thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-09-24 18:50:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename ExtendedRoleSet => RolesOrUsersSet.

Browse Source
This commit is contained in:
Vitaly Baranov 2020-05-30 23:10:45 +03:00
parent 9f31184d76
commit 92b9f4a88d
58 changed files with 308 additions and 271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/Access/DiskAccessStorage.cpp
View File

@ -64,19 +64,23 @@ namespace
bool parseImpl(Pos & pos, ASTPtr & node, Expected & expected) override
{
if (ParserCreateUserQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
if (ParserCreateRoleQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
if (ParserCreateRowPolicyQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
if (ParserCreateQuotaQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
if (ParserCreateSettingsProfileQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
if (ParserGrantQuery{}.enableAttachMode(true).parse(pos, node, expected))
return true;
return false;
ParserCreateUserQuery create_user_p;
ParserCreateRoleQuery create_role_p;
ParserCreateRowPolicyQuery create_policy_p;
ParserCreateQuotaQuery create_quota_p;
ParserCreateSettingsProfileQuery create_profile_p;
ParserGrantQuery grant_p;
create_user_p.useAttachMode();
create_role_p.useAttachMode();
create_policy_p.useAttachMode();
create_quota_p.useAttachMode();
create_profile_p.useAttachMode();
grant_p.useAttachMode();
return create_user_p.parse(pos, node, expected) || create_role_p.parse(pos, node, expected)
|| create_policy_p.parse(pos, node, expected) || create_quota_p.parse(pos, node, expected)
|| create_profile_p.parse(pos, node, expected) || grant_p.parse(pos, node, expected);
}
};

4
src/Access/Quota.h
View File

@ -1,7 +1,7 @@
#pragma once
#include <Access/IAccessEntity.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <boost/lexical_cast.hpp>
#include <chrono>
@ -91,7 +91,7 @@ struct Quota : public IAccessEntity
KeyType key_type = KeyType::NONE;
/// Which roles or users should use this quota.
ExtendedRoleSet to_roles;
RolesOrUsersSet to_roles;
bool equal(const IAccessEntity & other) const override;
std::shared_ptr<IAccessEntity> clone() const override { return cloneImpl<Quota>(); }

2
src/Access/QuotaCache.h
View File

@ -39,7 +39,7 @@ private:
QuotaPtr quota;
UUID quota_id;
const ExtendedRoleSet * roles = nullptr;
const RolesOrUsersSet * roles = nullptr;
std::unordered_map<String /* quota key */, boost::shared_ptr<const Intervals>> key_to_intervals;
};

69
src/Access/ExtendedRoleSet.cpp → src/Access/RolesOrUsersSet.cpp
View File

@ -1,9 +1,8 @@
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/User.h>
#include <Access/Role.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/formatAST.h>
#include <IO/ReadHelpers.h>
#include <IO/WriteHelpers.h>
@ -20,51 +19,51 @@ namespace ErrorCodes
}
ExtendedRoleSet::ExtendedRoleSet() = default;
ExtendedRoleSet::ExtendedRoleSet(const ExtendedRoleSet & src) = default;
ExtendedRoleSet & ExtendedRoleSet::operator =(const ExtendedRoleSet & src) = default;
ExtendedRoleSet::ExtendedRoleSet(ExtendedRoleSet && src) = default;
ExtendedRoleSet & ExtendedRoleSet::operator =(ExtendedRoleSet && src) = default;
RolesOrUsersSet::RolesOrUsersSet() = default;
RolesOrUsersSet::RolesOrUsersSet(const RolesOrUsersSet & src) = default;
RolesOrUsersSet & RolesOrUsersSet::operator =(const RolesOrUsersSet & src) = default;
RolesOrUsersSet::RolesOrUsersSet(RolesOrUsersSet && src) = default;
RolesOrUsersSet & RolesOrUsersSet::operator =(RolesOrUsersSet && src) = default;
ExtendedRoleSet::ExtendedRoleSet(AllTag)
RolesOrUsersSet::RolesOrUsersSet(AllTag)
{
all = true;
}
ExtendedRoleSet::ExtendedRoleSet(const UUID & id)
RolesOrUsersSet::RolesOrUsersSet(const UUID & id)
{
add(id);
}
ExtendedRoleSet::ExtendedRoleSet(const std::vector<UUID> & ids_)
RolesOrUsersSet::RolesOrUsersSet(const std::vector<UUID> & ids_)
{
add(ids_);
}
ExtendedRoleSet::ExtendedRoleSet(const ASTExtendedRoleSet & ast)
RolesOrUsersSet::RolesOrUsersSet(const ASTRolesOrUsersSet & ast)
{
init(ast, nullptr);
}
ExtendedRoleSet::ExtendedRoleSet(const ASTExtendedRoleSet & ast, const std::optional<UUID> & current_user_id)
RolesOrUsersSet::RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const std::optional<UUID> & current_user_id)
{
init(ast, nullptr, current_user_id);
}
ExtendedRoleSet::ExtendedRoleSet(const ASTExtendedRoleSet & ast, const AccessControlManager & manager)
RolesOrUsersSet::RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager)
{
init(ast, &manager);
}
ExtendedRoleSet::ExtendedRoleSet(const ASTExtendedRoleSet & ast, const AccessControlManager & manager, const std::optional<UUID> & current_user_id)
RolesOrUsersSet::RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager, const std::optional<UUID> & current_user_id)
{
init(ast, &manager, current_user_id);
}
void ExtendedRoleSet::init(const ASTExtendedRoleSet & ast, const AccessControlManager * manager, const std::optional<UUID> & current_user_id)
void RolesOrUsersSet::init(const ASTRolesOrUsersSet & ast, const AccessControlManager * manager, const std::optional<UUID> & current_user_id)
{
all = ast.all;
@ -73,20 +72,20 @@ void ExtendedRoleSet::init(const ASTExtendedRoleSet & ast, const AccessControlMa
if (ast.id_mode)
return parse<UUID>(name);
assert(manager);
if (ast.can_contain_users && ast.can_contain_roles)
if (ast.allow_user_names && ast.allow_role_names)
{
auto id = manager->find<User>(name);
if (id)
return *id;
return manager->getID<Role>(name);
}
else if (ast.can_contain_users)
else if (ast.allow_user_names)
{
return manager->getID<User>(name);
}
else
{
assert(ast.can_contain_roles);
assert(ast.allow_role_names);
return manager->getID<Role>(name);
}
};
@ -122,9 +121,9 @@ void ExtendedRoleSet::init(const ASTExtendedRoleSet & ast, const AccessControlMa
}
std::shared_ptr<ASTExtendedRoleSet> ExtendedRoleSet::toAST() const
std::shared_ptr<ASTRolesOrUsersSet> RolesOrUsersSet::toAST() const
{
auto ast = std::make_shared<ASTExtendedRoleSet>();
auto ast = std::make_shared<ASTRolesOrUsersSet>();
ast->id_mode = true;
ast->all = all;
@ -148,9 +147,9 @@ std::shared_ptr<ASTExtendedRoleSet> ExtendedRoleSet::toAST() const
}
std::shared_ptr<ASTExtendedRoleSet> ExtendedRoleSet::toASTWithNames(const AccessControlManager & manager) const
std::shared_ptr<ASTRolesOrUsersSet> RolesOrUsersSet::toASTWithNames(const AccessControlManager & manager) const
{
auto ast = std::make_shared<ASTExtendedRoleSet>();
auto ast = std::make_shared<ASTRolesOrUsersSet>();
ast->all = all;
if (!ids.empty())
@ -181,21 +180,21 @@ std::shared_ptr<ASTExtendedRoleSet> ExtendedRoleSet::toASTWithNames(const Access
}
String ExtendedRoleSet::toString() const
String RolesOrUsersSet::toString() const
{
auto ast = toAST();
return serializeAST(*ast);
}
String ExtendedRoleSet::toStringWithNames(const AccessControlManager & manager) const
String RolesOrUsersSet::toStringWithNames(const AccessControlManager & manager) const
{
auto ast = toASTWithNames(manager);
return serializeAST(*ast);
}
Strings ExtendedRoleSet::toStringsWithNames(const AccessControlManager & manager) const
Strings RolesOrUsersSet::toStringsWithNames(const AccessControlManager & manager) const
{
if (!all && ids.empty())
return {};
@ -233,13 +232,13 @@ Strings ExtendedRoleSet::toStringsWithNames(const AccessControlManager & manager
}
bool ExtendedRoleSet::empty() const
bool RolesOrUsersSet::empty() const
{
return ids.empty() && !all;
}
void ExtendedRoleSet::clear()
void RolesOrUsersSet::clear()
{
ids.clear();
all = false;
@ -247,26 +246,26 @@ void ExtendedRoleSet::clear()
}
void ExtendedRoleSet::add(const UUID & id)
void RolesOrUsersSet::add(const UUID & id)
{
ids.insert(id);
}
void ExtendedRoleSet::add(const std::vector<UUID> & ids_)
void RolesOrUsersSet::add(const std::vector<UUID> & ids_)
{
for (const auto & id : ids_)
add(id);
}
bool ExtendedRoleSet::match(const UUID & id) const
bool RolesOrUsersSet::match(const UUID & id) const
{
return (all || ids.count(id)) && !except_ids.count(id);
}
bool ExtendedRoleSet::match(const UUID & user_id, const boost::container::flat_set<UUID> & enabled_roles) const
bool RolesOrUsersSet::match(const UUID & user_id, const boost::container::flat_set<UUID> & enabled_roles) const
{
if (!all && !ids.count(user_id))
{
@ -285,7 +284,7 @@ bool ExtendedRoleSet::match(const UUID & user_id, const boost::container::flat_s
}
std::vector<UUID> ExtendedRoleSet::getMatchingIDs() const
std::vector<UUID> RolesOrUsersSet::getMatchingIDs() const
{
if (all)
throw Exception("getAllMatchingIDs() can't get ALL ids without manager", ErrorCodes::LOGICAL_ERROR);
@ -295,7 +294,7 @@ std::vector<UUID> ExtendedRoleSet::getMatchingIDs() const
}
std::vector<UUID> ExtendedRoleSet::getMatchingIDs(const AccessControlManager & manager) const
std::vector<UUID> RolesOrUsersSet::getMatchingIDs(const AccessControlManager & manager) const
{
if (!all)
return getMatchingIDs();
@ -316,7 +315,7 @@ std::vector<UUID> ExtendedRoleSet::getMatchingIDs(const AccessControlManager & m
}
bool operator ==(const ExtendedRoleSet & lhs, const ExtendedRoleSet & rhs)
bool operator ==(const RolesOrUsersSet & lhs, const RolesOrUsersSet & rhs)
{
return (lhs.all == rhs.all) && (lhs.ids == rhs.ids) && (lhs.except_ids == rhs.except_ids);
}

