Skip to content

Commit

Permalink
[Enhancement] (nereids)implement showRolesCommand in nereids (#43118)
Browse files Browse the repository at this point in the history
Issue Number: close #42768
  • Loading branch information
Vallishp authored Nov 12, 2024
1 parent 7c49c1a commit c2ac2cb
Show file tree
Hide file tree
Showing 7 changed files with 189 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,7 @@ supportedShowStatement
| SHOW VIEW
(FROM |IN) tableName=multipartIdentifier
((FROM | IN) database=identifier)? #showView
| SHOW ROLES #showRoles
;

unsupportedOtherStatement
Expand Down Expand Up @@ -225,6 +226,7 @@ lockTable
(READ (LOCAL)? | (LOW_PRIORITY)? WRITE)
;


unsupportedShowStatement
: SHOW SQL_BLOCK_RULE (FOR ruleName=identifier)? #showSqlBlockRule
| SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifier)))? #showRowPolicy
Expand Down Expand Up @@ -299,7 +301,6 @@ unsupportedShowStatement
| SHOW SNAPSHOT ON repo=identifier wildWhere? #showSnapshot
| SHOW ALL? GRANTS #showGrants
| SHOW GRANTS FOR userIdentify #showGrantsForUser
| SHOW ROLES #showRoles
| SHOW PRIVILEGES #showPrivileges
| SHOW FULL? BUILTIN? FUNCTIONS
((FROM | IN) database=multipartIdentifier)? wildWhere? #showFunctions
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,7 @@
import org.apache.doris.nereids.DorisParser.ShowCreateMTMVContext;
import org.apache.doris.nereids.DorisParser.ShowCreateProcedureContext;
import org.apache.doris.nereids.DorisParser.ShowProcedureStatusContext;
import org.apache.doris.nereids.DorisParser.ShowRolesContext;
import org.apache.doris.nereids.DorisParser.ShowVariablesContext;
import org.apache.doris.nereids.DorisParser.ShowViewContext;
import org.apache.doris.nereids.DorisParser.SimpleColumnDefContext;
Expand Down Expand Up @@ -429,6 +430,7 @@
import org.apache.doris.nereids.trees.plans.commands.ShowCreateMTMVCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowCreateProcedureCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowProcedureStatusCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowVariablesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowViewCommand;
import org.apache.doris.nereids.trees.plans.commands.UnsetDefaultStorageVaultCommand;
Expand Down Expand Up @@ -4053,4 +4055,9 @@ public ShowViewCommand visitShowView(ShowViewContext ctx) {
}
return new ShowViewCommand(databaseName, new TableNameInfo(tableNameParts));
}

@Override
public LogicalPlan visitShowRoles(ShowRolesContext ctx) {
return new ShowRolesCommand();
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,7 @@ public enum PlanType {
PREPARED_COMMAND,
EXECUTE_COMMAND,
SHOW_CONFIG_COMMAND,
SHOW_ROLE_COMMAND,
SHOW_VARIABLES_COMMAND,
SHOW_AUTHORS_COMMAND,
SHOW_VIEW_COMMAND,
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.

package org.apache.doris.nereids.trees.plans.commands;

import org.apache.doris.catalog.Column;
import org.apache.doris.catalog.Env;
import org.apache.doris.catalog.ScalarType;
import org.apache.doris.common.ErrorCode;
import org.apache.doris.common.ErrorReport;
import org.apache.doris.mysql.privilege.PrivPredicate;
import org.apache.doris.nereids.trees.plans.PlanType;
import org.apache.doris.nereids.trees.plans.visitor.PlanVisitor;
import org.apache.doris.qe.ConnectContext;
import org.apache.doris.qe.ShowResultSet;
import org.apache.doris.qe.ShowResultSetMetaData;
import org.apache.doris.qe.StmtExecutor;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import java.util.List;

/**
* show roles command
*/
public class ShowRolesCommand extends ShowCommand {
public static final Logger LOG = LogManager.getLogger(ShowRolesCommand.class);
private static final ShowResultSetMetaData META_DATA;

static {
ShowResultSetMetaData.Builder builder = ShowResultSetMetaData.builder();

builder.addColumn(new Column("Name", ScalarType.createVarchar(100)));
builder.addColumn(new Column("Comment", ScalarType.createVarchar(100)));
builder.addColumn(new Column("Users", ScalarType.createVarchar(100)));
builder.addColumn(new Column("GlobalPrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("CatalogPrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("DatabasePrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("TablePrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("ResourcePrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("CloudClusterPrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("CloudStagePrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("StorageVaultPrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("WorkloadGroupPrivs", ScalarType.createVarchar(300)));
builder.addColumn(new Column("ComputeGroupPrivs", ScalarType.createVarchar(300)));

