Add insert IT for insert
diff --git a/integration-test/src/main/java/org/apache/iotdb/it/env/cluster/env/AbstractEnv.java b/integration-test/src/main/java/org/apache/iotdb/it/env/cluster/env/AbstractEnv.java index 4888490..9d077b4 100644 --- a/integration-test/src/main/java/org/apache/iotdb/it/env/cluster/env/AbstractEnv.java +++ b/integration-test/src/main/java/org/apache/iotdb/it/env/cluster/env/AbstractEnv.java
@@ -409,6 +409,16 @@ } @Override + public ISession getSessionConnection(String userName, String password) + throws IoTDBConnectionException { + DataNodeWrapper dataNode = + this.dataNodeWrapperList.get(rand.nextInt(this.dataNodeWrapperList.size())); + Session session = new Session(dataNode.getIp(), dataNode.getPort(), userName, password); + session.open(); + return session; + } + + @Override public ISession getSessionConnection(List<String> nodeUrls) throws IoTDBConnectionException { Session session = new Session(
diff --git a/integration-test/src/main/java/org/apache/iotdb/it/env/remote/env/RemoteServerEnv.java b/integration-test/src/main/java/org/apache/iotdb/it/env/remote/env/RemoteServerEnv.java index e71f965..687e89e 100644 --- a/integration-test/src/main/java/org/apache/iotdb/it/env/remote/env/RemoteServerEnv.java +++ b/integration-test/src/main/java/org/apache/iotdb/it/env/remote/env/RemoteServerEnv.java
@@ -188,6 +188,13 @@ return session; } + public ISession getSessionConnection(String userName, String password) + throws IoTDBConnectionException { + Session session = new Session(ip_addr, Integer.parseInt(port), userName, password); + session.open(); + return session; + } + @Override public ISession getSessionConnection(List<String> nodeUrls) throws IoTDBConnectionException { Session session =
diff --git a/integration-test/src/main/java/org/apache/iotdb/itbase/env/BaseEnv.java b/integration-test/src/main/java/org/apache/iotdb/itbase/env/BaseEnv.java index 7143d4b..1a38310 100644 --- a/integration-test/src/main/java/org/apache/iotdb/itbase/env/BaseEnv.java +++ b/integration-test/src/main/java/org/apache/iotdb/itbase/env/BaseEnv.java
@@ -89,6 +89,8 @@ ISession getSessionConnection() throws IoTDBConnectionException; + ISession getSessionConnection(String userName, String password) throws IoTDBConnectionException; + ISession getSessionConnection(List<String> nodeUrls) throws IoTDBConnectionException; /**
diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBSeriesPermissionIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBSeriesPermissionIT.java index a177d80..0377693 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBSeriesPermissionIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBSeriesPermissionIT.java
@@ -256,12 +256,18 @@ "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg.d1.s2]", "test1", "test123"); + assertNonQueryTestFail( + "delete from root.sg.d1.s1, root.sg.d1.s2", + "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg.d1.s2]", + "test1", + "test123"); grantUserSeriesPrivilege("test1", PrivilegeType.WRITE_DATA, "root.sg.d1.s2"); assertNonQueryTestFail( "insert into root.sg.d1(time,s1,s2) values(1,1,1)", "803: No permissions for this operation, please add privilege WRITE_SCHEMA on [root.sg.d1.s1, root.sg.d1.s2]", "test1", "test123"); + executeNonQuery("delete from root.sg.d1.s1, root.sg.d1.s2", "test1", "test123"); grantUserSeriesPrivilege("test1", PrivilegeType.WRITE_SCHEMA, "root.sg.d1.**"); assertNonQueryTestFail( "insert into root.sg.d1(time,s1,s2) values(1,1,1)",
diff --git a/integration-test/src/test/java/org/apache/iotdb/session/it/IoTDBSessionComplexIT.java b/integration-test/src/test/java/org/apache/iotdb/session/it/IoTDBSessionComplexIT.java index 004b27e..9efe0a2 100644 --- a/integration-test/src/test/java/org/apache/iotdb/session/it/IoTDBSessionComplexIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/session/it/IoTDBSessionComplexIT.java
@@ -18,6 +18,7 @@ */ package org.apache.iotdb.session.it; +import org.apache.iotdb.commons.auth.entity.PrivilegeType; import org.apache.iotdb.commons.conf.CommonDescriptor; import org.apache.iotdb.isession.ISession; import org.apache.iotdb.isession.SessionDataSet; @@ -53,6 +54,11 @@ import java.util.List; import java.util.Map; +import static org.apache.iotdb.db.it.utils.TestUtils.createUser; +import static org.apache.iotdb.db.it.utils.TestUtils.executeNonQuery; +import static org.apache.iotdb.db.it.utils.TestUtils.grantUserSeriesPrivilege; +import static org.apache.iotdb.db.it.utils.TestUtils.grantUserSystemPrivileges; +import static org.apache.iotdb.db.it.utils.TestUtils.revokeUserSeriesPrivilege; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; @@ -62,6 +68,7 @@ @Before public void setUp() throws Exception { EnvFactory.getEnv().initClusterEnvironment(); + createUser("test", "test123"); } @After @@ -171,6 +178,57 @@ types.add(TSDataType.INT64); types.add(TSDataType.INT64); + // auth test + try (ISession authSession = EnvFactory.getEnv().getSessionConnection("test", "test123")) { + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s1"); + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s2"); + try { + authSession.insertRecord(deviceId, 0, measurements, types, 1L, 2L, 3L); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s3"); + try { + authSession.insertRecord(deviceId, 0, measurements, types, 1L, 2L, 3L); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege WRITE_SCHEMA on [root.sg1.d1.s1, root.sg1.d1.s2, root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_SCHEMA, "root.sg1.d1.