mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-23 08:02:02 +00:00
Make 02703_row_policy_for_database parallelizable
This commit is contained in:
Raúl Marín
parent
85cecf990d
commit
cb83274d37
@ -1,20 +1,20 @@
|
||||
-- row policies for database
|
||||
-- SHOW CREATE POLICY db1_02703 ON db1_02703.*
|
||||
CREATE ROW POLICY db1_02703 ON db1_02703.* FOR SELECT USING 1 TO ALL
|
||||
-- SHOW CREATE POLICY ON db1_02703.*
|
||||
CREATE ROW POLICY db1_02703 ON db1_02703.* FOR SELECT USING 1 TO ALL
|
||||
CREATE ROW POLICY tbl1_02703 ON db1_02703.`table` FOR SELECT USING 1 TO ALL
|
||||
-- SHOW CREATE POLICY ON db1_02703.`*`
|
||||
-- SHOW CREATE POLICY default ON default.*
|
||||
CREATE ROW POLICY default_db_policy ON default.* FOR SELECT USING 1 TO ALL
|
||||
-- SHOW CREATE POLICY ON default.*
|
||||
CREATE ROW POLICY default_db_policy ON default.* FOR SELECT USING 1 TO ALL
|
||||
CREATE ROW POLICY default_tb_policy ON default.`table` FOR SELECT USING 1 TO ALL
|
||||
-- SHOW CREATE POLICY ON default.`*`
|
||||
R1, R2: (x == 1) OR (x == 2)
|
||||
1
|
||||
2
|
||||
Check system.query_log
|
||||
SELECT \'-- row policies for database\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY db1_02703 ON db1_02703.*\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY ON db1_02703.*\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY ON db1_02703.`*`\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY default ON default.*\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY ON default.*\'; []
|
||||
SELECT \' -- SHOW CREATE POLICY ON default.`*`\'; []
|
||||
SELECT \'R1, R2: (x == 1) OR (x == 2)\'; []
|
||||
SELECT * FROM 02703_rqtable_default; ['`02703_filter_11_db` ON default.*','`02703_filter_11` ON default.`02703_rqtable_default`']
|
||||
SELECT * FROM 02703_rqtable_default; ['default_filter_11_db_policy ON default.*','default_filter_11_policy ON default.`02703_rqtable_default`']
|
||||
SELECT \'Check system.query_log\'; []
|
||||
-- CREATE DATABASE-LEVEL POLICY IN CURRENT DATABASE
|
||||
CREATE ROW POLICY db2_02703 ON db1_02703.* TO u1_02703
|
||||
CREATE ROW POLICY db2_02703 ON default.* TO user_default
|
||||
|
||||
59
tests/queries/0_stateless/02703_row_policy_for_database.sh
Executable file
59
tests/queries/0_stateless/02703_row_policy_for_database.sh
Executable file
@ -0,0 +1,59 @@
|
||||
#!/usr/bin/env bash
|
||||
CUR_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
|
||||
# shellcheck source=../shell_config.sh
|
||||
. "$CUR_DIR"/../shell_config.sh
|
||||
|
||||
CLICKHOUSE_USER="user_$CLICKHOUSE_DATABASE"
|
||||
|
||||
$CLICKHOUSE_CLIENT --multiquery "
|
||||
|
||||
DROP USER IF EXISTS ${CLICKHOUSE_USER};
|
||||
CREATE USER ${CLICKHOUSE_USER};
|
||||
|
||||
CREATE TABLE ${CLICKHOUSE_DATABASE}.02703_rqtable (x UInt8) ENGINE = MergeTree ORDER BY x;
|
||||
INSERT INTO ${CLICKHOUSE_DATABASE}.02703_rqtable VALUES (1), (2), (3), (4);
|
||||
|
||||
SELECT '-- row policies for database';
|
||||
CREATE ROW POLICY ${CLICKHOUSE_DATABASE}_db_policy ON ${CLICKHOUSE_DATABASE}.* USING 1 AS PERMISSIVE TO ALL;
|
||||
CREATE ROW POLICY ${CLICKHOUSE_DATABASE}_tb_policy ON ${CLICKHOUSE_DATABASE}.table USING 1 AS PERMISSIVE TO ALL;
|
||||
SELECT ' -- SHOW CREATE POLICY ${CLICKHOUSE_DATABASE} ON ${CLICKHOUSE_DATABASE}.*';
|
||||
SHOW CREATE POLICY ${CLICKHOUSE_DATABASE}_db_policy ON ${CLICKHOUSE_DATABASE}.*;
|
||||
SELECT ' -- SHOW CREATE POLICY ON ${CLICKHOUSE_DATABASE}.*';
|
||||
SHOW CREATE POLICY ON ${CLICKHOUSE_DATABASE}.*;
|
||||
SELECT ' -- SHOW CREATE POLICY ON ${CLICKHOUSE_DATABASE}.\`*\`';
|
||||
SHOW CREATE POLICY ON ${CLICKHOUSE_DATABASE}.\`*\`;
|
||||
DROP POLICY ${CLICKHOUSE_DATABASE}_db_policy ON ${CLICKHOUSE_DATABASE}.*;
|
||||
DROP POLICY ${CLICKHOUSE_DATABASE}_tb_policy ON ${CLICKHOUSE_DATABASE}.table;
|
||||
"
|
||||
