Alexey Milovidov
184e6f840e
Remove useless header files
2023-11-06 03:49:55 +01:00
Aleksei Filatov
0a1f3f205c
Add external HTTP Basic authenticator ( #55199 )
2023-10-20 19:24:19 +02:00
George Gamezardashvili
0ce30ab6d5
SSH keys authentication ( #41109 )
...
Added new type of authentication based on SSH keys. It works only for Native TCP protocol.
Co-authored-by: Nikita Mikhaylov <nikitamikhaylov@clickhouse.com>
Co-authored-by: Robert Schulze <robert@clickhouse.com>
2023-09-26 17:50:19 +02:00
kssenii
185e3819ac
Fix
2023-08-30 13:41:18 +02:00
Austin Kothig
6b42975d33
Change BE-UUID to work the same as LE-UUID. Included high and low getters to provide cleaner code when accessing undertype.
2023-08-18 08:19:46 -07:00
Mike Kot
062b1c464c
watch for certificate file updates in configreloader
2023-07-11 10:04:43 +00:00
kssenii
6c776f4483
Better
2023-06-13 12:40:53 +02:00
pufit
dbd3766f5f
Specify roles in users.xml
2023-05-30 20:42:49 -04:00
pufit
04a829b554
Fix PR issues
2023-05-05 22:41:44 -04:00
pufit
309032fb67
Check if grantees are empty
2023-05-04 13:42:14 -04:00
pufit
2964ca5c84
Specify grants for users in users.xml
2023-05-01 20:24:02 -04:00
kssenii
03c9eeb106
Fix tests
2023-02-27 14:29:20 +01:00
kssenii
9a7c71b78e
Allow to hide only values from system.named_collections
2023-02-21 18:07:57 +01:00
Alexander Tokmakov
70d1adfe4b
Better formatting for exception messages ( #45449 )
...
* save format string for NetException
* format exceptions
* format exceptions 2
* format exceptions 3
* format exceptions 4
* format exceptions 5
* format exceptions 6
* fix
* format exceptions 7
* format exceptions 8
* Update MergeTreeIndexGin.cpp
* Update AggregateFunctionMap.cpp
* Update AggregateFunctionMap.cpp
* fix
2023-01-24 00:13:58 +03:00
serxa
1b5b43ec87
fix checks on CREATE + added resolveSetting.h + improved system table
2022-12-06 19:09:18 +00:00
kssenii
5323c51176
Restrict access to system.named_collections
2022-11-17 13:40:03 +01:00
Sergei Trifonov
cf2db48c29
Merge pull request #40631 from ClickHouse/readonly-settings-allow
...
Allow to modify constrained settings in readonly mode
2022-09-20 02:18:14 +02:00
Vitaly Baranov
5365b105cc
Add SYSTEM RELOAD USERS command.
2022-09-18 12:44:00 +02:00
Sergei Trifonov
c31818260f
renames and refactoring
2022-09-12 21:03:06 +02:00
Sergei Trifonov
77ee4c04aa
fix stateless tests
2022-09-06 20:28:50 +02:00
Sergei Trifonov
014d109175
fix build, fix docs, fix comments, logical fixes, test are still to be fixed and new test are to be added
2022-09-02 16:20:09 +02:00
Sergei Trifonov
c5d1bbf680
reimplement with <allow> tag
2022-08-26 21:20:00 +02:00
Sergei Trifonov
856a2f5956
Allow to modify constrained settings in readonly mode
2022-08-25 17:24:24 +02:00
Vitaly Baranov
1a71e44b28
Merge pull request #38024 from nvartolomei/nv/error-if-profile-does-not-exist
...
Throw exception when xml user profile does not exist
2022-07-03 11:26:08 +02:00
Vitaly Baranov
8195aa768b
Move checking if parent profile is allowed to UsersConfigAccessStorage.
2022-07-01 14:46:35 +02:00
Vitaly Baranov
115be82440
DiskAccessStorage is now allowed to backup by default.
2022-06-19 13:16:36 +02:00
Vitaly Baranov
a0c558a17e
Implement backup/restore for ACL system tables (system.users, system.roles, etc.)
2022-06-17 18:14:31 +02:00
Nicolae Vartolomei
9555153f95
Throw exception when xml user profile does not exist
...
Closes #26086
2022-06-13 13:29:08 +00:00
Vitaly Baranov
58f4a86ec7
Rework notifications used in access management.
2022-05-21 10:15:39 +02:00
Marcelo Rodriguez
3b733ec8eb
Update Exception Message for allowed auth types
...
update error message per this commit:
cb66a63aa4
the xml tag changed from `<certificates>` to `<ssl_certificates>`
will also submit a correction to the following doc page:
https://clickhouse.com/docs/en/operations/external-authenticators/ssl-x509
2022-05-11 10:56:12 -06:00
Vitaly Baranov
69bec2f377
Users without assigned row policies can view rows now.
2022-05-07 14:50:24 +02:00
Amos Bird
4a5e4274f0
base should not depend on Common
2022-04-29 10:26:35 +08:00
Vitaly Baranov
1eb2e8693e
Fix code style and other minor corrections after implementing allow_no_password.
2022-03-14 20:55:34 +01:00
HeenaBansal2009
3f031df225
Code refactoring
2022-03-10 22:22:51 -08:00
HeenaBansal2009
3ce9397246
Added Suggestions from Code review
2022-03-09 20:35:01 -08:00
HeenaBansal2009
c14c60f1d3
Merge branch 'master' into Issue-33953
2022-02-28 11:12:54 -08:00
HeenaBansal2009
aa8494a808
Fix: System Reload Config Failure
2022-02-28 10:51:49 -08:00
Vitaly Baranov
cb66a63aa4
Rename header and config setting for consistency.
2022-02-21 07:41:06 +03:00
Vitaly Baranov
0d377de5f0
Support syntax CREATE USER IDENTIFIED WITH ssl_certificate CN ...
2022-02-21 07:01:00 +03:00
HeenaBansal2009
1b263f0c15
Added FT testcase
2022-02-18 12:58:46 -08:00
HeenaBansal2009
d16cae53b4
Initial Commit for Plaintext password feature
2022-02-17 21:25:18 -08:00
Eugene Galkin
f46dca4793
support x509 ssl certificate authentication
2022-01-17 15:01:38 +03:00
Vitaly Baranov
b9090029e6
Merge pull request #32662 from vitlibar/improve-exceptions-usage-in-access-control
...
Improve exceptions usage in access control
2021-12-23 06:48:28 +03:00
Vitaly Baranov
61bfe930db
When trying to update readonly and non-readonly access storages in one query, throw after updating non-readonly ones.
2021-12-23 01:17:45 +03:00
Vitaly Baranov
be44743ebe
Don't throw in unexceptional cases: update().
2021-12-20 23:10:46 +03:00
Vitaly Baranov
ed94c640fa
Don't throw in unexceptional cases: remove().
2021-12-20 23:10:43 +03:00
Vitaly Baranov
551fcc55e8
Don't throw in unexceptional cases: insert().
2021-12-20 23:09:55 +03:00
Vitaly Baranov
8c4e689da3
Don't throw in unexceptional cases: read() & readName()
2021-12-20 21:26:35 +03:00
Vitaly Baranov
6721060649
Rename function IAccessStorage::login() -> IAccessStorage::authenticate().
...
Remove functions IAccessStorage::hasSubscriptionImpl() and IAccessStorage::existsImpl().
2021-12-20 21:26:27 +03:00
Vitaly Baranov
2f8c829395
Stop all periodic reloading of all the configuration files on shutdown earlier.
2021-11-22 12:26:05 +03:00