From f9550e7f8202d4e57a6599d574da12604b9bbbcc Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 11:11:58 +0800 Subject: [PATCH 01/19] userid-v1 --- .../commons/auth/entity/IEntityAccessor.java | 15 ++++++ .../iotdb/commons/auth/entity/User.java | 17 +++++++ .../auth/role/LocalFileRoleAccessor.java | 49 +++++++++++++++++++ .../commons/auth/user/BasicUserManager.java | 29 ++++++++++- .../auth/user/LocalFileUserAccessor.java | 2 + .../auth/user/LocalFileUserManager.java | 1 + .../apache/iotdb/commons/utils/IOUtils.java | 30 ++++++++++++ 7 files changed, 142 insertions(+), 1 deletion(-) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/IEntityAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/IEntityAccessor.java index 3c42d1a1dec6..972106467e2b 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/IEntityAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/IEntityAccessor.java @@ -35,6 +35,21 @@ public interface IEntityAccessor extends SnapshotProcessor { */ Role loadEntity(String entityName) throws IOException; + /** + * Deserialize userid from lower storage. + * + * @return The max userid. + * @throws IOException if an exception is raised when interacting with the lower storage. + */ + long loadUserId() throws IOException; + + /** + * save maxUserId to lower storage when snapshot. + * + * @throws IOException if an exception is raised when interacting with the lower storage. + */ + void saveUserId(long nextUserId) throws IOException; + /** * Serialize the entity object to lower storage. * diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index c0098cf0d515..2a90a592393b 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -34,6 +34,8 @@ /** This class contains all information of a User. */ public class User extends Role { + private long userId; + private String password; private Set roleSet; @@ -56,6 +58,13 @@ public User(String name, String password) { this.roleSet = new HashSet<>(); } + public User(String name, String password, long userId) { + super(name); + this.password = password; + this.userId = userId; + this.roleSet = new HashSet<>(); + } + /** ---------- set func ---------------* */ public void setPassword(String password) { this.password = password; @@ -73,7 +82,15 @@ public void addRole(String roleName) { roleSet.add(roleName); } + public void setUserId(long userId) { + this.userId = userId; + } + /** ------------ get func ----------------* */ + public long getUserId() { + return userId; + } + public String getPassword() { return password; } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java index 809d2397f3be..34686a35bbbe 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java @@ -223,6 +223,23 @@ public Role loadEntity(String entityName) throws IOException { } } + @Override + public long loadUserId() throws IOException { + File userIdFile = checkFileAvailable("user_id", ""); + if (userIdFile == null) { + return -1; + } + FileInputStream inputStream = new FileInputStream(userIdFile); + try (DataInputStream dataInputStream = + new DataInputStream(new BufferedInputStream(inputStream))) { + return dataInputStream.readLong(); + } catch (Exception e) { + throw new IOException(e); + } finally { + strBufferLocal.remove(); + } + } + @Override public void saveEntity(Role entity) throws IOException { File roleProfile = @@ -301,6 +318,7 @@ public static List getEntityStrings(String[] names) { } retList.addAll(set); } + retList.remove("user_id"); return retList; } @@ -378,4 +396,35 @@ public void cleanEntityFolder() { LOGGER.warn("Role folder not exists"); } } + + @Override + public void saveUserId(long nextUserId) throws IOException { + File userInfoProfile = + SystemFileFactory.INSTANCE.getFile( + entityDirPath + + File.separator + + "user_id" + + IoTDBConstant.PROFILE_SUFFIX + + TEMP_SUFFIX); + File userDir = new File(entityDirPath); + if (!userDir.exists() && !userDir.mkdirs()) { + LOGGER.error("Failed to create user dir {}", entityDirPath); + } + + try (FileOutputStream fileOutputStream = new FileOutputStream(userInfoProfile); + BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { + IOUtils.writeLong(outputStream, nextUserId, encodingBufferLocal); + outputStream.flush(); + fileOutputStream.getFD().sync(); + } catch (Exception e) { + LOGGER.warn("meet error when save userId: {}", nextUserId); + throw new IOException(e); + } finally { + encodingBufferLocal.remove(); + } + File oldFile = + SystemFileFactory.INSTANCE.getFile( + entityDirPath + File.separator + "user_id" + IoTDBConstant.PROFILE_SUFFIX); + IOUtils.replaceFile(userInfoProfile, oldFile); + } } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index 86e4f46d2353..fb31aa3902ac 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -35,6 +35,8 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.IOException; + /** This class stores information of each user. */ public abstract class BasicUserManager extends BasicRoleManager { @@ -50,6 +52,8 @@ protected String getNoSuchEntityError() { return "No such user %s"; } + protected long nextUserId = 9999; + /** * BasicUserManager Constructor. * @@ -102,6 +106,20 @@ private void initAdmin() throws AuthException { LOGGER.info("Admin initialized"); } + private void initUserId() { + try { + long maxUserId = this.accessor.loadUserId(); + if (maxUserId == -1 || maxUserId < 10000) { + nextUserId = 10000; + } else { + nextUserId = maxUserId; + } + } catch (IOException e) { + LOGGER.warn("meet error in load max userId."); + throw new RuntimeException(e); + } + } + @Override public User getEntity(String entityName) { return (User) super.getEntity(entityName); @@ -128,7 +146,15 @@ public boolean createUser( } lock.writeLock(username); try { - user = new User(username, enableEncrypt ? AuthUtils.encryptPassword(password) : password); + long userid = 0; + if (username.equals("root")) { + userid = 0; + } else { + userid = ++nextUserId; + } + user = + new User( + username, enableEncrypt ? AuthUtils.encryptPassword(password) : password, userid); entityMap.put(username, user); return true; } finally { @@ -197,6 +223,7 @@ private void init() throws AuthException { @Override public void reset() throws AuthException { super.reset(); + initUserId(); initAdmin(); } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java index 8a50a87ad967..f2dd3007543f 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java @@ -89,6 +89,7 @@ protected String getEntitySnapshotFileName() { @Override protected void saveEntityName(BufferedOutputStream outputStream, Role role) throws IOException { + IOUtils.writeLong(outputStream, ((User) role).getUserId(), encodingBufferLocal); super.saveEntityName(outputStream, role); IOUtils.writeString( outputStream, ((User) role).getPassword(), STRING_ENCODING, encodingBufferLocal); @@ -165,6 +166,7 @@ public User loadEntity(String entityName) throws IOException { user.setPrivilegeList(pathPrivilegeList); } else { assert (tag == VERSION); + user.setUserId(dataInputStream.readLong()); user.setName(IOUtils.readString(dataInputStream, STRING_ENCODING, strBufferLocal)); user.setPassword(IOUtils.readString(dataInputStream, STRING_ENCODING, strBufferLocal)); loadPrivileges(dataInputStream, user); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserManager.java index e2c8a33fee01..5b061e16ba2c 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserManager.java @@ -39,6 +39,7 @@ public boolean processTakeSnapshot(File snapshotDir) throws TException, IOExcept for (Map.Entry entry : entityMap.entrySet()) { accessor.saveEntity(entry.getValue()); } + accessor.saveUserId(nextUserId); return accessor.processTakeSnapshot(snapshotDir); } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/utils/IOUtils.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/utils/IOUtils.java index d1c049e86d75..8b63d29bd786 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/utils/IOUtils.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/utils/IOUtils.java @@ -92,6 +92,36 @@ public static void writeInt( outputStream.write(encodingBuffer.array(), 0, Integer.BYTES); } + /** + * Write a long (8-byte) into the given stream. + * + * @param outputStream the destination to insert. + * @param i the long value to be written. + * @param encodingBufferLocal a ThreadLocal buffer may be passed to avoid frequent memory + * allocations. A null may also be passed to use a local buffer. + * @throws IOException when an exception raised during operating the stream. + */ + public static void writeLong( + OutputStream outputStream, long i, ThreadLocal encodingBufferLocal) + throws IOException { + + ByteBuffer encodingBuffer; + if (encodingBufferLocal != null) { + encodingBuffer = encodingBufferLocal.get(); + if (encodingBuffer == null) { + // 8 bytes is exactly what we need for a long + encodingBuffer = ByteBuffer.allocate(8); + encodingBufferLocal.set(encodingBuffer); + } + } else { + encodingBuffer = ByteBuffer.allocate(8); + } + + encodingBuffer.clear(); + encodingBuffer.putLong(i); + outputStream.write(encodingBuffer.array(), 0, Long.BYTES); + } + /** * Read a string from the given stream. * From 00c1575e0fb72c4eee2d443fd7b1a268da2a2ed4 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 12:01:54 +0800 Subject: [PATCH 02/19] Compatible with legacy data. --- .../iotdb/commons/auth/user/LocalFileUserAccessor.