42
src/Access/ExtendedRoleSet.h → src/Access/RolesOrUsersSet.h
View File

@ -8,35 +8,35 @@
namespace DB
{
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
class AccessControlManager;
/// Represents a set of users/roles like
/// {user_name | role_name | CURRENT_USER} [,...] | NONE | ALL | ALL EXCEPT {user_name | role_name | CURRENT_USER} [,...]
/// Similar to ASTExtendedRoleSet, but with IDs instead of names.
struct ExtendedRoleSet
/// Similar to ASTRolesOrUsersSet, but with IDs instead of names.
struct RolesOrUsersSet
{
ExtendedRoleSet();
ExtendedRoleSet(const ExtendedRoleSet & src);
ExtendedRoleSet & operator =(const ExtendedRoleSet & src);
ExtendedRoleSet(ExtendedRoleSet && src);
ExtendedRoleSet & operator =(ExtendedRoleSet && src);
RolesOrUsersSet();
RolesOrUsersSet(const RolesOrUsersSet & src);
RolesOrUsersSet & operator =(const RolesOrUsersSet & src);
RolesOrUsersSet(RolesOrUsersSet && src);
RolesOrUsersSet & operator =(RolesOrUsersSet && src);
struct AllTag {};
ExtendedRoleSet(AllTag);
RolesOrUsersSet(AllTag);
ExtendedRoleSet(const UUID & id);
ExtendedRoleSet(const std::vector<UUID> & ids_);
RolesOrUsersSet(const UUID & id);
RolesOrUsersSet(const std::vector<UUID> & ids_);
/// The constructor from AST requires the AccessControlManager if `ast.id_mode == false`.
ExtendedRoleSet(const ASTExtendedRoleSet & ast);
ExtendedRoleSet(const ASTExtendedRoleSet & ast, const std::optional<UUID> & current_user_id);
ExtendedRoleSet(const ASTExtendedRoleSet & ast, const AccessControlManager & manager);
ExtendedRoleSet(const ASTExtendedRoleSet & ast, const AccessControlManager & manager, const std::optional<UUID> & current_user_id);
RolesOrUsersSet(const ASTRolesOrUsersSet & ast);
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const std::optional<UUID> & current_user_id);
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager);
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager, const std::optional<UUID> & current_user_id);
std::shared_ptr<ASTExtendedRoleSet> toAST() const;
std::shared_ptr<ASTExtendedRoleSet> toASTWithNames(const AccessControlManager & manager) const;
std::shared_ptr<ASTRolesOrUsersSet> toAST() const;
std::shared_ptr<ASTRolesOrUsersSet> toASTWithNames(const AccessControlManager & manager) const;
String toString() const;
String toStringWithNames(const AccessControlManager & manager) const;
@ -47,7 +47,7 @@ struct ExtendedRoleSet
void add(const UUID & id);
void add(const std::vector<UUID> & ids_);
/// Checks if a specified ID matches this ExtendedRoleSet.
/// Checks if a specified ID matches this RolesOrUsersSet.
bool match(const UUID & id) const;
bool match(const UUID & user_id, const boost::container::flat_set<UUID> & enabled_roles) const;
@ -57,15 +57,15 @@ struct ExtendedRoleSet
/// Returns a list of matching users and roles.
std::vector<UUID> getMatchingIDs(const AccessControlManager & manager) const;
friend bool operator ==(const ExtendedRoleSet & lhs, const ExtendedRoleSet & rhs);
friend bool operator !=(const ExtendedRoleSet & lhs, const ExtendedRoleSet & rhs) { return !(lhs == rhs); }
friend bool operator ==(const RolesOrUsersSet & lhs, const RolesOrUsersSet & rhs);
friend bool operator !=(const RolesOrUsersSet & lhs, const RolesOrUsersSet & rhs) { return !(lhs == rhs); }
boost::container::flat_set<UUID> ids;
bool all = false;
boost::container::flat_set<UUID> except_ids;
private:
void init(const ASTExtendedRoleSet & ast, const AccessControlManager * manager = nullptr, const std::optional<UUID> & current_user_id = {});
void init(const ASTRolesOrUsersSet & ast, const AccessControlManager * manager = nullptr, const std::optional<UUID> & current_user_id = {});
};
}

4
src/Access/RowPolicy.h
View File

@ -1,7 +1,7 @@
#pragma once
#include <Access/IAccessEntity.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <array>
@ -91,7 +91,7 @@ struct RowPolicy : public IAccessEntity
Type getType() const override { return TYPE; }
/// Which roles or users should use this row policy.
ExtendedRoleSet to_roles;
RolesOrUsersSet to_roles;
private:
void setName(const String & name_) override;

2
src/Access/RowPolicyCache.h
View File

@ -27,7 +27,7 @@ private:
void setPolicy(const RowPolicyPtr & policy_);
RowPolicyPtr policy;
const ExtendedRoleSet * roles = nullptr;
const RolesOrUsersSet * roles = nullptr;
std::shared_ptr<const std::pair<String, String>> database_and_table_name;
ASTPtr parsed_conditions[RowPolicy::MAX_CONDITION_TYPE];
};

4
src/Access/SettingsProfile.h
View File

@ -1,7 +1,7 @@
#pragma once
#include <Access/IAccessEntity.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <Access/SettingsProfileElement.h>
@ -14,7 +14,7 @@ struct SettingsProfile : public IAccessEntity
SettingsProfileElements elements;
/// Which roles or users should use this settings profile.
ExtendedRoleSet to_roles;
RolesOrUsersSet to_roles;
bool equal(const IAccessEntity & other) const override;
std::shared_ptr<IAccessEntity> clone() const override { return cloneImpl<SettingsProfile>(); }

4
src/Access/User.h
View File

@ -5,7 +5,7 @@
#include <Access/AllowedClientHosts.h>
#include <Access/GrantedAccess.h>
#include <Access/GrantedRoles.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <Access/SettingsProfileElement.h>
@ -19,7 +19,7 @@ struct User : public IAccessEntity
AllowedClientHosts allowed_client_hosts = AllowedClientHosts::AnyHostTag{};
GrantedAccess access;
GrantedRoles granted_roles;
ExtendedRoleSet default_roles = ExtendedRoleSet::AllTag{};
RolesOrUsersSet default_roles = RolesOrUsersSet::AllTag{};
SettingsProfileElements settings;
bool equal(const IAccessEntity & other) const override;

2
src/Access/ya.make
View File

@ -17,7 +17,6 @@ SRCS(
EnabledRolesInfo.cpp
EnabledRowPolicies.cpp
EnabledSettings.cpp
ExtendedRoleSet.cpp
GrantedAccess.cpp
GrantedRoles.cpp
IAccessEntity.cpp
@ -29,6 +28,7 @@ SRCS(
QuotaUsage.cpp
Role.cpp
RoleCache.cpp
RolesOrUsersSet.cpp
RowPolicy.cpp
RowPolicyCache.cpp
SettingsConstraints.cpp

