This is an automated email from the ASF dual-hosted git repository.
starocean999 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 561a8476754 [Enhancement] (nereids)implement showRowPolicyCommand in
nereids (#49123)
561a8476754 is described below
commit 561a847675437ad1972d9db1131dba1077591850
Author: Sridhar R Manikarnike <[email protected]>
AuthorDate: Tue Apr 1 12:30:34 2025 +0530
[Enhancement] (nereids)implement showRowPolicyCommand in nereids (#49123)
Issue Number: close #42720
---
.../antlr4/org/apache/doris/nereids/DorisParser.g4 | 4 +-
.../doris/nereids/parser/LogicalPlanBuilder.java | 15 ++++++
.../apache/doris/nereids/trees/plans/PlanType.java | 1 +
.../trees/plans/commands/ShowRowPolicyCommand.java | 60 ++++++++++++++++++++++
.../trees/plans/visitor/CommandVisitor.java | 5 ++
.../java/org/apache/doris/policy/PolicyMgr.java | 18 +++++++
6 files changed, 101 insertions(+), 2 deletions(-)
diff --git a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
index 2606a6f7cc7..41f517b5427 100644
--- a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
+++ b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
@@ -310,6 +310,7 @@ supportedShowStatement
| SHOW PROPERTY (FOR user=identifierOrText)? (LIKE STRING_LITERAL)?
#showUserProperties
| SHOW ALL PROPERTIES (LIKE STRING_LITERAL)?
#showAllProperties
| SHOW COLLATION wildWhere?
#showCollation
+ | SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifier)))?
#showRowPolicy
| SHOW STORAGE POLICY (USING (FOR policy=identifierOrText)?)?
#showStoragePolicy
| SHOW SQL_BLOCK_RULE (FOR ruleName=identifier)?
#showSqlBlockRule
| SHOW CREATE VIEW name=multipartIdentifier
#showCreateView
@@ -384,8 +385,7 @@ lockTable
;
unsupportedShowStatement
- : SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifierOrText)))?
#showRowPolicy
- | SHOW STORAGE (VAULT | VAULTS)
#showStorageVault
+ : SHOW STORAGE (VAULT | VAULTS)
#showStorageVault
| SHOW OPEN TABLES ((FROM | IN) database=multipartIdentifier)? wildWhere?
#showOpenTables
| SHOW CREATE MATERIALIZED VIEW name=multipartIdentifier
#showMaterializedView
| SHOW CREATE statementScope? FUNCTION functionIdentifier
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
index 2e38f7a7a4c..39a369db13b 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
@@ -340,6 +340,7 @@ import
org.apache.doris.nereids.DorisParser.ShowReplicaDistributionContext;
import org.apache.doris.nereids.DorisParser.ShowRepositoriesContext;
import org.apache.doris.nereids.DorisParser.ShowRestoreContext;
import org.apache.doris.nereids.DorisParser.ShowRolesContext;
+import org.apache.doris.nereids.DorisParser.ShowRowPolicyContext;
import org.apache.doris.nereids.DorisParser.ShowSmallFilesContext;
import org.apache.doris.nereids.DorisParser.ShowSnapshotContext;
import org.apache.doris.nereids.DorisParser.ShowSqlBlockRuleContext;
@@ -658,6 +659,7 @@ import
org.apache.doris.nereids.trees.plans.commands.ShowReplicaDistributionComm
import org.apache.doris.nereids.trees.plans.commands.ShowRepositoriesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRestoreCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
+import org.apache.doris.nereids.trees.plans.commands.ShowRowPolicyCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSmallFilesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSnapshotCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSqlBlockRuleCommand;
@@ -4583,6 +4585,19 @@ public class LogicalPlanBuilder extends
DorisParserBaseVisitor<Object> {
return new ShowGrantsCommand(userIdent, false);
}
+ @Override
+ public LogicalPlan visitShowRowPolicy(ShowRowPolicyContext ctx) {
+ UserIdentity user = null;
+ String role = null;
+ if (ctx.userIdentify() != null) {
+ user = visitUserIdentify(ctx.userIdentify());
+ } else if (ctx.role != null) {
+ role = ctx.role.getText();
+ }
+
+ return new ShowRowPolicyCommand(user, role);
+ }
+
@Override
public LogicalPlan visitShowPartitionId(ShowPartitionIdContext ctx) {
long partitionId = -1;
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
index bbcfad8e76e..a005ffe4a45 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
@@ -262,6 +262,7 @@ public enum PlanType {
SHOW_REPOSITORIES_COMMAND,
SHOW_RESTORE_COMMAND,
SHOW_ROLE_COMMAND,
+ SHOW_ROW_POLICY_COMMAND,
SHOW_SMALL_FILES_COMMAND,
SHOW_SNAPSHOT_COMMAND,
SHOW_STAGES_COMMAND,
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRowPolicyCommand.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRowPolicyCommand.java
new file mode 100644
index 00000000000..39a273cfdee
--- /dev/null
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRowPolicyCommand.java
@@ -0,0 +1,60 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.doris.nereids.trees.plans.commands;
+
+import org.apache.doris.analysis.UserIdentity;
+import org.apache.doris.catalog.Env;
+import org.apache.doris.common.ErrorCode;
+import org.apache.doris.common.ErrorReport;
+import org.apache.doris.mysql.privilege.PrivPredicate;
+import org.apache.doris.nereids.trees.plans.PlanType;
+import org.apache.doris.nereids.trees.plans.visitor.PlanVisitor;
+import org.apache.doris.qe.ConnectContext;
+import org.apache.doris.qe.ShowResultSet;
+import org.apache.doris.qe.StmtExecutor;
+
+/**
+ * Represents the command for SHOW STORAGE POLICY.