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java index f2dd3007543f..77014a097433 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java @@ -145,14 +145,10 @@ public User loadEntity(String entityName) throws IOException { FileInputStream inputStream = new FileInputStream(entityFile); try (DataInputStream dataInputStream = new DataInputStream(new BufferedInputStream(inputStream))) { - boolean fromOldVersion = false; int tag = dataInputStream.readInt(); - if (tag < 0) { - fromOldVersion = true; - } User user = new User(); - if (fromOldVersion) { + if (tag < 0) { String name = IOUtils.readString(dataInputStream, STRING_ENCODING, strBufferLocal, -1 * tag); user.setName(name); @@ -164,6 +160,10 @@ public User loadEntity(String entityName) throws IOException { IOUtils.readPathPrivilege(dataInputStream, STRING_ENCODING, strBufferLocal)); } user.setPrivilegeList(pathPrivilegeList); + } else if (tag == 1) { + user.setName(IOUtils.readString(dataInputStream, STRING_ENCODING, strBufferLocal)); + user.setPassword(IOUtils.readString(dataInputStream, STRING_ENCODING, strBufferLocal)); + loadPrivileges(dataInputStream, user); } else { assert (tag == VERSION); user.setUserId(dataInputStream.readLong()); From 6eb59a83148e7eeae5a748f8fc32db1cc740ab00 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 13:05:50 +0800 Subject: [PATCH 03/19] modify version=2 --- .../apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java index 34686a35bbbe..e32cc0589109 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java @@ -84,7 +84,7 @@ public class LocalFileRoleAccessor implements IEntityAccessor { // It might be a good idea to use a Version number to control upgrade compatibility. // Now it's version 1 - protected static final int VERSION = 1; + protected static final int VERSION = 2; /** * Reused buffer for primitive types encoding/decoding, which aim to reduce memory fragments. Use From 02367a993040d8f6c00ddb17bb82f3506295dc3f Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 15:01:52 +0800 Subject: [PATCH 04/19] fix-bug --- .../persistence/schema/CNPhysicalPlanGenerator.java | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index 33fb4b4ed6d1..b912dac76947 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -200,9 +200,12 @@ private void generateUserRolePhysicalPlan(final boolean isUser) { int tag = dataInputStream.readInt(); boolean fromOldVersion = tag < 0; String user; - if (fromOldVersion) { + if (tag<0) { user = readString(dataInputStream, STRING_ENCODING, strBufferLocal, -1 * tag); - } else { + } else if (tag==1) { + user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); + }else{ + dataInputStream.readLong();//userId user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); } @@ -226,7 +229,7 @@ private void generateUserRolePhysicalPlan(final boolean isUser) { final int privilegeMask = dataInputStream.readInt(); generateGrantSysPlan(user, isUser, privilegeMask); - if (fromOldVersion) { + if (tag < 0) { while (dataInputStream.available() != 0) { final String path = readString(dataInputStream, STRING_ENCODING, strBufferLocal); final PartialPath priPath; From c91f0911284fd240f67c930c85e12da61a6c8c34 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 15:04:56 +0800 Subject: [PATCH 05/19] fix-bug --- .../persistence/schema/CNPhysicalPlanGenerator.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index b912dac76947..88bfdaca6978 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -200,12 +200,12 @@ private void generateUserRolePhysicalPlan(final boolean isUser) { int tag = dataInputStream.readInt(); boolean fromOldVersion = tag < 0; String user; - if (tag<0) { + if (tag < 0) { user = readString(dataInputStream, STRING_ENCODING, strBufferLocal, -1 * tag); - } else if (tag==1) { + } else if (tag == 1) { user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); - }else{ - dataInputStream.readLong();//userId + } else { + dataInputStream.readLong(); // userId user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); } From 9e0128d2bc2bc646662b70cc251435d6fa22d586 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Thu, 18 Sep 2025 18:52:32 +0800 Subject: [PATCH 06/19] resolve pipe errors --- .../confignode/manager/PermissionManager.java | 4 ++++ .../event/PipeConfigRegionSnapshotEvent.java | 10 ++++++++++ .../protocol/IoTDBConfigNodeReceiver.java | 3 ++- .../PipeTransferConfigSnapshotSealReq.java | 8 ++++++-- .../protocol/IoTDBConfigRegionAirGapSink.java | 3 ++- .../sink/protocol/IoTDBConfigRegionSink.java | 3 ++- .../source/ConfigRegionListeningQueue.java | 18 ++++++++++++++++-- .../pipe/source/IoTDBConfigRegionSource.java | 3 ++- .../confignode/persistence/AuthorInfo.java | 4 ++++ .../schema/CNPhysicalPlanGenerator.java | 5 +++-- .../schema/ConfigNodeSnapshotParser.java | 5 +++-- .../sink/PipeConfigNodeThriftRequestTest.java | 3 ++- .../CNPhysicalPlanGeneratorTest.java | 11 ++++++----- .../auth/authorizer/BasicAuthorizer.java | 5 +++++ .../commons/auth/authorizer/IAuthorizer.java | 8 ++++++++ .../commons/auth/role/BasicRoleManager.java | 5 +++++ .../commons/auth/role/IEntityManager.java | 9 +++++++++ .../commons/auth/user/BasicUserManager.java | 5 +++++ 18 files changed, 94 insertions(+), 18 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/PermissionManager.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/PermissionManager.java index 46549c674491..605e5785e9e3 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/PermissionManager.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/PermissionManager.java @@ -141,4 +141,8 @@ public TPermissionInfoResp checkRoleOfUser(String username, String rolename) public TPermissionInfoResp getUser(String username) throws AuthException { return authorInfo.getUser(username); } + + public String getUserName(long userId) throws AuthException { + return authorInfo.getUserName(userId); + } } diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java index df76f4fe7df0..67f8914f49ec 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java @@ -60,6 +60,8 @@ public class PipeConfigRegionSnapshotEvent extends PipeSnapshotEvent SNAPSHOT_FILE_TYPE_2_CONFIG_PHYSICAL_PLAN_TYPE_MAP = new EnumMap<>(CNSnapshotFileType.class); private CNSnapshotFileType fileType; + private String authUserName = ""; + static { SNAPSHOT_FILE_TYPE_2_CONFIG_PHYSICAL_PLAN_TYPE_MAP.put( CNSnapshotFileType.ROLE, @@ -136,6 +138,14 @@ public PipeConfigRegionSnapshotEvent( this.fileType = type; } + public String getAuthUserName() { + return authUserName; + } + + public void setAuthUserName(String authUserName) { + this.authUserName = authUserName; + } + public File getSnapshotFile() { return new File(snapshotPath); } diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/receiver/protocol/IoTDBConfigNodeReceiver.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/receiver/protocol/IoTDBConfigNodeReceiver.java index 5d00996ec61e..d52ad5cd7e8c 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/receiver/protocol/IoTDBConfigNodeReceiver.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/receiver/protocol/IoTDBConfigNodeReceiver.java @@ -1033,7 +1033,8 @@ protected TSStatus loadFileV2( Paths.get(fileAbsolutePaths.get(0)), fileAbsolutePaths.size() > 1 ? Paths.get(fileAbsolutePaths.get(1)) : null, CNSnapshotFileType.deserialize( - Byte.parseByte(parameters.get(PipeTransferConfigSnapshotSealReq.FILE_TYPE)))); + Byte.parseByte(parameters.get(PipeTransferConfigSnapshotSealReq.FILE_TYPE))), + parameters.getOrDefault("authUserName", "")); if (Objects.isNull(generator)) { throw new IOException( String.format("The config region snapshots %s cannot be parsed.", fileAbsolutePaths)); diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/payload/PipeTransferConfigSnapshotSealReq.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/payload/PipeTransferConfigSnapshotSealReq.java index 1162e8ade942..90a13f32e49f 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/payload/PipeTransferConfigSnapshotSealReq.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/payload/PipeTransferConfigSnapshotSealReq.java @@ -58,7 +58,8 @@ public static PipeTransferConfigSnapshotSealReq toTPipeTransferReq( final String templateFileName, final long templateFileLength, final CNSnapshotFileType fileType, - final String typeString) + final String typeString, + final String authUserName) throws IOException { final Map parameters = new HashMap<>(); parameters.put(ColumnHeaderConstant.PATH_PATTERN, treePattern); @@ -72,6 +73,7 @@ public static PipeTransferConfigSnapshotSealReq toTPipeTransferReq( } parameters.put(FILE_TYPE, Byte.toString(fileType.getType())); parameters.put(ColumnHeaderConstant.TYPE, typeString); + parameters.put("authUserName", authUserName); return (PipeTransferConfigSnapshotSealReq) new PipeTransferConfigSnapshotSealReq() @@ -103,7 +105,8 @@ public static byte[] toTPipeTransferBytes( final String templateFileName, final long templateFileLength, final CNSnapshotFileType fileType, - final String typeString) + final String typeString, + final String authUserName) throws IOException { final Map parameters = new HashMap<>(); parameters.put(ColumnHeaderConstant.PATH_PATTERN, treePattern); @@ -117,6 +120,7 @@ public static byte[] toTPipeTransferBytes( } parameters.put(FILE_TYPE, Byte.toString(fileType.getType())); parameters.put(ColumnHeaderConstant.TYPE, typeString); + parameters.put("authUserName", authUserName); return new PipeTransferConfigSnapshotSealReq() .convertToTPipeTransferSnapshotSealBytes( Objects.nonNull(templateFileName) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionAirGapSink.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionAirGapSink.java index 5f32bae8c278..1c577e4adb9b 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionAirGapSink.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionAirGapSink.java @@ -237,7 +237,8 @@ private void doTransfer( Objects.nonNull(templateFile) ? templateFile.getName() : null, Objects.nonNull(templateFile) ? templateFile.length() : 0, pipeConfigRegionSnapshotEvent.getFileType(), - pipeConfigRegionSnapshotEvent.toSealTypeString()))) { + pipeConfigRegionSnapshotEvent.toSealTypeString(), + pipeConfigRegionSnapshotEvent.getAuthUserName()))) { final String errorMessage = String.format("Seal config region snapshot %s error. Socket %s.", snapshot, socket); // Send handshake because we don't know whether the receiver side configNode diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionSink.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionSink.java index e846410b5e7a..b93a0b92be8e 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionSink.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/sink/protocol/IoTDBConfigRegionSink.java @@ -246,7 +246,8 @@ private void doTransfer(final PipeConfigRegionSnapshotEvent snapshotEvent) Objects.nonNull(templateFile) ? templateFile.getName() : null, Objects.nonNull(templateFile) ? templateFile.length() : 0, snapshotEvent.getFileType(), - snapshotEvent.toSealTypeString())); + snapshotEvent.toSealTypeString(), + snapshotEvent.getAuthUserName())); rateLimitIfNeeded( snapshotEvent.getPipeName(), snapshotEvent.getCreationTime(), diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java index 94ea7a54dde1..aba682240abc 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java @@ -19,6 +19,7 @@ package org.apache.iotdb.confignode.manager.pipe.source; +import org.apache.iotdb.commons.auth.AuthException; import org.apache.iotdb.commons.auth.user.LocalFileUserAccessor; import org.apache.iotdb.commons.conf.IoTDBConstant; import org.apache.iotdb.commons.exception.MetadataException; @@ -147,13 +148,26 @@ public synchronized void tryListenToSnapshots( continue; } final Path templateFilePath = snapshotPathInfo.getLeft().getRight(); - events.add( + PipeConfigRegionSnapshotEvent curEvent = new PipeConfigRegionSnapshotEvent( snapshotPath.toString(), Objects.nonNull(templateFilePath) && templateFilePath.toFile().length() > 0 ? templateFilePath.toString() : null, - snapshotPathInfo.getRight())); + snapshotPathInfo.getRight()); + if (type == CNSnapshotFileType.USER_ROLE) { + long userId = Long.parseLong(snapshotPath.toFile().getName().split("_")[0]); + try { + curEvent.setAuthUserName( + ConfigNode.getInstance() + .getConfigManager() + .getPermissionManager() + .getUserName(userId)); + } catch (AuthException e) { + // ignore + } + } + events.add(curEvent); } tryListen(events); } diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/IoTDBConfigRegionSource.