8
src/Interpreters/InterpreterCreateQuotaQuery.cpp
View File

@ -1,6 +1,6 @@
#include <Interpreters/InterpreterCreateQuotaQuery.h>
#include <Parsers/ASTCreateQuotaQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Interpreters/Context.h>
#include <Interpreters/DDLWorker.h>
#include <Access/AccessControlManager.h>
@ -19,7 +19,7 @@ namespace
Quota & quota,
const ASTCreateQuotaQuery & query,
const String & override_name,
const std::optional<ExtendedRoleSet> & override_to_roles)
const std::optional<RolesOrUsersSet> & override_to_roles)
{
if (!override_name.empty())
quota.setName(override_name);
@ -82,9 +82,9 @@ BlockIO InterpreterCreateQuotaQuery::execute()
return executeDDLQueryOnCluster(query_ptr, context);
}
std::optional<ExtendedRoleSet> roles_from_query;
std::optional<RolesOrUsersSet> roles_from_query;
if (query.roles)
roles_from_query = ExtendedRoleSet{*query.roles, access_control, context.getUserID()};
roles_from_query = RolesOrUsersSet{*query.roles, access_control, context.getUserID()};
if (query.alter)
{

8
src/Interpreters/InterpreterCreateRowPolicyQuery.cpp
View File

@ -1,7 +1,7 @@
#include <Interpreters/InterpreterCreateRowPolicyQuery.h>
#include <Parsers/ASTCreateRowPolicyQuery.h>
#include <Parsers/ASTRowPolicyName.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/formatAST.h>
#include <Interpreters/Context.h>
#include <Interpreters/DDLWorker.h>
@ -18,7 +18,7 @@ namespace
RowPolicy & policy,
const ASTCreateRowPolicyQuery & query,
const RowPolicy::NameParts & override_name,
const std::optional<ExtendedRoleSet> & override_to_roles)
const std::optional<RolesOrUsersSet> & override_to_roles)
{
if (!override_name.empty())
policy.setNameParts(override_name);
@ -58,9 +58,9 @@ BlockIO InterpreterCreateRowPolicyQuery::execute()
}
assert(query.names->cluster.empty());
std::optional<ExtendedRoleSet> roles_from_query;
std::optional<RolesOrUsersSet> roles_from_query;
if (query.roles)
roles_from_query = ExtendedRoleSet{*query.roles, access_control, context.getUserID()};
roles_from_query = RolesOrUsersSet{*query.roles, access_control, context.getUserID()};
query.replaceEmptyDatabaseWithCurrent(context.getCurrentDatabase());

8
src/Interpreters/InterpreterCreateSettingsProfileQuery.cpp
View File

@ -1,6 +1,6 @@
#include <Interpreters/InterpreterCreateSettingsProfileQuery.h>
#include <Parsers/ASTCreateSettingsProfileQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Interpreters/Context.h>
#include <Interpreters/DDLWorker.h>
#include <Access/AccessControlManager.h>
@ -17,7 +17,7 @@ namespace
const ASTCreateSettingsProfileQuery & query,
const String & override_name,
const std::optional<SettingsProfileElements> & override_settings,
const std::optional<ExtendedRoleSet> & override_to_roles)
const std::optional<RolesOrUsersSet> & override_to_roles)
{
if (!override_name.empty())
profile.setName(override_name);
@ -58,9 +58,9 @@ BlockIO InterpreterCreateSettingsProfileQuery::execute()
if (query.settings)
settings_from_query = SettingsProfileElements{*query.settings, access_control};
std::optional<ExtendedRoleSet> roles_from_query;
std::optional<RolesOrUsersSet> roles_from_query;
if (query.to_roles)
roles_from_query = ExtendedRoleSet{*query.to_roles, access_control, context.getUserID()};
roles_from_query = RolesOrUsersSet{*query.to_roles, access_control, context.getUserID()};
if (query.alter)
{

10
src/Interpreters/InterpreterCreateUserQuery.cpp
View File

@ -4,7 +4,7 @@
#include <Interpreters/DDLWorker.h>
#include <Parsers/ASTCreateUserQuery.h>
#include <Parsers/ASTUserNameWithHost.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/User.h>
#include <Access/ContextAccess.h>
@ -19,7 +19,7 @@ namespace
User & user,
const ASTCreateUserQuery & query,
const std::shared_ptr<ASTUserNameWithHost> & override_name,
const std::optional<ExtendedRoleSet> & override_default_roles,
const std::optional<RolesOrUsersSet> & override_default_roles,
const std::optional<SettingsProfileElements> & override_settings)
{
if (override_name)
@ -45,7 +45,7 @@ namespace
if (query.add_hosts)
user.allowed_client_hosts.add(*query.add_hosts);
auto set_default_roles = [&](const ExtendedRoleSet & default_roles_)
auto set_default_roles = [&](const RolesOrUsersSet & default_roles_)
{
if (!query.alter && !default_roles_.all)
user.granted_roles.grant(default_roles_.getMatchingIDs());
@ -73,10 +73,10 @@ BlockIO InterpreterCreateUserQuery::execute()
auto access = context.getAccess();
access->checkAccess(query.alter ? AccessType::ALTER_USER : AccessType::CREATE_USER);
std::optional<ExtendedRoleSet> default_roles_from_query;
std::optional<RolesOrUsersSet> default_roles_from_query;
if (query.default_roles)
{
default_roles_from_query = ExtendedRoleSet{*query.default_roles, access_control};
default_roles_from_query = RolesOrUsersSet{*query.default_roles, access_control};
if (!query.alter && !default_roles_from_query->all)
{
for (const UUID & role : default_roles_from_query->getMatchingIDs())

12
src/Interpreters/InterpreterGrantQuery.cpp
View File

@ -1,11 +1,11 @@
#include <Interpreters/InterpreterGrantQuery.h>
#include <Parsers/ASTGrantQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Interpreters/Context.h>
#include <Interpreters/DDLWorker.h>
#include <Access/AccessControlManager.h>
#include <Access/ContextAccess.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <Access/User.h>
#include <Access/Role.h>
#include <boost/range/algorithm/copy.hpp>
@ -74,7 +74,7 @@ BlockIO InterpreterGrantQuery::execute()
std::vector<UUID> roles_from_query;
if (query.roles)
{
roles_from_query = ExtendedRoleSet{*query.roles, access_control}.getMatchingIDs(access_control);
roles_from_query = RolesOrUsersSet{*query.roles, access_control}.getMatchingIDs(access_control);
for (const UUID & role_from_query : roles_from_query)
access->checkAdminOption(role_from_query);
}
@ -85,7 +85,7 @@ BlockIO InterpreterGrantQuery::execute()
return executeDDLQueryOnCluster(query_ptr, context);
}
std::vector<UUID> to_roles = ExtendedRoleSet{*query.to_roles, access_control, context.getUserID()}.getMatchingIDs(access_control);
std::vector<UUID> to_roles = RolesOrUsersSet{*query.to_roles, access_control, context.getUserID()}.getMatchingIDs(access_control);
String current_database = context.getCurrentDatabase();
auto update_func = [&](const AccessEntityPtr & entity) -> AccessEntityPtr
@ -115,7 +115,7 @@ void InterpreterGrantQuery::updateUserFromQuery(User & user, const ASTGrantQuery
{
std::vector<UUID> roles_from_query;
if (query.roles)
roles_from_query = ExtendedRoleSet{*query.roles}.getMatchingIDs();
roles_from_query = RolesOrUsersSet{*query.roles}.getMatchingIDs();
updateFromQueryImpl(user, query, roles_from_query, {});
}
@ -124,7 +124,7 @@ void InterpreterGrantQuery::updateRoleFromQuery(Role & role, const ASTGrantQuery
{
std::vector<UUID> roles_from_query;
if (query.roles)
roles_from_query = ExtendedRoleSet{*query.roles}.getMatchingIDs();
roles_from_query = RolesOrUsersSet{*query.roles}.getMatchingIDs();
updateFromQueryImpl(role, query, roles_from_query, {});
}

