thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-09-19 16:20:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix tests, docs

Browse Source
This commit is contained in:
pufit 2023-07-27 23:37:09 -04:00
parent 13d9952227
commit 9dbb106dc1
12 changed files with 81 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/en/sql-reference/statements/create/quota.md
View File

@ -11,6 +11,7 @@ Syntax:
``` sql
CREATE QUOTA [IF NOT EXISTS | OR REPLACE] name [ON CLUSTER cluster_name]
[IN access_storage_type]
[KEYED BY {user_name | ip_address | client_key | client_key,user_name | client_key,ip_address} | NOT KEYED]
[FOR [RANDOMIZED] INTERVAL number {second | minute | hour | day | week | month | quarter | year}
{MAX { {queries | query_selects | query_inserts | errors | result_rows | result_bytes | read_rows | read_bytes | execution_time} = number } [,...] |

1
docs/en/sql-reference/statements/create/role.md
View File

@ -11,6 +11,7 @@ Syntax:
``` sql
CREATE ROLE [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1] [, name2 [ON CLUSTER cluster_name2] ...]
[IN access_storage_type]
[SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [CONST|READONLY|WRITABLE|CHANGEABLE_IN_READONLY] | PROFILE 'profile_name'] [,...]
```

1
docs/en/sql-reference/statements/create/row-policy.md
View File

@ -16,6 +16,7 @@ Syntax:
``` sql
CREATE [ROW] POLICY [IF NOT EXISTS | OR REPLACE] policy_name1 [ON CLUSTER cluster_name1] ON [db1.]table1|db1.*
[, policy_name2 [ON CLUSTER cluster_name2] ON [db2.]table2|db2.* ...]
[IN access_storage_type]
[FOR SELECT] USING condition
[AS {PERMISSIVE | RESTRICTIVE}]
[TO {role1 [, role2 ...] | ALL | ALL EXCEPT role1 [, role2 ...]}]

1
docs/en/sql-reference/statements/create/settings-profile.md
View File

@ -12,6 +12,7 @@ Syntax:
``` sql
CREATE SETTINGS PROFILE [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1]
[, name2 [ON CLUSTER cluster_name2] ...]
[IN access_storage_type]
[SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [CONST|READONLY|WRITABLE|CHANGEABLE_IN_READONLY] | INHERIT 'profile_name'] [,...]
```

1
docs/en/sql-reference/statements/create/user.md
View File

@ -14,6 +14,7 @@ CREATE USER [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1]
[, name2 [ON CLUSTER cluster_name2] ...]
[NOT IDENTIFIED | IDENTIFIED {[WITH {no_password | plaintext_password | sha256_password | sha256_hash | double_sha1_password | double_sha1_hash}] BY {'password' | 'hash'}} | {WITH ldap SERVER 'server_name'} | {WITH kerberos [REALM 'realm']} | {WITH ssl_certificate CN 'common_name'}]
[HOST {LOCAL | NAME 'name' | REGEXP 'name_regexp' | IP 'address' | LIKE 'pattern'} [,...] | ANY | NONE]
[IN access_storage_type]
[DEFAULT ROLE role [,...]]
[DEFAULT DATABASE database | NONE]
[GRANTEES {user | role | ANY | NONE} [,...] [EXCEPT {user | role} [,...]]]

10
docs/en/sql-reference/statements/drop.md
View File

@ -49,7 +49,7 @@ Deletes a user.
Syntax:
``` sql
DROP USER [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
DROP USER [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
```
## DROP ROLE
@ -59,7 +59,7 @@ Deletes a role. The deleted role is revoked from all the entities where it was a
Syntax:
``` sql
DROP ROLE [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
DROP ROLE [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
```
## DROP ROW POLICY
@ -69,7 +69,7 @@ Deletes a row policy. Deleted row policy is revoked from all the entities where
Syntax:
``` sql
DROP [ROW] POLICY [IF EXISTS] name [,...] ON [database.]table [,...] [ON CLUSTER cluster_name]
DROP [ROW] POLICY [IF EXISTS] name [,...] ON [database.]table [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
```
## DROP QUOTA
@ -79,7 +79,7 @@ Deletes a quota. The deleted quota is revoked from all the entities where it was
Syntax:
``` sql
DROP QUOTA [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
DROP QUOTA [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
```
## DROP SETTINGS PROFILE
@ -89,7 +89,7 @@ Deletes a settings profile. The deleted settings profile is revoked from all the
Syntax:
``` sql
DROP [SETTINGS] PROFILE [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
DROP [SETTINGS] PROFILE [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
```
## DROP VIEW

32
docs/en/sql-reference/statements/move.md Normal file
View File

@ -0,0 +1,32 @@
---
slug: /en/sql-reference/statements/move
sidebar_position: 54
sidebar_label: MOVE
---
# MOVE access entity statement
This statement allows to move an access entity from one access storage to another.
Syntax:
```sql
MOVE {USER, ROLE, QUOTA, SETTINGS PROFILE, ROW POLICY} name1 [, name2, ...] TO access_storage_type
```
Currently, there are five access storages in ClickHouse:
- `local_directory`
- `memory`
- `replicated`
- `users_xml` (ro)
- `ldap` (ro)
Examples:
```sql
MOVE USER test TO local_directory
```
```sql
MOVE ROLE test TO memory
```

