thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-27 01:51:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

check permission in the server side

Browse Source
This commit is contained in:
jsc0218 2024-02-19 21:39:34 +00:00
parent 9fc9fa7850
commit 2a88f61c96
3 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Access/Common/AccessFlags.cpp
View File

@ -369,11 +369,16 @@ std::unordered_map<AccessFlags::ParameterType, AccessFlags> AccessFlags::splitIn
{
std::unordered_map<ParameterType, AccessFlags> result;
auto table_engine_flags = AccessFlags::allTableEngineFlags() & *this;
if (table_engine_flags)
result.emplace(ParameterType::TABLE_ENGINE, table_engine_flags);
auto named_collection_flags = AccessFlags::allNamedCollectionFlags() & *this;
if (named_collection_flags)
result.emplace(ParameterType::NAMED_COLLECTION, named_collection_flags);
auto other_flags = (~AccessFlags::allNamedCollectionFlags()) & *this;
auto other_flags = (~AccessFlags::allTableEngineFlags()) &
(~AccessFlags::allNamedCollectionFlags()) & *this;
if (other_flags)
result.emplace(ParameterType::NONE, other_flags);

2
src/Access/tests/gtest_access_rights_ops.cpp
View File

@ -50,7 +50,7 @@ TEST(AccessRights, Union)
"GRANT SHOW, SELECT, ALTER, CREATE DATABASE, CREATE TABLE, CREATE VIEW, "
"CREATE DICTIONARY, DROP DATABASE, DROP TABLE, DROP VIEW, DROP DICTIONARY, UNDROP TABLE, "
"TRUNCATE, OPTIMIZE, BACKUP, CREATE ROW POLICY, ALTER ROW POLICY, DROP ROW POLICY, "
"SHOW ROW POLICIES, SYSTEM MERGES, SYSTEM TTL MERGES, SYSTEM FETCHES, "
"SHOW ROW POLICIES, TABLE ENGINE, SYSTEM MERGES, SYSTEM TTL MERGES, SYSTEM FETCHES, "
"SYSTEM MOVES, SYSTEM PULLING REPLICATION LOG, SYSTEM CLEANUP, SYSTEM VIEWS, SYSTEM SENDS, SYSTEM REPLICATION QUEUES, "
"SYSTEM DROP REPLICA, SYSTEM SYNC REPLICA, SYSTEM RESTART REPLICA, "
"SYSTEM RESTORE REPLICA, SYSTEM WAIT LOADING PARTS, SYSTEM SYNC DATABASE REPLICA, SYSTEM FLUSH DISTRIBUTED, dictGet ON db1.*, GRANT NAMED COLLECTION ADMIN ON db1");

1
src/Interpreters/InterpreterCreateQuery.cpp
View File

@ -1891,6 +1891,7 @@ AccessRightsElements InterpreterCreateQuery::getRequiredAccess() const
auto source_access_type = StorageFactory::instance().getSourceAccessType(create.storage->engine->name);
if (source_access_type != AccessType::NONE)
required_access.emplace_back(source_access_type);
required_access.emplace_back(AccessType::TABLE_ENGINE, create.storage->engine->name);
}
return required_access;