12
src/Interpreters/InterpreterSetRoleQuery.cpp
View File

@ -1,8 +1,8 @@
#include <Interpreters/InterpreterSetRoleQuery.h>
#include <Parsers/ASTSetRoleQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Interpreters/Context.h>
#include <Access/ExtendedRoleSet.h>
#include <Access/RolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/User.h>
@ -38,7 +38,7 @@ void InterpreterSetRoleQuery::setRole(const ASTSetRoleQuery & query)
}
else
{
ExtendedRoleSet roles_from_query{*query.roles, access_control};
RolesOrUsersSet roles_from_query{*query.roles, access_control};
boost::container::flat_set<UUID> new_current_roles;
if (roles_from_query.all)
{
@ -65,8 +65,8 @@ void InterpreterSetRoleQuery::setDefaultRole(const ASTSetRoleQuery & query)
context.checkAccess(AccessType::ALTER_USER);
auto & access_control = context.getAccessControlManager();
std::vector<UUID> to_users = ExtendedRoleSet{*query.to_users, access_control, context.getUserID()}.getMatchingIDs(access_control);
ExtendedRoleSet roles_from_query{*query.roles, access_control};
std::vector<UUID> to_users = RolesOrUsersSet{*query.to_users, access_control, context.getUserID()}.getMatchingIDs(access_control);
RolesOrUsersSet roles_from_query{*query.roles, access_control};
auto update_func = [&](const AccessEntityPtr & entity) -> AccessEntityPtr
{
@ -79,7 +79,7 @@ void InterpreterSetRoleQuery::setDefaultRole(const ASTSetRoleQuery & query)
}
void InterpreterSetRoleQuery::updateUserSetDefaultRoles(User & user, const ExtendedRoleSet & roles_from_query)
void InterpreterSetRoleQuery::updateUserSetDefaultRoles(User & user, const RolesOrUsersSet & roles_from_query)
{
if (!roles_from_query.all)
{

4
src/Interpreters/InterpreterSetRoleQuery.h
View File

@ -9,7 +9,7 @@ namespace DB
class Context;
class ASTSetRoleQuery;
struct ExtendedRoleSet;
struct RolesOrUsersSet;
struct User;
@ -20,7 +20,7 @@ public:
BlockIO execute() override;
static void updateUserSetDefaultRoles(User & user, const ExtendedRoleSet & roles_from_query);
static void updateUserSetDefaultRoles(User & user, const RolesOrUsersSet & roles_from_query);
private:
void setRole(const ASTSetRoleQuery & query);

4
src/Interpreters/InterpreterShowCreateAccessEntityQuery.cpp
View File

@ -7,7 +7,7 @@
#include <Parsers/ASTCreateSettingsProfileQuery.h>
#include <Parsers/ASTShowCreateAccessEntityQuery.h>
#include <Parsers/ASTUserNameWithHost.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/ASTSettingsProfileElement.h>
#include <Parsers/ASTRowPolicyName.h>
#include <Parsers/ExpressionListParsers.h>
@ -51,7 +51,7 @@ namespace
if (user.allowed_client_hosts != AllowedClientHosts::AnyHostTag{})
query->hosts = user.allowed_client_hosts;
if (user.default_roles != ExtendedRoleSet::AllTag{})
if (user.default_roles != RolesOrUsersSet::AllTag{})
{
if (attach_mode)
query->default_roles = user.default_roles.toAST();

8
src/Interpreters/InterpreterShowGrantsQuery.cpp
View File

@ -1,7 +1,7 @@
#include <Interpreters/InterpreterShowGrantsQuery.h>
#include <Parsers/ASTShowGrantsQuery.h>
#include <Parsers/ASTGrantQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/formatAST.h>
#include <Interpreters/Context.h>
#include <Columns/ColumnString.h>
@ -29,7 +29,7 @@ namespace
{
ASTs res;
std::shared_ptr<ASTExtendedRoleSet> to_roles = std::make_shared<ASTExtendedRoleSet>();
std::shared_ptr<ASTRolesOrUsersSet> to_roles = std::make_shared<ASTRolesOrUsersSet>();
to_roles->names.push_back(grantee.getName());
auto grants_and_partial_revokes = grantee.access.getGrantsAndPartialRevokes();
@ -87,9 +87,9 @@ namespace
grant_query->admin_option = admin_option;
grant_query->to_roles = to_roles;
if (attach_mode)
grant_query->roles = ExtendedRoleSet{roles}.toAST();
grant_query->roles = RolesOrUsersSet{roles}.toAST();
else
grant_query->roles = ExtendedRoleSet{roles}.toASTWithNames(*manager);
grant_query->roles = RolesOrUsersSet{roles}.toASTWithNames(*manager);
res.push_back(std::move(grant_query));
}

4
src/Parsers/ASTCreateQuotaQuery.cpp
View File

@ -1,5 +1,5 @@
#include <Parsers/ASTCreateQuotaQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Common/quoteString.h>
#include <Common/IntervalKind.h>
#include <ext/range.h>
@ -104,7 +104,7 @@ namespace
}
}
void formatToRoles(const ASTExtendedRoleSet & roles, const IAST::FormatSettings & settings)
void formatToRoles(const ASTRolesOrUsersSet & roles, const IAST::FormatSettings & settings)
{
settings.ostr << (settings.hilite ? IAST::hilite_keyword : "") << " TO " << (settings.hilite ? IAST::hilite_none : "");
roles.format(settings);

4
src/Parsers/ASTCreateQuotaQuery.h
View File

@ -7,7 +7,7 @@
namespace DB
{
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
/** CREATE QUOTA [IF NOT EXISTS | OR REPLACE] name
@ -51,7 +51,7 @@ public:
};
std::vector<Limits> all_limits;
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
String getID(char) const override;
ASTPtr clone() const override;

4
src/Parsers/ASTCreateRowPolicyQuery.cpp
View File

@ -1,6 +1,6 @@
#include <Parsers/ASTCreateRowPolicyQuery.h>
#include <Parsers/ASTRowPolicyName.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/formatAST.h>
#include <Common/quoteString.h>
#include <ext/range.h>
@ -116,7 +116,7 @@ namespace
}
void formatToRoles(const ASTExtendedRoleSet & roles, const IAST::FormatSettings & settings)
void formatToRoles(const ASTRolesOrUsersSet & roles, const IAST::FormatSettings & settings)
{
settings.ostr << (settings.hilite ? IAST::hilite_keyword : "") << " TO " << (settings.hilite ? IAST::hilite_none : "");
roles.format(settings);

4
src/Parsers/ASTCreateRowPolicyQuery.h
View File

@ -10,7 +10,7 @@
namespace DB
{
class ASTRowPolicyNames;
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
/** CREATE [ROW] POLICY [IF NOT EXISTS | OR REPLACE] name ON [database.]table
* [AS {PERMISSIVE | RESTRICTIVE}]
@ -43,7 +43,7 @@ public:
std::optional<bool> is_restrictive;
std::array<std::optional<ASTPtr>, RowPolicy::MAX_CONDITION_TYPE> conditions; /// `nullopt` means "not set", `nullptr` means set to NONE.
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
String getID(char) const override;
ASTPtr clone() const override;

4
src/Parsers/ASTCreateSettingsProfileQuery.cpp
View File

@ -1,6 +1,6 @@
#include <Parsers/ASTCreateSettingsProfileQuery.h>
#include <Parsers/ASTSettingsProfileElement.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Common/quoteString.h>
@ -32,7 +32,7 @@ namespace
settings.format(format);
}
void formatToRoles(const ASTExtendedRoleSet & roles, const IAST::FormatSettings & settings)
void formatToRoles(const ASTRolesOrUsersSet & roles, const IAST::FormatSettings & settings)
{
settings.ostr << (settings.hilite ? IAST::hilite_keyword : "") << " TO " << (settings.hilite ? IAST::hilite_none : "");
roles.format(settings);

4
src/Parsers/ASTCreateSettingsProfileQuery.h
View File

@ -7,7 +7,7 @@
namespace DB
{
class ASTSettingsProfileElements;
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
/** CREATE SETTINGS PROFILE [IF NOT EXISTS | OR REPLACE] name
@ -34,7 +34,7 @@ public:
std::shared_ptr<ASTSettingsProfileElements> settings;
std::shared_ptr<ASTExtendedRoleSet> to_roles;
std::shared_ptr<ASTRolesOrUsersSet> to_roles;
String getID(char) const override;
ASTPtr clone() const override;

4
src/Parsers/ASTCreateUserQuery.cpp
View File

@ -1,6 +1,6 @@
#include <Parsers/ASTCreateUserQuery.h>
#include <Parsers/ASTUserNameWithHost.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/ASTSettingsProfileElement.h>
#include <Common/quoteString.h>
@ -167,7 +167,7 @@ namespace
}
void formatDefaultRoles(const ASTExtendedRoleSet & default_roles, const IAST::FormatSettings & settings)
void formatDefaultRoles(const ASTRolesOrUsersSet & default_roles, const IAST::FormatSettings & settings)
{
settings.ostr << (settings.hilite ? IAST::hilite_keyword : "") << " DEFAULT ROLE " << (settings.hilite ? IAST::hilite_none : "");
default_roles.format(settings);

