[tarantool-patches] [security 1/3] box: Add system view for _sequence system space
Ilya Markov
imarkov at tarantool.org
Thu Mar 29 10:36:59 MSK 2018
Introduce _vsequence system space.
Prerequisite of #3250
---
src/box/bootstrap.snap | Bin 1504 -> 1540 bytes
src/box/lua/space.cc | 2 +
src/box/lua/upgrade.lua | 34 +++++++++++-----
src/box/schema.h | 13 +++----
src/box/schema_def.h | 2 +
src/box/sysview_index.c | 28 ++++++++++++++
test/app-tap/tarantoolctl.test.lua | 4 +-
test/box-py/bootstrap.result | 11 +++++-
test/box/access_misc.result | 5 +++
test/box/access_sysview.result | 77 +++++++++++++++++++++++++++++++++----
test/box/access_sysview.test.lua | 28 +++++++++++++-
test/box/alter.result | 3 ++
test/xlog/upgrade.result | 11 +++++-
13 files changed, 189 insertions(+), 29 deletions(-)
diff --git a/src/box/bootstrap.snap b/src/box/bootstrap.snap
index 85579a7c1fa829b6739a333bbd8003d8ab6b4858..b610828c9c9ae9a22acdd8c150c16c6838b7a273 100644
GIT binary patch
delta 1537
zcmV+c2LAcr3xo`i6 at M`>E-)=LFfC_eH#agdIWh`KZgX^DZewLSAUR=UVKrqjHZ3z_
zW at arkW@b1oVK`<mEnzrjHZ(I~WjSRsWC~V8Y;R+0Iv{&7Iv_WF3JTS_3%bn(hycza
zBY(A}0000004TLD{Qyw?D*y&P)=JP8aRLBeJcwM)BGF(z1b>7x at aA+-<K_*})i*Fo
z_hd%YAUl;JC7GYL^1Ee&z>{-2bM)F^DFIB#Mpl`zk^qgjr*`I;FO*VB0l)yb0LuU(
z{zlP8%KCnNGoIjUSLV9x0ke>t9X;lbMREMRAvF}>bMQP2>zYgF-MQ^aS+C{j?4URu
z_OKJf{`GP1R)13}&<{=o;96?RHiqR*-d^3Me|O%)BY)lyi*hYBcLbq9LIqEKaQw0^
zZ*_+Y-D{~y3sgO3zCU*JaV<52DiD}G91OG7YpEH+tW at 1hH`C!?onm58ty2hM)v0UA
zd?yg&)(q}I7bp8WFU9XR<5DW6Oj2 at GE?l7}M4HenL4UC{Cu7%myKb?(N$;#31KNIG
zrWRaF%~vlmZ9gx)v!YUbe7X!{o~@b`TuaTeKlkzJGW5<`O0dHr*qA&s&koLmI(xR-
zasWuo8&XLIuBB!v;@COs81#zNl>*mNQ{xxMu_b=8e|`8n`^KH0I9O*G&wkf;op0oK
zUIU`P)PM2Z^QkHXZa&AjjNfA3t&RrZz43`*dkk$ZEQV*-<@kA^_&NO1*`?q1<3CJt
z&sIeOuB9f4VLZH(V=bZ1FZ+4<@`5wAj?_xyN+Wuz4UG+}Mnq+WV1ZbDSb11=nAvQ%
zqFr|_HSerPH<OY{#iUdy4k#E@%7ij)&@sJ~PJbm0*HTlbl!3!A<4i53S<3~I1yTi)
z%ZuaJ3I&x3Dx6Boh-E|?tyn8ksWY7<RU|<aq1Ms0)C`H}Oh?I=I<hWpJpOmD(Uc0b
z!?i#FzvKP-T^`RwetH<GHV>|)=B(pSm%DpDwZ_4<)GTLSPi2K-d6TOK*HZIcFXmX@
zq<@dszsJ!UfBpj?%EP|1WHKB2-6pSmzqox<?raFR)V4F2%S#YvrUEE_B}Dh<}P
zu{ASRGEy;2Ft`^a7j at L)T58%*1v)K at s>j?vU4}ij(ztF#P*4z)T5~NmMfCapSk`5a
zifgHfVrivuU5fo=$<NAy;>#lW`={O$FMp1^_GPhElD2AT9Lj{wFc6=$mbjLhAY9>#
zlyQ+}#fdLNj2nL=bJ0=cikpwUVn|Z>#ZM%DeLg()^Rm|Ym#(u?8iyirEj4Lqu;8g<
zfgq^STx3iM%m4s at 04M+<21hAoMGq2yz&MJdFbZH821E!r3Jn+m0KtKfpa`HA41Yp~
zyc6BI3qu$KYT3207JFeYj>@?c6V#)WgjHk at yH_}i!Xcvw at q-YDq2fo$3reJAyii23
z#R+gFD1gV6oJTd(ZT3r&o5zCbY$~e7BhW6T0>`OjbXmB$N#x&Irn6E}G+QdV21aj)
z*Q?IqN=PecZ=%PXqqffww8kMDXMcvH+lcy9EmFYZkd`T6b4(V=0Ndi2BI(*;4tmF)
z<n(`~-a8<kdTXoB-G6fM?~&W*-dY{XX%WchK_DAuK}u%|q|m?{+Jlh53vF|F_Sk-~
zw^~{Sp24P<UVN)efGG*)<T|sH`Hni`$|kt@^ciXZpt=O8Bsz`2sLy&&W`8sKYs7TJ
zFiWjjN7El4Zo8JCG3uLX&}ghSic*cC7O1fjwmGdtk|Re5WF*cf|NT8HgpyzAoeEN%
zrHKM2GSNAM9q}x*77=lAl!w(m0_)(JRFf)i){a4KKrCRol`*=wWGI9MlE353vJKCi
z at wRhjVFu(fbM8d3fFY-~eR at AR*>KUFb`PMr;8q8DGq_+p!cgu}^2RjfloDN<L;ma(
zy?sY7c|?<ev*az@&jfPL$Vb9%@#Une at T6*ACI3iv9=$uN0K4X8665(jRHW5XQ}Orq
ntXkIy@%_k{U|^;OD*azr*Oo^POSq0q;OiJYNhYHl)ex=i+4b68
