This is an automated email from the ASF dual-hosted git repository.
starocean999 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris.git
The following commit(s) were added to refs/heads/master by this push:
new 625c9d5e34d [enhance](auth)Change the syntax related to role from
identifier to identifierOrText (#49215)
625c9d5e34d is described below
commit 625c9d5e34dc247905d6a05b7e8daab0ea8fc3fd
Author: zhangdong <zhangd...@selectdb.com>
AuthorDate: Fri Mar 21 21:45:43 2025 +0800
[enhance](auth)Change the syntax related to role from identifier to
identifierOrText (#49215)
Change the syntax related to role from identifier to identifierOrText
not need pick to branch 2.1 and 3.0
Wait until the old optimizer is downloaded to modify the document
together
---
.../antlr4/org/apache/doris/nereids/DorisParser.g4 | 28 ++++++++++------------
.../doris/nereids/parser/LogicalPlanBuilder.java | 6 +++--
regression-test/suites/account_p0/test_role.groovy | 10 ++++++++
3 files changed, 27 insertions(+), 17 deletions(-)
diff --git a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
index 4af3af59ac2..481e612f36b 100644
--- a/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
+++ b/fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
@@ -186,7 +186,7 @@ supportedCreateStatement
| CREATE (EXTERNAL | TEMPORARY)? TABLE (IF NOT EXISTS)?
name=multipartIdentifier
LIKE existedTable=multipartIdentifier
(WITH ROLLUP (rollupNames=identifierList)?)?
#createTableLike
- | CREATE ROLE (IF NOT EXISTS)? name=identifier (COMMENT STRING_LITERAL)?
#createRole
+ | CREATE ROLE (IF NOT EXISTS)? name=identifierOrText (COMMENT
STRING_LITERAL)? #createRole
| CREATE WORKLOAD GROUP (IF NOT EXISTS)?
name=identifierOrText properties=propertyClause?
#createWorkloadGroup
| CREATE CATALOG (IF NOT EXISTS)? catalogName=identifier
@@ -195,7 +195,7 @@ supportedCreateStatement
| CREATE ROW POLICY (IF NOT EXISTS)? name=identifier
ON table=multipartIdentifier
AS type=(RESTRICTIVE | PERMISSIVE)
- TO (user=userIdentify | ROLE roleName=identifier)
+ TO (user=userIdentify | ROLE roleName=identifierOrText)
USING LEFT_PAREN booleanExpression RIGHT_PAREN
#createRowPolicy
| CREATE STORAGE POLICY (IF NOT EXISTS)?
name=identifier properties=propertyClause?
#createStoragePolicy
@@ -224,9 +224,8 @@ supportedAlterStatement
| ALTER VIEW name=multipartIdentifier
((MODIFY commentSpec) | ((LEFT_PAREN cols=simpleColumnDefs
RIGHT_PAREN)? AS query)) #alterView
| ALTER CATALOG name=identifier RENAME newName=identifier
#alterCatalogRename
- | ALTER ROLE role=identifier commentSpec
#alterRole
+ | ALTER ROLE role=identifierOrText commentSpec
#alterRole
| ALTER STORAGE VAULT name=multipartIdentifier properties=propertyClause
#alterStorageVault
- | ALTER ROLE role=identifier commentSpec
#alterRole
| ALTER WORKLOAD GROUP name=identifierOrText
properties=propertyClause?
#alterWorkloadGroup
| ALTER CATALOG name=identifier SET PROPERTIES
@@ -236,7 +235,6 @@ supportedAlterStatement
| ALTER SQL_BLOCK_RULE name=identifier properties=propertyClause?
#alterSqlBlockRule
| ALTER CATALOG name=identifier MODIFY COMMENT comment=STRING_LITERAL
#alterCatalogComment
| ALTER DATABASE name=identifier RENAME newName=identifier
#alterDatabaseRename
- | ALTER ROLE role=identifier commentSpec
#alterRole
| ALTER TABLE tableName=multipartIdentifier
alterTableClause (COMMA alterTableClause)*
#alterTable
| ALTER TABLE tableName=multipartIdentifier ADD ROLLUP
@@ -254,7 +252,7 @@ supportedAlterStatement
supportedDropStatement
: DROP CATALOG RECYCLE BIN WHERE idType=STRING_LITERAL EQ id=INTEGER_VALUE
#dropCatalogRecycleBin
| DROP ENCRYPTKEY (IF EXISTS)? name=multipartIdentifier
#dropEncryptkey
- | DROP ROLE (IF EXISTS)? name=identifier
#dropRole
+ | DROP ROLE (IF EXISTS)? name=identifierOrText
#dropRole
| DROP SQL_BLOCK_RULE (IF EXISTS)? identifierSeq
#dropSqlBlockRule
| DROP USER (IF EXISTS)? userIdentify
#dropUser
| DROP STORAGE POLICY (IF EXISTS)? name=identifier
#dropStoragePolicy
@@ -381,7 +379,7 @@ lockTable
;
unsupportedShowStatement
- : SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifier)))?
#showRowPolicy
+ : SHOW ROW POLICY (FOR (userIdentify | (ROLE role=identifierOrText)))?
#showRowPolicy
| SHOW STORAGE (VAULT | VAULTS)
#showStorageVault
| SHOW OPEN TABLES ((FROM | IN) database=multipartIdentifier)? wildWhere?
