thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-24 08:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Backport #69984 to 24.8: Fix definers for parameterized views

Browse Source
This commit is contained in:
robot-clickhouse 2024-09-26 10:09:50 +00:00
parent 394506429a
commit 2b7178944c
3 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/Interpreters/Context.cpp
View File

@ -2236,12 +2236,21 @@ StoragePtr Context::buildParametrizedViewStorage(const String & database_name, c
if (!storage_view || !storage_view->isParameterizedView())
return nullptr;
auto query = original_view->getInMemoryMetadataPtr()->getSelectQuery().inner_query->clone();
auto original_view_metadata = original_view->getInMemoryMetadataPtr();
auto query = original_view_metadata->getSelectQuery().inner_query->clone();
StorageView::replaceQueryParametersIfParametrizedView(query, param_values);
ASTCreateQuery create;
create.select = query->as<ASTSelectWithUnionQuery>();
auto sample_block = InterpreterSelectQueryAnalyzer::getSampleBlock(query, shared_from_this());
auto sql_security = std::make_shared<ASTSQLSecurity>();
sql_security->type = original_view_metadata->sql_security_type;
if (original_view_metadata->definer)
sql_security->definer = std::make_shared<ASTUserNameWithHost>(*original_view_metadata->definer);
create.sql_security = sql_security;
auto view_context = original_view_metadata->getSQLSecurityOverriddenContext(shared_from_this());
auto sample_block = InterpreterSelectQueryAnalyzer::getSampleBlock(query, view_context);
auto res = std::make_shared<StorageView>(StorageID(database_name, table_name),
create,
ColumnsDescription(sample_block.getNamesAndTypesList()),

1
tests/queries/0_stateless/02884_create_view_with_sql_security_option.reference
View File

@ -11,6 +11,7 @@ OK
OK
2
2
1
OK
1
===== MaterializedView =====

7
tests/queries/0_stateless/02884_create_view_with_sql_security_option.sh
View File

@ -58,6 +58,11 @@ AS SELECT * FROM $db.test_table;
CREATE VIEW $db.test_view_10 (s String)
SQL SECURITY DEFINER
AS SELECT * FROM $db.test_table;
CREATE VIEW $db.test_view_11 (s String)
SQL SECURITY DEFINER
AS SELECT * FROM $db.test_table
WHERE s = {param_id:String};
EOF
(( $(${CLICKHOUSE_CLIENT} --query "SHOW TABLE $db.test_view_5" 2>&1 | grep -c "INVOKER") >= 1 )) && echo "OK" || echo "UNEXPECTED"
@ -74,6 +79,7 @@ GRANT SELECT ON $db.test_view_7 TO $user2;
GRANT SELECT ON $db.test_view_8 TO $user2;
GRANT SELECT ON $db.test_view_9 TO $user2;
GRANT SELECT ON $db.test_view_10 TO $user2;
GRANT SELECT ON $db.test_view_11 TO $user2;
EOF
${CLICKHOUSE_CLIENT} --query "INSERT INTO $db.test_table VALUES ('foo'), ('bar');"
@ -88,6 +94,7 @@ ${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_7"
(( $(${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT * FROM $db.test_view_8" 2>&1 | grep -c "Not enough privileges") >= 1 )) && echo "OK" || echo "UNEXPECTED"
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_9"
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_10"
${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT count() FROM $db.test_view_11(param_id='foo')"
${CLICKHOUSE_CLIENT} --query "ALTER TABLE $db.test_view_10 MODIFY SQL SECURITY INVOKER"
(( $(${CLICKHOUSE_CLIENT} --user $user2 --query "SELECT * FROM $db.test_view_10" 2>&1 | grep -c "Not enough privileges") >= 1 )) && echo "OK" || echo "UNEXPECTED"