4
src/Parsers/ASTCreateUserQuery.h
View File

@ -9,7 +9,7 @@
namespace DB
{
class ASTUserNamesWithHost;
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
class ASTSettingsProfileElements;
/** CREATE USER [IF NOT EXISTS | OR REPLACE] name
@ -45,7 +45,7 @@ public:
std::optional<AllowedClientHosts> add_hosts;
std::optional<AllowedClientHosts> remove_hosts;
std::shared_ptr<ASTExtendedRoleSet> default_roles;
std::shared_ptr<ASTRolesOrUsersSet> default_roles;
std::shared_ptr<ASTSettingsProfileElements> settings;

4
src/Parsers/ASTGrantQuery.cpp
View File

@ -1,5 +1,5 @@
#include <Parsers/ASTGrantQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Common/quoteString.h>
@ -75,7 +75,7 @@ namespace
}
void formatToRoles(const ASTExtendedRoleSet & to_roles, ASTGrantQuery::Kind kind, const IAST::FormatSettings & settings)
void formatToRoles(const ASTRolesOrUsersSet & to_roles, ASTGrantQuery::Kind kind, const IAST::FormatSettings & settings)
{
using Kind = ASTGrantQuery::Kind;
settings.ostr << (settings.hilite ? IAST::hilite_keyword : "") << ((kind == Kind::GRANT) ? " TO " : " FROM ")

6
src/Parsers/ASTGrantQuery.h
View File

@ -7,7 +7,7 @@
namespace DB
{
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
/** GRANT access_type[(column_name [,...])] [,...] ON {db.table|db.*|*.*|table|*} TO {user_name | CURRENT_USER} [,...] [WITH GRANT OPTION]
@ -27,8 +27,8 @@ public:
Kind kind = Kind::GRANT;
bool attach = false;
AccessRightsElements access_rights_elements;
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTExtendedRoleSet> to_roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> to_roles;
bool grant_option = false;
bool admin_option = false;

6
src/Parsers/ASTExtendedRoleSet.cpp → src/Parsers/ASTRolesOrUsersSet.cpp
View File

@ -1,4 +1,4 @@
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Common/quoteString.h>
@ -20,7 +20,7 @@ namespace
}
}
void ASTExtendedRoleSet::formatImpl(const FormatSettings & settings, FormatState &, FormatStateStacked) const
void ASTRolesOrUsersSet::formatImpl(const FormatSettings & settings, FormatState &, FormatStateStacked) const
{
if (empty())
{
@ -74,7 +74,7 @@ void ASTExtendedRoleSet::formatImpl(const FormatSettings & settings, FormatState
}
void ASTExtendedRoleSet::replaceCurrentUserTagWithName(const String & current_user_name)
void ASTRolesOrUsersSet::replaceCurrentUserTagWithName(const String & current_user_name)
{
if (current_user)
{

10
src/Parsers/ASTExtendedRoleSet.h → src/Parsers/ASTRolesOrUsersSet.h
View File

@ -7,7 +7,7 @@ namespace DB
{
/// Represents a set of users/roles like
/// {user_name | role_name | CURRENT_USER} [,...] | NONE | ALL | ALL EXCEPT {user_name | role_name | CURRENT_USER} [,...]
class ASTExtendedRoleSet : public IAST
class ASTRolesOrUsersSet : public IAST
{
public:
Strings names;
@ -17,14 +17,14 @@ public:
bool except_current_user = false;
bool id_mode = false; /// true if `names` and `except_names` keep UUIDs, not names.
bool can_contain_roles = true; /// true if this set can contain names of roles.
bool can_contain_users = true; /// true if this set can contain names of users.
bool allow_role_names = true; /// true if this set can contain names of roles.
bool allow_user_names = true; /// true if this set can contain names of users.
bool empty() const { return names.empty() && !current_user && !all; }
void replaceCurrentUserTagWithName(const String & current_user_name);
String getID(char) const override { return "ExtendedRoleSet"; }
ASTPtr clone() const override { return std::make_shared<ASTExtendedRoleSet>(*this); }
String getID(char) const override { return "RolesOrUsersSet"; }
ASTPtr clone() const override { return std::make_shared<ASTRolesOrUsersSet>(*this); }
void formatImpl(const FormatSettings & settings, FormatState &, FormatStateStacked) const override;
};
}

2
src/Parsers/ASTSetRoleQuery.cpp
View File

@ -1,5 +1,5 @@
#include <Parsers/ASTSetRoleQuery.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Common/quoteString.h>

6
src/Parsers/ASTSetRoleQuery.h
View File

@ -5,7 +5,7 @@
namespace DB
{
class ASTExtendedRoleSet;
class ASTRolesOrUsersSet;
/** SET ROLE {DEFAULT | NONE | role [,...] | ALL | ALL EXCEPT role [,...]}
* SET DEFAULT ROLE {NONE | role [,...] | ALL | ALL EXCEPT role [,...]} TO {user|CURRENT_USER} [,...]
@ -21,8 +21,8 @@ public:
};
Kind kind = Kind::SET_ROLE;
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTExtendedRoleSet> to_users;
std::shared_ptr<ASTRolesOrUsersSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> to_users;
String getID(char) const override;
ASTPtr clone() const override;

14
src/Parsers/ParserCreateQuotaQuery.cpp
View File

@ -3,10 +3,10 @@
#include <Parsers/CommonParsers.h>
#include <Parsers/parseIntervalKind.h>
#include <Parsers/parseIdentifierOrStringLiteral.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <Parsers/ExpressionElementParsers.h>
#include <Parsers/ASTLiteral.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <ext/range.h>
#include <boost/algorithm/string/predicate.hpp>
@ -185,15 +185,17 @@ namespace
});
}
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTExtendedRoleSet> & roles)
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTRolesOrUsersSet> & roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
ASTPtr node;
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected) || !ParserExtendedRoleSet{}.useIDMode(id_mode).parse(pos, node, expected))
ParserRolesOrUsersSet roles_p;
roles_p.allowAll().allowRoleNames().allowUserNames().allowCurrentUser().useIDMode(id_mode);
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected) || !roles_p.parse(pos, node, expected))
return false;
roles = std::static_pointer_cast<ASTExtendedRoleSet>(node);
roles = std::static_pointer_cast<ASTRolesOrUsersSet>(node);
return true;
});
}
@ -266,7 +268,7 @@ bool ParserCreateQuotaQuery::parseImpl(Pos & pos, ASTPtr & node, Expected & expe
break;
}
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
parseToRoles(pos, expected, attach_mode, roles);
if (cluster.empty())

2
src/Parsers/ParserCreateQuotaQuery.h
View File

@ -24,7 +24,7 @@ namespace DB
class ParserCreateQuotaQuery : public IParserBase
{
public:
ParserCreateQuotaQuery & enableAttachMode(bool enable_) { attach_mode = enable_; return *this; }
void useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; }
protected:
const char * getName() const override { return "CREATE QUOTA or ALTER QUOTA query"; }

4
src/Parsers/ParserCreateRoleQuery.cpp
View File

@ -31,7 +31,9 @@ namespace
return false;
ASTPtr new_settings_ast;
if (!ParserSettingsProfileElements{}.useIDMode(id_mode).parse(pos, new_settings_ast, expected))
ParserSettingsProfileElements elements_p;
elements_p.useIDMode(id_mode);
if (!elements_p.parse(pos, new_settings_ast, expected))
return false;
if (!settings)

2
src/Parsers/ParserCreateRoleQuery.h
View File

@ -16,7 +16,7 @@ namespace DB
class ParserCreateRoleQuery : public IParserBase
{
public:
ParserCreateRoleQuery & enableAttachMode(bool enable) { attach_mode = enable; return *this; }
void useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; }
protected:
const char * getName() const override { return "CREATE ROLE or ALTER ROLE query"; }

18
src/Parsers/ParserCreateRowPolicyQuery.cpp
View File

@ -3,8 +3,8 @@
#include <Access/RowPolicy.h>
#include <Parsers/ASTRowPolicyName.h>
#include <Parsers/ParserRowPolicyName.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/parseIdentifierOrStringLiteral.h>
#include <Parsers/parseDatabaseAndTableName.h>
#include <Parsers/ExpressionListParsers.h>
@ -173,16 +173,20 @@ namespace
});
}
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTExtendedRoleSet> & roles)
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTRolesOrUsersSet> & roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
ASTPtr ast;
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected)
|| !ParserExtendedRoleSet{}.useIDMode(id_mode).parse(pos, ast, expected))
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected))
return false;
roles = std::static_pointer_cast<ASTExtendedRoleSet>(ast);
ParserRolesOrUsersSet roles_p;
roles_p.allowAll().allowRoleNames().allowUserNames().allowCurrentUser().useIDMode(id_mode);
if (!roles_p.parse(pos, ast, expected))
return false;
roles = std::static_pointer_cast<ASTRolesOrUsersSet>(ast);
return true;
});
}
@ -259,7 +263,7 @@ bool ParserCreateRowPolicyQuery::parseImpl(Pos & pos, ASTPtr & node, Expected &
break;
}
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
parseToRoles(pos, expected, attach_mode, roles);
if (cluster.empty())

