mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-09-19 16:20:50 +00:00
Fix tests, docs
This commit is contained in:
parent
13d9952227
commit
9dbb106dc1
@ -11,6 +11,7 @@ Syntax:
|
||||
|
||||
``` sql
|
||||
CREATE QUOTA [IF NOT EXISTS | OR REPLACE] name [ON CLUSTER cluster_name]
|
||||
[IN access_storage_type]
|
||||
[KEYED BY {user_name | ip_address | client_key | client_key,user_name | client_key,ip_address} | NOT KEYED]
|
||||
[FOR [RANDOMIZED] INTERVAL number {second | minute | hour | day | week | month | quarter | year}
|
||||
{MAX { {queries | query_selects | query_inserts | errors | result_rows | result_bytes | read_rows | read_bytes | execution_time} = number } [,...] |
|
||||
|
@ -11,6 +11,7 @@ Syntax:
|
||||
|
||||
``` sql
|
||||
CREATE ROLE [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1] [, name2 [ON CLUSTER cluster_name2] ...]
|
||||
[IN access_storage_type]
|
||||
[SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [CONST|READONLY|WRITABLE|CHANGEABLE_IN_READONLY] | PROFILE 'profile_name'] [,...]
|
||||
```
|
||||
|
||||
|
@ -16,6 +16,7 @@ Syntax:
|
||||
``` sql
|
||||
CREATE [ROW] POLICY [IF NOT EXISTS | OR REPLACE] policy_name1 [ON CLUSTER cluster_name1] ON [db1.]table1|db1.*
|
||||
[, policy_name2 [ON CLUSTER cluster_name2] ON [db2.]table2|db2.* ...]
|
||||
[IN access_storage_type]
|
||||
[FOR SELECT] USING condition
|
||||
[AS {PERMISSIVE | RESTRICTIVE}]
|
||||
[TO {role1 [, role2 ...] | ALL | ALL EXCEPT role1 [, role2 ...]}]
|
||||
|
@ -12,6 +12,7 @@ Syntax:
|
||||
``` sql
|
||||
CREATE SETTINGS PROFILE [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1]
|
||||
[, name2 [ON CLUSTER cluster_name2] ...]
|
||||
[IN access_storage_type]
|
||||
[SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [CONST|READONLY|WRITABLE|CHANGEABLE_IN_READONLY] | INHERIT 'profile_name'] [,...]
|
||||
```
|
||||
|
||||
|
@ -14,6 +14,7 @@ CREATE USER [IF NOT EXISTS | OR REPLACE] name1 [ON CLUSTER cluster_name1]
|
||||
[, name2 [ON CLUSTER cluster_name2] ...]
|
||||
[NOT IDENTIFIED | IDENTIFIED {[WITH {no_password | plaintext_password | sha256_password | sha256_hash | double_sha1_password | double_sha1_hash}] BY {'password' | 'hash'}} | {WITH ldap SERVER 'server_name'} | {WITH kerberos [REALM 'realm']} | {WITH ssl_certificate CN 'common_name'}]
|
||||
[HOST {LOCAL | NAME 'name' | REGEXP 'name_regexp' | IP 'address' | LIKE 'pattern'} [,...] | ANY | NONE]
|
||||
[IN access_storage_type]
|
||||
[DEFAULT ROLE role [,...]]
|
||||
[DEFAULT DATABASE database | NONE]
|
||||
[GRANTEES {user | role | ANY | NONE} [,...] [EXCEPT {user | role} [,...]]]
|
||||
|
@ -49,7 +49,7 @@ Deletes a user.