delta 1501
zcmV<31tR){4B!ip6 at ND_HZ3tSHZ5l{Gh{S1W?~9SZgX^DZewLSATT*%GB{>7I4v?^
zVq+~dWiw+fI5T5mEi_^|W??inGh<?6FbY;fY;R+0Iv{&7Iv_B83JTS_3%bn(WB|@)
z><Wpc0000004TLD{QywiDgXw2(n;VJsQ at s{FvAQ}GO{f!<$nl63F7EpK{z~Ux=TWc
zJtPfFWGV?MiTdf@&ooWyc5xY4aCRkmX-kxhEYo0<aNCcq(+Qg&lu}9oz5ufT#{l3>
zl=c0(CM;R6U771K$I3%)a&(yc1;G%1MCeL@&ry5W)i#&TyYt(NvTnP<*)eT8>|y1F
z{R{ICM^z{fkbmw2z}891_J!pw;$GdQe|Mhak?}{QqS!jg9YSi9SW%<T3USsWj^=bL
z*49a;q);7ZzCVWhVe2G&C=V-tHWzlIwobAXbHX@<Nhwo`G(wT?YE(MOm`2{olNsSs
z>9jhbNEM#!?|cL?Zq}*LIh&~52)QI|^uTd4!vv+yn}1#3?ZU<K7Qd3B6wvnbk)&el
zBwu~JwEcYiO6n!}f%VvmeK#sXVCy8u{`?2lW9utv=s-?qU|+G!wH%vg>HOX3O95La
zIf6G<&iZA2MraEGTPLaSgJHM=vFu;?;<E4Cd1-TXhSm1FzUzz=zjIp<{iBZOpAKai
zQ1dy)Wq%wO`*0K_;O>3P3)^Aq=DJ|3?0O9G#{xgMc64^>zX5rCMgHCBC&kuDiWgSn
zT?}pD#bGpT=?t@<k1#Mc;R*?*v at RqfM`?th0fOcORe4aQQmE7^)nRt4D4B^e**Zx(
z^MNXnVn`&C=W+00ypd>wNP{RtNE8a$I!T-mhJWtDth4Y^VfI4d#qX<S0!zp8!r}sw
z0BQlT)cT1)XE;je2f_zL>BrVdt~{7CoFzZ%$a=i-_}|?&RVYtR_u_!{{qEQA`gks~
z<KqaW(ZJS8&iciA-2Ky`G%L1Fa-4lRs$vk!TTCsmb&~ITFvs#1b-s=t$12?U4+Gw6
zg?~#jrrS!bOrwiSs1Yu`X at pldW`yd{LdC37UWF%g)~RN=$e=M)7DlCck#a$5A!5<d
zP|ylnCs|i0Pgzw^9p;Yp*veH(>rg3rdU~2r6t+(CGoSB|Wj*Fj*g8p+Iw`F~nb<Fm
zyreEAa0bQSJJgbRFx)nr!PO|<Xr*=DjDOBB)-5Sj**eJ(uGUMGad3tO3amlKjjxft
z=$^=;=3}o|64HI~k$7KNhsS<C+B*NyRnkf8yb-oea;8R$T7eR%(O6`V5|{x100B?{
z5e7#oXEqNKfWSD4qc93#7zShrIEoDz0f4|DBp?E)1pt(+1#`>UjE15I%VGcyz<&Wa
z$QXFc<Qi{LQNQl6%M9tHCF(*T4iMrnEc_q|O=%>CcgH=bml{!d3<y at G>7@<T%zpKH
z`_WgcL7{DVJ_31g>o~iN20?a at Um$T7Tqd6{))vPg!Ef;v`<nH=NKq}k%SaQy+i~43
z5#taz2dvS<imHzQKN1eUsP=%t#(&b0GvQ6rku%{<mX5Ay>zz9Ylo8nw!lygLGz2<f
zu~d>mo at ml(2tm(lVN at L;2ew5WAP4p^1nJqxvX5R``A=xyq(1fAk)VGGygDkgwfhdc
z;>srYwe%|7>P at f&bDLgw)~Lg8`e7)c(kSqIAfuaGhNeFvV7u-?Oya6>kbi6Z64j8#
zaE)6N4AVs^F6AH^OvH)*<newD=$+jcYUqSCXX{$Jp^OkP*wM?9<|4u;N6{W8N0#D`
zi8`Y^B(7542KWKfu~)puA&GSWVg&4Sg=Wg|OSun at X&)XHYz#f|Ilyzloe=rWvJjBM
zG at c-N;WW*dhEBjk4t0{P>sGi|!nkGND)QPlG8fT#?-83VTAuWZJjsl!^&bg;<vT(Z
zh}R57Vm#M}2D-vv>Oc>eRalM2zneM<7tw0q)BmA$EeX`Hj_U{pzT(%Dgn`Qe)ex=i
DF`dsL
diff --git a/src/box/lua/space.cc b/src/box/lua/space.cc
index 29a9aca..071818a 100644
--- a/src/box/lua/space.cc
+++ b/src/box/lua/space.cc
@@ -429,6 +429,8 @@ box_lua_space_init(struct lua_State *L)
lua_setfield(L, -2, "SEQUENCE_ID");
lua_pushnumber(L, BOX_SEQUENCE_DATA_ID);
lua_setfield(L, -2, "SEQUENCE_DATA_ID");
+ lua_pushnumber(L, BOX_VSEQUENCE_ID);
+ lua_setfield(L, -2, "VSEQUENCE_ID");
lua_pushnumber(L, BOX_SPACE_SEQUENCE_ID);
lua_setfield(L, -2, "SPACE_SEQUENCE_ID");
lua_pushnumber(L, BOX_SYSTEM_ID_MIN);
diff --git a/src/box/lua/upgrade.lua b/src/box/lua/upgrade.lua
index 01f9cd6..5891619 100644
--- a/src/box/lua/upgrade.lua
+++ b/src/box/lua/upgrade.lua
@@ -839,6 +839,15 @@ local function initial_1_7_5()
_schema:insert({'version', 1, 7, 5})
end
+local sequence_format = {{name = 'id', type = 'unsigned'},
+ {name = 'owner', type = 'unsigned'},
+ {name = 'name', type = 'string'},
+ {name = 'step', type = 'integer'},
+ {name = 'min', type = 'integer'},
+ {name = 'max', type = 'integer'},