**"); + try { + authSession.insertRecord(deviceId, 0, measurements, types, 1L, 2L, 3L); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege MANAGE_DATABASE")) { + fail(e.getMessage()); + } + } + + grantUserSystemPrivileges("test", PrivilegeType.MANAGE_DATABASE); + try { + authSession.insertRecord(deviceId, 0, measurements, types, 1L, 2L, 3L); + } catch (Exception e) { + fail(e.getMessage()); + } + } catch (Exception e) { + fail(e.getMessage()); + } + revokeUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s1"); + revokeUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s2"); + revokeUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s3"); + revokeUserSeriesPrivilege("test", PrivilegeType.WRITE_SCHEMA, "root.sg1.d1.**"); + revokeUserSeriesPrivilege("test", PrivilegeType.MANAGE_DATABASE, "root.**"); + for (long time = 0; time < 100; time++) { session.insertRecord(deviceId, time, measurements, types, 1L, 2L, 3L); } @@ -494,4 +552,109 @@ fail(e.getMessage()); } } + + @Test + public void testAuth() { + // auth test + try (ISession authSession = EnvFactory.getEnv().getSessionConnection("test", "test123")) { + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s1"); + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s2"); + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d2.**"); + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_SCHEMA, "root.sg1.d2.**"); + try { + insertRecords(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + try { + insertTablet(authSession, "root.sg1.d1"); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + try { + insertMultiTablets(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d1")); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "803: No permissions for this operation, please add privilege WRITE_DATA on [root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_DATA, "root.sg1.d1.s3"); + try { + insertRecords(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "No permissions for this operation, please add privilege WRITE_SCHEMA on [root.sg1.d1.s1, root.sg1.d1.s2, root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + try { + insertTablet(authSession, "root.sg1.d1"); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "No permissions for this operation, please add privilege WRITE_SCHEMA on [root.sg1.d1.s1, root.sg1.d1.s2, root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + try { + insertMultiTablets(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + if (!e.getMessage() + .contains( + "No permissions for this operation, please add privilege WRITE_SCHEMA on [root.sg1.d1.s1, root.sg1.d1.s2, root.sg1.d1.s3]")) { + fail(e.getMessage()); + } + } + + grantUserSeriesPrivilege("test", PrivilegeType.WRITE_SCHEMA, "root.sg1.d1.**"); + try { + insertRecords(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + if (!e.getMessage() + .contains("No permissions for this operation, please add privilege MANAGE_DATABASE")) { + fail(e.getMessage()); + } + } + try { + insertTablet(authSession, "root.sg1.d1"); + } catch (Exception e) { + if (!e.getMessage() + .contains("No permissions for this operation, please add privilege MANAGE_DATABASE")) { + fail(e.getMessage()); + } + } + try { + insertMultiTablets(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + if (!e.getMessage() + .contains("No permissions for this operation, please add privilege MANAGE_DATABASE")) { + fail(e.getMessage()); + } + } + + grantUserSystemPrivileges("test", PrivilegeType.MANAGE_DATABASE); + try { + insertRecords(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + insertTablet(authSession, "root.sg1.d1"); + insertMultiTablets(authSession, Arrays.asList("root.sg1.d1", "root.sg1.d2")); + } catch (Exception e) { + fail(e.getMessage()); + } + } catch (Exception e) { + fail(e.getMessage()); + } + executeNonQuery("drop timeseries root.sg1.d1.**, root.sg1.d2.**"); + } }
diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/crud/InsertBaseStatement.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/crud/InsertBaseStatement.java index fcba157..633123a 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/crud/InsertBaseStatement.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/crud/InsertBaseStatement.java
@@ -140,7 +140,7 @@ if (AuthorityChecker.SUPER_USER.equals(userName)) { return new TSStatus(TSStatusCode.SUCCESS_STATUS.getStatusCode()); } - List<PartialPath> checkedPaths = getPaths(); + List<PartialPath> checkedPaths = getPaths().stream().distinct().collect(Collectors.toList()); return AuthorityChecker.getTSStatus( AuthorityChecker.checkFullPathListPermission( userName, checkedPaths, PrivilegeType.WRITE_DATA.ordinal()),