public Set<PrivilegeType> getSysPrivilege() {
return sysPrivilegeSet;
}
- public Set<Integer> getPathPrivileges(PartialPath path) {
+ private Set<Integer> getPrivilegeIntSet(Set<PrivilegeType> privs) {
+ Set<Integer> res = new HashSet<>();
+ for (PrivilegeType priv : privs) {
+ res.add(priv.ordinal());
+ }
+ return res;
+ }
+
+ public Set<PrivilegeType> getPathPrivileges(PartialPath path) {
return AuthUtils.getPrivileges(path, pathPrivilegeList);
}
- public Set<Integer> getSysPriGrantOpt() {
+ public Set<PrivilegeType> getSysPriGrantOpt() {
return sysPriGrantOpt;
}
- public int getAllSysPrivileges() {
- int privs = 0;
- for (Integer sysPri : sysPrivilegeSet) {
- privs |= 1 << AuthUtils.sysPriTopos(sysPri);
+ public Set<PrivilegeType> getAnyScopePrivilegeGrantOpt() {
+ return anyScopePrivilegeGrantOptSet;
+ }
+
+ public Set<PrivilegeType> getAnyScopePrivilegeSet() {
+ return anyScopePrivilegeSet;
+ }
+
+ public Map<String, DatabasePrivilege> getDBScopePrivilegeMap() {
+ return objectPrivilegeMap;
+ }
+
+ private DatabasePrivilege getObjectPrivilege(String objectName) {
+ return this.objectPrivilegeMap.computeIfAbsent(
+ objectName, k -> new DatabasePrivilege(objectName));
+ }
+
+ public List<TPathPrivilege> getPathPrivilegeInfo() {
+ List<TPathPrivilege> privilegeList = new ArrayList<>();
+ for (PathPrivilege pathPrivilege : pathPrivilegeList) {
+ TPathPrivilege pathPriv = new TPathPrivilege();
+ pathPriv.setPath(pathPrivilege.getPath().getFullPath());
+ pathPriv.setPriSet(pathPrivilege.getPrivilegeIntSet());
+ pathPriv.setPriGrantOpt(pathPrivilege.getGrantOptIntSet());
+ privilegeList.add(pathPriv);
}
- for (Integer sysGrantOpt : sysPriGrantOpt) {
- privs |= 1 << (AuthUtils.sysPriTopos(sysGrantOpt) + 16);
+ return privilegeList;
+ }
+
+ public void loadPathPrivilegeInfo(List<TPathPrivilege> pathPrivilegeInfo)
+ throws MetadataException {
+ for (TPathPrivilege tPathPrivilege : pathPrivilegeInfo) {
+ PathPrivilege pathPri = new PathPrivilege();
+ pathPri.setPath(new PartialPath(tPathPrivilege.getPath()));
+ pathPri.setPrivilegesInt(tPathPrivilege.getPriSet());
+ pathPri.setGrantOptInt(tPathPrivilege.getPriGrantOpt());
+ pathPrivilegeList.add(pathPri);
+ }
+ }
+
+ public Set<TDBPrivilege> getRelationalPrivilegeInfo() {
+ Set<TDBPrivilege> privileges = new HashSet<>();
+ for (DatabasePrivilege databasePrivilege : objectPrivilegeMap.values()) {
+ TDBPrivilege tdbPrivilege = new TDBPrivilege();
+ tdbPrivilege.setDatabaseName(databasePrivilege.getDatabaseName());
+ tdbPrivilege.setPrivileges(databasePrivilege.getPrivilegeSet());
+ tdbPrivilege.setGrantOpt(databasePrivilege.getPrivilegeGrantOptSet());
+ if (!databasePrivilege.getTablePrivilegeMap().isEmpty()) {
+ for (TablePrivilege tablePrivilege :
databasePrivilege.getTablePrivilegeMap().values()) {
+ TTablePrivilege tTablePrivilege = new TTablePrivilege();
+ tTablePrivilege.setTableName(tablePrivilege.getTableName());
+ tTablePrivilege.setPrivileges(tablePrivilege.getPrivilegesIntSet());
+
tTablePrivilege.setGrantOption(tablePrivilege.getGrantOptionIntSet());
+ tdbPrivilege.putToTablePrivilegeMap(tablePrivilege.getTableName(),
tTablePrivilege);
+ }