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/IoTDBConfigRegionSource.java index ef1e08f85360..fc965624c1d8 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/IoTDBConfigRegionSource.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/IoTDBConfigRegionSource.java @@ -203,7 +203,8 @@ protected void initSnapshotGenerator(final PipeSnapshotEvent event) throws IOExc Objects.nonNull(snapshotEvent.getTemplateFile()) ? Paths.get(snapshotEvent.getTemplateFile().getPath()) : null, - snapshotEvent.getFileType()); + snapshotEvent.getFileType(), + snapshotEvent.getAuthUserName()); } @Override diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java index e4d2c17bfac2..af920b16b90a 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java @@ -674,6 +674,10 @@ public TPermissionInfoResp getUser(String username) throws AuthException { return result; } + public String getUserName(long userId) throws AuthException { + return authorizer.getUser(userId).getName(); + } + @Override public boolean processTakeSnapshot(File snapshotDir) throws TException, IOException { return authorizer.processTakeSnapshot(snapshotDir); diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index 88bfdaca6978..7f062cfc336c 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -103,14 +103,15 @@ public class CNPhysicalPlanGenerator private Exception latestException = null; private String userName; - public CNPhysicalPlanGenerator(final Path snapshotFilePath, final CNSnapshotFileType fileType) + public CNPhysicalPlanGenerator( + final Path snapshotFilePath, final CNSnapshotFileType fileType, final String userName) throws IOException { if (fileType == CNSnapshotFileType.SCHEMA) { logger.warn("schema_template need two files"); return; } if (fileType == CNSnapshotFileType.USER_ROLE) { - userName = snapshotFilePath.getFileName().toString().split("_role.profile")[0]; + this.userName = userName; } snapshotFileType = fileType; inputStream = Files.newInputStream(snapshotFilePath); diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java index 31b1cd56519e..841264416946 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java @@ -166,7 +166,8 @@ public static List, CNSnapshotFileType>> getSnapshots() th } public static CNPhysicalPlanGenerator translate2PhysicalPlan( - final Path path1, final Path path2, final CNSnapshotFileType type) throws IOException { + final Path path1, final Path path2, final CNSnapshotFileType type, final String userName) + throws IOException { if (path1 == null) { LOGGER.warn("Path1 should not be null"); return null; @@ -180,7 +181,7 @@ public static CNPhysicalPlanGenerator translate2PhysicalPlan( if (type == CNSnapshotFileType.SCHEMA) { return new CNPhysicalPlanGenerator(path1, path2); } else { - return new CNPhysicalPlanGenerator(path1, type); + return new CNPhysicalPlanGenerator(path1, type, userName); } } } diff --git a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/manager/pipe/sink/PipeConfigNodeThriftRequestTest.java b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/manager/pipe/sink/PipeConfigNodeThriftRequestTest.java index 0f729c7b4b06..5c578ebead8c 100644 --- a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/manager/pipe/sink/PipeConfigNodeThriftRequestTest.java +++ b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/manager/pipe/sink/PipeConfigNodeThriftRequestTest.java @@ -96,7 +96,8 @@ public void testPipeTransferConfigSnapshotSealReq() throws IOException { templateInfoName, 10, fileType, - typeString); + typeString, + ""); PipeTransferConfigSnapshotSealReq deserializeReq = PipeTransferConfigSnapshotSealReq.fromTPipeTransferReq(req); diff --git a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java index 647b50fdcf57..3a33cb7cc32a 100644 --- a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java +++ b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java @@ -178,7 +178,7 @@ public void roleGeneratorTest() throws Exception { + ".profile"); final CNPhysicalPlanGenerator planGenerator = - new CNPhysicalPlanGenerator(roleProfile.toPath(), CNSnapshotFileType.ROLE); + new CNPhysicalPlanGenerator(roleProfile.toPath(), CNSnapshotFileType.ROLE, ""); int count = 0; for (ConfigPhysicalPlan authPlan : planGenerator) { Assert.assertTrue(answerSet.contains(authPlan.hashCode())); @@ -264,7 +264,7 @@ public void userGeneratorTest() throws Exception { + ".profile"); CNPhysicalPlanGenerator planGenerator = - new CNPhysicalPlanGenerator(userProfile.toPath(), CNSnapshotFileType.USER); + new CNPhysicalPlanGenerator(userProfile.toPath(), CNSnapshotFileType.USER, userName); int count = 0; // plan 1-4 for (ConfigPhysicalPlan authPlan : planGenerator) { @@ -281,7 +281,8 @@ public void userGeneratorTest() throws Exception { + userName + "_role.profile"); planGenerator = - new CNPhysicalPlanGenerator(roleListProfile.toPath(), CNSnapshotFileType.USER_ROLE); + new CNPhysicalPlanGenerator( + roleListProfile.toPath(), CNSnapshotFileType.USER_ROLE, userName); count = 0; // plan 5 for (ConfigPhysicalPlan authPlan : planGenerator) { @@ -345,7 +346,7 @@ public void databaseWithoutTemplateGeneratorTest() throws Exception { } planGenerator.checkException(); Assert.assertEquals(5, count); - planGenerator = new CNPhysicalPlanGenerator(ttlInfo.toPath(), CNSnapshotFileType.TTL); + planGenerator = new CNPhysicalPlanGenerator(ttlInfo.toPath(), CNSnapshotFileType.TTL, ""); for (ConfigPhysicalPlan plan : planGenerator) { if (plan.getType() == ConfigPhysicalPlanType.SetTTL) { if (!new PartialPath(((SetTTLPlan) plan).getPathPattern()) @@ -510,7 +511,7 @@ public void templateAndDatabaseCompletedTest() throws Exception { } Assert.assertEquals(8, count); - planGenerator = new CNPhysicalPlanGenerator(ttlInfo.toPath(), CNSnapshotFileType.TTL); + planGenerator = new CNPhysicalPlanGenerator(ttlInfo.toPath(), CNSnapshotFileType.TTL, ""); for (ConfigPhysicalPlan plan : planGenerator) { if (plan.getType() == ConfigPhysicalPlanType.SetTTL) { if (!new PartialPath(((SetTTLPlan) plan).getPathPattern()) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java index 77a211de5d22..60a5bd0508ea 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java @@ -465,6 +465,11 @@ public User getUser(String username) throws AuthException { return userManager.getEntity(username); } + @Override + public User getUser(long userId) throws AuthException { + return userManager.getEntity(userId); + } + @Override public boolean processTakeSnapshot(File snapshotDir) throws TException, IOException { return userManager.processTakeSnapshot(snapshotDir) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java index e98474a8f2af..523a875fed71 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java @@ -209,6 +209,14 @@ public interface IAuthorizer extends SnapshotProcessor { */ User getUser(String username) throws AuthException; + /** + * Find a user by its userId. + * + * @param userId the index of the user. + * @return A user whose id is userId or null if such user does not exist. + */ + User getUser(long userId) throws AuthException; + /** * get all user * diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java index 17cda526d34d..474267b66698 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java @@ -78,6 +78,11 @@ public Role getEntity(String entityName) { return role; } + public Role getEntity(long entityId) { + String entityName = String.valueOf(entityId); + return this.getEntity(entityName); + } + public boolean createRole(String entityName) { Role role = getEntity(entityName); if (role != null) { diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/IEntityManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/IEntityManager.java index d70c18273f01..c1331fa8483a 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/IEntityManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/IEntityManager.java @@ -37,6 +37,15 @@ public interface IEntityManager extends SnapshotProcessor { */ Role getEntity(String entityName) throws AuthException; + /** + * Get an entity object. + * + * @param entityId The id of the entity. + * @return An entity object whose index is entityId or null if such entity does not exist. + * @throws AuthException if exception is raised while getting the entity. + */ + Role getEntity(long entityId) throws AuthException; + /** * Delete an entity. * diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index fb31aa3902ac..4b78467b7637 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -125,6 +125,11 @@ public User getEntity(String entityName) { return (User) super.getEntity(entityName); } + @Override + public User getEntity(long entityId) { + return (User) super.getEntity(entityId); + } + public boolean createUser( String username, String password, boolean validCheck, boolean enableEncrypt) throws AuthException { From a6432d83a376d9efabb02e5c00a9bbf7205fd2b0 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 18:50:54 +0800 Subject: [PATCH 07/19] modify username to userid --- .../schema/CNPhysicalPlanGenerator.java | 1 + .../schema/ConfigNodeSnapshotParser.java | 1 + .../CNPhysicalPlanGeneratorTest.java | 4 +- .../auth/role/LocalFileRoleAccessor.java | 13 ++++-- .../commons/auth/user/BasicUserManager.java | 12 ++++- .../auth/user/LocalFileUserAccessor.java | 44 ++++++++++++++++++- 6 files changed, 67 insertions(+), 8 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index 7f062cfc336c..b76df49ee445 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -103,6 +103,7 @@ public class CNPhysicalPlanGenerator private Exception latestException = null; private String userName; + public CNPhysicalPlanGenerator( final Path snapshotFilePath, final CNSnapshotFileType fileType, final String userName) throws IOException { diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java index 841264416946..aa97d8df4052 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java @@ -38,6 +38,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import java.util.Map; public class ConfigNodeSnapshotParser { private static final Logger LOGGER = LoggerFactory.getLogger(ConfigNodeSnapshotParser.class); diff --git a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java index 3a33cb7cc32a..19622c80906e 100644 --- a/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java +++ b/iotdb-core/confignode/src/test/java/org/apache/iotdb/confignode/persistence/CNPhysicalPlanGeneratorTest.java @@ -260,7 +260,7 @@ public void userGeneratorTest() throws Exception { + File.separator + USER_SNAPSHOT_FILE_NAME + File.separator - + userName + + 10000 + ".profile"); CNPhysicalPlanGenerator planGenerator = @@ -278,7 +278,7 @@ public void userGeneratorTest() throws Exception { + File.separator + USER_SNAPSHOT_FILE_NAME + File.separator - + userName + + 10000 + "_role.profile"); planGenerator = new CNPhysicalPlanGenerator( diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java index e32cc0589109..b77172720f6b 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java @@ -22,6 +22,7 @@ import org.apache.iotdb.commons.auth.entity.IEntityAccessor; import org.apache.iotdb.commons.auth.entity.PathPrivilege; import org.apache.iotdb.commons.auth.entity.Role; +import org.apache.iotdb.commons.auth.entity.User; import org.apache.iotdb.commons.conf.CommonDescriptor; import org.apache.iotdb.commons.conf.IoTDBConstant; import org.apache.iotdb.commons.exception.IllegalPathException; @@ -242,11 +243,17 @@ public long loadUserId() throws IOException { @Override public void saveEntity(Role entity) throws IOException { + String prefixName = ""; + if (entity instanceof User) { + prefixName = String.valueOf(((User) entity).getUserId()); + } else { + prefixName = entity.getName(); + } File roleProfile = SystemFileFactory.INSTANCE.getFile( entityDirPath + File.separator - + entity.getName() + + prefixName + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX); File roleDir = new File(entityDirPath); @@ -270,7 +277,7 @@ public void saveEntity(Role entity) throws IOException { File oldFile = SystemFileFactory.INSTANCE.getFile( - entityDirPath + File.separator + entity.getName() + IoTDBConstant.PROFILE_SUFFIX); + entityDirPath + File.separator + prefixName + IoTDBConstant.PROFILE_SUFFIX); IOUtils.replaceFile(roleProfile, oldFile); saveRoles(entity); } @@ -318,7 +325,7 @@ public static List getEntityStrings(String[] names) { } retList.addAll(set); } - retList.remove("user_id"); + retList.remove("user_id"); // skip user_id.profile return retList; } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index 4b78467b7637..0652dbcd8aeb 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -227,7 +227,17 @@ private void init() throws AuthException { @Override public void reset() throws AuthException { - super.reset(); + accessor.reset(); + entityMap.clear(); + for (String userId : accessor.listAllEntities()) { + try { + User user = (User) accessor.loadEntity(userId); + entityMap.put(user.getName(), user); + } catch (IOException e) { + LOGGER.warn("Get exception when load user {}", userId); + throw new AuthException(TSStatusCode.AUTH_IO_EXCEPTION, e); + } + } initUserId(); initAdmin(); } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java index 77014a097433..756f42af242d 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java @@ -102,7 +102,7 @@ protected void saveRoles(Role role) throws IOException { SystemFileFactory.INSTANCE.getFile( entityDirPath + File.separator - + user.getName() + + user.getUserId() + ROLE_SUFFIX + IoTDBConstant.PROFILE_SUFFIX + TEMP_SUFFIX); @@ -124,7 +124,7 @@ protected void saveRoles(Role role) throws IOException { SystemFileFactory.INSTANCE.getFile( entityDirPath + File.separator - + user.getName() + + user.getUserId() + ROLE_SUFFIX + IoTDBConstant.PROFILE_SUFFIX); IOUtils.replaceFile(roleProfile, oldURoleFile); @@ -302,4 +302,44 @@ public void saveUserOldVersion(User user) throws IOException { entityDirPath + File.separator + user.getName() + IoTDBConstant.PROFILE_SUFFIX); IOUtils.replaceFile(userProfile, oldFile); } + + @TestOnly + public void saveUserOldVersion1(User user) throws IOException { + File userProfile = + SystemFileFactory.INSTANCE.getFile( + entityDirPath + + File.separator + + user.getName() + + IoTDBConstant.PROFILE_SUFFIX + + TEMP_SUFFIX); + + try (FileOutputStream fileOutputStream = new FileOutputStream(userProfile); + BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { + byte[] strBuffer = user.getName().getBytes(STRING_ENCODING); + // test for version1 + IOUtils.writeInt(outputStream, 1, encodingBufferLocal); + outputStream.write(strBuffer); + IOUtils.writeString(outputStream, user.getPassword(), STRING_ENCODING, encodingBufferLocal); + IOUtils.writeInt(outputStream, user.getAllSysPrivileges(), encodingBufferLocal); + + int privilegeNum = user.getPathPrivilegeList().size(); + for (int i = 0; i < privilegeNum; i++) { + PathPrivilege pathPrivilege = user.getPathPrivilegeList().get(i); + IOUtils.writePathPrivilege( + outputStream, pathPrivilege, STRING_ENCODING, encodingBufferLocal); + } + outputStream.flush(); + fileOutputStream.getFD().sync(); + + } catch (Exception e) { + throw new IOException(e); + } finally { + encodingBufferLocal.remove(); + } + + File oldFile = + SystemFileFactory.INSTANCE.getFile( + entityDirPath + File.separator + user.getName() + IoTDBConstant.PROFILE_SUFFIX); + IOUtils.replaceFile(userProfile, oldFile); + } } From 1c8a6bb6c6418d501d9dc52c6627f837a1d5a319 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Thu, 18 Sep 2025 18:55:44 +0800 Subject: [PATCH 08/19] spotless --- .../auth/user/LocalFileUserAccessor.java | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java index 756f42af242d..cf2bf2d558d2 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java @@ -306,15 +306,15 @@ public void saveUserOldVersion(User user) throws IOException { @TestOnly public void saveUserOldVersion1(User user) throws IOException { File userProfile = - SystemFileFactory.INSTANCE.getFile( - entityDirPath - + File.separator - + user.getName() - + IoTDBConstant.PROFILE_SUFFIX - + TEMP_SUFFIX); + SystemFileFactory.INSTANCE.getFile( + entityDirPath + + File.separator + + user.getName() + + IoTDBConstant.PROFILE_SUFFIX + + TEMP_SUFFIX); try (FileOutputStream fileOutputStream = new FileOutputStream(userProfile); - BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { + BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { byte[] strBuffer = user.getName().getBytes(STRING_ENCODING); // test for version1 IOUtils.writeInt(outputStream, 1, encodingBufferLocal); @@ -326,7 +326,7 @@ public void saveUserOldVersion1(User user) throws IOException { for (int i = 0; i < privilegeNum; i++) { PathPrivilege pathPrivilege = user.getPathPrivilegeList().get(i); IOUtils.writePathPrivilege( - outputStream, pathPrivilege, STRING_ENCODING, encodingBufferLocal); + outputStream, pathPrivilege, STRING_ENCODING, encodingBufferLocal); } outputStream.flush(); fileOutputStream.getFD().sync(); @@ -338,8 +338,8 @@ public void saveUserOldVersion1(User user) throws IOException { } File oldFile = - SystemFileFactory.INSTANCE.getFile( - entityDirPath + File.separator + user.getName() + IoTDBConstant.PROFILE_SUFFIX); + SystemFileFactory.INSTANCE.getFile( + entityDirPath + File.separator + user.getName() + IoTDBConstant.PROFILE_SUFFIX); IOUtils.replaceFile(userProfile, oldFile); } } From 6e0a74f8f6292dfb66deae4137f0f18624d02d55 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Thu, 18 Sep 2025 20:12:27 +0800 Subject: [PATCH 09/19] Fix bugs --- .../schema/CNPhysicalPlanGenerator.java | 4 +++- .../auth/user/LocalFileUserAccessorTest.java | 12 +++++++----- .../iotdb/commons/auth/entity/User.java | 19 ++++++++++++------- .../commons/auth/role/BasicRoleManager.java | 5 ----- .../commons/auth/user/BasicUserManager.java | 9 ++++++++- 5 files changed, 30 insertions(+), 19 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index b76df49ee445..048c9ef98f4c 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -207,7 +207,9 @@ private void generateUserRolePhysicalPlan(final boolean isUser) { } else if (tag == 1) { user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); } else { - dataInputStream.readLong(); // userId + if (isUser) { + dataInputStream.readLong(); // skip userId since authorPlan do not demand it. + } user = readString(dataInputStream, STRING_ENCODING, strBufferLocal); } diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java index 54442238891d..8a211fe5eb08 100644 --- a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java +++ b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java @@ -66,6 +66,7 @@ public void tearDown() throws Exception { @Test public void test() throws IOException, IllegalPathException { User user = new User("test", "password123456"); + user.setUserId(5); user.grantSysPrivilege(PrivilegeType.EXTEND_TEMPLATE, false); user.grantSysPrivilege(PrivilegeType.MANAGE_USER, false); PathPrivilege pathPrivilege = new PathPrivilege(new PartialPath("root.test")); @@ -80,23 +81,24 @@ public void test() throws IOException, IllegalPathException { user.addRole("testRole2"); accessor.saveEntity(user); accessor.reset(); - User loadUser = accessor.loadEntity("test"); + User loadUser = accessor.loadEntity("5"); assertEquals(user, loadUser); user.setName("test1"); + user.setUserId(6); accessor.saveEntity(user); // list List usernames = accessor.listAllEntities(); usernames.sort(null); - assertTrue(usernames.contains("test")); - assertTrue(usernames.contains("test1")); + assertTrue(usernames.contains("5")); + assertTrue(usernames.contains("6")); // delete assertFalse(accessor.deleteEntity("not a user")); - assertTrue(accessor.deleteEntity(user.getName())); + assertTrue(accessor.deleteEntity(String.valueOf(user.getUserId()))); usernames = accessor.listAllEntities(); assertEquals(1, usernames.size()); - assertTrue(usernames.contains("test")); + assertTrue(usernames.contains("5")); User nullUser = accessor.loadEntity(user.getName()); assertNull(nullUser); } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index 2a90a592393b..0e69a33b6bb7 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -19,6 +19,7 @@ package org.apache.iotdb.commons.auth.entity; import org.apache.iotdb.commons.utils.SerializeUtils; +import org.apache.iotdb.commons.utils.TestOnly; import org.apache.iotdb.confignode.rpc.thrift.TUserResp; import java.io.ByteArrayOutputStream; @@ -46,18 +47,20 @@ public User() { // empty constructor } - /** - * construct function for User. - * - * @param name -user name - * @param password -user password - */ + @TestOnly public User(String name, String password) { super(name); this.password = password; this.roleSet = new HashSet<>(); } + /** + * construct function for User. + * + * @param name -user name + * @param password -user password + * @param userId -user index + */ public User(String name, String password, long userId) { super(name); this.password = password; @@ -213,7 +216,9 @@ public void deserialize(ByteBuffer buffer) { @Override public String toString() { return "User{" - + "name='" + + "id=" + + userId + + ", name='" + super.getName() + '\'' + ", pathPrivilegeList=" diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java index 474267b66698..17cda526d34d 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java @@ -78,11 +78,6 @@ public Role getEntity(String entityName) { return role; } - public Role getEntity(long entityId) { - String entityName = String.valueOf(entityId); - return this.getEntity(entityName); - } - public boolean createRole(String entityName) { Role role = getEntity(entityName); if (role != null) { diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index 0652dbcd8aeb..7e33139eb80c 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -22,6 +22,7 @@ import org.apache.iotdb.commons.auth.entity.IEntityAccessor; import org.apache.iotdb.commons.auth.entity.PathPrivilege; import org.apache.iotdb.commons.auth.entity.PrivilegeType; +import org.apache.iotdb.commons.auth.entity.Role; import org.apache.iotdb.commons.auth.entity.User; import org.apache.iotdb.commons.auth.role.BasicRoleManager; import org.apache.iotdb.commons.conf.CommonDescriptor; @@ -36,6 +37,7 @@ import org.slf4j.LoggerFactory; import java.io.IOException; +import java.util.Map; /** This class stores information of each user. */ public abstract class BasicUserManager extends BasicRoleManager { @@ -127,7 +129,12 @@ public User getEntity(String entityName) { @Override public User getEntity(long entityId) { - return (User) super.getEntity(entityId); + for (Map.Entry roleEntry : entityMap.entrySet()) { + if (((User) roleEntry.getValue()).getUserId() == entityId) { + return (User) roleEntry.getValue(); + } + } + return null; } public boolean createUser( From 336e1105cb91bac711804410d766a2959025a252 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Thu, 18 Sep 2025 20:00:56 +0800 Subject: [PATCH 10/19] fix UT --- .../db/auth/user/LocalFileUserAccessorTest.java | 7 ++++++- .../org/apache/iotdb/commons/auth/entity/User.java | 2 +- .../iotdb/commons/auth/user/BasicUserManager.java | 7 +++++++ .../commons/auth/user/LocalFileUserAccessor.java | 13 ++----------- 4 files changed, 16 insertions(+), 13 deletions(-) diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java index 8a211fe5eb08..eafb95b0824e 100644 --- a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java +++ b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/user/LocalFileUserAccessorTest.java @@ -129,9 +129,14 @@ public void testLoadOldVersion() throws IOException, IllegalPathException { accessor.saveUserOldVersion(role); User newRole = accessor.loadEntity("root"); assertEquals(role, newRole); + newRole.setName("root1"); + accessor.saveUserOldVersion1(newRole); + User newRole1 = accessor.loadEntity("root1"); + assertEquals(newRole, newRole1); newRole.setName("root2"); + newRole.setUserId(10000); accessor.saveEntity(newRole); - User newRole2 = accessor.loadEntity("root2"); + User newRole2 = accessor.loadEntity("10000"); assertEquals(newRole, newRole2); } } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index 0e69a33b6bb7..f5f0d2834444 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -35,7 +35,7 @@ /** This class contains all information of a User. */ public class User extends Role { - private long userId; + private long userId = -1; private String password; diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index 7e33139eb80c..cb9ff8defaa2 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -116,6 +116,13 @@ private void initUserId() { } else { nextUserId = maxUserId; } + + for (Map.Entry userEntry : entityMap.entrySet()) { + User user = (User) userEntry.getValue(); + if (user.getUserId() == -1) { + user.setUserId(nextUserId++); + } + } } catch (IOException e) { LOGGER.warn("meet error in load max userId."); throw new RuntimeException(e); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java index cf2bf2d558d2..11ff8c73e9a8 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/LocalFileUserAccessor.java @@ -315,22 +315,13 @@ public void saveUserOldVersion1(User user) throws IOException { try (FileOutputStream fileOutputStream = new FileOutputStream(userProfile); BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { - byte[] strBuffer = user.getName().getBytes(STRING_ENCODING); // test for version1 IOUtils.writeInt(outputStream, 1, encodingBufferLocal); - outputStream.write(strBuffer); + IOUtils.writeString(outputStream, user.getName(), STRING_ENCODING, encodingBufferLocal); IOUtils.writeString(outputStream, user.getPassword(), STRING_ENCODING, encodingBufferLocal); - IOUtils.writeInt(outputStream, user.getAllSysPrivileges(), encodingBufferLocal); - - int privilegeNum = user.getPathPrivilegeList().size(); - for (int i = 0; i < privilegeNum; i++) { - PathPrivilege pathPrivilege = user.getPathPrivilegeList().get(i); - IOUtils.writePathPrivilege( - outputStream, pathPrivilege, STRING_ENCODING, encodingBufferLocal); - } + savePrivileges(outputStream, user); outputStream.flush(); fileOutputStream.getFD().sync(); - } catch (Exception e) { throw new IOException(e); } finally { From 9d3b35ff63985d3da1d3c8e502f1c43855b66197 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Thu, 18 Sep 2025 20:47:39 +0800 Subject: [PATCH 11/19] 4 CI --- .../manager/pipe/source/ConfigRegionListeningQueue.java | 7 ++++--- .../java/org/apache/iotdb/db/auth/AuthorityChecker.java | 4 +++- .../java/org/apache/iotdb/db/auth/entity/UserTest.java | 4 ++-- .../apache/iotdb/commons/auth/role/BasicRoleManager.java | 4 ++++ 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java index aba682240abc..92ac3d083946 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java @@ -136,15 +136,16 @@ public synchronized void tryListenToSnapshots( && snapshotPath .toFile() .getName() - .equals(AuthorityChecker.SUPER_USER + IoTDBConstant.PROFILE_SUFFIX) + .equals(AuthorityChecker.SUPER_USER_ID + IoTDBConstant.PROFILE_SUFFIX) || type == CNSnapshotFileType.USER_ROLE && snapshotPath .toFile() .getName() .equals( - AuthorityChecker.SUPER_USER + AuthorityChecker.SUPER_USER_ID + LocalFileUserAccessor.ROLE_SUFFIX - + IoTDBConstant.PROFILE_SUFFIX)) { + + IoTDBConstant.PROFILE_SUFFIX) + || snapshotPath.toFile().getName().equals("user_id.profile")) { continue; } final Path templateFilePath = snapshotPathInfo.getLeft().getRight(); diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java index b67987159b7f..7842a976c5bb 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java @@ -71,7 +71,9 @@ public class AuthorityChecker { public static String SUPER_USER = CommonDescriptor.getInstance().getConfig().getAdminName(); - public static final TSStatus SUCCEED = RpcUtils.SUCCESS_STATUS; + public static String SUPER_USER_ID = "0"; + + public static final TSStatus SUCCEED = new TSStatus(TSStatusCode.SUCCESS_STATUS.getStatusCode()); public static final String ONLY_ADMIN_ALLOWED = "No permissions for this operation, only root user is allowed"; diff --git a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java index eee3be0bc73f..82e7d8f15b18 100644 --- a/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java +++ b/iotdb-core/datanode/src/test/java/org/apache/iotdb/db/auth/entity/UserTest.java @@ -39,13 +39,13 @@ public void testUser() throws IllegalPathException { user.setPathPrivileges( new PartialPath("root.ln"), Collections.singleton(PrivilegeType.WRITE_DATA)); Assert.assertEquals( - "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], " + "User{id=-1, name='user', pathPrivilegeList=[root.ln : WRITE_DATA], " + "sysPrivilegeSet=[], AnyScopePrivilegeMap=[], objectPrivilegeMap={}, roleList=[], isOpenIdUser=false}", user.toString()); User user1 = new User("user1", "password1"); user1.deserialize(user.serialize()); Assert.assertEquals( - "User{name='user', pathPrivilegeList=[root.ln : WRITE_DATA], " + "User{id=-1, name='user', pathPrivilegeList=[root.ln : WRITE_DATA], " + "sysPrivilegeSet=[], AnyScopePrivilegeMap=[], objectPrivilegeMap={}, roleList=[], isOpenIdUser=false}", user1.toString()); Assert.assertEquals(user1, user); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java index 17cda526d34d..d051db717310 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java @@ -78,6 +78,10 @@ public Role getEntity(String entityName) { return role; } + public Role getEntity(long entityId) { + return null; + } + public boolean createRole(String entityName) { Role role = getEntity(entityName); if (role != null) { From 08d06ce983ba4bdb04aaa0ecc2cd7beda48b42e6 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Fri, 19 Sep 2025 10:04:21 +0800 Subject: [PATCH 12/19] Update PipeConfigRegionSnapshotEvent.java --- .../event/PipeConfigRegionSnapshotEvent.java | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java index 67f8914f49ec..5a8465e99d54 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/event/PipeConfigRegionSnapshotEvent.java @@ -205,17 +205,20 @@ public EnrichedEvent shallowCopySelfAndBindPipeTaskMetaForProgressReport( final boolean skipIfNoPrivileges, final long startTime, final long endTime) { - return new PipeConfigRegionSnapshotEvent( - snapshotPath, - templateFilePath, - fileType, - pipeName, - creationTime, - pipeTaskMeta, - treePattern, - tablePattern, - userName, - skipIfNoPrivileges); + PipeConfigRegionSnapshotEvent pipeConfigRegionSnapshotEvent = + new PipeConfigRegionSnapshotEvent( + snapshotPath, + templateFilePath, + fileType, + pipeName, + creationTime, + pipeTaskMeta, + treePattern, + tablePattern, + userName, + skipIfNoPrivileges); + pipeConfigRegionSnapshotEvent.setAuthUserName(authUserName); + return pipeConfigRegionSnapshotEvent; } @Override From a9515c04ee161cefd459a99dc25458b81c302202 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Fri, 19 Sep 2025 15:45:37 +0800 Subject: [PATCH 13/19] list user id --- .../response/auth/PermissionInfoResp.java | 11 ++++++++++ .../confignode/persistence/AuthorInfo.java | 20 ++++++++++++++++++- .../thrift/ConfigNodeRPCServiceProcessor.java | 1 + .../iotdb/db/auth/AuthorityChecker.java | 20 ++++++++++++++++++- .../auth/authorizer/BasicAuthorizer.java | 6 ++++++ .../commons/auth/authorizer/IAuthorizer.java | 9 +++++++++ .../iotdb/commons/auth/entity/Role.java | 18 +++++++++++++++++ .../iotdb/commons/auth/entity/User.java | 10 ++++++++++ .../commons/auth/role/BasicRoleManager.java | 19 ++++++++++++++++++ .../auth/role/LocalFileRoleAccessor.java | 2 ++ .../schema/column/ColumnHeaderConstant.java | 7 +++++++ .../src/main/thrift/confignode.thrift | 8 ++++++++ 12 files changed, 129 insertions(+), 2 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/response/auth/PermissionInfoResp.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/response/auth/PermissionInfoResp.java index 70413d552db4..de4403367539 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/response/auth/PermissionInfoResp.