2
src/Parsers/ParserCreateRowPolicyQuery.h
View File

@ -24,7 +24,7 @@ namespace DB
class ParserCreateRowPolicyQuery : public IParserBase
{
public:
ParserCreateRowPolicyQuery & enableAttachMode(bool enable_) { attach_mode = enable_; return *this; }
void useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; }
protected:
const char * getName() const override { return "CREATE ROW POLICY or ALTER ROW POLICY query"; }

22
src/Parsers/ParserCreateSettingsProfileQuery.cpp
View File

@ -5,8 +5,8 @@
#include <Parsers/ASTLiteral.h>
#include <Parsers/ASTSettingsProfileElement.h>
#include <Parsers/ParserSettingsProfileElement.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/parseIdentifierOrStringLiteral.h>
@ -33,7 +33,9 @@ namespace
return false;
ASTPtr new_settings_ast;
if (!ParserSettingsProfileElements{}.useIDMode(id_mode).enableInheritKeyword(true).parse(pos, new_settings_ast, expected))
ParserSettingsProfileElements elements_p;
elements_p.useInheritKeyword(true).useIDMode(id_mode);
if (!elements_p.parse(pos, new_settings_ast, expected))
return false;
if (!settings)
@ -44,16 +46,20 @@ namespace
});
}
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTExtendedRoleSet> & roles)
bool parseToRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTRolesOrUsersSet> & roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
ASTPtr ast;
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected)
|| !ParserExtendedRoleSet{}.useIDMode(id_mode).parse(pos, ast, expected))
if (roles || !ParserKeyword{"TO"}.ignore(pos, expected))
return false;
roles = std::static_pointer_cast<ASTExtendedRoleSet>(ast);
ParserRolesOrUsersSet roles_p;
roles_p.allowAll().allowRoleNames().allowUserNames().allowCurrentUser().useIDMode(id_mode);
if (!roles_p.parse(pos, ast, expected))
return false;
roles = std::static_pointer_cast<ASTRolesOrUsersSet>(ast);
return true;
});
}
@ -122,7 +128,7 @@ bool ParserCreateSettingsProfileQuery::parseImpl(Pos & pos, ASTPtr & node, Expec
break;
}
std::shared_ptr<ASTExtendedRoleSet> to_roles;
std::shared_ptr<ASTRolesOrUsersSet> to_roles;
parseToRoles(pos, expected, attach_mode, to_roles);
if (cluster.empty())

2
src/Parsers/ParserCreateSettingsProfileQuery.h
View File

@ -16,7 +16,7 @@ namespace DB
class ParserCreateSettingsProfileQuery : public IParserBase
{
public:
ParserCreateSettingsProfileQuery & enableAttachMode(bool enable) { attach_mode = enable; return *this; }
void useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; }
protected:
const char * getName() const override { return "CREATE SETTINGS PROFILE or ALTER SETTINGS PROFILE query"; }

20
src/Parsers/ParserCreateUserQuery.cpp
View File

@ -7,9 +7,9 @@
#include <Parsers/ExpressionListParsers.h>
#include <Parsers/ASTLiteral.h>
#include <Parsers/ASTUserNameWithHost.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/ParserUserNameWithHost.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <Parsers/ASTSettingsProfileElement.h>
#include <Parsers/ParserSettingsProfileElement.h>
#include <ext/range.h>
@ -186,7 +186,7 @@ namespace
}
bool parseDefaultRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTExtendedRoleSet> & default_roles)
bool parseDefaultRoles(IParserBase::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTRolesOrUsersSet> & default_roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
@ -194,11 +194,13 @@ namespace
return false;
ASTPtr ast;
if (!ParserExtendedRoleSet{}.enableCurrentUserKeyword(false).useIDMode(id_mode).parse(pos, ast, expected))
ParserRolesOrUsersSet default_roles_p;
default_roles_p.allowAll().allowRoleNames().useIDMode(id_mode);
if (!default_roles_p.parse(pos, ast, expected))
return false;
default_roles = typeid_cast<std::shared_ptr<ASTExtendedRoleSet>>(ast);
default_roles->can_contain_users = false;
default_roles = typeid_cast<std::shared_ptr<ASTRolesOrUsersSet>>(ast);
default_roles->allow_user_names = false;
return true;
});
}
@ -212,7 +214,9 @@ namespace
return false;
ASTPtr new_settings_ast;
if (!ParserSettingsProfileElements{}.useIDMode(id_mode).parse(pos, new_settings_ast, expected))
ParserSettingsProfileElements elements_p;
elements_p.useInheritKeyword(true).useIDMode(id_mode);
if (!elements_p.parse(pos, new_settings_ast, expected))
return false;
if (!settings)
@ -276,7 +280,7 @@ bool ParserCreateUserQuery::parseImpl(Pos & pos, ASTPtr & node, Expected & expec
std::optional<AllowedClientHosts> hosts;
std::optional<AllowedClientHosts> add_hosts;
std::optional<AllowedClientHosts> remove_hosts;
std::shared_ptr<ASTExtendedRoleSet> default_roles;
std::shared_ptr<ASTRolesOrUsersSet> default_roles;
std::shared_ptr<ASTSettingsProfileElements> settings;
String cluster;

2
src/Parsers/ParserCreateUserQuery.h
View File

@ -20,7 +20,7 @@ namespace DB
class ParserCreateUserQuery : public IParserBase
{
public:
ParserCreateUserQuery & enableAttachMode(bool enable) { attach_mode = enable; return *this; }
ParserCreateUserQuery & useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; return *this; }
protected:
const char * getName() const override { return "CREATE USER or ALTER USER query"; }

28
src/Parsers/ParserExtendedRoleSet.h
View File

@ -1,28 +0,0 @@
#pragma once
#include <Parsers/IParserBase.h>
namespace DB
{
/** Parses a string like this:
* {role|CURRENT_USER} [,...] | NONE | ALL | ALL EXCEPT {role|CURRENT_USER} [,...]
*/
class ParserExtendedRoleSet : public IParserBase
{
public:
ParserExtendedRoleSet & enableAllKeyword(bool enable_) { all_keyword = enable_; return *this; }
ParserExtendedRoleSet & enableCurrentUserKeyword(bool enable_) { current_user_keyword = enable_; return *this; }
ParserExtendedRoleSet & useIDMode(bool enable_) { id_mode = enable_; return *this; }
protected:
const char * getName() const override { return "ExtendedRoleSet"; }
bool parseImpl(Pos & pos, ASTPtr & node, Expected & expected) override;
private:
bool all_keyword = true;
bool current_user_keyword = true;
bool id_mode = false;
};
}

24
src/Parsers/ParserGrantQuery.cpp
View File

@ -1,10 +1,10 @@
#include <Parsers/ParserGrantQuery.h>
#include <Parsers/ASTGrantQuery.h>
#include <Parsers/ASTIdentifier.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/CommonParsers.h>
#include <Parsers/ExpressionElementParsers.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <boost/algorithm/string/predicate.hpp>
@ -199,21 +199,23 @@ namespace
}
bool parseRoles(IParser::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTExtendedRoleSet> & roles)
bool parseRoles(IParser::Pos & pos, Expected & expected, bool id_mode, std::shared_ptr<ASTRolesOrUsersSet> & roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
ASTPtr ast;
if (!ParserExtendedRoleSet{}.enableAllKeyword(false).enableCurrentUserKeyword(false).useIDMode(id_mode).parse(pos, ast, expected))
ParserRolesOrUsersSet roles_p;
roles_p.allowRoleNames().useIDMode(id_mode);
if (!roles_p.parse(pos, ast, expected))
return false;
roles = typeid_cast<std::shared_ptr<ASTExtendedRoleSet>>(ast);
roles = typeid_cast<std::shared_ptr<ASTRolesOrUsersSet>>(ast);
return true;
});
}
bool parseToRoles(IParser::Pos & pos, Expected & expected, ASTGrantQuery::Kind kind, std::shared_ptr<ASTExtendedRoleSet> & to_roles)
bool parseToRoles(IParser::Pos & pos, Expected & expected, ASTGrantQuery::Kind kind, std::shared_ptr<ASTRolesOrUsersSet> & to_roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
@ -230,10 +232,12 @@ namespace
}
ASTPtr ast;
if (!ParserExtendedRoleSet{}.enableAllKeyword(kind == Kind::REVOKE).parse(pos, ast, expected))
ParserRolesOrUsersSet roles_p;
roles_p.allowRoleNames().allowUserNames().allowCurrentUser().allowAll(kind == Kind::REVOKE);
if (!roles_p.parse(pos, ast, expected))
return false;
to_roles = typeid_cast<std::shared_ptr<ASTExtendedRoleSet>>(ast);
to_roles = typeid_cast<std::shared_ptr<ASTRolesOrUsersSet>>(ast);
return true;
});
}
@ -282,14 +286,14 @@ bool ParserGrantQuery::parseImpl(Pos & pos, ASTPtr & node, Expected & expected)
}
AccessRightsElements elements;
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> roles;
if (!parseAccessRightsElements(pos, expected, elements) && !parseRoles(pos, expected, attach, roles))
return false;
if (cluster.empty())
parseOnCluster(pos, expected, cluster);
std::shared_ptr<ASTExtendedRoleSet> to_roles;
std::shared_ptr<ASTRolesOrUsersSet> to_roles;
if (!parseToRoles(pos, expected, kind, to_roles))
return false;