+ } else {
+ tdbPrivilege.setTablePrivilegeMap(new HashMap<>());
+ }
+ privileges.add(tdbPrivilege);
+ }
+ return privileges;
+ }
+
+ public void loadRelationalPrivilegeInfo(Map<String, TDBPrivilege> info) {
+ for (TDBPrivilege tdbPrivilege : info.values()) {
+ DatabasePrivilege databasePrivilege = new
DatabasePrivilege(tdbPrivilege.getDatabaseName());
+ for (Integer privId : tdbPrivilege.getPrivileges()) {
+ databasePrivilege.grantDBPrivilege(PrivilegeType.values()[privId]);
+ }
+ for (Integer privId : tdbPrivilege.getGrantOpt()) {
+ databasePrivilege.grantDBGrantOption(PrivilegeType.values()[privId]);
+ }
+ if (tdbPrivilege.getTablePrivilegeMapSize() != 0) {
+ for (TTablePrivilege tablePrivilege :
tdbPrivilege.getTablePrivilegeMap().values()) {
+ for (Integer privId : tablePrivilege.getPrivileges()) {
+ databasePrivilege.grantTablePrivilege(
+ tablePrivilege.getTableName(), PrivilegeType.values()[privId]);
+ }
+ for (Integer privId : tablePrivilege.getGrantOption()) {
+ databasePrivilege.grantTableGrantOption(
+ tablePrivilege.getTableName(), PrivilegeType.values()[privId]);
+ }
+ }
+ }
+ this.objectPrivilegeMap.put(tdbPrivilege.getDatabaseName(),
databasePrivilege);
}
- return privs;
}
- public boolean getServiceReady() {
- return serviceReady;
+ public TRoleResp getRoleInfo(ModelType modelType) {
+ TRoleResp roleResp = new TRoleResp();
+ roleResp.setName(name);
+ switch (modelType) {
+ case RELATIONAL:
+ Set<Integer> privs = new HashSet<>();
+ for (PrivilegeType priv : sysPrivilegeSet) {
+ if (priv.forRelationalSys()) {
+ privs.add(priv.ordinal());
+ }
+ }
+ roleResp.setSysPriSet(privs);
+ Set<Integer> privGrantOpt = new HashSet<>();
+ for (PrivilegeType priv : sysPriGrantOpt) {
+ if (priv.forRelationalSys()) {
+ privGrantOpt.add(priv.ordinal());
+ }
+ }
+ roleResp.setSysPriSetGrantOpt(privGrantOpt);
+ roleResp.setAnyScopeSet(getPrivilegeIntSet(anyScopePrivilegeSet));
+
roleResp.setAnyScopeGrantSet(getPrivilegeIntSet(anyScopePrivilegeGrantOptSet));
+ roleResp.setPrivilegeList(new ArrayList<>());
+ Set<TDBPrivilege> tdbPrivileges = getRelationalPrivilegeInfo();
+ roleResp.setDbPrivilegeMap(new HashMap<>());
+ for (TDBPrivilege tdbPrivilege : tdbPrivileges) {
+ roleResp.putToDbPrivilegeMap(tdbPrivilege.getDatabaseName(),
tdbPrivilege);
+ }
+ break;
+ case TREE:
+ roleResp.setSysPriSet(getPrivilegeIntSet(sysPrivilegeSet));
+ roleResp.setSysPriSetGrantOpt(getPrivilegeIntSet(sysPriGrantOpt));
+ roleResp.setAnyScopeSet(new HashSet<>());
+ roleResp.setAnyScopeGrantSet(new HashSet<>());
+ roleResp.setPrivilegeList(getPathPrivilegeInfo());
Review Comment:
Better name it "TreePrivilegeList"
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java:
##########
@@ -66,31 +85,164 @@ public List<PathPrivilege> getPathPrivilegeList() {
return pathPrivilegeList;
}
- public Set<Integer> getSysPrivilege() {
+ public Set<PrivilegeType> getSysPrivilege() {
return sysPrivilegeSet;
}
- public Set<Integer> getPathPrivileges(PartialPath path) {
+ private Set<Integer> getPrivilegeIntSet(Set<PrivilegeType> privs) {
+ Set<Integer> res = new HashSet<>();
+ for (PrivilegeType priv : privs) {
+ res.add(priv.ordinal());
+ }
