ClickHouse/src/Interpreters/InterpreterDropAccessEntityQuery.cpp

#include <Interpreters/InterpreterDropAccessEntityQuery.h>
#include <Parsers/ASTDropAccessEntityQuery.h>
#include <Parsers/ASTRowPolicyName.h>
#include <Interpreters/Context.h>
#include <Interpreters/executeDDLQueryOnCluster.h>
#include <Access/AccessControlManager.h>
#include <Access/AccessFlags.h>
#include <Access/User.h>
#include <Access/Role.h>
#include <Access/Quota.h>
#include <Access/RowPolicy.h>
#include <Access/SettingsProfile.h>


namespace DB
{
namespace ErrorCodes
{
    extern const int NOT_IMPLEMENTED;
}

using EntityType = IAccessEntity::Type;


BlockIO InterpreterDropAccessEntityQuery::execute()
{
    auto & query = query_ptr->as<ASTDropAccessEntityQuery &>();
    auto & access_control = getContext()->getAccessControlManager();
    getContext()->checkAccess(getRequiredAccess());

    if (!query.cluster.empty())
        return executeDDLQueryOnCluster(query_ptr, getContext());

    query.replaceEmptyDatabase(getContext()->getCurrentDatabase());

    auto do_drop = [&](const Strings & names)
    {
        if (query.if_exists)
            access_control.tryRemove(access_control.find(query.type, names));
        else
            access_control.remove(access_control.getIDs(query.type, names));
    };

    if (query.type == EntityType::ROW_POLICY)
        do_drop(query.row_policy_names->toStrings());
    else
        do_drop(query.names);

    return {};
}


AccessRightsElements InterpreterDropAccessEntityQuery::getRequiredAccess() const
{
    const auto & query = query_ptr->as<const ASTDropAccessEntityQuery &>();
    AccessRightsElements res;
    switch (query.type)
    {
        case EntityType::USER: res.emplace_back(AccessType::DROP_USER); return res;
        case EntityType::ROLE: res.emplace_back(AccessType::DROP_ROLE); return res;
        case EntityType::SETTINGS_PROFILE: res.emplace_back(AccessType::DROP_SETTINGS_PROFILE); return res;
        case EntityType::ROW_POLICY: res.emplace_back(AccessType::DROP_ROW_POLICY); return res;
        case EntityType::QUOTA: res.emplace_back(AccessType::DROP_QUOTA); return res;
        case EntityType::MAX: break;
    }
    throw Exception(
        toString(query.type) + ": type is not supported by DROP query", ErrorCodes::NOT_IMPLEMENTED);
}

}
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`#include <Interpreters/InterpreterDropAccessEntityQuery.h>`
			`#include <Parsers/ASTDropAccessEntityQuery.h>`
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00			`#include <Parsers/ASTRowPolicyName.h>`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`#include <Interpreters/Context.h>`
split DDLWorker.cpp 2020-11-03 13:47:26 +00:00			`#include <Interpreters/executeDDLQueryOnCluster.h>`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`#include <Access/AccessControlManager.h>`
Rewrite the User class to be controlled by AccessControlManager. 2020-01-26 09:49:53 +00:00			`#include <Access/AccessFlags.h>`
Implement SQL queries for creating and controlling roles. 2020-02-17 02:59:56 +00:00			`#include <Access/User.h>`
			`#include <Access/Role.h>`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`#include <Access/Quota.h>`
Add DCL to manage row policies. 2019-11-29 17:22:56 +00:00			`#include <Access/RowPolicy.h>`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`#include <Access/SettingsProfile.h>`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00

