This is an automated email from the ASF dual-hosted git repository.
starocean999 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new c2ac2cb37be [Enhancement] (nereids)implement showRolesCommand in
nereids (#43118)
c2ac2cb37be is described below
commit c2ac2cb37be242390757bcdb7021da6d99d13302
Author: Vallish Pai <vallish...@gmail.com>
AuthorDate: Tue Nov 12 09:15:29 2024 +0530
[Enhancement] (nereids)implement showRolesCommand in nereids (#43118)
Issue Number: close #42768
---
.../antlr4/org/apache/doris/nereids/DorisParser.g4 | 3 +-
.../doris/nereids/parser/LogicalPlanBuilder.java | 7 ++
.../apache/doris/nereids/trees/plans/PlanType.java | 1 +
.../trees/plans/commands/ShowRolesCommand.java | 87 ++++++++++++++++++++++
.../trees/plans/visitor/CommandVisitor.java | 5 ++
.../org/apache/doris/regression/suite/Suite.groovy | 20 +++++
.../ddl/account/test_nereids_role.groovy | 67 +++++++++++++++++
7 files changed, 189 insertions(+), 1 deletion(-)
diff --git a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
index e0d909d7146..73f8c48654f 100644
--- a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
+++ b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
@@ -196,6 +196,7 @@ supportedShowStatement
| SHOW VIEW
(FROM |IN) tableName=multipartIdentifier
((FROM | IN) database=identifier)?
#showView
+ | SHOW ROLES
#showRoles
;
unsupportedOtherStatement
@@ -225,6 +226,7 @@ lockTable
(READ (LOCAL)? | (LOW_PRIORITY)? WRITE)
;
+
unsupportedShowStatement
: SHOW SQL_BLOCK_RULE (FOR ruleName=identifier)?
#showSqlBlockRule
| SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifier)))?
#showRowPolicy
@@ -299,7 +301,6 @@ unsupportedShowStatement
| SHOW SNAPSHOT ON repo=identifier wildWhere?
#showSnapshot
| SHOW ALL? GRANTS
#showGrants
| SHOW GRANTS FOR userIdentify
#showGrantsForUser
- | SHOW ROLES
#showRoles
| SHOW PRIVILEGES
#showPrivileges
| SHOW FULL? BUILTIN? FUNCTIONS
((FROM | IN) database=multipartIdentifier)? wildWhere?
#showFunctions
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
index 9f7b43aa8cb..f8e59c36130 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
@@ -197,6 +197,7 @@ import
org.apache.doris.nereids.DorisParser.ShowConstraintContext;
import org.apache.doris.nereids.DorisParser.ShowCreateMTMVContext;
import org.apache.doris.nereids.DorisParser.ShowCreateProcedureContext;
import org.apache.doris.nereids.DorisParser.ShowProcedureStatusContext;
+import org.apache.doris.nereids.DorisParser.ShowRolesContext;
import org.apache.doris.nereids.DorisParser.ShowVariablesContext;
import org.apache.doris.nereids.DorisParser.ShowViewContext;
import org.apache.doris.nereids.DorisParser.SimpleColumnDefContext;
@@ -429,6 +430,7 @@ import
org.apache.doris.nereids.trees.plans.commands.ShowConstraintsCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowCreateMTMVCommand;
import
org.apache.doris.nereids.trees.plans.commands.ShowCreateProcedureCommand;
import
org.apache.doris.nereids.trees.plans.commands.ShowProcedureStatusCommand;
+import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowVariablesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowViewCommand;
import
org.apache.doris.nereids.trees.plans.commands.UnsetDefaultStorageVaultCommand;
@@ -4053,4 +4055,9 @@ public class LogicalPlanBuilder extends
DorisParserBaseVisitor<Object> {
}
return new ShowViewCommand(databaseName, new
TableNameInfo(tableNameParts));
}
+
+ @Override
+ public LogicalPlan visitShowRoles(ShowRolesContext ctx) {
+ return new ShowRolesCommand();
+ }
}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
index 573b81a7578..dde7acedecd 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java
@@ -176,6 +176,7 @@ public enum PlanType {
PREPARED_COMMAND,
EXECUTE_COMMAND,
SHOW_CONFIG_COMMAND,
+ SHOW_ROLE_COMMAND,
SHOW_VARIABLES_COMMAND,
SHOW_AUTHORS_COMMAND,
SHOW_VIEW_COMMAND,