+ {name = 'start', type = 'integer'},
+ {name = 'cache', type = 'integer'},
+ {name = 'cycle', type = 'boolean'}}
--------------------------------------------------------------------------------
-- Tarantool 1.7.6
local function create_sequence_space()
@@ -850,16 +859,7 @@ local function create_sequence_space()
local MAP = setmap({})
log.info("create space _sequence")
- _space:insert{_sequence.id, ADMIN, '_sequence', 'memtx', 0, MAP,
- {{name = 'id', type = 'unsigned'},
- {name = 'owner', type = 'unsigned'},
- {name = 'name', type = 'string'},
- {name = 'step', type = 'integer'},
- {name = 'min', type = 'integer'},
- {name = 'max', type = 'integer'},
- {name = 'start', type = 'integer'},
- {name = 'cache', type = 'integer'},
- {name = 'cycle', type = 'boolean'}}}
+ _space:insert{_sequence.id, ADMIN, '_sequence', 'memtx', 0, MAP, sequence_format}
log.info("create index _sequence:primary")
_index:insert{_sequence.id, 0, 'primary', 'tree', {unique = true}, {{0, 'unsigned'}}}
log.info("create index _sequence:owner")
@@ -950,6 +950,19 @@ local function upgrade_to_1_7_7()
_priv:replace({ADMIN, SUPER, 'universe', 0, 4294967295})
end
+--------------------------------------------------------------------------------
+--- Tarantool 1.10.0
+--------------------------------------------------------------------------------
+local function create_vsequence_space()
+ create_sysview(box.schema.SEQUENCE_ID, box.schema.VSEQUENCE_ID)
+ box.space._vsequence:format(sequence_format)
+end
+
+local function upgrade_to_1_10_0()
+ create_vsequence_space()
+end
+
+
local function get_version()
local version = box.space._schema:get{'version'}
if version == nil then
@@ -975,6 +988,7 @@ local function upgrade(options)
{version = mkversion(1, 7, 5), func = upgrade_to_1_7_5, auto = true},
{version = mkversion(1, 7, 6), func = upgrade_to_1_7_6, auto = false},
{version = mkversion(1, 7, 7), func = upgrade_to_1_7_7, auto = true},
+ {version = mkversion(1, 10, 0), func = upgrade_to_1_10_0, auto = true},
}
for _, handler in ipairs(handlers) do
diff --git a/src/box/schema.h b/src/box/schema.h
index 56f39b3..2b87f5f 100644
--- a/src/box/schema.h
+++ b/src/box/schema.h
@@ -97,6 +97,12 @@ space_foreach(int (*func)(struct space *sp, void *udata), void *udata);
const char *
schema_find_name(enum schema_object_type type, uint32_t object_id);
+/**
+ * Find a sequence by id. Return NULL if the sequence was
+ * not found.
+ */
+struct sequence *
+sequence_by_id(uint32_t id);
#if defined(__cplusplus)
} /* extern "C" */
@@ -178,13 +184,6 @@ bool
schema_find_grants(const char *type, uint32_t id);
/**
- * Find a sequence by id. Return NULL if the sequence was
- * not found.
- */
-struct sequence *
-sequence_by_id(uint32_t id);
-
-/**
* A wrapper around sequence_by_id() that raises an exception
* if the sequence was not found in the cache.
*/
diff --git a/src/box/schema_def.h b/src/box/schema_def.h
index d0de175..dd3aae2 100644
--- a/src/box/schema_def.h
+++ b/src/box/schema_def.h
@@ -78,6 +78,8 @@ enum {