+ return res;
+ }
+
+ public Set<PrivilegeType> getPathPrivileges(PartialPath path) {
return AuthUtils.getPrivileges(path, pathPrivilegeList);
}
- public Set<Integer> getSysPriGrantOpt() {
+ public Set<PrivilegeType> getSysPriGrantOpt() {
return sysPriGrantOpt;
}
- public int getAllSysPrivileges() {
- int privs = 0;
- for (Integer sysPri : sysPrivilegeSet) {
- privs |= 1 << AuthUtils.sysPriTopos(sysPri);
+ public Set<PrivilegeType> getAnyScopePrivilegeGrantOpt() {
+ return anyScopePrivilegeGrantOptSet;
+ }
+
+ public Set<PrivilegeType> getAnyScopePrivilegeSet() {
+ return anyScopePrivilegeSet;
+ }
+
+ public Map<String, DatabasePrivilege> getDBScopePrivilegeMap() {
+ return objectPrivilegeMap;
+ }
+
+ private DatabasePrivilege getObjectPrivilege(String objectName) {
+ return this.objectPrivilegeMap.computeIfAbsent(
+ objectName, k -> new DatabasePrivilege(objectName));
+ }
+
+ public List<TPathPrivilege> getPathPrivilegeInfo() {
+ List<TPathPrivilege> privilegeList = new ArrayList<>();
+ for (PathPrivilege pathPrivilege : pathPrivilegeList) {
+ TPathPrivilege pathPriv = new TPathPrivilege();
+ pathPriv.setPath(pathPrivilege.getPath().getFullPath());
+ pathPriv.setPriSet(pathPrivilege.getPrivilegeIntSet());
+ pathPriv.setPriGrantOpt(pathPrivilege.getGrantOptIntSet());
+ privilegeList.add(pathPriv);
}
- for (Integer sysGrantOpt : sysPriGrantOpt) {
- privs |= 1 << (AuthUtils.sysPriTopos(sysGrantOpt) + 16);
+ return privilegeList;
+ }
+
+ public void loadPathPrivilegeInfo(List<TPathPrivilege> pathPrivilegeInfo)
+ throws MetadataException {
+ for (TPathPrivilege tPathPrivilege : pathPrivilegeInfo) {
+ PathPrivilege pathPri = new PathPrivilege();
+ pathPri.setPath(new PartialPath(tPathPrivilege.getPath()));
+ pathPri.setPrivilegesInt(tPathPrivilege.getPriSet());
+ pathPri.setGrantOptInt(tPathPrivilege.getPriGrantOpt());
+ pathPrivilegeList.add(pathPri);
+ }
+ }
+
+ public Set<TDBPrivilege> getRelationalPrivilegeInfo() {
+ Set<TDBPrivilege> privileges = new HashSet<>();
+ for (DatabasePrivilege databasePrivilege : objectPrivilegeMap.values()) {
+ TDBPrivilege tdbPrivilege = new TDBPrivilege();
+ tdbPrivilege.setDatabaseName(databasePrivilege.getDatabaseName());
+ tdbPrivilege.setPrivileges(databasePrivilege.getPrivilegeSet());
+ tdbPrivilege.setGrantOpt(databasePrivilege.getPrivilegeGrantOptSet());
+ if (!databasePrivilege.getTablePrivilegeMap().isEmpty()) {
+ for (TablePrivilege tablePrivilege :
databasePrivilege.getTablePrivilegeMap().values()) {
+ TTablePrivilege tTablePrivilege = new TTablePrivilege();
+ tTablePrivilege.setTableName(tablePrivilege.getTableName());
+ tTablePrivilege.setPrivileges(tablePrivilege.getPrivilegesIntSet());
+
tTablePrivilege.setGrantOption(tablePrivilege.getGrantOptionIntSet());
+ tdbPrivilege.putToTablePrivilegeMap(tablePrivilege.getTableName(),
tTablePrivilege);
+ }
+ } else {
+ tdbPrivilege.setTablePrivilegeMap(new HashMap<>());
+ }
+ privileges.add(tdbPrivilege);
+ }
+ return privileges;
+ }
+
+ public void loadRelationalPrivilegeInfo(Map<String, TDBPrivilege> info) {
Review Comment:
Better name it "databaseAndTable" or "object" cause this does not influence
any scope.