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRolesCommand.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRolesCommand.java
new file mode 100644
index 00000000000..7cbb5f934ca
--- /dev/null
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/ShowRolesCommand.java
@@ -0,0 +1,87 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.doris.nereids.trees.plans.commands;
+
+import org.apache.doris.catalog.Column;
+import org.apache.doris.catalog.Env;
+import org.apache.doris.catalog.ScalarType;
+import org.apache.doris.common.ErrorCode;
+import org.apache.doris.common.ErrorReport;
+import org.apache.doris.mysql.privilege.PrivPredicate;
+import org.apache.doris.nereids.trees.plans.PlanType;
+import org.apache.doris.nereids.trees.plans.visitor.PlanVisitor;
+import org.apache.doris.qe.ConnectContext;
+import org.apache.doris.qe.ShowResultSet;
+import org.apache.doris.qe.ShowResultSetMetaData;
+import org.apache.doris.qe.StmtExecutor;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import java.util.List;
+
+/**
+ * show roles command
+ */
+public class ShowRolesCommand extends ShowCommand {
+ public static final Logger LOG =
LogManager.getLogger(ShowRolesCommand.class);
+ private static final ShowResultSetMetaData META_DATA;
+
+ static {
+ ShowResultSetMetaData.Builder builder =
ShowResultSetMetaData.builder();
+
+ builder.addColumn(new Column("Name", ScalarType.createVarchar(100)));
+ builder.addColumn(new Column("Comment",
ScalarType.createVarchar(100)));
+ builder.addColumn(new Column("Users", ScalarType.createVarchar(100)));
+ builder.addColumn(new Column("GlobalPrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("CatalogPrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("DatabasePrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("TablePrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("ResourcePrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("CloudClusterPrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("CloudStagePrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("StorageVaultPrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("WorkloadGroupPrivs",
ScalarType.createVarchar(300)));
+ builder.addColumn(new Column("ComputeGroupPrivs",
ScalarType.createVarchar(300)));
+
+ META_DATA = builder.build();
+ }
+
+ /**
+ * constructor
+ */
+
+ public ShowRolesCommand() {
+ super(PlanType.SHOW_ROLE_COMMAND);
+ }
+
+ @Override
+ public ShowResultSet doRun(ConnectContext ctx, StmtExecutor executor)
throws Exception {
+ if
(!Env.getCurrentEnv().getAccessManager().checkGlobalPriv(ConnectContext.get(),
PrivPredicate.GRANT)) {
+
ErrorReport.reportAnalysisException(ErrorCode.ERR_SPECIFIC_ACCESS_DENIED_ERROR,
"GRANT");
+ }
+
+ List<List<String>> infos = Env.getCurrentEnv().getAuth().getRoleInfo();
+ return new ShowResultSet(META_DATA, infos);
+ }
+
+ @Override
+ public <R, C> R accept(PlanVisitor<R, C> visitor, C context) {
+ return visitor.visitShowRolesCommand(this, context);
+ }
+}
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
index ab1ed7aecf4..16e07e83589 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java
@@ -53,6 +53,7 @@ import
org.apache.doris.nereids.trees.plans.commands.ShowConstraintsCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowCreateMTMVCommand;
import
org.apache.doris.nereids.trees.plans.commands.ShowCreateProcedureCommand;
import
org.apache.doris.nereids.trees.plans.commands.ShowProcedureStatusCommand;
+import org.apache.doris.nereids.trees.plans.commands.ShowRolesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowVariablesCommand;
import org.apache.doris.nereids.trees.plans.commands.ShowViewCommand;
import
org.apache.doris.nereids.trees.plans.commands.UnsetDefaultStorageVaultCommand;
@@ -247,4 +248,8 @@ public interface CommandVisitor<R, C> {
default R visitShowViewCommand(ShowViewCommand showViewCommand, C context)
{
