From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Roman Khabibov Subject: [PATCH 1/2] schema: add "_vcollation" sysview Date: Fri, 22 Mar 2019 03:27:36 +0300 Message-Id: <072d663ddcb586e1589eb0c44cba05e82e81c9d0.1553183293.git.roman.habibov@tarantool.org> In-Reply-To: References: In-Reply-To: References: To: tarantool-patches@freelists.org Cc: vdavydov.dev@gmail.com List-ID: Add "_vcollation" sysview to read it from net.box. This sysview is always readable, exept when the user doesn't have "public" role. Needed for #3941 --- src/box/bootstrap.snap | Bin 1831 -> 1873 bytes src/box/lua/space.cc | 2 + src/box/lua/upgrade.lua | 25 +++++++- src/box/schema.h | 4 ++ src/box/schema_def.h | 2 + src/box/sysview.c | 14 +++++ test/app-tap/tarantoolctl.test.lua | 4 +- test/box-py/bootstrap.result | 13 +++- test/box/access_misc.result | 4 ++ test/box/access_sysview.result | 96 ++++++++++++++++++++++++++--- test/box/access_sysview.test.lua | 30 +++++++++ test/box/alter.result | 6 +- 12 files changed, 187 insertions(+), 13 deletions(-) diff --git a/src/box/bootstrap.snap b/src/box/bootstrap.snap index 0bb446fb6903ac3ef630c419b909f7db3df0372a..c2f1ab54cf523d856f6ec3c093de38f3433f91cc 100644 GIT binary patch delta 1869 zcmV-T2eSC54$%&f8Gkc2Gc9LhIAb#~VK+B03Q2BrbYX5|WjY`*F*r72H8wOYIb$$p zEi^PTW-U25H)Sn0IW=KnGh$(6W@TjxRzqxWV{1AfdwmKD)w&D1%?8#0&bw;@prrr+ z0000ewJ-euP;E8LIKj*4QSetW zV(*kRxtU^;B)#mCct#+d0;MmfZ^lc_Gtu2g6V)zRXe$sZQ%V8e0NDWR03-sNr6raJ zQy2tCeR;0^2x8J~X$&h{p9J>lygNUGTubOrXFbcrtY3Bf%IeDiyf-!<6vu9A4#K?G zU*>w8z1Zq8FMr?fu*hf6!a5c-RK0w~G2Gt_h&~vul5`kM(Y`;HtRevKd-yh66UEE8hRLe_{iY+N6 zTrPCc$pXOApyl^qCi50)7{nbvX}5QeBo)^F!>;lEWMtmrH7g3{wV#hC(q?J7>LY&b z=i@c2$pMp2k1Fz>)uzE_X*u@iOgcTPu32js5Rq3_xtEPaGsB2}-qZP>m1cnx@)p$@ z1s!`=N`IY@V6(K;_`xttfnDoY9q!D&ap&d_)|my{|9#h4CVuBJC;G>p=a*Jx5HumL zti~MZn6*RI`C(9Hc0GpO^}x@nn$Dm8v&lVc$$-yilDD{wytN8bV6(IoF$>1K7{+iH zf~VN(`?XJKLLt&&?id8a?iSTHCTwtQ4XW0Z*ncc7g=$D}BRCN>AzU;d?98dom}Wk# zI9^S-k?|nYL54%jh8UZe8e7s(OBqTSU@pK|fT>VjLRc(kT|!qXiDt93BvGI)AuK=k zWIdih|GUTNOEn_mXl6D`%NiJVMc5NZ9nw}^$1IcQn*NPNng`}p=cMb5cjr3nZW7g% zQh&V(o24ZS^V8EYP{Vp&!-zx_k?B14<7F6_>abJConNqr-=a!Hg7+Qo*Z*Cfqtu3` zR2~sFOH0%B9d~-%{n9E=%w}mh^nH2vJF7dT&C+s=xjG-g?#^ls1Tt?C=fP%a6jt@i z*;JP2alBJ!lj88qk(gUyjF764X^T`H=6~MlQ8lym#i58C9UW<@LpDpx5`Dg(%zB&& z*(@yqSXy5kD#(6uX!4~9F|WiU00XSFZR+OguJAOPwAxV1G4K z>3p-Fk2g0zVTwwvFRo@s^>l2OmR^nkuAw40Ttsfnstq1Bcxcp}89O{RM@G&LP7E9v zI4@jRPK$CuQ7tyt5Q@b~=ah3=VNzjAVM1YTPSk;csNrB_s02n3fB*zQ5CHK72Pp@s zJQ85QK#Zd>j-dbuLl6ieD+d4o41dB2Ljbj4LKvHQ3*x7V)%m%aBY#6qm?M8ft`n~|rf)La>sie3*-NFCVC zdN(My zJ}>-{q}rnct5L8QvWr0{Tz|o5d}~s_N&6YP?x+6pB@HI` zT|V&=eCtlo^DzYgSiqw7m2@pavsQIz^@=guxp}gf!TK>BZ}>df@m6{Jo+Z3#AJJDQ@YgR7A!