(iotdb) branch master updated: In IoTDB, users are prohibited from creating a database with the name __audit. (#17634)

yongzao Mon, 11 May 2026 05:01:09 -0700

This is an automated email from the ASF dual-hosted git repository.

CRZbulabula pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb.git



The following commit(s) were added to refs/heads/master by this push:
     new bfc7056f006 In IoTDB, users are prohibited from creating a database 
with the name __audit. (#17634)
bfc7056f006 is described below

commit bfc7056f006f24e99bc62bed5c0c81e346006f64
Author: wenyanshi-123 <[email protected]>
AuthorDate: Mon May 11 20:00:14 2026 +0800

    In IoTDB, users are prohibited from creating a database with the name 
__audit. (#17634)
---
 .../org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java    |  2 +-
 .../relational/it/db/it/IoTDBAuthenticationTableIT.java     |  4 +++-
 .../plan/relational/security/AccessControlImpl.java         | 13 +++++++++++++
 .../plan/relational/security/TreeAccessCheckVisitor.java    | 13 +++++++++++++
 .../java/org/apache/iotdb/commons/schema/table/Audit.java   | 13 +++++++++++++
 5 files changed, 43 insertions(+), 2 deletions(-)

diff --git 
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java
 
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java
index 4f17b9b3de2..a535e8774bf 100644
--- 
a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java
+++ 
b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java
@@ -83,7 +83,7 @@ public class IoTDBTemplateAuthIT {
       assertNonQueryTestFail(
           adminStmt,
           "create database root.__audit",
-          "803: The database 'root.__audit' is read-only");
+          "803: The database name \"root.__audit\" is reserved, please use 
another valid database name.");
 
       assertNonQueryTestFail(
           adminStmt,
diff --git 
a/integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java
 
b/integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java
index 6795f3ee901..77a3be13edb 100644
--- 
a/integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java
+++ 
b/integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java
@@ -101,7 +101,9 @@ public class IoTDBAuthenticationTableIT {
         sessionRoot.executeNonQueryStatement("CREATE DATABASE IF NOT EXISTS 
__audit");
         fail("Should have thrown an exception");
       } catch (StatementExecutionException e) {
-        assertEquals("803: Access Denied: The database '__audit' is 
read-only.", e.getMessage());
+        assertEquals(
+            "803: Access Denied: The database name \"__audit\" is reserved, 
please use another valid database name.",
+            e.getMessage());
       }
 
       sessionRoot.executeNonQueryStatement("CREATE DATABASE IF NOT EXISTS 
\"汉化\"");
diff --git 
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/AccessControlImpl.java
 
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/AccessControlImpl.java
index c162508d45d..69585d426c4 100644
--- 
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/AccessControlImpl.java
+++ 
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/AccessControlImpl.java
@@ -48,6 +48,7 @@ import java.util.function.Supplier;
 
 import static 
org.apache.iotdb.commons.schema.table.Audit.TABLE_MODEL_AUDIT_DATABASE;
 import static 
org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE;
+import static 
org.apache.iotdb.commons.schema.table.Audit.getReservedDatabaseNameErrorMsg;
 import static org.apache.iotdb.commons.schema.table.Audit.includeByAuditTreeDB;
 import static org.apache.iotdb.db.auth.AuthorityChecker.ONLY_ADMIN_ALLOWED;
 import static org.apache.iotdb.db.auth.AuthorityChecker.SUCCEED;
@@ -77,6 +78,18 @@ public class AccessControlImpl implements AccessControl {
   @Override
   public void checkCanCreateDatabase(
       String userName, String databaseName, IAuditEntity auditEntity) {
+    if (!AuthorityChecker.INTERNAL_AUDIT_USER.equals(userName)
+        && TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(databaseName)) {
+      DNAuditLogger.getInstance()
+          .recordObjectAuthenticationAuditLog(
+              auditEntity
+                  .setAuditLogOperation(AuditLogOperation.DDL)
+                  .setDatabase(databaseName)
+                  .setPrivilegeType(PrivilegeType.CREATE)
+                  .setResult(false),
+              () -> databaseName);
+      throw new 
AccessDeniedException(getReservedDatabaseNameErrorMsg(TABLE_MODEL_AUDIT_DATABASE));
+    }
     InformationSchemaUtils.checkDBNameInWrite(databaseName);
     authChecker.checkDatabasePrivilege(
         userName, databaseName, TableModelPrivilege.CREATE, 
auditEntity.setDatabase(databaseName));
diff --git 
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/TreeAccessCheckVisitor.java
 