|
||||
$CLICKHOUSE_CLIENT --query "CREATE ROW POLICY any_02703 ON *.some_table USING 1 AS PERMISSIVE TO ALL;" 2>&1 | grep -q "SYNTAX_ERROR"
|
||||
|
||||
$CLICKHOUSE_CLIENT --multiquery "
|
||||
CREATE TABLE 02703_rqtable_default (x UInt8) ENGINE = MergeTree ORDER BY x;
|
||||
|
||||
CREATE ROW POLICY ${CLICKHOUSE_DATABASE}_filter_11_db_policy ON * USING x=1 AS permissive TO ALL;
|
||||
CREATE ROW POLICY ${CLICKHOUSE_DATABASE}_filter_11_policy ON 02703_rqtable_default USING x=2 AS permissive TO ALL;
|
||||
|
||||
INSERT INTO 02703_rqtable_default VALUES (1), (2), (3), (4);
|
||||
|
||||
SELECT 'R1, R2: (x == 1) OR (x == 2)';
|
||||
SELECT * FROM 02703_rqtable_default;
|
||||
|
||||
DROP TABLE 02703_rqtable_default;
|
||||
|
||||
SELECT 'Check system.query_log';
|
||||
SYSTEM FLUSH LOGS;
|
||||
SELECT query, used_row_policies FROM system.query_log WHERE current_database == currentDatabase() AND type == 'QueryStart' AND query_kind == 'Select' ORDER BY event_time_microseconds;
|
||||
|
||||
DROP ROW POLICY ${CLICKHOUSE_DATABASE}_filter_11_db_policy ON *;
|
||||
DROP ROW POLICY ${CLICKHOUSE_DATABASE}_filter_11_policy ON 02703_rqtable_default;
|
||||
|
||||
USE ${CLICKHOUSE_DATABASE};
|
||||
SELECT ' -- CREATE DATABASE-LEVEL POLICY IN CURRENT DATABASE';
|
||||
CREATE ROW POLICY db2_02703 ON * TO ${CLICKHOUSE_USER};
|
||||
SHOW CREATE POLICY db2_02703 ON *;
|
||||
|
||||
DROP ROW POLICY db2_02703 ON *;
|
||||
|
||||
DROP USER ${CLICKHOUSE_USER};
|
||||
"
|
||||
@ -1,53 +0,0 @@
|
||||
-- Tags: no-parallel
|
||||
|
||||
DROP DATABASE IF EXISTS db1_02703;
|
||||
DROP USER IF EXISTS u1_02703;
|
||||
CREATE USER u1_02703;
|
||||
|
||||
CREATE DATABASE db1_02703;
|
||||
|
||||
CREATE TABLE db1_02703.02703_rqtable (x UInt8) ENGINE = MergeTree ORDER BY x;
|
||||
INSERT INTO db1_02703.02703_rqtable VALUES (1), (2), (3), (4);
|
||||
|
||||
|
||||
SELECT '-- row policies for database';
|
||||
CREATE ROW POLICY db1_02703 ON db1_02703.* USING 1 AS PERMISSIVE TO ALL;
|
||||
CREATE ROW POLICY tbl1_02703 ON db1_02703.table USING 1 AS PERMISSIVE TO ALL;
|
||||
SELECT ' -- SHOW CREATE POLICY db1_02703 ON db1_02703.*';
|
||||
SHOW CREATE POLICY db1_02703 ON db1_02703.*;
|
||||
SELECT ' -- SHOW CREATE POLICY ON db1_02703.*';
|
||||
SHOW CREATE POLICY ON db1_02703.*;
|
||||
SELECT ' -- SHOW CREATE POLICY ON db1_02703.`*`';
|
||||
SHOW CREATE POLICY ON db1_02703.`*`;
|
||||
DROP POLICY db1_02703 ON db1_02703.*;
|
||||
DROP POLICY tbl1_02703 ON db1_02703.table;
|
||||
|
||||
CREATE ROW POLICY any_02703 ON *.some_table USING 1 AS PERMISSIVE TO ALL; -- { clientError SYNTAX_ERROR }
|
||||
|
||||
CREATE TABLE 02703_rqtable_default (x UInt8) ENGINE = MergeTree ORDER BY x;
|
||||
|
||||
CREATE ROW POLICY 02703_filter_11_db ON * USING x=1 AS permissive TO ALL;
|
||||
CREATE ROW POLICY 02703_filter_11 ON 02703_rqtable_default USING x=2 AS permissive TO ALL;
|
||||
|
||||
INSERT INTO 02703_rqtable_default VALUES (1), (2), (3), (4);
|
||||
|
||||
SELECT 'R1, R2: (x == 1) OR (x == 2)';
|
||||
SELECT * FROM 02703_rqtable_default;
|
||||
|
||||
DROP TABLE 02703_rqtable_default;
|
||||
|
||||
SELECT 'Check system.query_log';
|
||||
SYSTEM FLUSH LOGS;
|
||||
SELECT query, used_row_policies FROM system.query_log WHERE current_database == currentDatabase() AND type == 'QueryStart' AND query_kind == 'Select' ORDER BY event_time_microseconds;
|
||||
|
||||
DROP ROW POLICY 02703_filter_11_db ON *;
|
||||
DROP ROW POLICY 02703_filter_11 ON 02703_rqtable_default;
|
||||
|
||||
USE db1_02703;
|
||||
SELECT ' -- CREATE DATABASE-LEVEL POLICY IN CURRENT DATABASE';
|
||||
CREATE ROW POLICY db2_02703 ON * TO u1_02703;
|
||||
SHOW CREATE POLICY db2_02703 ON *;
|
||||
|
||||
DROP ROW POLICY db2_02703 ON *;
|
||||
|
||||
DROP USER u1_02703;
|
||||
Loading…
Reference in New Issue
Block a user