mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-29 11:02:08 +00:00
Merge pull request #70003 from ClickHouse/backport/24.9/69984
Backport #69984 to 24.9: Fix definers for parameterized views
This commit is contained in:
commit
00bd70e69d
@ -2301,12 +2301,21 @@ StoragePtr Context::buildParametrizedViewStorage(const String & database_name, c
|
||||
if (!storage_view || !storage_view->isParameterizedView())
|
||||
return nullptr;
|
||||
|
||||
auto query = original_view->getInMemoryMetadataPtr()->getSelectQuery().inner_query->clone();
|
||||
auto original_view_metadata = original_view->getInMemoryMetadataPtr();
|
||||
auto query = original_view_metadata->getSelectQuery().inner_query->clone();
|
||||
StorageView::replaceQueryParametersIfParametrizedView(query, param_values);
|
||||
|
||||
ASTCreateQuery create;
|
||||
create.select = query->as<ASTSelectWithUnionQuery>();
|
||||
auto sample_block = InterpreterSelectQueryAnalyzer::getSampleBlock(query, shared_from_this());
|
||||
|
||||
auto sql_security = std::make_shared<ASTSQLSecurity>();
|
||||
sql_security->type = original_view_metadata->sql_security_type;
|
||||
if (original_view_metadata->definer)
|
||||
sql_security->definer = std::make_shared<ASTUserNameWithHost>(*original_view_metadata->definer);
|
||||
create.sql_security = sql_security;
|
||||
|
||||
auto view_context = original_view_metadata->getSQLSecurityOverriddenContext(shared_from_this());
|
||||
auto sample_block = InterpreterSelectQueryAnalyzer::getSampleBlock(query, view_context);
|
||||
auto res = std::make_shared<StorageView>(StorageID(database_name, table_name),
|
||||
create,
|
||||
ColumnsDescription(sample_block.getNamesAndTypesList()),
|
||||
|
@ -11,6 +11,7 @@ OK
|
||||
OK
|
||||
2
|
||||
2
|
||||
1
|
||||
OK
|
||||
1
|
||||
===== MaterializedView =====
|
||||
|
@ -58,6 +58,11 @@ AS SELECT * FROM $db.test_table;
|
||||
CREATE VIEW $db.test_view_10 (s String)
|
||||
SQL SECURITY DEFINER
|
||||
AS SELECT * FROM $db.test_table;
|
||||
|
||||
CREATE VIEW $db.test_view_11 (s String)
|
||||
SQL SECURITY DEFINER
|
||||
AS SELECT * FROM $db.test_table
|
||||
WHERE s = {param_id:String};
|
||||
EOF
|
||||
|
||||
(( $(${CLICKHOUSE_CLIENT} --query "SHOW TABLE $db.test_view_5" 2>&1 | grep -c "INVOKER") >= 1 )) && echo "OK" || echo "UNEXPECTED"
|
||||
@ -74,6 +79,7 @@ GRANT SELECT ON $db.test_view_7 TO $user2;
|
||||
GRANT SELECT ON $db.test_view_8 TO $user2;
|
||||
GRANT SELECT ON $db.test_view_9 TO $user2;
|
||||
GRANT SELECT ON $db.test_view_10 TO $user2;
|
||||
GRANT SELECT ON $db.test_view_11 TO $user2;
|
||||
EOF
|
||||
|
||||
${CLICKHOUSE_CLIENT} --query "INSERT INTO $db.test_table VALUES ('foo'), ('bar');"
|
||||
@ -88,6 +94,7 @@ ${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_7"
|
||||
(( $(${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT * FROM $db.test_view_8" 2>&1 | grep -c "Not enough privileges") >= 1 )) && echo "OK" || echo "UNEXPECTED"
|
||||
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_9"
|
||||
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_10"
|
||||
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_11(param_id='foo')"
|
||||
|
||||
${CLICKHOUSE_CLIENT} --query "ALTER TABLE $db.test_view_10 MODIFY SQL SECURITY INVOKER"
|
||||
(( $(${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT * FROM $db.test_view_10" 2>&1 | grep -c "Not enough privileges") >= 1 )) && echo "OK" || echo "UNEXPECTED"
|
||||
|
Loading…
Reference in New Issue
Block a user