[iotdb] branch rel/0.12 updated: JDBC bug - check authority for execute batch

Wed, 28 Apr 2021 19:13:34 -0700 

This is an automated email from the ASF dual-hosted git repository.

neuyilan pushed a commit to branch rel/0.12
in repository https://gitbox.apache.org/repos/asf/iotdb.git


The following commit(s) were added to refs/heads/rel/0.12 by this push:
     new 08c268c  JDBC bug - check authority for execute batch
08c268c is described below

commit 08c268c3d285b9df1347f04e41cd0b03dedbb1a0
Author: Haimei Guo <[email protected]>
AuthorDate: Thu Apr 29 10:12:58 2021 +0800

    JDBC bug - check authority for execute batch
---
 .../java/org/apache/iotdb/jdbc/IoTDBStatement.java | 14 +++--
 .../apache/iotdb/db/qp/executor/PlanExecutor.java  |  6 +-
 .../org/apache/iotdb/db/service/TSServiceImpl.java | 15 +++++
 .../db/integration/auth/IoTDBAuthorizationIT.java  | 72 ++++++++++++++++++++++
 4 files changed, 100 insertions(+), 7 deletions(-)

diff --git a/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBStatement.java 
b/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBStatement.java
index a3ecfba..f8e9c6b 100644
--- a/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBStatement.java
+++ b/jdbc/src/main/java/org/apache/iotdb/jdbc/IoTDBStatement.java
@@ -322,14 +322,19 @@ public class IoTDBStatement implements Statement {
     TSStatus execResp = client.executeBatchStatement(execReq);
     int[] result = new int[batchSQLList.size()];
     boolean allSuccess = true;
-    String message = "";
+    StringBuilder message = new StringBuilder("\n");
     for (int i = 0; i < result.length; i++) {
       if (execResp.getCode() == TSStatusCode.MULTIPLE_ERROR.getStatusCode()) {
         result[i] = execResp.getSubStatus().get(i).code;
         if (result[i] != TSStatusCode.SUCCESS_STATUS.getStatusCode()
             && result[i] != TSStatusCode.NEED_REDIRECTION.getStatusCode()) {
           allSuccess = false;
-          message = execResp.getSubStatus().get(i).message;
+          message.append(
+              execResp.getSubStatus().get(i).message
+                  + " for SQL: \""
+                  + batchSQLList.get(i)
+                  + "\""
+                  + "\n");
         }
       } else {
         allSuccess =
@@ -337,11 +342,12 @@ public class IoTDBStatement implements Statement {
                 && (execResp.getCode() == 
TSStatusCode.SUCCESS_STATUS.getStatusCode()
                     || execResp.getCode() == 
TSStatusCode.NEED_REDIRECTION.getStatusCode());
         result[i] = execResp.getCode();
-        message = execResp.getMessage();
+        message.setLength(0);
+        message.append(execResp.getMessage());
       }
     }
     if (!allSuccess) {
-      throw new BatchUpdateException(message, result);
+      throw new BatchUpdateException(message.toString(), result);
     }
     return result;
   }
diff --git 
a/server/src/main/java/org/apache/iotdb/db/qp/executor/PlanExecutor.java 
b/server/src/main/java/org/apache/iotdb/db/qp/executor/PlanExecutor.java
index 9361f5c..55f9ae4 100644
--- a/server/src/main/java/org/apache/iotdb/db/qp/executor/PlanExecutor.java
+++ b/server/src/main/java/org/apache/iotdb/db/qp/executor/PlanExecutor.java
@@ -1217,9 +1217,9 @@ public class PlanExecutor implements IPlanExecutor {
       } catch (QueryProcessException e) {
         plan.getResults().put(i, RpcUtils.getStatus(e.getErrorCode(), 
e.getMessage()));
       }
-      if (!plan.getResults().isEmpty()) {
-        throw new BatchProcessException(plan.getFailingStatus());
-      }
+    }
+    if (!plan.getResults().isEmpty()) {
+      throw new BatchProcessException(plan.getFailingStatus());
     }
   }
 
diff --git 
a/server/src/main/java/org/apache/iotdb/db/service/TSServiceImpl.java 
b/server/src/main/java/org/apache/iotdb/db/service/TSServiceImpl.java
index 2821aa2..8b6f2ec 100644
--- a/server/src/main/java/org/apache/iotdb/db/service/TSServiceImpl.java
+++ b/server/src/main/java/org/apache/iotdb/db/service/TSServiceImpl.java
@@ -563,9 +563,17 @@ public class TSServiceImpl implements TSIService.Iface, 
ServerContext {
             executeList.add(insertRowsPlan);
             index = 0;
           }
+
+          TSStatus status = checkAuthority(physicalPlan, req.getSessionId());
+          if (status != null) {
+            insertRowsPlan.getResults().put(index, status);
+            isAllSuccessful = false;
+          }
+
           lastOperatorType = OperatorType.INSERT;
           insertRowsPlan.addOneInsertRowPlan((InsertRowPlan) physicalPlan, 
index);
           index++;
+
           if (i == req.getStatements().size() - 1) {
             if (!executeBatchList(executeList, result)) {
               isAllSuccessful = false;
@@ -578,6 +586,13 @@ public class TSServiceImpl implements TSIService.Iface, 
ServerContext {
             multiPlan = new CreateMultiTimeSeriesPlan();
             executeList.add(multiPlan);
           }
+
+          TSStatus status = checkAuthority(physicalPlan, req.getSessionId());
+          if (status != null) {
+            multiPlan.getResults().put(i, status);
+            isAllSuccessful = false;
+          }
+
           lastOperatorType = OperatorType.CREATE_TIMESERIES;
           initMultiTimeSeriesPlan(multiPlan);
 