BOX_SEQUENCE_ID = 284,
/** Space id of _sequence_data. */
BOX_SEQUENCE_DATA_ID = 285,
+ /** Space id of _vspace view. */
+ BOX_VSEQUENCE_ID = 286,
/** Space id of _index. */
BOX_INDEX_ID = 288,
/** Space id of _vindex view. */
diff --git a/src/box/sysview_index.c b/src/box/sysview_index.c
index 0bec302..bf0442b 100644
--- a/src/box/sysview_index.c
+++ b/src/box/sysview_index.c
@@ -33,6 +33,7 @@
#include <small/mempool.h>
#include "fiber.h"
#include "schema.h"
+#include "sequence.h"
#include "space.h"
#include "func.h"
#include "tuple.h"
@@ -258,6 +259,28 @@ vfunc_filter(struct space *source, struct tuple *tuple)
return false;
}
+static bool
+vsequence_filter(struct space *source, struct tuple *tuple)
+{
+ struct credentials *cr = effective_user();
+ if ((PRIV_R | PRIV_X) & cr->universal_access)
+ return true; /* read or execute access to unverse */
+ if (PRIV_R & source->access[cr->auth_token].effective)
+ return true; /* read access to original space */
+
+ uint32_t id;
+ if (tuple_field_u32(tuple, BOX_SEQUENCE_FIELD_ID, &id) != 0)
+ return false;
+ struct sequence *sequence = sequence_by_id(id);
+ if (sequence == NULL)
+ return false;
+ uint8_t effective = sequence->access[cr->auth_token].effective;
+ if (sequence->def->uid == cr->uid || ((PRIV_W | PRIV_R) & effective))
+ return true;
+ return false;
+}
+
+
struct sysview_index *
sysview_index_new(struct sysview_engine *sysview,
struct index_def *def, const char *space_name)
@@ -299,6 +322,11 @@ sysview_index_new(struct sysview_engine *sysview,
source_index_id = def->iid;
filter = vpriv_filter;
break;
+ case BOX_VSEQUENCE_ID:
+ source_space_id = BOX_SEQUENCE_ID;
+ source_index_id = def->iid;
+ filter = vsequence_filter;
+ break;
default:
diag_set(ClientError, ER_MODIFY_INDEX,
def->name, space_name,
diff --git a/test/app-tap/tarantoolctl.test.lua b/test/app-tap/tarantoolctl.test.lua
index d757530..6946c83 100755
--- a/test/app-tap/tarantoolctl.test.lua
+++ b/test/app-tap/tarantoolctl.test.lua
@@ -338,8 +338,8 @@ do
check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1", "\n", 3)
check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1 --replica 2", "\n", 3)
check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 2", "\n", 0)
- check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 17)
- check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 40)
+ check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 18)
+ check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 43)
end)
end)
diff --git a/test/box-py/bootstrap.result b/test/box-py/bootstrap.result
index 5e51aa2..16c2027 100644
--- a/test/box-py/bootstrap.result
+++ b/test/box-py/bootstrap.result
@@ -5,7 +5,7 @@ box.space._schema:select{}
---
- - ['cluster', '<cluster uuid>']
- ['max_id', 511]
- - ['version', 1, 7, 7]
+ - ['version', 1, 10, 0]
...
box.space._cluster:select{}
---
@@ -33,6 +33,11 @@ box.space._space:select{}
{'name': 'cycle', 'type': 'boolean'}]]
- [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