return visitCommand(showViewCommand, context);
}
+
+ default R visitShowRolesCommand(ShowRolesCommand showRolesCommand, C
context) {
+ return visitCommand(showRolesCommand, context);
+ }
}
diff --git
a/regression-test/framework/src/main/groovy/org/apache/doris/regression/suite/Suite.groovy
b/regression-test/framework/src/main/groovy/org/apache/doris/regression/suite/Suite.groovy
index d20517f15d5..0d9ae067fec 100644
---
a/regression-test/framework/src/main/groovy/org/apache/doris/regression/suite/Suite.groovy
+++
b/regression-test/framework/src/main/groovy/org/apache/doris/regression/suite/Suite.groovy
@@ -730,6 +730,26 @@ class Suite implements GroovyInterceptable {
profileAction.run()
}
+ String checkNereidsExecuteWithResult(String sqlString) {
+ String tag = UUID.randomUUID().toString();
+ String result = null;
+ log.info("start check" + tag)
+ String finalSqlString = "--" + tag + "\n" + sqlString
+ ProfileAction profileAction = new ProfileAction(context, tag)
+ profileAction.run {
+ log.info("start profile run" + tag)
+ result = sql (finalSqlString)
+ }
+ profileAction.check {
+ profileString, exception ->
+ log.info("start profile check" + tag)
+ log.info(profileString)
+ Assertions.assertTrue(profileString.contains("- Is Nereids:
Yes"))
+ }
+ profileAction.run()
+ return result;
+ }
+
void createMV(String sql) {
(new CreateMVAction(context, sql)).run()
}
diff --git
a/regression-test/suites/nereids_p0/ddl/account/test_nereids_role.groovy
b/regression-test/suites/nereids_p0/ddl/account/test_nereids_role.groovy
new file mode 100644
index 00000000000..4e2cd4ca637
--- /dev/null
+++ b/regression-test/suites/nereids_p0/ddl/account/test_nereids_role.groovy
@@ -0,0 +1,67 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+import org.junit.Assert;
+
+suite("test_nereids_role") {
+ def role= 'nereids_account_role_test'
+ def user = 'acount_role_user_test'
+ def dbName = 'nereids_account_role_test_db'
+ def pwd = 'C123_567p'
+
+ try_sql("DROP ROLE ${role}")
+ try_sql("DROP USER ${user}")
+ sql """DROP DATABASE IF EXISTS ${dbName}"""
+ sql """CREATE DATABASE ${dbName}"""
+
+ sql """CREATE ROLE ${role}"""
+ sql """GRANT SELECT_PRIV ON ${context.config.defaultDb} TO ROLE
'${role}'"""
+ sql """GRANT SELECT_PRIV ON ${dbName} TO ROLE '${role}'"""
+ sql """CREATE USER '${user}' IDENTIFIED BY '${pwd}' DEFAULT ROLE
'${role}'"""
+ def result1 = connect(user=user, password="${pwd}",
url=context.config.jdbcUrl) {
+ sql "show databases like '${dbName}'"
+ }
+ assertEquals(result1.size(), 1)
+
+ sql """REVOKE SELECT_PRIV ON ${dbName} FROM ROLE '${role}'"""
+ def result2 = connect(user=user, password="${pwd}",
url=context.config.jdbcUrl) {
+ sql "show databases like '${dbName}'"
+ }
+ assertEquals(result2.size(), 0)
+
+ sql """DROP USER ${user}"""
+ sql """DROP ROLE ${role}"""
+ sql """DROP DATABASE ${dbName}"""
+
+ // test comment
+ // create role with comment
+ sql """CREATE ROLE ${role} comment
'account_p0_nereids_account_role_test_comment_create'"""
+ def roles_create = checkNereidsExecuteWithResult("show roles;");
+ logger.info("roles_create: " + roles_create.toString())
+
assertTrue(roles_create.toString().contains("account_p0_nereids_account_role_test_comment_create"))
+ // alter role with comment
+ sql """ALTER ROLE ${role} comment
'account_p0_nereids_account_role_test_comment_alter'"""
+ def roles_alter = checkNereidsExecuteWithResult("show roles;");
+ logger.info("roles_alter: " + roles_alter.toString())
+
assertTrue(roles_alter.toString().contains("account_p0_nereids_account_role_test_comment_alter"))
+ // drop role
+ sql """DROP ROLE ${role}"""
+ def roles_drop = checkNereidsExecuteWithResult("show roles;");
+ logger.info("roles_drop: " + roles_drop.toString())
+
assertFalse(roles_drop.toString().contains("account_p0_nereids_account_role_test_comment_alter"))
+}
+
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
