This is an automated email from the ASF dual-hosted git repository.
yongzao pushed a commit to branch rename-user-sql
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/rename-user-sql by this push:
new 9ffb086c967 finish
9ffb086c967 is described below
commit 9ffb086c967afd334920c813539621da6b175611
Author: Yongzao <[email protected]>
AuthorDate: Sun Sep 28 18:01:29 2025 +0800
finish
---
.../org/apache/iotdb/db/it/auth/IoTDBAuthIT.java | 2 +-
.../iotdb/db/it/auth/IoTDBClusterAuthorityIT.java | 69 ++++++++++-----
.../it/auth/IoTDBClusterAuthorityRelationalIT.java | 46 +++++++---
.../apache/iotdb/db/it/auth/IoTDBUserRenameIT.java | 98 ++++++++++++++++++++++
.../request/write/auth/AuthorRelationalPlan.java | 2 +
.../request/write/auth/AuthorTreePlan.java | 2 +
.../persistence/auth/AuthorPlanExecutor.java | 3 +-
.../sql/ast/RelationalAuthorStatement.java | 2 +-
.../plan/statement/sys/AuthorStatement.java | 2 +-
.../iotdb/commons/auth/user/BasicUserManager.java | 4 +-
10 files changed, 192 insertions(+), 38 deletions(-)
diff --git
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java
index e9ab956ed53..3dc96baf232 100644
---
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java
+++
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java
@@ -807,7 +807,7 @@ public class IoTDBAuthIT {
}
}
- private void validateResultSet(ResultSet set, String ans) throws
SQLException {
+ public static void validateResultSet(ResultSet set, String ans) throws
SQLException {
try {
StringBuilder builder = new StringBuilder();
ResultSetMetaData metaData = set.getMetaData();
diff --git
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityIT.java
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityIT.java
index fb0dbeeac93..ac5f14b89b2 100644
---
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityIT.java
+++
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityIT.java
@@ -85,7 +85,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
TAuthorizerResp authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -103,7 +104,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
}
@@ -153,7 +155,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
authorizerReq.setUserName("tempuser1");
@@ -183,7 +186,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0
@@ -199,7 +203,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -217,7 +222,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
authorizerReq.setRoleName("temprole1");
@@ -236,7 +242,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0,temprole0
@@ -252,7 +259,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -270,7 +278,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -287,7 +296,8 @@ public class IoTDBClusterAuthorityIT {
pathPrivilegeList,
false,
AuthUtils.serializePartialPathList(nodeNameList),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: root.ln.** ,read_data
@@ -315,7 +325,8 @@ public class IoTDBClusterAuthorityIT {
pathPrivilegeList,
false,
AuthUtils.serializePartialPathList(nodeNameList),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: root.ln.** ,read_data
@@ -332,7 +343,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(nodeNameList),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: root.ln.** ,read_data; [temprole0]
@@ -349,7 +361,8 @@ public class IoTDBClusterAuthorityIT {
revokePathPrivilege,
false,
AuthUtils.serializePartialPathList(nodeNameList),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: ; [temprole0]
@@ -366,7 +379,8 @@ public class IoTDBClusterAuthorityIT {
revokePathPrivilege,
false,
AuthUtils.serializePartialPathList(nodeNameList),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: ; [temprole0]
@@ -383,7 +397,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -407,7 +422,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -428,7 +444,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -446,7 +463,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -465,7 +483,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -508,7 +527,8 @@ public class IoTDBClusterAuthorityIT {
Collections.singleton(PrivilegeType.MANAGE_USER.ordinal()),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: MANAGE_USER
@@ -533,7 +553,8 @@ public class IoTDBClusterAuthorityIT {
Collections.singleton(PrivilegeType.MANAGE_DATABASE.ordinal()),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
// in confignode: tempuser0: MANAGE_USER
@@ -559,7 +580,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
status = client.operatePermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -574,7 +596,8 @@ public class IoTDBClusterAuthorityIT {
new HashSet<>(),
false,
AuthUtils.serializePartialPathList(new ArrayList<>()),
- 0);
+ 0,
+ "");
authorizerResp = client.queryPermission(authorizerReq);
status = authorizerResp.getStatus();
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
diff --git
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityRelationalIT.java