|
||||
Syntax:
|
||||
|
||||
``` sql
|
||||
DROP USER [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
|
||||
DROP USER [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
|
||||
```
|
||||
|
||||
## DROP ROLE
|
||||
@ -59,7 +59,7 @@ Deletes a role. The deleted role is revoked from all the entities where it was a
|
||||
Syntax:
|
||||
|
||||
``` sql
|
||||
DROP ROLE [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
|
||||
DROP ROLE [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
|
||||
```
|
||||
|
||||
## DROP ROW POLICY
|
||||
@ -69,7 +69,7 @@ Deletes a row policy. Deleted row policy is revoked from all the entities where
|
||||
Syntax:
|
||||
|
||||
``` sql
|
||||
DROP [ROW] POLICY [IF EXISTS] name [,...] ON [database.]table [,...] [ON CLUSTER cluster_name]
|
||||
DROP [ROW] POLICY [IF EXISTS] name [,...] ON [database.]table [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
|
||||
```
|
||||
|
||||
## DROP QUOTA
|
||||
@ -79,7 +79,7 @@ Deletes a quota. The deleted quota is revoked from all the entities where it was
|
||||
Syntax:
|
||||
|
||||
``` sql
|
||||
DROP QUOTA [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
|
||||
DROP QUOTA [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
|
||||
```
|
||||
|
||||
## DROP SETTINGS PROFILE
|
||||
@ -89,7 +89,7 @@ Deletes a settings profile. The deleted settings profile is revoked from all the
|
||||
Syntax:
|
||||
|
||||
``` sql
|
||||
DROP [SETTINGS] PROFILE [IF EXISTS] name [,...] [ON CLUSTER cluster_name]
|
||||
DROP [SETTINGS] PROFILE [IF EXISTS] name [,...] [ON CLUSTER cluster_name] [FROM access_storage_type]
|
||||
```
|
||||
|
||||
## DROP VIEW
|
||||
|
32
docs/en/sql-reference/statements/move.md
Normal file
32
docs/en/sql-reference/statements/move.md
Normal file
@ -0,0 +1,32 @@
|
||||
---
|
||||
slug: /en/sql-reference/statements/move
|
||||
sidebar_position: 54
|
||||
sidebar_label: MOVE
|
||||
---
|
||||
|
||||
# MOVE access entity statement
|
||||
|
||||
This statement allows to move an access entity from one access storage to another.
|
||||
|
||||
Syntax:
|
||||
|
||||
```sql
|
||||
MOVE {USER, ROLE, QUOTA, SETTINGS PROFILE, ROW POLICY} name1 [, name2, ...] TO access_storage_type
|
||||
```
|
||||
|
||||
Currently, there are five access storages in ClickHouse:
|
||||
- `local_directory`
|
||||
- `memory`
|
||||
- `replicated`
|
||||
- `users_xml` (ro)
|
||||
- `ldap` (ro)
|
||||
|
||||
Examples:
|
||||
|
||||
```sql
|
||||
MOVE USER test TO local_directory
|
||||
```
|
||||
|
||||
```sql
|
||||
MOVE ROLE test TO memory
|
||||
```
|
@ -202,16 +202,21 @@ std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & mu
|
||||
|
||||
std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & multiple_entities, const std::vector<UUID> & ids, bool replace_if_exists, bool throw_if_exists)
|
||||
{
|
||||
if (!ids.empty())
|
||||
assert(multiple_entities.size() == ids.size());
|
||||
assert(ids.empty() || (multiple_entities.size() == ids.size()));
|
||||
|
||||
if (multiple_entities.empty())
|
||||
return {};
|
||||
|
||||
if (multiple_entities.size() == 1)
|
||||
{
|
||||
if (auto id = insert(multiple_entities[0], replace_if_exists, throw_if_exists))
|
||||
return {*id};
|
||||
UUID id;
|
||||
if (!ids.empty())
|
||||
id = ids[0];
|
||||
else
|
||||
id = generateRandomID();
|
||||
|
||||
if (insert(id, multiple_entities[0], replace_if_exists, throw_if_exists))
|
||||
return {id};
|
||||
return {};
|
||||
}
|
||||
|
||||
@ -229,7 +234,7 @@ std::vector<UUID> IAccessStorage::insert(const std::vector<AccessEntityPtr> & mu
|
||||
else
|
||||
id = generateRandomID();
|
||||
|
||||
if (insertImpl(id, entity, replace_if_exists, throw_if_exists))
|
||||
if (insert(id, entity, replace_if_exists, throw_if_exists))
|
||||
{
|
||||
successfully_inserted.push_back(entity);
|
||||
new_ids.push_back(id);
|
||||
|
@ -230,8 +230,8 @@ StoragePtr MultipleAccessStorage::findExcludingStorage(AccessEntityType type, co
|
||||
|
||||
void MultipleAccessStorage::moveAccessEntities(const std::vector<UUID> & ids, const String & source_storage_name, const String & destination_storage_name)
|
||||
{
|
||||
auto source_storage = findStorageByName(source_storage_name);
|
||||
auto destination_storage = findStorageByName(destination_storage_name);
|
||||
auto source_storage = getStorageByName(source_storage_name);
|
||||
auto destination_storage = getStorageByName(destination_storage_name);
|
||||
|
||||
auto to_move = source_storage->read(ids);
|
||||
source_storage->remove(ids);
|
||||
|
@ -28,12 +28,9 @@ BlockIO InterpreterMoveAccessEntityQuery::execute()
|
||||
|
||||
std::vector<UUID> ids;
|
||||
if (query.type == AccessEntityType::ROW_POLICY)
|
||||
ids = access_control.find(query.type, query.row_policy_names->toStrings());
|
||||
ids = access_control.getIDs(query.type, query.row_policy_names->toStrings());
|
||||
else
|
||||
ids = access_control.find(query.type, query.names);
|
||||
|
||||
if (ids.empty())
|
||||
return {};
|
||||
ids = access_control.getIDs(query.type, query.names);
|
||||
|
||||
/// Validate that all entities are from the same storage.
