This is an automated email from the ASF dual-hosted git repository. morningman pushed a commit to branch branch-2.0 in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/branch-2.0 by this push: new f35cfab9a90 [branch-2.0](cherry-pick)Fix no priv to insert to mysql catalog (#26277) f35cfab9a90 is described below commit f35cfab9a9056b57095740212092cbd22af96cc4 Author: zhangdong <493738...@qq.com> AuthorDate: Thu Nov 2 12:01:08 2023 +0800 [branch-2.0](cherry-pick)Fix no priv to insert to mysql catalog (#26277) pick from: #25678 --- .../apache/doris/analysis/NativeInsertStmt.java | 13 ++++++----- .../jdbc/test_mysql_jdbc_catalog.groovy | 25 +++++++++++++++++++++- 2 files changed, 32 insertions(+), 6 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/analysis/NativeInsertStmt.java b/fe/fe-core/src/main/java/org/apache/doris/analysis/NativeInsertStmt.java index 99e6cb8084a..2204b8aba61 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/analysis/NativeInsertStmt.java +++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/NativeInsertStmt.java @@ -229,16 +229,17 @@ public class NativeInsertStmt extends InsertStmt { } String dbName = tblName.getDb(); String tableName = tblName.getTbl(); + String ctlName = tblName.getCtl(); // check exist DatabaseIf db = analyzer.getEnv().getCatalogMgr().getCatalog(tblName.getCtl()).getDbOrAnalysisException(dbName); TableIf table = db.getTableOrAnalysisException(tblName.getTbl()); // check access if (!Env.getCurrentEnv().getAccessManager() - .checkTblPriv(ConnectContext.get(), dbName, tableName, PrivPredicate.LOAD)) { + .checkTblPriv(ConnectContext.get(), ctlName, dbName, tableName, PrivPredicate.LOAD)) { ErrorReport.reportAnalysisException(ErrorCode.ERR_TABLEACCESS_DENIED_ERROR, "LOAD", ConnectContext.get().getQualifiedUser(), ConnectContext.get().getRemoteIP(), - dbName + ": " + tableName); + ctlName + ": " + dbName + ": " + tableName); } tableMap.put(table.getId(), table); @@ -285,11 +286,13 @@ public class NativeInsertStmt extends InsertStmt { } // Check privilege - if (!Env.getCurrentEnv().getAccessManager().checkTblPriv(ConnectContext.get(), tblName.getDb(), - tblName.getTbl(), PrivPredicate.LOAD)) { + if (!Env.getCurrentEnv().getAccessManager() + .checkTblPriv(ConnectContext.get(), tblName.getCtl(), tblName.getDb(), + tblName.getTbl(), PrivPredicate.LOAD)) { ErrorReport.reportAnalysisException(ErrorCode.ERR_TABLEACCESS_DENIED_ERROR, "LOAD", ConnectContext.get().getQualifiedUser(), - ConnectContext.get().getRemoteIP(), tblName.getDb() + ": " + tblName.getTbl()); + ConnectContext.get().getRemoteIP(), + tblName.getCtl() + ": " + tblName.getDb() + ": " + tblName.getTbl()); } // check partition diff --git a/regression-test/suites/external_table_p0/jdbc/test_mysql_jdbc_catalog.groovy b/regression-test/suites/external_table_p0/jdbc/test_mysql_jdbc_catalog.groovy index 6cb48e9f57f..771a272e9b3 100644 --- a/regression-test/suites/external_table_p0/jdbc/test_mysql_jdbc_catalog.groovy +++ b/regression-test/suites/external_table_p0/jdbc/test_mysql_jdbc_catalog.groovy @@ -24,6 +24,10 @@ suite("test_mysql_jdbc_catalog", "p0,external,mysql,external_docker,external_doc String bucket = getS3BucketName() String driver_url = "https://${bucket}.${s3_endpoint}/regression/jdbc_driver/mysql-connector-java-8.0.25.jar" if (enabled != null && enabled.equalsIgnoreCase("true")) { + String user = "test_jdbc_user"; + String pwd = '123456'; + def tokens = context.config.jdbcUrl.split('/') + def url = tokens[0] + "//" + tokens[2] + "/" + "information_schema" + "?" String catalog_name = "mysql_jdbc_catalog"; String internal_db_name = "regression_test_jdbc_catalog_p0"; String ex_db_name = "doris_test"; @@ -56,6 +60,9 @@ suite("test_mysql_jdbc_catalog", "p0,external,mysql,external_docker,external_doc String dt = "dt"; String dt_null = "dt_null"; + try_sql("DROP USER ${user}") + sql """CREATE USER '${user}' IDENTIFIED BY '${pwd}'""" + sql """create database if not exists ${internal_db_name}; """ sql """drop catalog if exists ${catalog_name} """ @@ -115,8 +122,24 @@ suite("test_mysql_jdbc_catalog", "p0,external,mysql,external_docker,external_doc // test insert String uuid1 = UUID.randomUUID().toString(); - sql """ insert into ${test_insert} values ('${uuid1}', 'doris1', 18) """ + connect(user=user, password="${pwd}", url=url) { + try { + sql """ insert into ${catalog_name}.${ex_db_name}.${test_insert} values ('${uuid1}', 'doris1', 18) """ + fail() + } catch (Exception e) { + log.info(e.getMessage()) + } + } + sql """GRANT LOAD_PRIV ON ${catalog_name}.${ex_db_name}.${test_insert} TO ${user}""" + + connect(user=user, password="${pwd}", url=url) { + try { + sql """ insert into ${catalog_name}.${ex_db_name}.${test_insert} values ('${uuid1}', 'doris1', 18) """ + } catch (Exception e) { + fail(); + } + } order_qt_test_insert1 """ select name, age from ${test_insert} where id = '${uuid1}' order by age """ String uuid2 = UUID.randomUUID().toString(); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org For additional commands, e-mail: commits-h...@doris.apache.org