This is an automated email from the ASF dual-hosted git repository.
morningman pushed a commit to branch branch-2.1
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/branch-2.1 by this push:
new 53d2f8fd3e3 [enhance](auth) add show privileges stmt(#32918) (#33951)
53d2f8fd3e3 is described below
commit 53d2f8fd3e3f74c680c532f5eccfa33e7018e8f7
Author: Mingyu Chen <[email protected]>
AuthorDate: Mon Apr 22 12:40:18 2024 +0800
[enhance](auth) add show privileges stmt(#32918) (#33951)
bp #32918
Co-authored-by: zhangdong <[email protected]>
---
fe/fe-core/src/main/cup/sql_parser.cup | 5 +++
.../apache/doris/analysis/ShowPrivilegesStmt.java | 42 ++++++++++++++++++++++
.../apache/doris/mysql/privilege/Privilege.java | 33 +++++++++++------
.../java/org/apache/doris/qe/ShowExecutor.java | 16 +++++++++
fe/fe-core/src/main/jflex/sql_scanner.flex | 1 +
.../suites/account_p0/test_show_privileges.groovy | 23 ++++++++++++
6 files changed, 109 insertions(+), 11 deletions(-)
diff --git a/fe/fe-core/src/main/cup/sql_parser.cup
b/fe/fe-core/src/main/cup/sql_parser.cup
index 10c5977ddfa..85c2033bcd1 100644
--- a/fe/fe-core/src/main/cup/sql_parser.cup
+++ b/fe/fe-core/src/main/cup/sql_parser.cup
@@ -533,6 +533,7 @@ terminal String
KW_PRECEDING,
KW_PERCENT,
KW_RECYCLE,
+ KW_PRIVILEGES,
KW_PROC,
KW_PROCEDURE,
KW_PROCESSLIST,
@@ -4287,6 +4288,10 @@ show_param ::=
{:
RESULT = new ShowRolesStmt();
:}
+ | KW_PRIVILEGES
+ {:
+ RESULT = new ShowPrivilegesStmt();
+ :}
| opt_full opt_builtin:isBuiltin KW_FUNCTIONS opt_db:dbName opt_wild_where
{:
RESULT = new ShowFunctionsStmt(dbName, isBuiltin, parser.isVerbose,
parser.wild, parser.where);
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/analysis/ShowPrivilegesStmt.java
b/fe/fe-core/src/main/java/org/apache/doris/analysis/ShowPrivilegesStmt.java
new file mode 100644
index 00000000000..31f2d0edeab
--- /dev/null
+++ b/fe/fe-core/src/main/java/org/apache/doris/analysis/ShowPrivilegesStmt.java
@@ -0,0 +1,42 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.doris.analysis;
+
+import org.apache.doris.catalog.Column;
+import org.apache.doris.catalog.ScalarType;
+import org.apache.doris.qe.ShowResultSetMetaData;
+
+public class ShowPrivilegesStmt extends ShowStmt {
+ private static final ShowResultSetMetaData META_DATA;
+
+ static {
+ ShowResultSetMetaData.Builder builder =
ShowResultSetMetaData.builder();
+
+ builder.addColumn(new Column("Privilege",
ScalarType.createVarchar(100)));
+ builder.addColumn(new Column("Context",
ScalarType.createVarchar(100)));
+ builder.addColumn(new Column("Comment",
ScalarType.createVarchar(100)));
+
+ META_DATA = builder.build();
+ }
+
+ @Override
+ public ShowResultSetMetaData getMetaData() {
+ return META_DATA;
+ }
+
+}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/Privilege.java
b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/Privilege.java
index 1c4a16c0728..db1ece7c80b 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/Privilege.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/Privilege.java
@@ -22,16 +22,17 @@ import com.google.common.collect.ImmutableMap;
import java.util.Map;
public enum Privilege {
- NODE_PRIV("Node_priv", 0, "Privilege for cluster node operations"),
- ADMIN_PRIV("Admin_priv", 1, "Privilege for admin user"),
- GRANT_PRIV("Grant_priv", 2, "Privilege for granting privilege"),
- SELECT_PRIV("Select_priv", 3, "Privilege for select data in tables"),
- LOAD_PRIV("Load_priv", 4, "Privilege for loading data into tables"),
- ALTER_PRIV("Alter_priv", 5, "Privilege for alter database or table"),
- CREATE_PRIV("Create_priv", 6, "Privilege for creating database or table"),
- DROP_PRIV("Drop_priv", 7, "Privilege for dropping database or table"),
- USAGE_PRIV("Usage_priv", 8, "Privilege for using resource or
workloadGroup"),
- SHOW_VIEW_PRIV("Show_view_priv", 9, "Privilege for show create view");
+ NODE_PRIV("Node_priv", 0, "Privilege for cluster node operations",
"GLOBAL"),
+ ADMIN_PRIV("Admin_priv", 1, "Privilege for admin user", "GLOBAL"),
+ GRANT_PRIV("Grant_priv", 2, "Privilege for granting privilege",
+ "GLOBAL,CATALOG,DATABASE,TABLE,RESOURCE,WORKLOAD GROUP"),
+ SELECT_PRIV("Select_priv", 3, "Privilege for select data in tables",
"GLOBAL,CATALOG,DATABASE,TABLE"),
+ LOAD_PRIV("Load_priv", 4, "Privilege for loading data into tables",
"GLOBAL,CATALOG,DATABASE,TABLE"),
+ ALTER_PRIV("Alter_priv", 5, "Privilege for alter database or table",
"GLOBAL,CATALOG,DATABASE,TABLE"),
+ CREATE_PRIV("Create_priv", 6, "Privilege for creating database or table",
"GLOBAL,CATALOG,DATABASE,TABLE"),