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/consensus/response/auth/PermissionInfoResp.java @@ -20,6 +20,7 @@ package org.apache.iotdb.confignode.consensus.response.auth; import org.apache.iotdb.common.rpc.thrift.TSStatus; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp; import org.apache.iotdb.consensus.common.DataSet; @@ -32,6 +33,8 @@ public class PermissionInfoResp implements DataSet { private String tag; private List memberList; + private List usersInfo; + private TPermissionInfoResp permissionInfoResp; public PermissionInfoResp() {} @@ -62,6 +65,14 @@ public List getMemberList() { return memberList; } + public void setUsersInfo(List usersInfo) { + this.usersInfo = usersInfo; + } + + public List getUsersInfo() { + return usersInfo; + } + public TPermissionInfoResp getPermissionInfoResp() { return permissionInfoResp; } diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java index af920b16b90a..efcbd894360f 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/AuthorInfo.java @@ -46,6 +46,7 @@ import org.apache.iotdb.confignode.consensus.response.auth.PermissionInfoResp; import org.apache.iotdb.confignode.manager.ConfigManager; import org.apache.iotdb.confignode.rpc.thrift.TAuthizedPatternTreeResp; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.confignode.rpc.thrift.TPermissionInfoResp; import org.apache.iotdb.confignode.rpc.thrift.TRoleResp; import org.apache.iotdb.confignode.rpc.thrift.TUserResp; @@ -62,6 +63,7 @@ import java.io.IOException; import java.nio.ByteBuffer; import java.util.ArrayList; +import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; @@ -510,13 +512,17 @@ public TSStatus authorNonQuery(AuthorRelationalPlan authorPlan) { public PermissionInfoResp executeListUsers(final AuthorPlan plan) throws AuthException { final PermissionInfoResp result = new PermissionInfoResp(); final List userList; + final List userInfoList; boolean hasPermissionToListOtherUsers = plan.getUserName().isEmpty(); if (!hasPermissionToListOtherUsers) { // userList may be modified later userList = new ArrayList<>(1); userList.add(plan.getUserName()); + User user = authorizer.getUser(plan.getUserName()); + userInfoList = Collections.singletonList(user.convertToListUserInfo()); } else { userList = authorizer.listAllUsers(); + userInfoList = authorizer.listAllUsersInfo(); } if (!plan.getRoleName().isEmpty()) { final Role role = authorizer.getRole(plan.getRoleName()); @@ -527,8 +533,19 @@ public PermissionInfoResp executeListUsers(final AuthorPlan plan) throws AuthExc return result; } final Iterator itr = userList.iterator(); + Set toRemove = new HashSet<>(); while (itr.hasNext()) { - User userObj = authorizer.getUser(itr.next()); + String userName = itr.next(); + User userObj = authorizer.getUser(userName); + if (userObj == null || !userObj.hasRole(plan.getRoleName())) { + itr.remove(); + toRemove.add(userName); + } + } + userInfoList.removeIf(info -> toRemove.contains(info.username)); + final Iterator userInfoitr = userInfoList.iterator(); + while (itr.hasNext()) { + User userObj = authorizer.getUser(userInfoitr.next().getUsername()); if (userObj == null || !userObj.hasRole(plan.getRoleName())) { itr.remove(); } @@ -536,6 +553,7 @@ public PermissionInfoResp executeListUsers(final AuthorPlan plan) throws AuthExc } result.setTag(ColumnHeaderConstant.USER); result.setMemberInfo(userList); + result.setUsersInfo(userInfoList); result.setStatus(RpcUtils.getStatus(TSStatusCode.SUCCESS_STATUS)); return result; } diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java index 97c9c18d52a0..da91373d4d49 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java @@ -670,6 +670,7 @@ public TAuthorizerResp queryPermission(final TAuthorizerReq req) { resp.setMemberInfo(dataSet.getMemberList()); resp.setPermissionInfo(dataSet.getPermissionInfoResp()); resp.setTag(dataSet.getTag()); + resp.setUsersInfo(dataSet.getUsersInfo()); return resp; } diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java index 7842a976c5bb..0aaab5a02013 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java @@ -30,6 +30,7 @@ import org.apache.iotdb.commons.service.metric.PerformanceOverviewMetrics; import org.apache.iotdb.confignode.rpc.thrift.TAuthorizerResp; import org.apache.iotdb.confignode.rpc.thrift.TDBPrivilege; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.confignode.rpc.thrift.TPathPrivilege; import org.apache.iotdb.confignode.rpc.thrift.TRoleResp; import org.apache.iotdb.confignode.rpc.thrift.TTablePrivilege; @@ -63,6 +64,7 @@ import java.util.StringJoiner; import java.util.stream.Collectors; +import static org.apache.iotdb.commons.schema.column.ColumnHeaderConstant.LIST_USER_COLUMN_HEADERS; import static org.apache.iotdb.commons.schema.column.ColumnHeaderConstant.LIST_USER_OR_ROLE_PRIVILEGES_COLUMN_HEADERS; // Authority checker is SingleTon working at datanode. @@ -385,7 +387,7 @@ public static void buildTSBlock( List headerList = new ArrayList<>(); TsBlockBuilder builder; - if (listRoleUser) { + if (authResp.tag.equals(ColumnHeaderConstant.ROLE)) { headerList.add(new ColumnHeader(authResp.getTag(), TSDataType.TEXT)); types.add(TSDataType.TEXT); builder = new TsBlockBuilder(types); @@ -394,6 +396,22 @@ public static void buildTSBlock( builder.getColumnBuilder(0).writeBinary(new Binary(name, TSFileConfig.STRING_CHARSET)); builder.declarePosition(); } + } else if (authResp.tag.equals(ColumnHeaderConstant.USER)) { + headerList = LIST_USER_COLUMN_HEADERS; + types = + LIST_USER_COLUMN_HEADERS.stream() + .map(ColumnHeader::getColumnType) + .collect(Collectors.toList()); + builder = new TsBlockBuilder(types); + for (TListUserInfo userinfo : authResp.getUsersInfo()) { + builder.getTimeColumnBuilder().writeLong(0L); + builder.getColumnBuilder(0).writeLong(userinfo.getUserId()); + builder + .getColumnBuilder(1) + .writeBinary(new Binary(userinfo.getUsername(), TSFileConfig.STRING_CHARSET)); + builder.declarePosition(); + } + } else { headerList = LIST_USER_OR_ROLE_PRIVILEGES_COLUMN_HEADERS; types = diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java index 60a5bd0508ea..de800b2be56e 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/BasicAuthorizer.java @@ -32,6 +32,7 @@ import org.apache.iotdb.commons.service.IService; import org.apache.iotdb.commons.service.ServiceType; import org.apache.iotdb.commons.utils.AuthUtils; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.rpc.TSStatusCode; import org.apache.thrift.TException; @@ -450,6 +451,11 @@ public List listAllUsers() { return userManager.listAllEntities(); } + @Override + public List listAllUsersInfo() { + return userManager.listAllEntitiesInfo(); + } + @Override public List listAllRoles() { return roleManager.listAllEntities(); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java index 523a875fed71..52b8ad4e0f40 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/authorizer/IAuthorizer.java @@ -26,6 +26,7 @@ import org.apache.iotdb.commons.auth.entity.User; import org.apache.iotdb.commons.path.PartialPath; import org.apache.iotdb.commons.snapshot.SnapshotProcessor; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import java.util.List; import java.util.Map; @@ -186,6 +187,14 @@ public interface IAuthorizer extends SnapshotProcessor { */ List listAllUsers(); + /** + * List existing users info in the database. + * + * @return A list contains all users' baisc info including userid, username,maxSessionPerUser and + * minSessionPerUser. + */ + List listAllUsersInfo(); + /** * List existing roles in the database. * diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java index 2443ef38a176..e5296dca60ca 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/Role.java @@ -44,6 +44,8 @@ public class Role { protected String name; + protected int maxSessionPerUser = -1; + protected int minSessionPerUser = -1; protected List pathPrivilegeList; protected Map objectPrivilegeMap; @@ -81,6 +83,14 @@ public String getName() { return name; } + public int getMaxSessionPerUser() { + return maxSessionPerUser; + } + + public int getMinSessionPerUser() { + return minSessionPerUser; + } + public List getPathPrivilegeList() { return pathPrivilegeList; } @@ -250,6 +260,14 @@ public void setName(String name) { this.name = name; } + public void setMaxSessionPerUser(int maxSessionPerUser) { + this.maxSessionPerUser = maxSessionPerUser; + } + + public void setMinSessionPerUser(int minSessionPerUser) { + this.minSessionPerUser = minSessionPerUser; + } + public void setPrivilegeList(List privilegeList) { this.pathPrivilegeList = privilegeList; } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index f5f0d2834444..78da059cde3c 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -20,6 +20,7 @@ import org.apache.iotdb.commons.utils.SerializeUtils; import org.apache.iotdb.commons.utils.TestOnly; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.confignode.rpc.thrift.TUserResp; import java.io.ByteArrayOutputStream; @@ -119,6 +120,15 @@ public TUserResp getUserInfo(ModelType modelType) { return resp; } + public TListUserInfo convertToListUserInfo( ) { + TListUserInfo userInfo = new TListUserInfo(); + userInfo.setUserId(userId); + userInfo.setUsername(name); + userInfo.setMaxSessionPerUser(maxSessionPerUser); + userInfo.setMinSessionPerUser(minSessionPerUser); + return userInfo; + } + /** -------------- misc ----------------* */ @Override public boolean equals(Object o) { diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java index d051db717310..2fd66e76bdce 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java @@ -23,9 +23,11 @@ import org.apache.iotdb.commons.auth.entity.PrivilegeType; import org.apache.iotdb.commons.auth.entity.PrivilegeUnion; import org.apache.iotdb.commons.auth.entity.Role; +import org.apache.iotdb.commons.auth.entity.User; import org.apache.iotdb.commons.concurrent.HashLock; import org.apache.iotdb.commons.snapshot.SnapshotProcessor; import org.apache.iotdb.commons.utils.AuthUtils; +import org.apache.iotdb.confignode.rpc.thrift.TListUserInfo; import org.apache.iotdb.rpc.TSStatusCode; import org.slf4j.Logger; @@ -33,6 +35,7 @@ import java.io.IOException; import java.util.ArrayList; +import java.util.Comparator; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -233,4 +236,20 @@ public List listAllEntities() { rtlist.sort(null); return rtlist; } + + public List listAllEntitiesInfo() { + + List rtlist = new ArrayList<>(); + for (Role r : entityMap.values()) { + // System.out.println(r.getRoleId()); + TListUserInfo userInfo = new TListUserInfo(); + userInfo.userId = ((User) r).getUserId(); + userInfo.username = r.getName(); + userInfo.maxSessionPerUser = r.getMaxSessionPerUser(); + userInfo.minSessionPerUser = r.getMinSessionPerUser(); + rtlist.add(userInfo); + } + rtlist.sort(Comparator.comparingLong(TListUserInfo::getUserId)); + return rtlist; + } } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java index b77172720f6b..07bb08ca7dea 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/LocalFileRoleAccessor.java @@ -233,6 +233,7 @@ public long loadUserId() throws IOException { FileInputStream inputStream = new FileInputStream(userIdFile); try (DataInputStream dataInputStream = new DataInputStream(new BufferedInputStream(inputStream))) { + dataInputStream.readInt(); // read version return dataInputStream.readLong(); } catch (Exception e) { throw new IOException(e); @@ -420,6 +421,7 @@ public void saveUserId(long nextUserId) throws IOException { try (FileOutputStream fileOutputStream = new FileOutputStream(userInfoProfile); BufferedOutputStream outputStream = new BufferedOutputStream(fileOutputStream)) { + IOUtils.writeInt(outputStream, VERSION, encodingBufferLocal); IOUtils.writeLong(outputStream, nextUserId, encodingBufferLocal); outputStream.flush(); fileOutputStream.getFD().sync(); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/column/ColumnHeaderConstant.