(#=;T4jg}(PJV)UG#z#=CWjbot zxG$|wscn`ArduQVn}05j4Slf_Ni;;;Yo#&&GtCzuaNZ*sca}Ubf(c28O_x{Oc>2#9c+0?YX$Qd)L%5UY0|y2mJ~waSo%3E}kP;AAd<9TH4k$+Wc~2~>Vuk@=~oVC-s%C=M@B9Y>BgM40uK++qjS H5UuSBuApZB delta 1827 zcmV+;2i*A44yO)~8GkZ0H7#c}H)3WoGdVK~Np5p=VQyn(Iv`^*Gd5&pFkvk=W@R@m zG%zzYEjT!4F)d?aGh{VnH8Wx{HDL-?Lu_wjYdRo%eF_TIx(m9^2Ce|k)s!0pr2qf` z001bpFZ}>eEj0jYM??=v;25U>Fw8KA5aR@KMG#m>L*QW(A%7yj2IH-OV2p`GQD8SB zQ<9aEzBH}eU*u^eqq>gJE=JE6+w)C1z1FnIIjXms%tRqmN&(pb)d1!IBbLvpo3p4b z$3!pY+ag{1#zxmGiG3RH&dZ>+ZNbR` zpw6Eex9|>YH{XtzHQT#Sk^+hT!LINAW-Yu!OH$Mbwx5e92V0%vs*4x4pNp2HrUpzp zEvj0!q%;h+I!CcTXVPg=Wl1{oBGj@o$}QM8Bymir=RJ*WNo5o`Y1ttflb~PEN}&`G zY;}(Met!nRRPJ2A>TXB&eLE+6uEwm`{_nfSv+z5YIngifJhwFpbAab@i@W%&WoNWx zpkLMoRpocHitJhhJL~1gDk6A9*~40q(R(o z&R}PU=!n2pXC@OgC1^+h(Ttc8F%x2|a|D_>aet;42STRiCG#Q1LrjMl4l90F6lh>( zU^c*LC}k*NC|#(PWP!ebu22$3lA&}|VXJc-#mpBFmKS%h7E7Q1-DUHI771}O6t+4? zq6~IJ*9%1r)>d7=ERtg){riSBFXL6`q-%V4=Njy+5|x!gJ(#V|k#%|LX<62>o!2p; z5r0M|bS~@ha4e^K?9^}PHt%pdM2kr9zTf@&Kg)3xqM#|XM`^2bBwycer^VfEjp~rL zI>(^z!@FA=&55wpIf}AZ=VI*GD1^?BN8)& zmV|6|j&($f$Qp!d5cf`tDq5v54h5u3mwzr==#Q<=ku;z0Z(%Lcd~9`&0P3VL4%K6S zC~}fk;L+h6{wAW^j?dthbvUQQu%s2nnRIB(@-9hfj;+p7#iv?@E}n5{#OONc81g)> z8{HJr;Q7|7W#x2N{6lzGUCn1d7iFEl_>pwNI1`So&Jo8)jTi-08rSUSVogmCn17-| zDU6%BK|LE=ougMHz$?fIjaLyJ8lBN2M@I(DiID??-n_VRVbj6}$L8i$RuqegTCu%? zP%2I-PAE<%Og1J|fo-VqTx6&OMi77i1war0(FF%F=!ymsV6Z@pqcDzv7zjfUiXs~a zKmZIv3N(mXFhZ*abuTo5t}r0bJb#VtMSW;5s(;`EhOL>ZG@V_Dw&p-8+e?Qb5ZH(U z8w&cNkRT-mlY5E*j$JyRR7_U;;{~ix4OzC?q3X4Ia+*1cr!ninwax4~%hK_LeTB&v zLjVBRs^4;QWQeYPv}dd-Dk13b>Y^0K&07c!{KzY;+^{zwba*L5k*TZ4R)2A5)rMV5 z1W#@}b)GGRnL+;xjWVvON?E8 zB&%*d-&__)6H<((ZgQw$7zx{+W69LE*&h?7B7a?Z;EnR68??zGSv7f?8y1z%Mw_woZ)_#d6LLT2tbG!rMPqA;^9qOVp6)w)Uk3 zWj-M@9sOHqC33{?D9#~wr0H7TN8Lc)Ob&^*Dez)Cm?wWjj;1n9Cw{1vsrpxC{ z>={t>jCkioCWhRtm4EX|*239%3IO;oK41!#Ues%p1qCUL?4u+J7ywZd0|9Dm~is&PHOHUGW6(y5)oZ3z2@GO5Ksw8hRS@Hb?aZr+0cGNIK z43t=2$s?w>#u23tKrzBb1(Hfa^nViid; filter = vspace_filter; break; + case BOX_VCOLLATION_ID: + source_space_id = BOX_COLLATION_ID; + source_index_id = def->iid; + filter = vcollation_filter; + break; case BOX_VUSER_ID: source_space_id = BOX_USER_ID; source_index_id = def->iid; diff --git a/test/app-tap/tarantoolctl.test.lua b/test/app-tap/tarantoolctl.test.lua index db046e03f..55484d0a8 100755 --- a/test/app-tap/tarantoolctl.test.lua +++ b/test/app-tap/tarantoolctl.test.lua @@ -388,8 +388,8 @@ do check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1", "\n", 3) check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1 --replica 2", "\n", 3) check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 2", "\n", 0) - check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 23) - check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 49) + check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 24) + check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 53) end) end) diff --git a/test/box-py/bootstrap.result b/test/box-py/bootstrap.result index 3e4394557..91dfd7929 100644 --- a/test/box-py/bootstrap.result +++ b/test/box-py/bootstrap.result @@ -4,7 +4,7 @@ box.internal.bootstrap() box.space._schema:select{} --- - - ['max_id', 511] - - ['version', 2, 1, 0] + - ['version', 2, 1, 2] ... box.space._cluster:select{} --- @@ -21,6 +21,10 @@ box.space._space:select{} 'name': 'name', 'type': 'string'}, {'name': 'owner', 'type': 'unsigned'}, {'name': 'type', 'type': 'string'}, {'name': 'locale', 'type': 'string'}, { 'name': 'opts', 'type': 'map'}]] + - [277, 1, '_vcollation', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'}, + {'name': 'name', 'type': 'string'}, {'name': 'owner', 'type': 'unsigned'}, { + 'name': 'type', 'type': 'string'}, {'name': 'locale', 'type': 'string'}, { + 'name': 'opts', 'type': 'map'}]] - [280, 1, '_space', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'engine', 'type': 'string'}, {'name': 'field_count', 'type': 'unsigned'}, {'name': 'flags', @@ -88,7 +92,11 @@ box.space._index:select{} --- - - [272, 0, 'primary', 'tree', {'unique': true}, [[0, 'string']]] - [276, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] - - [276, 1, 'name', 'tree', {'unique': true}, [[1, 'string']]] + - [276, 1, 'owner', 'tree', {'unique': false}, [[2, 'unsigned']]] + - [276, 2, 'name', 'tree', {'unique': true}, [[1, 'string']]] + - [277, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] + - [277, 1, 'owner', 'tree', {'unique': false}, [[2, 'unsigned']]] + - [277, 2, 'name', 'tree', {'unique': true}, [[1, 'string']]] - [280, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] - [280, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]] - [280, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]] @@ -158,6 +166,7 @@ box.space._priv:select{} - [1, 1, 'universe', 0, 4294967295] - [1, 2, 'function', 1, 4] - [1, 2, 'space', 276, 2] + - [1, 2, 'space', 277, 1] - [1, 2, 'space', 281, 1] - [1, 2, 'space', 286, 1] - [1, 2, 'space', 289, 1] diff --git a/test/box/access_misc.result b/test/box/access_misc.result index 4ffeb386a..e15075fff 100644 --- a/test/box/access_misc.result +++ b/test/box/access_misc.result @@ -761,6 +761,10 @@ box.space._space:select() 'name': 'name', 'type': 'string'}, {'name': 'owner', 'type': 'unsigned'}, {'name': 'type', 'type': 'string'}, {'name': 'locale', 'type': 'string'}, { 'name': 'opts', 'type': 'map'}]] + - [277, 1, '_vcollation', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'}, + {'name': 'name', 'type': 'string'}, {'name': 'owner', 'type': 'unsigned'}, { + 'name': 'type', 'type': 'string'}, {'name': 'locale', 'type': 'string'}, { + 'name': 'opts', 'type': 'map'}]] - [280, 1, '_space', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'engine', 'type': 'string'}, {'name': 'field_count', 'type': 'unsigned'}, {'name': 'flags', diff --git a/test/box/access_sysview.result b/test/box/access_sysview.result