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/TreeAccessCheckVisitor.java
index 7b4655c79a8..16d67a62933 100644
--- 
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/TreeAccessCheckVisitor.java
+++ 
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/TreeAccessCheckVisitor.java
@@ -181,7 +181,9 @@ import java.util.stream.Collectors;
 
 import static 
org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE;
 import static 
org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE_PATH;
+import static 
org.apache.iotdb.commons.schema.table.Audit.getReservedDatabaseNameErrorMsg;
 import static org.apache.iotdb.commons.schema.table.Audit.includeByAuditTreeDB;
+import static org.apache.iotdb.commons.schema.table.Audit.isAuditTreeDatabase;
 import static org.apache.iotdb.db.auth.AuthorityChecker.SUCCEED;
 import static org.apache.iotdb.db.auth.AuthorityChecker.getAuthorizedPathTree;
 import static 
org.apache.iotdb.db.queryengine.plan.relational.security.AccessControlImpl.READ_ONLY_DB_ERROR_MSG;
@@ -985,6 +987,17 @@ public class TreeAccessCheckVisitor extends 
StatementVisitor<TSStatus, TreeAcces
   @Override
   public TSStatus visitSetDatabase(
       DatabaseSchemaStatement statement, TreeAccessCheckContext context) {
+    if (!AuthorityChecker.INTERNAL_AUDIT_USER.equals(context.getUsername())
+        && isAuditTreeDatabase(statement.getDatabasePath())) {
+      context
+          .setDatabase(statement.getDatabasePath().getFullPath())
+          .setPrivilegeType(PrivilegeType.MANAGE_DATABASE)
+          .setAuditLogOperation(AuditLogOperation.DDL);
+      AUDIT_LOGGER.recordObjectAuthenticationAuditLog(
+          context.setResult(false), statement.getDatabasePath()::getFullPath);
+      return new TSStatus(TSStatusCode.NO_PERMISSION.getStatusCode())
+          
.setMessage(getReservedDatabaseNameErrorMsg(TREE_MODEL_AUDIT_DATABASE));
+    }
     return checkCreateOrAlterDatabasePermission(
         context.setAuditLogOperation(AuditLogOperation.DDL), 
statement.getDatabasePath());
   }
diff --git 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/table/Audit.java
 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/table/Audit.java
index c73a66da083..e9d8f7fe1f4 100644
--- 
a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/table/Audit.java
+++ 
b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/table/Audit.java
@@ -28,6 +28,8 @@ public class Audit {
   public static final String TABLE_MODEL_AUDIT_DATABASE = "__audit";
   public static final String TREE_MODEL_AUDIT_DATABASE =
       String.format("%s.%s", ROOT, TABLE_MODEL_AUDIT_DATABASE);
+  public static final String RESERVED_DATABASE_NAME_ERROR_MSG =
+      "The database name \"%s\" is reserved, please use another valid database 
name.";
   public static final PartialPath TREE_MODEL_AUDIT_DATABASE_PATH =
       new PartialPath(new String[] {"root", TABLE_MODEL_AUDIT_DATABASE});
   public static final PartialPath TREE_MODEL_AUDIT_DATABASE_PATH_PATTERN =
@@ -42,4 +44,15 @@ public class Audit {
     String[] nodes = prefixPath.getNodes();
     return nodes.length >= 2 && 
TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(nodes[1]);
   }
+
+  public static boolean isAuditTreeDatabase(PartialPath databasePath) {
+    String[] nodes = databasePath.getNodes();
+    return nodes.length == 2
+        && ROOT.equalsIgnoreCase(nodes[0])
+        && TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(nodes[1]);
+  }
+
+  public static String getReservedDatabaseNameErrorMsg(String databaseName) {
+    return String.format(RESERVED_DATABASE_NAME_ERROR_MSG, databaseName);
+  }
 }

(iotdb) branch master updated: In IoTDB, users are prohibited from creating a database with the name __audit. (#17634)

Reply via email to