#showOpenTables
| SHOW CREATE MATERIALIZED VIEW name=multipartIdentifier
#showMaterializedView
@@ -596,17 +594,17 @@ unsupportedTransactionStatement
unsupportedGrantRevokeStatement
: GRANT privilegeList ON multipartIdentifierOrAsterisk
- TO (userIdentify | ROLE STRING_LITERAL)
#grantTablePrivilege
+ TO (userIdentify | ROLE identifierOrText)
#grantTablePrivilege
| GRANT privilegeList ON
(RESOURCE | CLUSTER | COMPUTE GROUP | STAGE | STORAGE VAULT | WORKLOAD
GROUP)
- identifierOrTextOrAsterisk TO (userIdentify | ROLE STRING_LITERAL)
#grantResourcePrivilege
- | GRANT roles+=STRING_LITERAL (COMMA roles+=STRING_LITERAL)* TO
userIdentify #grantRole
+ identifierOrTextOrAsterisk TO (userIdentify | ROLE identifierOrText)
#grantResourcePrivilege
+ | GRANT roles+=identifierOrText (COMMA roles+=identifierOrText)* TO
userIdentify #grantRole
| REVOKE privilegeList ON multipartIdentifierOrAsterisk
- FROM (userIdentify | ROLE STRING_LITERAL)
#grantTablePrivilege
+ FROM (userIdentify | ROLE identifierOrText)
#revokeTablePrivilege
| REVOKE privilegeList ON
(RESOURCE | CLUSTER | COMPUTE GROUP | STAGE | STORAGE VAULT | WORKLOAD
GROUP)
- identifierOrTextOrAsterisk FROM (userIdentify | ROLE STRING_LITERAL)
#grantResourcePrivilege
- | REVOKE roles+=STRING_LITERAL (COMMA roles+=STRING_LITERAL)* FROM
userIdentify #grantRole
+ identifierOrTextOrAsterisk FROM (userIdentify | ROLE identifierOrText)
#revokeResourcePrivilege
+ | REVOKE roles+=identifierOrText (COMMA roles+=identifierOrText)* FROM
userIdentify #revokeRole
;
privilege
@@ -722,7 +720,7 @@ unsupportedDropStatement
| DROP RESOURCE (IF EXISTS)? name=identifierOrText
#dropResource
| DROP ROW POLICY (IF EXISTS)? policyName=identifier
ON tableName=multipartIdentifier
- (FOR (userIdentify | ROLE roleName=identifier))?
#dropRowPolicy
+ (FOR (userIdentify | ROLE roleName=identifierOrText))?
#dropRowPolicy
| DROP STAGE (IF EXISTS)? name=identifier
#dropStage
;
@@ -776,7 +774,7 @@ unsupportedCreateStatement
: CREATE (DATABASE | SCHEMA) (IF NOT EXISTS)? name=multipartIdentifier
properties=propertyClause?
#createDatabase
| CREATE USER (IF NOT EXISTS)? grantUserIdentify
- (SUPERUSER | DEFAULT ROLE role=STRING_LITERAL)?
+ (SUPERUSER | DEFAULT ROLE role=identifierOrText)?
passwordOption (COMMENT STRING_LITERAL)?
#createUser
| CREATE (READ ONLY)? REPOSITORY name=identifier WITH storageBackend
#createRepository
| CREATE EXTERNAL? RESOURCE (IF NOT EXISTS)?
diff --git
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
index 18c0f00dc7e..3f06508ac52 100644
---
a/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
+++
b/fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java
@@ -5275,9 +5275,10 @@ public class LogicalPlanBuilder extends
DorisParserBaseVisitor<Object> {
}
public LogicalPlan visitCreateRole(CreateRoleContext ctx) {
+ String roleName = stripQuotes(ctx.name.getText());
String comment = ctx.STRING_LITERAL() == null ? "" :
LogicalPlanBuilderAssistant.escapeBackSlash(
ctx.STRING_LITERAL().getText().substring(1,
ctx.STRING_LITERAL().getText().length() - 1));
- return new CreateRoleCommand(ctx.EXISTS() != null, ctx.name.getText(),
comment);
+ return new CreateRoleCommand(ctx.EXISTS() != null, roleName, comment);
}
@Override
@@ -5467,7 +5468,8 @@ public class LogicalPlanBuilder extends
DorisParserBaseVisitor<Object> {
@Override
public LogicalPlan visitDropRole(DropRoleContext ctx) {
- return new DropRoleCommand(ctx.name.getText(), ctx.EXISTS() != null);
+ String roleName = stripQuotes(ctx.name.getText());
+ return new DropRoleCommand(roleName, ctx.EXISTS() != null);
}
@Override
diff --git a/regression-test/suites/account_p0/test_role.groovy
b/regression-test/suites/account_p0/test_role.groovy
index 24b4e685979..ae72bfb2ed3 100644
--- a/regression-test/suites/account_p0/test_role.groovy
+++ b/regression-test/suites/account_p0/test_role.groovy
@@ -63,5 +63,15 @@ suite("test_role", "account") {
def roles_drop = sql """show roles"""
logger.info("roles_drop: " + roles_drop.toString())
assertFalse(roles_drop.toString().contains("account_p0_account_role_test_comment_alter"))
+
+ // test IdentifierOrText
+ sql """CREATE ROLE '${role}' comment
'account_p0_account_role_test_comment_create_text'"""
+ def roles_text_create = sql """show roles"""
+ logger.info("roles_text_create: " + roles_text_create.toString())
+
assertTrue(roles_text_create.toString().contains("account_p0_account_role_test_comment_create_text"))
+ sql """DROP ROLE '${role}'"""
+ def roles_text_drop = sql """show roles"""
+ logger.info("roles_text_drop: " + roles_text_drop.toString())
+
assertFalse(roles_text_drop.toString().contains("account_p0_account_role_test_comment_create_text"))
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