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityRelationalIT.java
index b4b1be210fc..8e9e1bb21ce 100644
---
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityRelationalIT.java
+++
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBClusterAuthorityRelationalIT.java
@@ -83,7 +83,16 @@ public class IoTDBClusterAuthorityRelationalIT {
// clean user
TAuthorizerRelationalReq authorizerReq =
new TAuthorizerRelationalReq(
- AuthorRType.LIST_USER.ordinal(), "", "", "", "", "",
Collections.emptySet(), false, 0);
+ AuthorRType.LIST_USER.ordinal(),
+ "",
+ "",
+ "",
+ "",
+ "",
+ Collections.emptySet(),
+ false,
+ 0,
+ "");
TAuthorizerResp authorizerResp = client.queryRPermission(authorizerReq);
status = authorizerResp.getStatus();
@@ -102,7 +111,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.emptySet(),
false,
- 0);
+ 0,
+ "");
status = client.operateRPermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
}
@@ -111,7 +121,16 @@ public class IoTDBClusterAuthorityRelationalIT {
// clean role
authorizerReq =
new TAuthorizerRelationalReq(
- AuthorRType.LIST_ROLE.ordinal(), "", "", "", "", "",
Collections.emptySet(), false, 0);
+ AuthorRType.LIST_ROLE.ordinal(),
+ "",
+ "",
+ "",
+ "",
+ "",
+ Collections.emptySet(),
+ false,
+ 0,
+ "");
authorizerResp = client.queryRPermission(authorizerReq);
status = authorizerResp.getStatus();
@@ -129,7 +148,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.emptySet(),
false,
- 0);
+ 0,
+ "");
status = client.operateRPermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
}
@@ -149,7 +169,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.emptySet(),
false,
- 0);
+ 0,
+ "");
status = client.operateRPermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
authorizerReq =
@@ -162,7 +183,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.emptySet(),
false,
- 0);
+ 0,
+ "");
TAuthorizerResp resp = client.queryRPermission(authorizerReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
resp.getStatus().getCode());
assertTrue(resp.getMemberInfo().contains(name));
@@ -187,7 +209,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.singleton(sysPriv.ordinal()),
grantOpt,
- 0);
+ 0,
+ "");
status = client.operateRPermission(authorizerRelationalReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
@@ -242,7 +265,8 @@ public class IoTDBClusterAuthorityRelationalIT {
union.getTbName() == null ? "" : union.getTbName(),
Collections.singleton(union.getPrivilegeType().ordinal()),
union.isGrantOption(),
- 0);
+ 0,
+ "");
status = client.operateRPermission(authorizerRelationalReq);
assertEquals(TSStatusCode.SUCCESS_STATUS.getStatusCode(),
status.getCode());
int reqtype = -1;
@@ -360,7 +384,8 @@ public class IoTDBClusterAuthorityRelationalIT {
"",
Collections.emptySet(),
false,
- 0));
+ 0,
+ ""));
grantSysPrivilegeAndCheck(client, "user1", "role1", true,
PrivilegeType.MANAGE_USER, false);
grantSysPrivilegeAndCheck(client, "user1", "role1", true,
PrivilegeType.MANAGE_ROLE, true);
grantPrivilegeAndCheck(
@@ -407,7 +432,8 @@ public class IoTDBClusterAuthorityRelationalIT {
Collections.emptySet(),
false,
AuthUtils.serializePartialPathList(Collections.emptyList()),
- 0);
+ 0,
+ "");
expectSuccess(client.checkRoleOfUser(user_role_req));
// check db is visible
diff --git
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBUserRenameIT.java
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBUserRenameIT.java
new file mode 100644
index 00000000000..b17f7786723
--- /dev/null
+++
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBUserRenameIT.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.iotdb.db.it.auth;
+
+import org.apache.iotdb.it.env.EnvFactory;
+import org.apache.iotdb.it.framework.IoTDBTestRunner;
+import org.apache.iotdb.itbase.category.LocalStandaloneIT;
+import org.apache.iotdb.itbase.env.BaseEnv;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+
+import java.sql.Connection;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+
+import static org.apache.iotdb.db.it.auth.IoTDBAuthIT.validateResultSet;
+
+@RunWith(IoTDBTestRunner.class)
+@Category(LocalStandaloneIT.class)
+public class IoTDBUserRenameIT {
+
+ @Before
+ public void setUp() throws Exception {
+ // Init 1C1D for testing
+ EnvFactory.getEnv().initClusterEnvironment(1, 1);
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ EnvFactory.getEnv().cleanClusterEnvironment();
+ }
+
+ @Test
+ public void userRenameTestInTreeModel() throws SQLException {
+ userRenameTest(BaseEnv.TREE_SQL_DIALECT);
+ }
+
+ @Test
+ public void userRenameTestInTableModel() throws SQLException {
+ userRenameTest(BaseEnv.TABLE_SQL_DIALECT);
+ }
+
+ private void userRenameTest(String dialect) throws SQLException {
+ try (Connection adminCon = EnvFactory.getEnv().getConnection(dialect);
+ Statement adminStmt = adminCon.createStatement()) {
+ adminStmt.execute("CREATE USER user1 'IoTDB@2021abc'");
