database/doris
2
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

[fix](auth)remove the key when priv is empty (#29522)

Browse Source 
- remove the key when priv is empty
- check priv when create mv
This commit is contained in:
zhangdong
2024-01-11 14:45:43 +08:00
committed by yiguolei
parent 8ba1eb0b02
commit ed3c8bba87
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
fe/fe-core/src/main/java/org/apache/doris/analysis/CreateMaterializedViewStmt.java
View File

@ -29,9 +29,13 @@ import org.apache.doris.catalog.PrimitiveType;
import org.apache.doris.catalog.Type;
import org.apache.doris.common.AnalysisException;
import org.apache.doris.common.DdlException;
import org.apache.doris.common.ErrorCode;
import org.apache.doris.common.ErrorReport;
import org.apache.doris.common.FeConstants;
import org.apache.doris.common.FeNameFormat;
import org.apache.doris.common.UserException;
import org.apache.doris.mysql.privilege.PrivPredicate;
import org.apache.doris.qe.ConnectContext;
import org.apache.doris.rewrite.ExprRewriter;
import org.apache.doris.rewrite.mvrewrite.CountFieldToSum;
@ -228,6 +232,13 @@ public class CreateMaterializedViewStmt extends DdlStmt {
throw new AnalysisException("The limit clause is not supported in add materialized view clause, expr:"
+ " limit " + selectStmt.getLimit());
}
// check access
if (!isReplay && ConnectContext.get() != null && !Env.getCurrentEnv().getAccessManager()
.checkTblPriv(ConnectContext.get(), dbName,
baseIndexName, PrivPredicate.ALTER)) {
ErrorReport.reportAnalysisException(ErrorCode.ERR_SPECIFIC_ACCESS_DENIED_ERROR, "ALTER");
}
}
public void analyzeSelectClause(Analyzer analyzer) throws AnalysisException {
@ -631,7 +642,7 @@ public class CreateMaterializedViewStmt extends DdlStmt {
public static String mvColumnBuilder(Optional<String> functionName, String sourceColumnName) {
return functionName.map(s -> mvAggregateColumnBuilder(s, sourceColumnName))
.orElseGet(() -> mvColumnBuilder(sourceColumnName));
.orElseGet(() -> mvColumnBuilder(sourceColumnName));
}
public static String mvColumnBreaker(String name) {

3
fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/Role.java
View File

@ -628,6 +628,9 @@ public class Role implements Writable, GsonPostProcessable {
return;
}
existingPriv.remove(privs);
if (existingPriv.isEmpty()) {
tblPatternToPrivs.remove(tblPattern);
}
revokePrivs(tblPattern, privs);
revokeCols(colPrivileges);
}