2
src/Parsers/ParserGrantQuery.h
View File

@ -12,7 +12,7 @@ namespace DB
class ParserGrantQuery : public IParserBase
{
public:
ParserGrantQuery & enableAttachMode(bool enable) { attach_mode = enable; return *this; }
ParserGrantQuery & useAttachMode(bool attach_mode_ = true) { attach_mode = attach_mode_; return *this; }
protected:
const char * getName() const override { return "GRANT or REVOKE query"; }

26
src/Parsers/ParserExtendedRoleSet.cpp → src/Parsers/ParserRolesOrUsersSet.cpp
View File

@ -1,8 +1,8 @@
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
#include <Parsers/CommonParsers.h>
#include <Parsers/ExpressionElementParsers.h>
#include <Parsers/ASTLiteral.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/parseUserName.h>
#include <boost/range/algorithm/find.hpp>
@ -39,8 +39,8 @@ namespace
IParserBase::Pos & pos,
Expected & expected,
bool id_mode,
bool all_keyword_enabled,
bool current_user_keyword_enabled,
bool allow_all,
bool allow_current_user_tag,
Strings & names,
bool & all,
bool & current_user)
@ -56,7 +56,7 @@ namespace
{
}
else if (
current_user_keyword_enabled
allow_current_user_tag
&& (ParserKeyword{"CURRENT_USER"}.ignore(pos, expected) || ParserKeyword{"currentUser"}.ignore(pos, expected)))
{
if (ParserToken{TokenType::OpeningRoundBracket}.ignore(pos, expected))
@ -66,7 +66,7 @@ namespace
}
res_current_user = true;
}
else if (all_keyword_enabled && ParserKeyword{"ALL"}.ignore(pos, expected))
else if (allow_all && ParserKeyword{"ALL"}.ignore(pos, expected))
{
res_all = true;
}
@ -93,7 +93,7 @@ namespace
IParserBase::Pos & pos,
Expected & expected,
bool id_mode,
bool current_user_keyword_enabled,
bool allow_current_user_tag,
Strings & except_names,
bool & except_current_user)
{
@ -103,13 +103,13 @@ namespace
return false;
bool dummy;
return parseBeforeExcept(pos, expected, id_mode, false, current_user_keyword_enabled, except_names, dummy, except_current_user);
return parseBeforeExcept(pos, expected, id_mode, false, allow_current_user_tag, except_names, dummy, except_current_user);
});
}
}
bool ParserExtendedRoleSet::parseImpl(Pos & pos, ASTPtr & node, Expected & expected)
bool ParserRolesOrUsersSet::parseImpl(Pos & pos, ASTPtr & node, Expected & expected)
{
Strings names;
bool current_user = false;
@ -117,21 +117,23 @@ bool ParserExtendedRoleSet::parseImpl(Pos & pos, ASTPtr & node, Expected & expec
Strings except_names;
bool except_current_user = false;
if (!parseBeforeExcept(pos, expected, id_mode, all_keyword, current_user_keyword, names, all, current_user))
if (!parseBeforeExcept(pos, expected, id_mode, allow_all, allow_current_user, names, all, current_user))
return false;
parseExceptAndAfterExcept(pos, expected, id_mode, current_user_keyword, except_names, except_current_user);
parseExceptAndAfterExcept(pos, expected, id_mode, allow_current_user, except_names, except_current_user);
if (all)
names.clear();
auto result = std::make_shared<ASTExtendedRoleSet>();
auto result = std::make_shared<ASTRolesOrUsersSet>();
result->names = std::move(names);
result->current_user = current_user;
result->all = all;
result->except_names = std::move(except_names);
result->except_current_user = except_current_user;
result->id_mode = id_mode;
result->allow_user_names = allow_user_names;
result->allow_role_names = allow_role_names;
node = result;
return true;
}

32
src/Parsers/ParserRolesOrUsersSet.h Normal file
View File

@ -0,0 +1,32 @@
#pragma once
#include <Parsers/IParserBase.h>
namespace DB
{
/** Parses a string like this:
* {role|CURRENT_USER} [,...] | NONE | ALL | ALL EXCEPT {role|CURRENT_USER} [,...]
*/
class ParserRolesOrUsersSet : public IParserBase
{
public:
ParserRolesOrUsersSet & allowAll(bool allow_all_ = true) { allow_all = allow_all_; return *this; }
ParserRolesOrUsersSet & allowUserNames(bool allow_user_names_ = true) { allow_user_names = allow_user_names_; return *this; }
ParserRolesOrUsersSet & allowRoleNames(bool allow_role_names_ = true) { allow_role_names = allow_role_names_; return *this; }
ParserRolesOrUsersSet & allowCurrentUser(bool allow_current_user_ = true) { allow_current_user = allow_current_user_; return *this; }
ParserRolesOrUsersSet & useIDMode(bool id_mode_ = true) { id_mode = id_mode_; return *this; }
protected:
const char * getName() const override { return "RolesOrUsersSet"; }
bool parseImpl(Pos & pos, ASTPtr & node, Expected & expected) override;
private:
bool allow_all = false;
bool allow_user_names = false;
bool allow_role_names = false;
bool allow_current_user = false;
bool id_mode = false;
};
}

28
src/Parsers/ParserSetRoleQuery.cpp
View File

@ -1,29 +1,31 @@
#include <Parsers/ParserSetRoleQuery.h>
#include <Parsers/ASTSetRoleQuery.h>
#include <Parsers/CommonParsers.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ParserExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Parsers/ParserRolesOrUsersSet.h>
namespace DB
{
namespace
{
bool parseRoles(IParserBase::Pos & pos, Expected & expected, std::shared_ptr<ASTExtendedRoleSet> & roles)
bool parseRoles(IParserBase::Pos & pos, Expected & expected, std::shared_ptr<ASTRolesOrUsersSet> & roles)
{
return IParserBase::wrapParseImpl(pos, [&]
{
ASTPtr ast;
if (!ParserExtendedRoleSet{}.enableCurrentUserKeyword(false).parse(pos, ast, expected))
ParserRolesOrUsersSet roles_p;
roles_p.allowRoleNames().allowAll();
if (!roles_p.parse(pos, ast, expected))
return false;
roles = typeid_cast<std::shared_ptr<ASTExtendedRoleSet>>(ast);
roles->can_contain_users = false;
roles = typeid_cast<std::shared_ptr<ASTRolesOrUsersSet>>(ast);
roles->allow_user_names = false;
return true;
});
}
bool parseToUsers(IParserBase::Pos & pos, Expected & expected, std::shared_ptr<ASTExtendedRoleSet> & to_users)
bool parseToUsers(IParserBase::Pos & pos, Expected & expected, std::shared_ptr<ASTRolesOrUsersSet> & to_users)
{
return IParserBase::wrapParseImpl(pos, [&]
{
@ -31,11 +33,13 @@ namespace
return false;
ASTPtr ast;
if (!ParserExtendedRoleSet{}.enableAllKeyword(false).parse(pos, ast, expected))
ParserRolesOrUsersSet users_p;
users_p.allowUserNames().allowCurrentUser();
if (!users_p.parse(pos, ast, expected))
return false;
to_users = typeid_cast<std::shared_ptr<ASTExtendedRoleSet>>(ast);
to_users->can_contain_roles = false;
to_users = typeid_cast<std::shared_ptr<ASTRolesOrUsersSet>>(ast);
to_users->allow_role_names = false;
return true;
});
}
@ -55,8 +59,8 @@ bool ParserSetRoleQuery::parseImpl(Pos & pos, ASTPtr & node, Expected & expected
else
return false;
std::shared_ptr<ASTExtendedRoleSet> roles;
std::shared_ptr<ASTExtendedRoleSet> to_users;
std::shared_ptr<ASTRolesOrUsersSet> roles;
std::shared_ptr<ASTRolesOrUsersSet> to_users;
if ((kind == Kind::SET_ROLE) || (kind == Kind::SET_DEFAULT_ROLE))
{