+ adminStmt.execute("CREATE USER user2 'IoTDB@2023abc'");
+ try (Connection userCon =
+ EnvFactory.getEnv().getConnection("user1", "IoTDB@2021abc",
dialect);
+ Statement userStmt = userCon.createStatement()) {
+ // A normal user cannot rename other users
+ Assert.assertThrows(
+ SQLException.class, () -> userStmt.execute("ALTER USER user2
RENAME TO user3"));
+ // A normal user can only rename himself
+ userStmt.execute("ALTER USER user1 RENAME TO user3");
+ }
+ // Cannot rename an unexisting user
+ Assert.assertThrows(
+ SQLException.class, () -> adminStmt.execute("ALTER USER user4 RENAME
TO user5"));
+ // Cannot rename to an already existed user
+ Assert.assertThrows(
+ SQLException.class, () -> adminStmt.execute("ALTER USER user2 RENAME
TO user3"));
+ // The superuser can rename anyone
+ adminStmt.execute("ALTER USER user3 RENAME TO user4");
+ adminStmt.execute("ALTER USER root RENAME TO admin");
+ }
+ // Ensure every rename works
+ try (Connection adminCon = EnvFactory.getEnv().getConnection("admin",
"root", dialect);
+ Statement adminStmt = adminCon.createStatement()) {
+ final String ans = "0,admin,\n" + "10000,user4,\n" + "10001,user2,\n";
+ ResultSet resultSet = adminStmt.executeQuery("LIST USER");
+ validateResultSet(resultSet, ans);
+ }
+ }
+}
diff --git
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorRelationalPlan.java
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorRelationalPlan.java
index 51f07c2452a..4fc0c6d3d9a 100644
---
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorRelationalPlan.java
+++
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorRelationalPlan.java
@@ -184,6 +184,8 @@ public class AuthorRelationalPlan extends AuthorPlan {
+ databaseName
+ ", TABLE:"
+ tableName
+ + ", newUsername:"
+ + newUsername
+ "]";
}
diff --git
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorTreePlan.java
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorTreePlan.java
index 7e73948e84e..a1f5a6d3c97 100644
---
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorTreePlan.java
+++
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/request/write/auth/AuthorTreePlan.java
@@ -180,6 +180,8 @@ public class AuthorTreePlan extends AuthorPlan {
+ super.getGrantOpt()
+ ", paths:"
+ nodeNameList
+ + ", newUsername:"
+ + newUsername
+ "]";
}
diff --git
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java
index df7449e9744..694f37325c4 100644
---
a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java
+++
b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/auth/AuthorPlanExecutor.java
@@ -232,6 +232,7 @@ public class AuthorPlanExecutor implements
IAuthorPlanExecutor {
privileges.add(PrivilegeType.values()[permission]);
}
}
+ String newUsername = authorPlan.getNewUsername();
try {
switch (authorType) {
@@ -246,7 +247,7 @@ public class AuthorPlanExecutor implements
IAuthorPlanExecutor {
authorizer.updateUserPassword(userName, authorPlan.getPassword());
break;
case RRenameUser:
- authorizer.renameUser(userName, roleName);
+ authorizer.renameUser(userName, newUsername);
break;
case RDropRole:
authorizer.deleteRole(roleName);
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/ast/RelationalAuthorStatement.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/ast/RelationalAuthorStatement.java
index b7929ae13c9..27325cb5352 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/ast/RelationalAuthorStatement.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/sql/ast/RelationalAuthorStatement.java
@@ -54,7 +54,7 @@ public class RelationalAuthorStatement extends Statement {
private boolean grantOption;
private long executedByUserId;
- private String newUsername;
+ private String newUsername = "";
public RelationalAuthorStatement(
AuthorRType authorType,
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/sys/AuthorStatement.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/sys/AuthorStatement.java
index f6226d0b8ee..a899152efcf 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/sys/AuthorStatement.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/sys/AuthorStatement.java
@@ -48,7 +48,7 @@ public class AuthorStatement extends Statement implements
IConfigStatement {
private List<PartialPath> nodeNameList;
private boolean grantOpt;
private long executedByUserId;
- private String newUsername;
+ private String newUsername = "";
/**
* Constructor with AuthorType.
diff --git
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java
index aa97f52b0c4..f781df9e114 100644
---
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java
+++
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java
@@ -245,7 +245,9 @@ public abstract class BasicUserManager extends
BasicRoleManager {
}
lock.writeLock(username);
try {
- entityMap.get(username).setName(newUsername);
+ User newUser = (User) entityMap.remove(username);
+ newUser.setName(newUsername);
+ entityMap.put(newUsername, newUser);
} finally {
lock.writeUnlock(username);
}