diff --git 
a/server/src/test/java/org/apache/iotdb/db/integration/auth/IoTDBAuthorizationIT.java
 
b/server/src/test/java/org/apache/iotdb/db/integration/auth/IoTDBAuthorizationIT.java
index dd5628d..980545f 100644
--- 
a/server/src/test/java/org/apache/iotdb/db/integration/auth/IoTDBAuthorizationIT.java
+++ 
b/server/src/test/java/org/apache/iotdb/db/integration/auth/IoTDBAuthorizationIT.java
@@ -26,12 +26,16 @@ import org.junit.Before;
 import org.junit.Ignore;
 import org.junit.Test;
 
+import java.sql.BatchUpdateException;
 import java.sql.Connection;
 import java.sql.DriverManager;
 import java.sql.ResultSet;
 import java.sql.ResultSetMetaData;
 import java.sql.SQLException;
 import java.sql.Statement;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
@@ -1007,4 +1011,72 @@ public class IoTDBAuthorizationIT {
       adminCon.close();
     }
   }
+
+  @Test
+  public void testExecuteBatchWithPrivilege() throws ClassNotFoundException, 
SQLException {
+    Class.forName(Config.JDBC_DRIVER_NAME);
+    try (Connection adminCon =
+            DriverManager.getConnection(
+                Config.IOTDB_URL_PREFIX + "127.0.0.1:6667/", "root", "root");
+        Statement adminStmt = adminCon.createStatement()) {
+      adminStmt.execute("CREATE USER tempuser 'temppw'");
+      try (Connection userCon =
+              DriverManager.getConnection(
+                  Config.IOTDB_URL_PREFIX + "127.0.0.1:6667/", "tempuser", 
"temppw");
+          Statement userStatement = userCon.createStatement()) {
+        userStatement.addBatch("CREATE TIMESERIES root.sg1.d1.s1 WITH 
DATATYPE=INT64");
+        userStatement.addBatch("CREATE TIMESERIES root.sg2.d1.s1 WITH 
DATATYPE=INT64");
+        try {
+          userStatement.executeBatch();
+        } catch (BatchUpdateException e) {
+          assertEquals(
+              "\nNo permissions for this operation CREATE_TIMESERIES for SQL: 
\"CREATE TIMESERIES root.sg1.d1.s1 WITH DATATYPE=INT64\"\n"
+                  + "No permissions for this operation CREATE_TIMESERIES for 
SQL: \"CREATE TIMESERIES root.sg2.d1.s1 WITH DATATYPE=INT64\"\n",
+              e.getMessage());
+        }
+      }
+    }
+  }
+
+  @Test
+  public void testExecuteBatchWithPrivilege1() throws ClassNotFoundException, 
SQLException {
+    Class.forName(Config.JDBC_DRIVER_NAME);
+    try (Connection adminCon =
+            DriverManager.getConnection(
+                Config.IOTDB_URL_PREFIX + "127.0.0.1:6667/", "root", "root");
+        Statement adminStmt = adminCon.createStatement()) {
+      adminStmt.execute("CREATE USER tempuser 'temppw'");
+      adminStmt.execute("GRANT USER tempuser PRIVILEGES 'INSERT_TIMESERIES' on 
root.sg1");
+
+      try (Connection userCon =
+              DriverManager.getConnection(
+                  Config.IOTDB_URL_PREFIX + "127.0.0.1:6667/", "tempuser", 
"temppw");
+          Statement userStatement = userCon.createStatement()) {
+        userStatement.addBatch("insert into root.sg1.d1(timestamp,s1) values 
(1,1)");
+        userStatement.addBatch("insert into root.sg2.d1(timestamp,s1) values 
(2,1)");
+        userStatement.addBatch("insert into root.sg1.d1(timestamp,s2) values 
(3,1)");
+        userStatement.addBatch("insert into root.sg2.d1(timestamp,s1) values 
(4,1)");
+        try {
+          userStatement.executeBatch();
+        } catch (BatchUpdateException e) {
+          System.out.println(e.getMessage());
+          assertEquals(
+              "\nNo permissions for this operation INSERT for SQL: \"insert 
into root.sg2.d1(timestamp,s1) values (2,1)\"\n"
+                  + "No permissions for this operation INSERT for SQL: 
\"insert into root.sg2.d1(timestamp,s1) values (4,1)\"\n",
+              e.getMessage());
+        }
+      }
+      ResultSet resultSet = adminStmt.executeQuery("select * from root");
+      String[] expected = new String[] {"1, 1.0", "1, null", "3, null", "3, 
1.0"};
+      List<String> expectedList = new ArrayList<>();
+      Collections.addAll(expectedList, expected);
+      List<String> result = new ArrayList<>();
+      while (resultSet.next()) {
+        result.add(resultSet.getString("Time") + ", " + 
resultSet.getString("root.sg1.d1.s1"));
+        result.add(resultSet.getString("Time") + ", " + 
resultSet.getString("root.sg1.d1.s2"));
+      }
+      assertEquals(expected.length, result.size());
+      assertTrue(expectedList.containsAll(result));
+    }
+  }
 }

Reply via email to