|
||||
const auto source_storage = access_control.findStorage(ids.front());
|
||||
|
@ -76,6 +76,13 @@ def execute_test_for_access_type(access_type: str, system_table_name: str):
|
||||
with pytest.raises(QueryRuntimeException):
|
||||
node.query(f"MOVE {access_type} test6 TO users_xml")
|
||||
|
||||
node.query(f"DROP {access_type} test1")
|
||||
node.query(f"DROP {access_type} test2")
|
||||
node.query(f"DROP {access_type} test3")
|
||||
node.query(f"DROP {access_type} test4")
|
||||
node.query(f"DROP {access_type} test5")
|
||||
node.query(f"DROP {access_type} test6")
|
||||
|
||||
|
||||
def test_roles():
|
||||
execute_test_for_access_type("ROLE", "roles")
|
||||
@ -93,10 +100,6 @@ def test_quotas():
|
||||
execute_test_for_access_type("QUOTA", "quotas")
|
||||
|
||||
|
||||
def test_row_policies():
|
||||
execute_test_for_access_type("ROW POLICY", "row_policies")
|
||||
|
||||
|
||||
def test_role_from_different_storages():
|
||||
node.query("CREATE ROLE default_role")
|
||||
node.query("GRANT SELECT ON system.* TO default_role")
|
||||
|
@ -105,7 +105,7 @@ def test_quota_from_users_xml():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
@ -252,7 +252,7 @@ def test_simpliest_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[]",
|
||||
0,
|
||||
@ -326,7 +326,7 @@ def test_tracking_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -446,7 +446,7 @@ def test_exceed_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -523,7 +523,7 @@ def test_exceed_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -613,7 +613,7 @@ def test_add_remove_interval():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
@ -675,7 +675,7 @@ def test_add_remove_interval():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952,63113904]",
|
||||
0,
|
||||
@ -824,7 +824,7 @@ def test_add_remove_interval():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
@ -914,7 +914,7 @@ def test_add_remove_interval():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[]",
|
||||
0,
|
||||
@ -986,7 +986,7 @@ def test_add_remove_interval():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
@ -1048,7 +1048,7 @@ def test_add_remove_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
@ -1111,7 +1111,7 @@ def test_add_remove_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -1121,7 +1121,7 @@ def test_add_remove_quota():
|
||||
[
|
||||
"myQuota2",
|
||||
"4590510c-4d13-bf21-ec8a-c2187b092e73",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['client_key','user_name']",
|
||||
"[3600,2629746]",
|
||||
0,
|
||||
@ -1214,7 +1214,7 @@ def test_add_remove_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -1283,7 +1283,7 @@ def test_add_remove_quota():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -1346,7 +1346,7 @@ def test_reload_users_xml_by_timer():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -1385,7 +1385,7 @@ def test_reload_users_xml_by_timer():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
["user_name"],
|
||||
"[31556952]",
|
||||
0,
|
||||
@ -1554,7 +1554,7 @@ def test_query_inserts():
|
||||
[
|
||||
"myQuota",
|
||||
"e651da9c-a748-8703-061a-7e5e5096dae7",
|
||||
"users.xml",
|
||||
"users_xml",
|
||||
"['user_name']",
|
||||
[31556952],
|
||||
0,
|
||||
|
Loading…
Reference in New Issue
Block a user