+ */
+public class ShowRowPolicyCommand extends ShowCommand {
+ private final UserIdentity user;
+ private final String role;
+
+ public ShowRowPolicyCommand(UserIdentity user, String role) {
+ super(PlanType.SHOW_ROW_POLICY_COMMAND);
+ this.user = user;
+ this.role = role;
+ }
+
+ @Override
+ public ShowResultSet doRun(ConnectContext ctx, StmtExecutor executor)
throws Exception {
+ if (user != null) {
+ user.analyze();
+ }
+ // check auth
+ if
(!Env.getCurrentEnv().getAccessManager().checkGlobalPriv(ConnectContext.get(),
PrivPredicate.ADMIN)) {
+
ErrorReport.reportAnalysisException(ErrorCode.ERR_SPECIFIC_ACCESS_DENIED_ERROR,
"ADMIN");
+ }
+ return Env.getCurrentEnv().getPolicyMgr().showRowPolicy(user, role);
+ }
+
+ @Override
+ public <R, C> R accept(PlanVisitor<R, C> visitor, C context) {
+ return visitor.visitShowRowPolicyCommand(this, context);
+ }
+}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
index bab4bb083fc..0d8de1802be 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
@@ -152,6 +152,7 @@ import
org.apache.doris.nereids.trees.plans.commands.ShowReplicaDistributionComm
import org.apache.doris.nereids.trees.plans.commands.ShowRepositoriesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRestoreCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
+import org.apache.doris.nereids.trees.plans.commands.ShowRowPolicyCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSmallFilesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSnapshotCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowSqlBlockRuleCommand;
@@ -848,6 +849,10 @@ public interface CommandVisitor<R, C> {
return visitCommand(alterRepositoryCommand, context);
}
+ default R visitShowRowPolicyCommand(ShowRowPolicyCommand
showRowPolicyCommand, C context) {
+ return visitCommand(showRowPolicyCommand, context);
+ }
+
default R visitShowAnalyzeCommand(ShowAnalyzeCommand showAnalyzeCommand, C
context) {
return visitCommand(showAnalyzeCommand, context);
}
diff --git a/fe/fe-core/src/main/java/org/apache/doris/policy/PolicyMgr.java
b/fe/fe-core/src/main/java/org/apache/doris/policy/PolicyMgr.java
index 0381c12c885..2a2b1aabe0a 100644
--- a/fe/fe-core/src/main/java/org/apache/doris/policy/PolicyMgr.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/policy/PolicyMgr.java
@@ -479,6 +479,24 @@ public class PolicyMgr implements Writable {
}
}
+
+
+ /**
+ * Show Row Policy.
+ **/
+ public ShowResultSet showRowPolicy(UserIdentity user, String role) throws
AnalysisException {
+ RowPolicy rowPolicy = new RowPolicy();
+ if (user != null) {
+ rowPolicy.setUser(user);
+ }
+ if (!StringUtils.isEmpty(role)) {
+ rowPolicy.setRoleName(role);
+ }
+
+ final Policy finalCheckedPolicy = rowPolicy;
+ return getShowPolicy(finalCheckedPolicy, PolicyTypeEnum.ROW);
+ }
+
/**
* Show Storage Policy.
**/
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