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java:
##########
@@ -66,31 +85,164 @@ public List<PathPrivilege> getPathPrivilegeList() {
return pathPrivilegeList;
}
- public Set<Integer> getSysPrivilege() {
+ public Set<PrivilegeType> getSysPrivilege() {
return sysPrivilegeSet;
}
- public Set<Integer> getPathPrivileges(PartialPath path) {
+ private Set<Integer> getPrivilegeIntSet(Set<PrivilegeType> privs) {
+ Set<Integer> res = new HashSet<>();
+ for (PrivilegeType priv : privs) {
+ res.add(priv.ordinal());
+ }
+ return res;
+ }
+
+ public Set<PrivilegeType> getPathPrivileges(PartialPath path) {
return AuthUtils.getPrivileges(path, pathPrivilegeList);
}
- public Set<Integer> getSysPriGrantOpt() {
+ public Set<PrivilegeType> getSysPriGrantOpt() {
return sysPriGrantOpt;
}
- public int getAllSysPrivileges() {
- int privs = 0;
- for (Integer sysPri : sysPrivilegeSet) {
- privs |= 1 << AuthUtils.sysPriTopos(sysPri);
+ public Set<PrivilegeType> getAnyScopePrivilegeGrantOpt() {
+ return anyScopePrivilegeGrantOptSet;
+ }
+
+ public Set<PrivilegeType> getAnyScopePrivilegeSet() {
+ return anyScopePrivilegeSet;
+ }
+
+ public Map<String, DatabasePrivilege> getDBScopePrivilegeMap() {
+ return objectPrivilegeMap;
+ }
+
+ private DatabasePrivilege getObjectPrivilege(String objectName) {
+ return this.objectPrivilegeMap.computeIfAbsent(
+ objectName, k -> new DatabasePrivilege(objectName));
+ }
+
+ public List<TPathPrivilege> getPathPrivilegeInfo() {
+ List<TPathPrivilege> privilegeList = new ArrayList<>();
+ for (PathPrivilege pathPrivilege : pathPrivilegeList) {
+ TPathPrivilege pathPriv = new TPathPrivilege();
+ pathPriv.setPath(pathPrivilege.getPath().getFullPath());
+ pathPriv.setPriSet(pathPrivilege.getPrivilegeIntSet());
+ pathPriv.setPriGrantOpt(pathPrivilege.getGrantOptIntSet());
+ privilegeList.add(pathPriv);
}
- for (Integer sysGrantOpt : sysPriGrantOpt) {
- privs |= 1 << (AuthUtils.sysPriTopos(sysGrantOpt) + 16);
+ return privilegeList;
+ }
+
+ public void loadPathPrivilegeInfo(List<TPathPrivilege> pathPrivilegeInfo)
+ throws MetadataException {
+ for (TPathPrivilege tPathPrivilege : pathPrivilegeInfo) {
+ PathPrivilege pathPri = new PathPrivilege();
+ pathPri.setPath(new PartialPath(tPathPrivilege.getPath()));
+ pathPri.setPrivilegesInt(tPathPrivilege.getPriSet());
+ pathPri.setGrantOptInt(tPathPrivilege.getPriGrantOpt());
+ pathPrivilegeList.add(pathPri);
+ }
+ }
+
+ public Set<TDBPrivilege> getRelationalPrivilegeInfo() {
Review Comment:
Better name it "databaseAndTable" or "object" cause this does not influence
any scope.