{'name': 'value', 'type': 'integer'}]]
+ - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+ {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+ 'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+ 'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+ 'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
- [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
@@ -79,6 +84,9 @@ box.space._index:select{}
- [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
- [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+ - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [288, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
- [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
- [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
@@ -129,6 +137,7 @@ box.space._priv:select{}
- [1, 2, 'function', 1, 4]
- [1, 2, 'space', 276, 2]
- [1, 2, 'space', 281, 1]
+ - [1, 2, 'space', 286, 1]
- [1, 2, 'space', 289, 1]
- [1, 2, 'space', 297, 1]
- [1, 2, 'space', 305, 1]
diff --git a/test/box/access_misc.result b/test/box/access_misc.result
index 328603a..3a56a4c 100644
--- a/test/box/access_misc.result
+++ b/test/box/access_misc.result
@@ -752,6 +752,11 @@ box.space._space:select()
{'name': 'cycle', 'type': 'boolean'}]]
- [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
{'name': 'value', 'type': 'integer'}]]
+ - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+ {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+ 'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+ 'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+ 'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
- [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
diff --git a/test/box/access_sysview.result b/test/box/access_sysview.result
index 63e30af..340ed21 100644
--- a/test/box/access_sysview.result
+++ b/test/box/access_sysview.result
@@ -123,6 +123,10 @@ box.session.su('guest')
---
- error: Read access to space '_vfunc' is denied for user 'guest'
...
+#box.space._vsequence:select{}
+---
+- error: Read access to space '_vsequence' is denied for user 'guest'
+...
box.session.su('admin')
---
...
@@ -134,11 +138,11 @@ box.session.su('guest')
...
#box.space._vspace:select{}
---
-- 7
+- 8
...
#box.space._vindex:select{}
---
-- 17
+- 20
...
box.session.su('admin')
---
@@ -226,11 +230,11 @@ box.session.su('guest')
...
#box.space._vspace:select{}
---
-- 18
+- 19
...
#box.space._vindex:select{}
---
-- 41
+- 44
...
#box.space._vuser:select{}
---
@@ -238,7 +242,7 @@ box.session.su('guest')
...
#box.space._vpriv:select{}
---
-- 14
+- 15
...
#box.space._vfunc:select{}
---
@@ -258,7 +262,7 @@ box.session.su('guest')
...
#box.space._vindex:select{}
---
-- 41
+- 44
...
#box.space._vuser:select{}
---
@@ -272,6 +276,10 @@ box.session.su('guest')
---
- 1
...
+#box.space._vsequence:select{}
+---
+- 0
+...
box.session.su('admin')
---
...
@@ -564,11 +572,66 @@ box.session.su('guest')
- true
...
--
--- view:alter() tests
+-- _vsequence
--
+box.session.su('admin')
+---
+...