META_DATA = builder.build();
}

/**
* constructor
*/

public ShowRolesCommand() {
super(PlanType.SHOW_ROLE_COMMAND);
}

@Override
public ShowResultSet doRun(ConnectContext ctx, StmtExecutor executor) throws Exception {
if (!Env.getCurrentEnv().getAccessManager().checkGlobalPriv(ConnectContext.get(), PrivPredicate.GRANT)) {
ErrorReport.reportAnalysisException(ErrorCode.ERR_SPECIFIC_ACCESS_DENIED_ERROR, "GRANT");
}

List<List<String>> infos = Env.getCurrentEnv().getAuth().getRoleInfo();
return new ShowResultSet(META_DATA, infos);
}

@Override
public <R, C> R accept(PlanVisitor<R, C> visitor, C context) {
return visitor.visitShowRolesCommand(this, context);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@
import org.apache.doris.nereids.trees.plans.commands.ShowCreateMTMVCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowCreateProcedureCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowProcedureStatusCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowVariablesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowViewCommand;
import org.apache.doris.nereids.trees.plans.commands.UnsetDefaultStorageVaultCommand;
Expand Down Expand Up @@ -247,4 +248,8 @@ default R visitShowVariablesCommand(ShowVariablesCommand showVariablesCommand, C
default R visitShowViewCommand(ShowViewCommand showViewCommand, C context) {
return visitCommand(showViewCommand, context);
}

default R visitShowRolesCommand(ShowRolesCommand showRolesCommand, C context) {
return visitCommand(showRolesCommand, context);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -730,6 +730,26 @@ class Suite implements GroovyInterceptable {
profileAction.run()
}

String checkNereidsExecuteWithResult(String sqlString) {
String tag = UUID.randomUUID().toString();
String result = null;
log.info("start check" + tag)
String finalSqlString = "--" + tag + "\n" + sqlString
ProfileAction profileAction = new ProfileAction(context, tag)
profileAction.run {
log.info("start profile run" + tag)
result = sql (finalSqlString)
}
profileAction.check {
profileString, exception ->
log.info("start profile check" + tag)
log.info(profileString)
Assertions.assertTrue(profileString.contains("- Is Nereids: Yes"))
}
profileAction.run()
return result;
}

void createMV(String sql) {
(new CreateMVAction(context, sql)).run()
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.

import org.junit.Assert;

suite("test_nereids_role") {
def role= 'nereids_account_role_test'
def user = 'acount_role_user_test'
def dbName = 'nereids_account_role_test_db'
def pwd = 'C123_567p'

try_sql("DROP ROLE ${role}")
try_sql("DROP USER ${user}")
sql """DROP DATABASE IF EXISTS ${dbName}"""
sql """CREATE DATABASE ${dbName}"""

sql """CREATE ROLE ${role}"""
sql """GRANT SELECT_PRIV ON ${context.config.defaultDb} TO ROLE '${role}'"""
sql """GRANT SELECT_PRIV ON ${dbName} TO ROLE '${role}'"""
sql """CREATE USER '${user}' IDENTIFIED BY '${pwd}' DEFAULT ROLE '${role}'"""
def result1 = connect(user=user, password="${pwd}", url=context.config.jdbcUrl) {
sql "show databases like '${dbName}'"
}
assertEquals(result1.size(), 1)

sql """REVOKE SELECT_PRIV ON ${dbName} FROM ROLE '${role}'"""
def result2 = connect(user=user, password="${pwd}", url=context.config.jdbcUrl) {
sql "show databases like '${dbName}'"
}
assertEquals(result2.size(), 0)

sql """DROP USER ${user}"""
sql """DROP ROLE ${role}"""
sql """DROP DATABASE ${dbName}"""

// test comment
// create role with comment
sql """CREATE ROLE ${role} comment 'account_p0_nereids_account_role_test_comment_create'"""
def roles_create = checkNereidsExecuteWithResult("show roles;");
logger.info("roles_create: " + roles_create.toString())
assertTrue(roles_create.toString().contains("account_p0_nereids_account_role_test_comment_create"))
// alter role with comment
sql """ALTER ROLE ${role} comment 'account_p0_nereids_account_role_test_comment_alter'"""
def roles_alter = checkNereidsExecuteWithResult("show roles;");
logger.info("roles_alter: " + roles_alter.toString())
assertTrue(roles_alter.toString().contains("account_p0_nereids_account_role_test_comment_alter"))
// drop role
sql """DROP ROLE ${role}"""
def roles_drop = checkNereidsExecuteWithResult("show roles;");
logger.info("roles_drop: " + roles_drop.toString())
assertFalse(roles_drop.toString().contains("account_p0_nereids_account_role_test_comment_alter"))
}

0 comments on commit c2ac2cb

Please sign in to comment.