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java:
##########
@@ -66,31 +85,164 @@ public List<PathPrivilege> getPathPrivilegeList() {
return pathPrivilegeList;
}
- public Set<Integer> getSysPrivilege() {
+ public Set<PrivilegeType> getSysPrivilege() {
return sysPrivilegeSet;
}
- public Set<Integer> getPathPrivileges(PartialPath path) {
+ private Set<Integer> getPrivilegeIntSet(Set<PrivilegeType> privs) {
+ Set<Integer> res = new HashSet<>();
+ for (PrivilegeType priv : privs) {
+ res.add(priv.ordinal());
+ }
+ return res;
+ }
+
+ public Set<PrivilegeType> getPathPrivileges(PartialPath path) {
return AuthUtils.getPrivileges(path, pathPrivilegeList);
}
- public Set<Integer> getSysPriGrantOpt() {
+ public Set<PrivilegeType> getSysPriGrantOpt() {
return sysPriGrantOpt;
}
- public int getAllSysPrivileges() {
- int privs = 0;
- for (Integer sysPri : sysPrivilegeSet) {
- privs |= 1 << AuthUtils.sysPriTopos(sysPri);
+ public Set<PrivilegeType> getAnyScopePrivilegeGrantOpt() {
+ return anyScopePrivilegeGrantOptSet;
+ }
+
+ public Set<PrivilegeType> getAnyScopePrivilegeSet() {
+ return anyScopePrivilegeSet;
+ }
+
+ public Map<String, DatabasePrivilege> getDBScopePrivilegeMap() {
+ return objectPrivilegeMap;
+ }
+
+ private DatabasePrivilege getObjectPrivilege(String objectName) {
+ return this.objectPrivilegeMap.computeIfAbsent(
+ objectName, k -> new DatabasePrivilege(objectName));
+ }
+
+ public List<TPathPrivilege> getPathPrivilegeInfo() {
+ List<TPathPrivilege> privilegeList = new ArrayList<>();
+ for (PathPrivilege pathPrivilege : pathPrivilegeList) {
+ TPathPrivilege pathPriv = new TPathPrivilege();
+ pathPriv.setPath(pathPrivilege.getPath().getFullPath());
+ pathPriv.setPriSet(pathPrivilege.getPrivilegeIntSet());
+ pathPriv.setPriGrantOpt(pathPrivilege.getGrantOptIntSet());
+ privilegeList.add(pathPriv);
}
- for (Integer sysGrantOpt : sysPriGrantOpt) {
- privs |= 1 << (AuthUtils.sysPriTopos(sysGrantOpt) + 16);
+ return privilegeList;
+ }
+
+ public void loadPathPrivilegeInfo(List<TPathPrivilege> pathPrivilegeInfo)
Review Comment:
Better change all the "PathPrivilege"s to "TreePrivilege"s to keep abreast
of the definition.
##########
iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java:
##########
@@ -257,16 +658,23 @@ public String toString() {
+ ", pathPrivilegeList="
+ pathPrivilegeList
+ ", systemPrivilegeSet="
- + sysPriToString()
+ + priSetToString(sysPrivilegeSet, sysPriGrantOpt)
+ + ", AnyScopePrivilegeMap="
+ + priSetToString(anyScopePrivilegeSet, anyScopePrivilegeGrantOptSet)
+ + ", objectPrivilegeSet="
+ + objectPrivilegeMap
+ '}';
}
- private Set<String> sysPriToString() {
+ public Set<String> priSetToString(Set<PrivilegeType> privs,
Set<PrivilegeType> grantOpt) {
Set<String> priSet = new HashSet<>();
- for (Integer pri : sysPrivilegeSet) {
- StringBuilder str = new
StringBuilder(String.valueOf(PrivilegeType.values()[pri].toString()));
- if (sysPriGrantOpt.contains(pri)) {
- str.append("_with_grant_option ");
+ ArrayList<PrivilegeType> privBak = new ArrayList<>(privs);
+ Collections.sort(privBak);
Review Comment:
The "sort" is seemingly useless because the outputs are all in a hashSet...
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