+ DROP_PRIV("Drop_priv", 7, "Privilege for dropping database or table",
"GLOBAL,CATALOG,DATABASE,TABLE"),
+ USAGE_PRIV("Usage_priv", 8, "Privilege for using resource or
workloadGroup", "RESOURCE,WORKLOAD GROUP"),
+ SHOW_VIEW_PRIV("Show_view_priv", 9, "Privilege for show create view",
"GLOBAL,CATALOG,DATABASE,TABLE");
public static Privilege[] privileges = {
NODE_PRIV,
@@ -88,11 +89,13 @@ public enum Privilege {
private String name;
private int idx;
private String desc;
+ private String context;
- private Privilege(String name, int index, String desc) {
+ private Privilege(String name, int index, String desc, String context) {
this.name = name;
this.idx = index;
this.desc = desc;
+ this.context = context;
}
public String getName() {
@@ -107,6 +110,14 @@ public enum Privilege {
return desc;
}
+ public String getContext() {
+ return context;
+ }
+
+ public boolean isDeprecated() {
+ return idx >= 9 && idx <= 11;
+ }
+
public static Privilege getPriv(int index) {
if (index < 0 || index > Privilege.values().length - 1) {
return null;
diff --git a/fe/fe-core/src/main/java/org/apache/doris/qe/ShowExecutor.java
b/fe/fe-core/src/main/java/org/apache/doris/qe/ShowExecutor.java
index 406bd12be5c..abc6d4a32f3 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/qe/ShowExecutor.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/qe/ShowExecutor.java
@@ -71,6 +71,7 @@ import org.apache.doris.analysis.ShowPartitionIdStmt;
import org.apache.doris.analysis.ShowPartitionsStmt;
import org.apache.doris.analysis.ShowPluginsStmt;
import org.apache.doris.analysis.ShowPolicyStmt;
+import org.apache.doris.analysis.ShowPrivilegesStmt;
import org.apache.doris.analysis.ShowProcStmt;
import org.apache.doris.analysis.ShowProcesslistStmt;
import org.apache.doris.analysis.ShowQueryProfileStmt;
@@ -190,6 +191,7 @@ import org.apache.doris.load.LoadJob.JobState;
import org.apache.doris.load.loadv2.LoadManager;
import org.apache.doris.load.routineload.RoutineLoadJob;
import org.apache.doris.mysql.privilege.PrivPredicate;
+import org.apache.doris.mysql.privilege.Privilege;
import org.apache.doris.statistics.AnalysisInfo;
import org.apache.doris.statistics.ColumnStatistic;
import org.apache.doris.statistics.Histogram;
@@ -367,6 +369,8 @@ public class ShowExecutor {
handleShowGrants();
} else if (stmt instanceof ShowRolesStmt) {
handleShowRoles();
+ } else if (stmt instanceof ShowPrivilegesStmt) {
+ handleShowPrivileges();
} else if (stmt instanceof ShowTrashStmt) {
handleShowTrash();
} else if (stmt instanceof ShowTrashDiskStmt) {
@@ -2175,6 +2179,18 @@ public class ShowExecutor {
resultSet = new ShowResultSet(showStmt.getMetaData(), infos);
}
+ private void handleShowPrivileges() {
+ ShowPrivilegesStmt showStmt = (ShowPrivilegesStmt) stmt;
+ List<List<String>> infos = Lists.newArrayList();
+ Privilege[] values = Privilege.values();
+ for (Privilege privilege : values) {
+ if (!privilege.isDeprecated()) {
+ infos.add(Lists.newArrayList(privilege.getName(),
privilege.getContext(), privilege.getDesc()));
+ }
+ }
+ resultSet = new ShowResultSet(showStmt.getMetaData(), infos);
+ }
+
private void handleShowTrash() {
ShowTrashStmt showStmt = (ShowTrashStmt) stmt;
List<List<String>> infos = Lists.newArrayList();
diff --git a/fe/fe-core/src/main/jflex/sql_scanner.flex
b/fe/fe-core/src/main/jflex/sql_scanner.flex
index 6dd7fb94524..11ceee1b7ee 100644
--- a/fe/fe-core/src/main/jflex/sql_scanner.flex
+++ b/fe/fe-core/src/main/jflex/sql_scanner.flex
@@ -379,6 +379,7 @@ import org.apache.doris.qe.SqlModeHelper;
keywordMap.put("policy", new Integer(SqlParserSymbols.KW_POLICY));
keywordMap.put("preceding", new
Integer(SqlParserSymbols.KW_PRECEDING));
keywordMap.put("percent", new Integer(SqlParserSymbols.KW_PERCENT));
+ keywordMap.put("privileges", new
Integer(SqlParserSymbols.KW_PRIVILEGES));
keywordMap.put("proc", new Integer(SqlParserSymbols.KW_PROC));
keywordMap.put("procedure", new
Integer(SqlParserSymbols.KW_PROCEDURE));
keywordMap.put("processlist", new
Integer(SqlParserSymbols.KW_PROCESSLIST));
diff --git a/regression-test/suites/account_p0/test_show_privileges.groovy
b/regression-test/suites/account_p0/test_show_privileges.groovy
new file mode 100644
index 00000000000..d637d54a35a
--- /dev/null
+++ b/regression-test/suites/account_p0/test_show_privileges.groovy
@@ -0,0 +1,23 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+import org.junit.Assert;
+
+suite("test_show_privileges") {
+ // only check syntax
+ sql """show privileges"""
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