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/column/ColumnHeaderConstant.java index 7cdfd60f34b7..6c7cf212da57 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/column/ColumnHeaderConstant.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/column/ColumnHeaderConstant.java @@ -163,6 +163,8 @@ private ColumnHeaderConstant() { public static final String COUNT_TIME_PARTITION = "count(timePartition)"; public static final String START_TIME = "StartTime"; public static final String ROLE = "Role"; + public static final String MAX_SESSION_PER_USER = "MaxSessionPerUser"; + public static final String MIN_SESSION_PER_USER = "MinSessionPerUser"; public static final String CREATE_TIME = "CreateTime"; public static final String TSFILE_SIZE = "TsFileSize"; public static final String COMPRESSION_RATIO = "CompressionRatio"; @@ -279,6 +281,7 @@ private ColumnHeaderConstant() { // column names for show throttle quota public static final String USER = "User"; + public static final String USER_ID = "UserId"; public static final String READ_WRITE = "Read/Write"; // column names for show models/trials @@ -689,6 +692,10 @@ private ColumnHeaderConstant() { new ColumnHeader(TABLE, TSDataType.TEXT), new ColumnHeader(CREATE_TABLE, TSDataType.TEXT)); + public static final List LIST_USER_COLUMN_HEADERS = + ImmutableList.of( + new ColumnHeader(USER_ID, TSDataType.INT64), new ColumnHeader(USER, TSDataType.TEXT)); + public static final List showTablesColumnHeaders = ImmutableList.of( new ColumnHeader(TABLE_NAME, TSDataType.TEXT), diff --git a/iotdb-protocol/thrift-confignode/src/main/thrift/confignode.thrift b/iotdb-protocol/thrift-confignode/src/main/thrift/confignode.thrift index 02c051837ede..fef2aa63d26b 100644 --- a/iotdb-protocol/thrift-confignode/src/main/thrift/confignode.thrift +++ b/iotdb-protocol/thrift-confignode/src/main/thrift/confignode.thrift @@ -362,6 +362,14 @@ struct TAuthorizerResp { 2: optional string tag 3: optional list memberInfo 4: optional TPermissionInfoResp permissionInfo + 5: optional list usersInfo +} + +struct TListUserInfo{ + 1: required i64 userId + 2: required string username + 3: required i32 maxSessionPerUser + 4: required i32 minSessionPerUser } struct TUserResp { From 6fc4a93264d8efdf6f0c45f4ab97c2fb56dbed76 Mon Sep 17 00:00:00 2001 From: shiwenyan Date: Sat, 20 Sep 2025 16:02:30 +0800 Subject: [PATCH 14/19] fix bug for userid --- .../iotdb/db/it/IoTDBRestServiceIT.java | 6 +- .../apache/iotdb/db/it/auth/IoTDBAuthIT.java | 90 ++++++++++--------- .../db/it/auth/IoTDBRelationalAuthIT.java | 12 +-- .../thrift/ConfigNodeRPCServiceProcessor.java | 1 + .../commons/auth/user/BasicUserManager.java | 6 +- 5 files changed, 62 insertions(+), 53 deletions(-) diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBRestServiceIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBRestServiceIT.java index 99d4b1560f03..7d6d8774385a 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBRestServiceIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/IoTDBRestServiceIT.java @@ -1399,6 +1399,7 @@ public void listUser(CloseableHttpClient httpClient) { List columnNames = new ArrayList() { { + add(ColumnHeaderConstant.USER_ID); add(ColumnHeaderConstant.USER); } }; @@ -1409,7 +1410,7 @@ public void listUser(CloseableHttpClient httpClient) { } }; Assert.assertEquals(columnNames, columnNamesResult); - Assert.assertEquals(values1, valuesResult.get(0)); + Assert.assertEquals(values1, valuesResult.get(1)); } public void selectCount(CloseableHttpClient httpClient) { @@ -2062,6 +2063,7 @@ public void listUserV2(CloseableHttpClient httpClient) { List columnNames = new ArrayList() { { + add(ColumnHeaderConstant.USER_ID); add(ColumnHeaderConstant.USER); } }; @@ -2072,7 +2074,7 @@ public void listUserV2(CloseableHttpClient httpClient) { } }; Assert.assertEquals(columnNames, columnNamesResult); - Assert.assertEquals(values1, valuesResult.get(0)); + Assert.assertEquals(values1, valuesResult.get(1)); } public void selectCountV2(CloseableHttpClient httpClient) { diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java index e9425aa9444b..211f2f393799 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java @@ -469,7 +469,7 @@ public void testListUser() throws SQLException { try { ResultSet resultSet = adminStmt.executeQuery("LIST USER"); - String ans = "root,\n"; + String ans = "0,root,\n"; try { validateResultSet(resultSet, ans); @@ -478,17 +478,17 @@ public void testListUser() throws SQLException { } resultSet = adminStmt.executeQuery("LIST USER"); ans = - "root,\n" - + "user0,\n" - + "user1,\n" - + "user2,\n" - + "user3,\n" - + "user4,\n" - + "user5,\n" - + "user6,\n" - + "user7,\n" - + "user8,\n" - + "user9,\n"; + "0,root,\n" + + "10000,user0,\n" + + "10001,user1,\n" + + "10002,user2,\n" + + "10003,user3,\n" + + "10004,user4,\n" + + "10005,user5,\n" + + "10006,user6,\n" + + "10007,user7,\n" + + "10008,user8,\n" + + "10009,user9,\n"; validateResultSet(resultSet, ans); for (int i = 0; i < 10; i++) { @@ -497,7 +497,13 @@ public void testListUser() throws SQLException { } } resultSet = adminStmt.executeQuery("LIST USER"); - ans = "root,\n" + "user1,\n" + "user3,\n" + "user5,\n" + "user7,\n" + "user9,\n"; + ans = + "0,root,\n" + + "10001,user1,\n" + + "10003,user3,\n" + + "10005,user5,\n" + + "10007,user7,\n" + + "10009,user9,\n"; validateResultSet(resultSet, ans); } finally { resultSet.close(); @@ -581,7 +587,7 @@ public void testListUserRole() throws SQLException { ans = "role1,\nrole2,\n"; validateResultSet(resultSet, ans); resultSet = userStmt.executeQuery("LIST USER OF ROLE role1"); - ans = "user1,\nuser2,\n"; + ans = "10000,user1,\n10001,user2,\n"; validateResultSet(resultSet, ans); } finally { userStmt.close(); @@ -764,25 +770,25 @@ public void testListRoleUsers() throws SQLException { ResultSet resultSet = adminStmt.executeQuery("LIST USER OF ROLE dalao"); String ans = - "DailySecurity,\n" - + "DoubleLight,\n" - + "East,\n" - + "Eastwards,\n" - + "GoldLuck,\n" - + "GoodWoods,\n" - + "HealthHonor,\n" - + "HighFly,\n" - + "Moon,\n" - + "Persistence,\n" - + "RayBud,\n" - + "ScentEffusion,\n" - + "Smart,\n" - + "SunComparison,\n"; + "10011,DailySecurity,\n" + + "10006,DoubleLight,\n" + + "10010,East,\n" + + "10007,Eastwards,\n" + + "10005,GoldLuck,\n" + + "10003,GoodWoods,\n" + + "10004,HealthHonor,\n" + + "10000,HighFly,\n" + + "10012,Moon,\n" + + "10002,Persistence,\n" + + "10013,RayBud,\n" + + "10008,ScentEffusion,\n" + + "10009,Smart,\n" + + "10001,SunComparison,\n"; try { validateResultSet(resultSet, ans); resultSet = adminStmt.executeQuery("LIST USER OF ROLE zhazha"); - ans = "RiverSky,\n"; + ans = "10014,RiverSky,\n"; validateResultSet(resultSet, ans); adminStmt.execute("REVOKE ROLE zhazha from RiverSky"); @@ -837,25 +843,25 @@ public void testListUserPrivilege() throws SQLException { try (Connection userCon = EnvFactory.getEnv().getConnection("tempuser", "temppw123456"); Statement userStmt = userCon.createStatement()) { try { - String ans = "tempuser,\n"; + String ans = "10010,tempuser,\n"; ResultSet resultSet = userStmt.executeQuery("LIST USER"); validateResultSet(resultSet, ans); // with list user privilege adminStmt.execute("GRANT SECURITY on root.** TO USER tempuser"); resultSet = userStmt.executeQuery("LIST USER"); ans = - "root,\n" - + "tempuser,\n" - + "user0,\n" - + "user1,\n" - + "user2,\n" - + "user3,\n" - + "user4,\n" - + "user5,\n" - + "user6,\n" - + "user7,\n" - + "user8,\n" - + "user9,\n"; + "0,root,\n" + + "10010,tempuser,\n" + + "10000,user0,\n" + + "10001,user1,\n" + + "10002,user2,\n" + + "10003,user3,\n" + + "10004,user4,\n" + + "10005,user5,\n" + + "10006,user6,\n" + + "10007,user7,\n" + + "10008,user8,\n" + + "10009,user9,\n"; validateResultSet(resultSet, ans); } finally { userStmt.close(); diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java index 073d05599cec..8db3f4ff82ca 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java @@ -136,7 +136,7 @@ public void listUserPrivileges() throws SQLException { adminStmt.execute("create role testrole"); adminStmt.execute("GRANT ROLE testrole to testuser"); rs = adminStmt.executeQuery("LIST USER OF ROLE testrole"); - TestUtils.assertResultSetEqual(rs, "User,", Collections.singleton("testuser,")); + TestUtils.assertResultSetEqual(rs, "UserId,User,", Collections.singleton("10000,testuser,")); rs = adminStmt.executeQuery("LIST ROLE OF USER testuser"); TestUtils.assertResultSetEqual(rs, "Role,", Collections.singleton("testrole,")); } @@ -533,11 +533,11 @@ public void testCreateUserAndRole() throws SQLException { ResultSet resultSet = adminStmt.executeQuery("List user"); Set resultSetList = new HashSet<>(); - resultSetList.add("root,"); - resultSetList.add("testuser,"); - resultSetList.add("!@#$%^*()_+-=1,"); - resultSetList.add("!@#$%^*()_+-=2,"); - TestUtils.assertResultSetEqual(resultSet, "User,", resultSetList); + resultSetList.add("0,root,"); + resultSetList.add("10000,testuser,"); + resultSetList.add("10001,!@#$%^*()_+-=1,"); + resultSetList.add("10002,!@#$%^*()_+-=2,"); + TestUtils.assertResultSetEqual(resultSet, "UserId,User,", resultSetList); resultSet = adminStmt.executeQuery("List role"); TestUtils.assertResultSetEqual(resultSet, "Role,", Collections.singleton("!@#$%^*()_+-=3,")); adminStmt.execute("GRANT role \"!@#$%^*()_+-=3\" to \"!