15
src/Access/IAccessStorage.cpp
View File

@ -202,16 +202,21 @@ std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & mu
std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & multiple_entities, const std::vector<UUID> & ids, bool replace_if_exists, bool throw_if_exists)
{
if (!ids.empty())
assert(multiple_entities.size() == ids.size());
assert(ids.empty() || (multiple_entities.size() == ids.size()));
if (multiple_entities.empty())
return {};
if (multiple_entities.size() == 1)
{
if (auto id = insert(multiple_entities[0], replace_if_exists, throw_if_exists))
return {*id};
UUID id;
if (!ids.empty())
id = ids[0];
else
id = generateRandomID();
if (insert(id, multiple_entities[0], replace_if_exists, throw_if_exists))
return {id};
return {};
}
@ -229,7 +234,7 @@ std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & mu
else
id = generateRandomID();
if (insertImpl(id, entity, replace_if_exists, throw_if_exists))
if (insert(id, entity, replace_if_exists, throw_if_exists))
{
successfully_inserted.push_back(entity);
new_ids.push_back(id);

4
src/Access/MultipleAccessStorage.cpp
View File

@ -230,8 +230,8 @@ StoragePtr MultipleAccessStorage::findExcludingStorage(AccessEntityType type, co
void MultipleAccessStorage::moveAccessEntities(const std::vector<UUID> & ids, const String & source_storage_name, const String & destination_storage_name)
{
auto source_storage = findStorageByName(source_storage_name);
auto destination_storage = findStorageByName(destination_storage_name);
auto source_storage = getStorageByName(source_storage_name);
auto destination_storage = getStorageByName(destination_storage_name);
auto to_move = source_storage->read(ids);
source_storage->remove(ids);

7
src/Interpreters/Access/InterpreterMoveAccessEntityQuery.cpp
View File

@ -28,12 +28,9 @@ BlockIO InterpreterMoveAccessEntityQuery::execute()
std::vector<UUID> ids;
if (query.type == AccessEntityType::ROW_POLICY)
ids = access_control.find(query.type, query.row_policy_names->toStrings());
ids = access_control.getIDs(query.type, query.row_policy_names->toStrings());
else
ids = access_control.find(query.type, query.names);
if (ids.empty())
return {};
ids = access_control.getIDs(query.type, query.names);
/// Validate that all entities are from the same storage.
const auto source_storage = access_control.findStorage(ids.front());

11
tests/integration/test_multi_access_storage_role_management/test.py
View File

@ -76,6 +76,13 @@ def execute_test_for_access_type(access_type: str, system_table_name: str):
with pytest.raises(QueryRuntimeException):
node.query(f"MOVE {access_type} test6 TO users_xml")
node.query(f"DROP {access_type} test1")
node.query(f"DROP {access_type} test2")
node.query(f"DROP {access_type} test3")
node.query(f"DROP {access_type} test4")
node.query(f"DROP {access_type} test5")
node.query(f"DROP {access_type} test6")
def test_roles():
execute_test_for_access_type("ROLE", "roles")
@ -93,10 +100,6 @@ def test_quotas():
execute_test_for_access_type("QUOTA", "quotas")
def test_row_policies():
execute_test_for_access_type("ROW POLICY", "row_policies")
def test_role_from_different_storages():
node.query("CREATE ROLE default_role")
node.query("GRANT SELECT ON system.* TO default_role")

36
tests/integration/test_quota/test.py
View File

@ -105,7 +105,7 @@ def test_quota_from_users_xml():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,
@ -252,7 +252,7 @@ def test_simpliest_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[]",
0,
@ -326,7 +326,7 @@ def test_tracking_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -446,7 +446,7 @@ def test_exceed_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -523,7 +523,7 @@ def test_exceed_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -613,7 +613,7 @@ def test_add_remove_interval():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,
@ -675,7 +675,7 @@ def test_add_remove_interval():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952,63113904]",
0,
@ -824,7 +824,7 @@ def test_add_remove_interval():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,
@ -914,7 +914,7 @@ def test_add_remove_interval():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[]",
0,
@ -986,7 +986,7 @@ def test_add_remove_interval():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,
@ -1048,7 +1048,7 @@ def test_add_remove_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,
@ -1111,7 +1111,7 @@ def test_add_remove_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -1121,7 +1121,7 @@ def test_add_remove_quota():
[
"myQuota2",
"4590510c-4d13-bf21-ec8a-c2187b092e73",
"users.xml",
"users_xml",
"['client_key','user_name']",
"[3600,2629746]",
0,
@ -1214,7 +1214,7 @@ def test_add_remove_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -1283,7 +1283,7 @@ def test_add_remove_quota():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -1346,7 +1346,7 @@ def test_reload_users_xml_by_timer():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
"[31556952]",
0,
@ -1385,7 +1385,7 @@ def test_reload_users_xml_by_timer():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
["user_name"],
"[31556952]",
0,
@ -1554,7 +1554,7 @@ def test_query_inserts():
[
"myQuota",
"e651da9c-a748-8703-061a-7e5e5096dae7",
"users.xml",
"users_xml",
"['user_name']",
[31556952],
0,