			`namespace DB`
			`{`
Use enum Type instead of std::type_index to represent the type of IAccessEntity. This change simplifies handling of access entities in access storages. 2020-05-03 03:12:03 +00:00			`namespace ErrorCodes`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`{`
Use enum Type instead of std::type_index to represent the type of IAccessEntity. This change simplifies handling of access entities in access storages. 2020-05-03 03:12:03 +00:00			`extern const int NOT_IMPLEMENTED;`
			`}`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00
Use enum Type instead of std::type_index to represent the type of IAccessEntity. This change simplifies handling of access entities in access storages. 2020-05-03 03:12:03 +00:00			`using EntityType = IAccessEntity::Type;`
Implement SQL queries for creating and controlling roles. 2020-02-17 02:59:56 +00:00
Implement SQL queries to manipulate users and grants. 2020-02-04 22:37:04 +00:00
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`BlockIO InterpreterDropAccessEntityQuery::execute()`
			`{`
Rename row policy's 'name' to 'short_name', 'full_name' to 'name'. This change simplifies the interface of IAccesEntity. 2020-05-02 22:30:28 +00:00			`auto & query = query_ptr->as<ASTDropAccessEntityQuery &>();`
Replace all Context references with std::weak_ptr (#22297) * Replace all Context references with std::weak_ptr * Fix shared context captured by value * Fix build * Fix Context with named sessions * Fix copy context * Fix gcc build * Merge with master and fix build * Fix gcc-9 build 2021-04-10 23:33:54 +00:00			`auto & access_control = getContext()->getAccessControlManager();`
			`getContext()->checkAccess(getRequiredAccess());`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00			`if (!query.cluster.empty())`
Replace all Context references with std::weak_ptr (#22297) * Replace all Context references with std::weak_ptr * Fix shared context captured by value * Fix build * Fix Context with named sessions * Fix copy context * Fix gcc build * Merge with master and fix build * Fix gcc-9 build 2021-04-10 23:33:54 +00:00			`return executeDDLQueryOnCluster(query_ptr, getContext());`
Implement "ON CLUSTER" clause for access control SQL. 2020-04-05 23:03:20 +00:00
Replace all Context references with std::weak_ptr (#22297) * Replace all Context references with std::weak_ptr * Fix shared context captured by value * Fix build * Fix Context with named sessions * Fix copy context * Fix gcc build * Merge with master and fix build * Fix gcc-9 build 2021-04-10 23:33:54 +00:00			`query.replaceEmptyDatabase(getContext()->getCurrentDatabase());`
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00
			`auto do_drop = [&](const Strings & names)`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`{`
			`if (query.if_exists)`
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00			`access_control.tryRemove(access_control.find(query.type, names));`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`else`
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00			`access_control.remove(access_control.getIDs(query.type, names));`
			`};`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00			`if (query.type == EntityType::ROW_POLICY)`
			`do_drop(query.row_policy_names->toStrings());`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`else`
Support for multiple names in one CREATE/ALTER command. 2020-05-30 14:18:08 +00:00			`do_drop(query.names);`

Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00			`return {};`
Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`}`
Implement SQL to manage settings profiles. 2020-03-18 14:11:44 +00:00
Use enum Type instead of std::type_index to represent the type of IAccessEntity. This change simplifies handling of access entities in access storages. 2020-05-03 03:12:03 +00:00
			`AccessRightsElements InterpreterDropAccessEntityQuery::getRequiredAccess() const`
			`{`
			`const auto & query = query_ptr->as<const ASTDropAccessEntityQuery &>();`
			`AccessRightsElements res;`
			`switch (query.type)`
			`{`
			`case EntityType::USER: res.emplace_back(AccessType::DROP_USER); return res;`
			`case EntityType::ROLE: res.emplace_back(AccessType::DROP_ROLE); return res;`
			`case EntityType::SETTINGS_PROFILE: res.emplace_back(AccessType::DROP_SETTINGS_PROFILE); return res;`
			`case EntityType::ROW_POLICY: res.emplace_back(AccessType::DROP_ROW_POLICY); return res;`
			`case EntityType::QUOTA: res.emplace_back(AccessType::DROP_QUOTA); return res;`
			`case EntityType::MAX: break;`
			`}`
			`throw Exception(`
			`toString(query.type) + ": type is not supported by DROP query", ErrorCodes::NOT_IMPLEMENTED);`
			`}`

Add DCL to manage quotas. 2019-12-01 22:01:05 +00:00			`}`