@#$%^*()_+-=1\""); diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java index da91373d4d49..fbb9d69fea6d 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/service/thrift/ConfigNodeRPCServiceProcessor.java @@ -713,6 +713,7 @@ public TAuthorizerResp queryRPermission(final TAuthorizerRelationalReq req) { final TAuthorizerResp resp = new TAuthorizerResp(dataSet.getStatus()); resp.setMemberInfo(dataSet.getMemberList()); resp.setPermissionInfo(dataSet.getPermissionInfoResp()); + resp.setUsersInfo(dataSet.getUsersInfo()); resp.setTag(dataSet.getTag()); return resp; } diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index cb9ff8defaa2..3311f6acce50 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -111,8 +111,8 @@ private void initAdmin() throws AuthException { private void initUserId() { try { long maxUserId = this.accessor.loadUserId(); - if (maxUserId == -1 || maxUserId < 10000) { - nextUserId = 10000; + if (maxUserId == -1 || maxUserId < 9999) { + nextUserId = 9999; } else { nextUserId = maxUserId; } @@ -120,7 +120,7 @@ private void initUserId() { for (Map.Entry userEntry : entityMap.entrySet()) { User user = (User) userEntry.getValue(); if (user.getUserId() == -1) { - user.setUserId(nextUserId++); + user.setUserId(++nextUserId); } } } catch (IOException e) { From 58c7bcc172b9ba59021da578e7c1dfbb9b932897 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Sat, 20 Sep 2025 17:01:10 +0800 Subject: [PATCH 15/19] spotless --- .../confignode/persistence/schema/CNPhysicalPlanGenerator.java | 1 - .../confignode/persistence/schema/ConfigNodeSnapshotParser.java | 1 - .../main/java/org/apache/iotdb/db/auth/AuthorityChecker.java | 1 - .../main/java/org/apache/iotdb/commons/auth/entity/User.java | 2 +- 4 files changed, 1 insertion(+), 4 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java index 048c9ef98f4c..b81b14ef504b 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/CNPhysicalPlanGenerator.java @@ -103,7 +103,6 @@ public class CNPhysicalPlanGenerator private Exception latestException = null; private String userName; - public CNPhysicalPlanGenerator( final Path snapshotFilePath, final CNSnapshotFileType fileType, final String userName) throws IOException { diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java index aa97d8df4052..841264416946 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/persistence/schema/ConfigNodeSnapshotParser.java @@ -38,7 +38,6 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; -import java.util.Map; public class ConfigNodeSnapshotParser { private static final Logger LOGGER = LoggerFactory.getLogger(ConfigNodeSnapshotParser.class); diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java index 0aaab5a02013..a8f3adb45bb0 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java @@ -45,7 +45,6 @@ import org.apache.iotdb.db.queryengine.plan.relational.sql.ast.RelationalAuthorStatement; import org.apache.iotdb.db.queryengine.plan.statement.Statement; import org.apache.iotdb.db.queryengine.plan.statement.sys.AuthorStatement; -import org.apache.iotdb.rpc.RpcUtils; import org.apache.iotdb.rpc.TSStatusCode; import com.google.common.util.concurrent.SettableFuture; diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java index 78da059cde3c..d7963bc3d775 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/entity/User.java @@ -120,7 +120,7 @@ public TUserResp getUserInfo(ModelType modelType) { return resp; } - public TListUserInfo convertToListUserInfo( ) { + public TListUserInfo convertToListUserInfo() { TListUserInfo userInfo = new TListUserInfo(); userInfo.setUserId(userId); userInfo.setUsername(name); From 28b018653d9f531d5d9aa14ab85b51dfb23c6f22 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Sat, 20 Sep 2025 17:13:04 +0800 Subject: [PATCH 16/19] resolve conversation --- .../manager/pipe/source/ConfigRegionListeningQueue.java | 6 +++--- .../java/org/apache/iotdb/db/auth/AuthorityChecker.java | 2 +- .../apache/iotdb/commons/auth/role/BasicRoleManager.java | 1 - .../apache/iotdb/commons/auth/user/BasicUserManager.java | 8 ++++---- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java index 92ac3d083946..b70a039da441 100644 --- a/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java +++ b/iotdb-core/confignode/src/main/java/org/apache/iotdb/confignode/manager/pipe/source/ConfigRegionListeningQueue.java @@ -136,13 +136,13 @@ public synchronized void tryListenToSnapshots( && snapshotPath .toFile() .getName() - .equals(AuthorityChecker.SUPER_USER_ID + IoTDBConstant.PROFILE_SUFFIX) + .equals(AuthorityChecker.SUPER_USER_ID_IN_STR + IoTDBConstant.PROFILE_SUFFIX) || type == CNSnapshotFileType.USER_ROLE && snapshotPath .toFile() .getName() .equals( - AuthorityChecker.SUPER_USER_ID + AuthorityChecker.SUPER_USER_ID_IN_STR + LocalFileUserAccessor.ROLE_SUFFIX + IoTDBConstant.PROFILE_SUFFIX) || snapshotPath.toFile().getName().equals("user_id.profile")) { @@ -165,7 +165,7 @@ public synchronized void tryListenToSnapshots( .getPermissionManager() .getUserName(userId)); } catch (AuthException e) { - // ignore + LOGGER.warn("Failed to collect user name for user id {}", userId, e); } } events.add(curEvent); diff --git a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java index a8f3adb45bb0..17f216272643 100644 --- a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java +++ b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/AuthorityChecker.java @@ -72,7 +72,7 @@ public class AuthorityChecker { public static String SUPER_USER = CommonDescriptor.getInstance().getConfig().getAdminName(); - public static String SUPER_USER_ID = "0"; + public static String SUPER_USER_ID_IN_STR = "0"; public static final TSStatus SUCCEED = new TSStatus(TSStatusCode.SUCCESS_STATUS.getStatusCode()); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java index 2fd66e76bdce..f6804d3055c9 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/role/BasicRoleManager.java @@ -241,7 +241,6 @@ public List listAllEntitiesInfo() { List rtlist = new ArrayList<>(); for (Role r : entityMap.values()) { - // System.out.println(r.getRoleId()); TListUserInfo userInfo = new TListUserInfo(); userInfo.userId = ((User) r).getUserId(); userInfo.username = r.getName(); diff --git a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java index 3311f6acce50..3387796b6324 100644 --- a/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java +++ b/iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/auth/user/BasicUserManager.java @@ -111,7 +111,7 @@ private void initAdmin() throws AuthException { private void initUserId() { try { long maxUserId = this.accessor.loadUserId(); - if (maxUserId == -1 || maxUserId < 9999) { + if (maxUserId < 9999) { nextUserId = 9999; } else { nextUserId = maxUserId; @@ -124,7 +124,7 @@ private void initUserId() { } } } catch (IOException e) { - LOGGER.warn("meet error in load max userId."); + LOGGER.warn("meet error in load max userId.", e); throw new RuntimeException(e); } } @@ -165,8 +165,8 @@ public boolean createUser( } lock.writeLock(username); try { - long userid = 0; - if (username.equals("root")) { + long userid; + if (username.equals(CommonDescriptor.getInstance().getConfig().getAdminName())) { userid = 0; } else { userid = ++nextUserId; From 59ccd9a69d39e091001a3e00af85749b7e9be57d Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Sat, 20 Sep 2025 18:06:23 +0800 Subject: [PATCH 17/19] Update IoTDBRelationalAuthIT.java --- .../org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java index 8db3f4ff82ca..d3e05027cc12 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBRelationalAuthIT.java @@ -72,7 +72,8 @@ public void listUserPrivileges() throws SQLException { Statement userStmt = userCon.createStatement()) { ResultSet resultSet = userStmt.executeQuery("LIST USER"); Assert.assertTrue(resultSet.next()); - Assert.assertEquals("testuser", resultSet.getString(1)); + Assert.assertEquals("10000", resultSet.getString(1)); + Assert.assertEquals("testuser", resultSet.getString(2)); Assert.assertFalse(resultSet.next()); } adminStmt.execute("create database testdb"); From 395813e5d79e97e61ea8b7dbd098a2f13ab11a34 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Sat, 20 Sep 2025 19:21:49 +0800 Subject: [PATCH 18/19] Fix IT --- .../it/dual/treemodel/manual/IoTDBPipeMetaHistoricalIT.java | 4 ++-- .../pipe/it/dual/treemodel/manual/IoTDBPipePermissionIT.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipeMetaHistoricalIT.java b/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipeMetaHistoricalIT.java index 6d38f7f95bbb..2daa6cda9e61 100644 --- a/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipeMetaHistoricalIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipeMetaHistoricalIT.java @@ -230,8 +230,8 @@ public void testAuthInclusion() throws Exception { TestUtils.assertDataEventuallyOnEnv( receiverEnv, "list user of role `admin`", - ColumnHeaderConstant.USER + ",", - Collections.singleton("thulab,")); + ColumnHeaderConstant.USER_ID + "," + ColumnHeaderConstant.USER + ",", + Collections.singleton("10000,thulab,")); TestUtils.assertDataEventuallyOnEnv( receiverEnv, "list privileges of role `admin`", diff --git a/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipePermissionIT.java b/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipePermissionIT.java index 320dd7db7498..085ed30e7f3f 100644 --- a/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipePermissionIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/pipe/it/dual/treemodel/manual/IoTDBPipePermissionIT.java @@ -147,8 +147,8 @@ private void testWithSink(final String sink) throws Exception { TestUtils.assertDataEventuallyOnEnv( receiverEnv, "list user", - "User,", - new HashSet<>(Arrays.asList("root,", "user,", "thulab,"))); + "UserId,User,", + new HashSet<>(Arrays.asList("0,root,", "10001,user,", "10000,thulab,"))); final Set expectedResSet = new HashSet<>(); expectedResSet.add( "root.ln.wf02.wt01.temperature,null,root.ln,INT64,PLAIN,LZ4,null,null,null,null,BASE,"); From 1ea1a886665c5525feb134fce679f685326a11a4 Mon Sep 17 00:00:00 2001 From: Yongzao <532741407@qq.com> Date: Sat, 20 Sep 2025 20:26:47 +0800 Subject: [PATCH 19/19] Update IoTDBAuthIT.java --- .../src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java index 211f2f393799..c06658c14811 100644 --- a/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java +++ b/integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java @@ -99,7 +99,8 @@ public void allPrivilegesTest() throws SQLException { ResultSet resultSet = userStmt.executeQuery("LIST USER"); Assert.assertTrue(resultSet.next()); - Assert.assertEquals("tempuser", resultSet.getString(1)); + Assert.assertEquals("10000", resultSet.getString(1)); + Assert.assertEquals("tempuser", resultSet.getString(2)); Assert.assertFalse(resultSet.next()); resultSet = userStmt.executeQuery("LIST PRIVILEGES OF USER tempuser");