fix zero-access user creation

2024-11-26 17:41:59 +00:00 · 2019-11-15 18:49:29 +03:00 · 2019-11-15 18:49:29 +03:00 · a460001bae
commit a460001bae
parent 30acb1b653
3 changed files with 8 additions and 2 deletions
--- a/dbms/src/Interpreters/Users.cpp
+++ b/dbms/src/Interpreters/Users.cpp
@ -75,6 +75,7 @@ User::User(const String & name_, const String & config_elem, const Poco::Util::A
    const auto config_sub_elem = config_elem + ".allow_databases";
    if (config.has(config_sub_elem))
    {
        has_allowed_databases = true;
        Poco::Util::AbstractConfiguration::Keys config_keys;
        config.keys(config_sub_elem, config_keys);
@ -90,6 +91,7 @@ User::User(const String & name_, const String & config_elem, const Poco::Util::A
    const auto config_dictionary_sub_elem = config_elem + ".allow_dictionaries";
    if (config.has(config_dictionary_sub_elem))
    {
        has_allowed_dictionaries = true;
        Poco::Util::AbstractConfiguration::Keys config_keys;
        config.keys(config_dictionary_sub_elem, config_keys);
--- a/dbms/src/Interpreters/Users.h
+++ b/dbms/src/Interpreters/Users.h
@ -32,6 +32,10 @@ struct User
    String profile;
    String quota;
    //if true then allowed_X was defined in user
    bool has_allowed_databases = false;
    bool has_allowed_dictionaries = false;
    AllowedClientHosts allowed_client_hosts;
    /// List of allowed databases.
--- a/dbms/src/Interpreters/UsersManager.cpp
+++ b/dbms/src/Interpreters/UsersManager.cpp
@ -63,7 +63,7 @@ bool UsersManager::hasAccessToDatabase(const std::string & user_name, const std:
        throw Exception("Unknown user " + user_name, ErrorCodes::UNKNOWN_USER);
    auto user = it->second;
-    return user->databases.empty() || user->databases.count(database_name);
+    return !user->has_allowed_databases || user->databases.count(database_name);
 }
 bool UsersManager::hasAccessToDictionary(const std::string & user_name, const std::string & dictionary_name) const
@ -74,6 +74,6 @@ bool UsersManager::hasAccessToDictionary(const std::string & user_name, const st
        throw Exception("Unknown user " + user_name, ErrorCodes::UNKNOWN_USER);
    auto user = it->second;
-    return user->dictionaries.empty() || user->dictionaries.count(dictionary_name);
+    return !user->has_allowed_dictionaries || user->dictionaries.count(dictionary_name);
 }
 }