8
src/Parsers/ParserSettingsProfileElement.cpp
View File

@ -109,7 +109,7 @@ bool ParserSettingsProfileElement::parseImpl(Pos & pos, ASTPtr & node, Expected
std::optional<bool> readonly;
if (ParserKeyword{"PROFILE"}.ignore(pos, expected) ||
(enable_inherit_keyword && ParserKeyword{"INHERIT"}.ignore(pos, expected)))
(use_inherit_keyword && ParserKeyword{"INHERIT"}.ignore(pos, expected)))
{
if (!parseProfileNameOrID(pos, expected, id_mode, parent_profile))
return false;
@ -140,7 +140,7 @@ bool ParserSettingsProfileElement::parseImpl(Pos & pos, ASTPtr & node, Expected
result->max_value = std::move(max_value);
result->readonly = readonly;
result->id_mode = id_mode;
result->use_inherit_keyword = enable_inherit_keyword;
result->use_inherit_keyword = use_inherit_keyword;
node = result;
return true;
}
@ -155,10 +155,12 @@ bool ParserSettingsProfileElements::parseImpl(Pos & pos, ASTPtr & node, Expected
}
else
{
ParserSettingsProfileElement element_p;
element_p.useIDMode(id_mode).useInheritKeyword(use_inherit_keyword);
do
{
ASTPtr ast;
if (!ParserSettingsProfileElement{}.useIDMode(id_mode).enableInheritKeyword(enable_inherit_keyword).parse(pos, ast, expected))
if (!element_p.parse(pos, ast, expected))
return false;
auto element = typeid_cast<std::shared_ptr<ASTSettingsProfileElement>>(ast);
elements.push_back(std::move(element));

12
src/Parsers/ParserSettingsProfileElement.h
View File

@ -11,8 +11,8 @@ namespace DB
class ParserSettingsProfileElement : public IParserBase
{
public:
ParserSettingsProfileElement & useIDMode(bool enable_) { id_mode = enable_; return *this; }
ParserSettingsProfileElement & enableInheritKeyword(bool enable_) { enable_inherit_keyword = enable_; return *this; }
ParserSettingsProfileElement & useIDMode(bool id_mode_ = true) { id_mode = id_mode_; return *this; }
ParserSettingsProfileElement & useInheritKeyword(bool use_inherit_keyword_ = true) { use_inherit_keyword = use_inherit_keyword_; return *this; }
protected:
const char * getName() const override { return "SettingsProfileElement"; }
@ -20,15 +20,15 @@ protected:
private:
bool id_mode = false;
bool enable_inherit_keyword = false;
bool use_inherit_keyword = false;
};
class ParserSettingsProfileElements : public IParserBase
{
public:
ParserSettingsProfileElements & useIDMode(bool enable_) { id_mode = enable_; return *this; }
ParserSettingsProfileElements & enableInheritKeyword(bool enable_) { enable_inherit_keyword = enable_; return *this; }
ParserSettingsProfileElements & useIDMode(bool id_mode_ = true) { id_mode = id_mode_; return *this; }
ParserSettingsProfileElements & useInheritKeyword(bool use_inherit_keyword_ = true) { use_inherit_keyword = use_inherit_keyword_; return *this; }
protected:
const char * getName() const override { return "SettingsProfileElements"; }
@ -36,7 +36,7 @@ protected:
private:
bool id_mode = false;
bool enable_inherit_keyword = false;
bool use_inherit_keyword = false;
};
}

4
src/Parsers/ya.make
View File

@ -21,7 +21,6 @@ SRCS(
ASTDropAccessEntityQuery.cpp
ASTDropQuery.cpp
ASTExpressionList.cpp
ASTExtendedRoleSet.cpp
ASTFunction.cpp
ASTFunctionWithKeyValueArguments.cpp
ASTGrantQuery.cpp
@ -37,6 +36,7 @@ SRCS(
ASTQueryWithOnCluster.cpp
ASTQueryWithOutput.cpp
ASTQueryWithTableAndOutput.cpp
ASTRolesOrUsersSet.cpp
ASTRowPolicyName.cpp
ASTSampleRatio.cpp
ASTSelectQuery.cpp
@ -81,7 +81,6 @@ SRCS(
ParserDictionaryAttributeDeclaration.cpp
ParserDropAccessEntityQuery.cpp
ParserDropQuery.cpp
ParserExtendedRoleSet.cpp
ParserGrantQuery.cpp
ParserInsertQuery.cpp
ParserKillQueryQuery.cpp
@ -90,6 +89,7 @@ SRCS(
ParserQuery.cpp
ParserQueryWithOutput.cpp
ParserRenameQuery.cpp
ParserRolesOrUsersSet.cpp
ParserRowPolicyName.cpp
ParserSampleRatio.cpp
ParserSelectQuery.cpp

2
src/Storages/System/StorageSystemPrivileges.cpp
View File

@ -9,7 +9,7 @@
#include <Columns/ColumnsNumber.h>
#include <Columns/ColumnNullable.h>
#include <Interpreters/Context.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/SettingsProfile.h>
#include <Access/AccessFlags.h>

4
src/Storages/System/StorageSystemQuotas.cpp
View File

@ -8,7 +8,7 @@
#include <Columns/ColumnString.h>
#include <Columns/ColumnsNumber.h>
#include <Interpreters/Context.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/Quota.h>
#include <Access/AccessFlags.h>
@ -72,7 +72,7 @@ void StorageSystemQuotas::fillData(MutableColumns & res_columns, const Context &
const String & storage_name,
const std::vector<Quota::Limits> & all_limits,
KeyType key_type,
const ExtendedRoleSet & apply_to)
const RolesOrUsersSet & apply_to)
{
column_name.insertData(name.data(), name.length());
column_id.push_back(id);

4
src/Storages/System/StorageSystemRoleGrants.cpp
View File

@ -78,7 +78,7 @@ void StorageSystemRoleGrants::fillData(MutableColumns & res_columns, const Conte
auto add_rows = [&](const String & grantee_name,
IAccessEntity::Type grantee_type,
const GrantedRoles & granted_roles,
const ExtendedRoleSet * default_roles)
const RolesOrUsersSet * default_roles)
{
for (const auto & role_id : granted_roles.roles)
{
@ -99,7 +99,7 @@ void StorageSystemRoleGrants::fillData(MutableColumns & res_columns, const Conte
continue;
const GrantedRoles * granted_roles = nullptr;
const ExtendedRoleSet * default_roles = nullptr;
const RolesOrUsersSet * default_roles = nullptr;
if (auto role = typeid_cast<RolePtr>(entity))
granted_roles = &role->granted_roles;
else if (auto user = typeid_cast<UserPtr>(entity))

4
src/Storages/System/StorageSystemRowPolicies.cpp
View File

@ -9,7 +9,7 @@
#include <Columns/ColumnArray.h>
#include <Columns/ColumnNullable.h>
#include <Interpreters/Context.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/RowPolicy.h>
#include <Access/AccessFlags.h>
@ -87,7 +87,7 @@ void StorageSystemRowPolicies::fillData(MutableColumns & res_columns, const Cont
const String & storage_name,
const std::array<String, MAX_CONDITION_TYPE> & conditions,
bool is_restrictive,
const ExtendedRoleSet & apply_to)
const RolesOrUsersSet & apply_to)
{
column_name.insertData(name.data(), name.length());
column_short_name.insertData(name_parts.short_name.data(), name_parts.short_name.length());

4
src/Storages/System/StorageSystemSettingsProfiles.cpp
View File

@ -7,7 +7,7 @@
#include <Columns/ColumnString.h>
#include <Columns/ColumnsNumber.h>
#include <Interpreters/Context.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/SettingsProfile.h>
#include <Access/AccessFlags.h>
@ -51,7 +51,7 @@ void StorageSystemSettingsProfiles::fillData(MutableColumns & res_columns, const
const UUID & id,
const String & storage_name,
const SettingsProfileElements & elements,
const ExtendedRoleSet & apply_to)
const RolesOrUsersSet & apply_to)
{
column_name.insertData(name.data(), name.length());
column_id.push_back(id);

4
src/Storages/System/StorageSystemUsers.cpp
View File

@ -8,7 +8,7 @@
#include <Columns/ColumnString.h>
#include <Columns/ColumnsNumber.h>
#include <Interpreters/Context.h>
#include <Parsers/ASTExtendedRoleSet.h>
#include <Parsers/ASTRolesOrUsersSet.h>
#include <Access/AccessControlManager.h>
#include <Access/User.h>
#include <Access/AccessFlags.h>
@ -80,7 +80,7 @@ void StorageSystemUsers::fillData(MutableColumns & res_columns, const Context &
const String & storage_name,
const Authentication & authentication,
const AllowedClientHosts & allowed_hosts,
const ExtendedRoleSet & default_roles)
const RolesOrUsersSet & default_roles)
{
column_name.insertData(name.data(), name.length());
column_id.push_back(id);