+seq = box.schema.sequence.create('test')
+---
+...
+-- read access to original sequence also allow to read a view
+seq_cnt = #box.space._sequence:select{}
+---
+...
+box.schema.user.grant("guest", "read", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+#box.space._vsequence:select{} == seq_cnt
+---
+- true
+...
+box.session.su('admin')
+---
+...
+box.schema.user.revoke("guest", "read", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+cnt = #box.space._vsequence:select{}
+---
+...
+cnt < seq_cnt
+---
+- true
+...
session.su('admin')
---
...
+box.schema.user.grant("guest", "write", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+#box.space._vsequence:select{} == cnt + 1
+---
+- true
+...
+session.su('admin')
+---
+...
+seq:drop()
+---
+...
+--
+-- view:alter() tests
+--
box.space._vspace.index[1]:alter({parts = { 2, 'string' }})
---
...
diff --git a/test/box/access_sysview.test.lua b/test/box/access_sysview.test.lua
index ac7c179..7955ffc 100644
--- a/test/box/access_sysview.test.lua
+++ b/test/box/access_sysview.test.lua
@@ -47,6 +47,7 @@ box.session.su('guest')
#box.space._vuser:select{}
#box.space._vpriv:select{}
#box.space._vfunc:select{}
+#box.space._vsequence:select{}
box.session.su('admin')
box.schema.user.grant('guest', 'public')
@@ -105,6 +106,7 @@ box.session.su('guest')
#box.space._vuser:select{}
#box.space._vpriv:select{}
#box.space._vfunc:select{}
+#box.space._vsequence:select{}
box.session.su('admin')
box.schema.user.revoke('guest', 'write', 'universe')
@@ -238,10 +240,34 @@ box.session.su('guest')
#box.space._vfunc:select{} == cnt
--
--- view:alter() tests
+-- _vsequence
--
+box.session.su('admin')
+seq = box.schema.sequence.create('test')
+
+-- read access to original sequence also allow to read a view
+seq_cnt = #box.space._sequence:select{}
+box.schema.user.grant("guest", "read", "sequence", "test")
+box.session.su("guest")
+#box.space._vsequence:select{} == seq_cnt
+box.session.su('admin')
+
+box.schema.user.revoke("guest", "read", "sequence", "test")
+box.session.su("guest")
+cnt = #box.space._vsequence:select{}
+cnt < seq_cnt
+session.su('admin')
+box.schema.user.grant("guest", "write", "sequence", "test")
+box.session.su("guest")
+#box.space._vsequence:select{} == cnt + 1
session.su('admin')
+seq:drop()
+
+--
+-- view:alter() tests
+--
+
box.space._vspace.index[1]:alter({parts = { 2, 'string' }})
box.space._vspace.index[1]:select('xxx')
box.space._vspace.index[1]:select(1)
diff --git a/test/box/alter.result b/test/box/alter.result
index 347de47..49d5c39 100644
--- a/test/box/alter.result
+++ b/test/box/alter.result
@@ -194,6 +194,9 @@ _index:select{}
- [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
- [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+ - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [288, 0, 'primary', 'tree', 1, 2, 0, 'unsigned', 1, 'unsigned']
- [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
- [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
diff --git a/test/xlog/upgrade.result b/test/xlog/upgrade.result
index 113c066..f02996b 100644
--- a/test/xlog/upgrade.result
+++ b/test/xlog/upgrade.result
@@ -36,7 +36,7 @@ box.space._schema:select()
---
- - ['cluster', '<server_uuid>']
- ['max_id', 513]
- - ['version', 1, 7, 7]
+ - ['version', 1, 10, 0]
...
box.space._space:select()
---
@@ -60,6 +60,11 @@ box.space._space:select()
{'name': 'cycle', 'type': 'boolean'}]]
- [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
{'name': 'value', 'type': 'integer'}]]
+ - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+ {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+ 'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+ 'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+ 'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
- [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
@@ -109,6 +114,9 @@ box.space._index:select()
- [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
- [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+ - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+ - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
- [288, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
- [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
- [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
@@ -173,6 +181,7 @@ box.space._priv:select()
- [1, 2, 'function', 2, 4]
- [1, 2, 'space', 276, 2]
- [1, 2, 'space', 281, 1]
+ - [1, 2, 'space', 286, 1]
- [1, 2, 'space', 289, 1]
- [1, 2, 'space', 297, 1]
- [1, 2, 'space', 305, 1]
--
2.7.4
More information about the Tarantool-patches
mailing list