index fd8b14248..b65ac4352 100644 --- a/test/box/access_sysview.result +++ b/test/box/access_sysview.result @@ -74,6 +74,10 @@ session.su('guest') --- - true ... +#box.space._vspace.index[2]:select('_vcollation') ~= 0 +--- +- true +... #box.space._vindex:select(box.space._vspace.id) > 0 --- - true @@ -94,6 +98,10 @@ session.su('guest') --- - true ... +#box.space._vindex:select(box.space._vcollation.id) > 0 +--- +- true +... box.session.su('admin') --- ... @@ -127,6 +135,10 @@ box.session.su('guest') --- - error: Read access to space '_vsequence' is denied for user 'guest' ... +#box.space._vcollation:select{} +--- +- error: Read access to space '_vcollation' is denied for user 'guest' +... box.session.su('admin') --- ... @@ -138,11 +150,15 @@ box.session.su('guest') ... #box.space._vspace:select{} --- -- 8 +- 9 ... #box.space._vindex:select{} --- -- 20 +- 24 +... +#box.space._vcollation:select{} +--- +- 4 ... box.session.su('admin') --- @@ -230,11 +246,11 @@ box.session.su('guest') ... #box.space._vspace:select{} --- -- 24 +- 25 ... #box.space._vindex:select{} --- -- 50 +- 54 ... #box.space._vuser:select{} --- @@ -242,12 +258,16 @@ box.session.su('guest') ... #box.space._vpriv:select{} --- -- 15 +- 16 ... #box.space._vfunc:select{} --- - 1 ... +#box.space._vcollation:select{} +--- +- 4 +... box.session.su('admin') --- ... @@ -262,7 +282,7 @@ box.session.su('guest') ... #box.space._vindex:select{} --- -- 50 +- 54 ... #box.space._vuser:select{} --- @@ -270,7 +290,7 @@ box.session.su('guest') ... #box.space._vpriv:select{} --- -- 15 +- 16 ... #box.space._vfunc:select{} --- @@ -280,6 +300,10 @@ box.session.su('guest') --- - 0 ... +#box.space._vcollation:select{} +--- +- 4 +... box.session.su('admin') --- ... @@ -631,6 +655,64 @@ seq:drop() --- ... -- +-- _vcollation +-- +box.session.su('admin') +--- +... +box.internal.collation.create('test', 'ICU', 'ru-RU') +--- +... +-- Only admin can create collation. +coll_cnt = #box.space._collation:select{} +--- +... +box.schema.user.grant("guest", "read, write, alter, execute", "space", "_collation") +--- +... +box.session.su("guest") +--- +... +box.internal.collation.create('guest0', 'ICU', 'ru-RU') +--- +- error: Create access to collation 'guest0' is denied for user 'guest' +... +box.space._vcollation:select{} +--- +- - [0, 'none', 1, 'BINARY', '', {}] + - [1, 'unicode', 1, 'ICU', '', {}] + - [2, 'unicode_ci', 1, 'ICU', '', {'strength': 'primary'}] + - [3, 'binary', 1, 'BINARY', '', {}] + - [4, 'test', 1, 'ICU', 'ru-RU', {}] +... +#box.space._vcollation:select{} == coll_cnt +--- +- true +... +box.session.su('admin') +--- +... +-- _vcollation is readable anyway. +box.schema.user.revoke("guest", "read", "space", "_collation") +--- +... +box.session.su("guest") +--- +... +#box.space._vcollation:select{} +--- +- 5 +... +session.su('admin') +--- +... +box.internal.collation.drop('test') +--- +... +box.internal.collation.drop('guest0') +--- +... +-- -- view:alter() tests -- box.space._vspace.index[1]:alter({parts = { 2, 'string' }}) diff --git a/test/box/access_sysview.test.lua b/test/box/access_sysview.test.lua index 4cc5611a6..287b7bbbe 100644 --- a/test/box/access_sysview.test.lua +++ b/test/box/access_sysview.test.lua @@ -31,12 +31,14 @@ session.su('guest') #box.space._vspace.index[2]:select('_vuser') ~= 0 #box.space._vspace.index[2]:select('_vfunc') ~= 0 #box.space._vspace.index[2]:select('_vpriv') ~= 0 +#box.space._vspace.index[2]:select('_vcollation') ~= 0 #box.space._vindex:select(box.space._vspace.id) > 0 #box.space._vindex:select(box.space._vindex.id) > 0 #box.space._vindex:select(box.space._vuser.id) > 0 #box.space._vindex:select(box.space._vfunc.id) > 0 #box.space._vindex:select(box.space._vpriv.id) > 0 +#box.space._vindex:select(box.space._vcollation.id) > 0 box.session.su('admin') box.schema.user.revoke('guest', 'public') @@ -48,6 +50,7 @@ box.session.su('guest') #box.space._vpriv:select{} #box.space._vfunc:select{} #box.space._vsequence:select{} +#box.space._vcollation:select{} box.session.su('admin') box.schema.user.grant('guest', 'public') @@ -55,6 +58,7 @@ box.session.su('guest') #box.space._vspace:select{} #box.space._vindex:select{} +#box.space._vcollation:select{} box.session.su('admin') s = box.schema.space.create('test') @@ -96,6 +100,7 @@ box.session.su('guest') #box.space._vuser:select{} #box.space._vpriv:select{} #box.space._vfunc:select{} +#box.space._vcollation:select{} box.session.su('admin') box.schema.user.revoke('guest', 'read', 'universe') @@ -107,6 +112,7 @@ box.session.su('guest') #box.space._vpriv:select{} #box.space._vfunc:select{} #box.space._vsequence:select{} +#box.space._vcollation:select{} box.session.su('admin') box.schema.user.revoke('guest', 'write', 'universe') @@ -264,6 +270,30 @@ box.session.su("guest") session.su('admin') seq:drop() +-- +-- _vcollation +-- + +box.session.su('admin') +box.internal.collation.create('test', 'ICU', 'ru-RU') + +-- Only admin can create collation. +coll_cnt = #box.space._collation:select{} +box.schema.user.grant("guest", "read, write, alter, execute", "space", "_collation") +box.session.su("guest") +box.internal.collation.create('guest0', 'ICU', 'ru-RU') +box.space._vcollation:select{} +#box.space._vcollation:select{} == coll_cnt +box.session.su('admin') + +-- _vcollation is readable anyway. +box.schema.user.revoke("guest", "read", "space", "_collation") +box.session.su("guest") +#box.space._vcollation:select{} +session.su('admin') +box.internal.collation.drop('test') +box.internal.collation.drop('guest0') + -- -- view:alter() tests -- diff --git a/test/box/alter.result b/test/box/alter.result index 9a1086e0c..bbd4e41f2 100644 --- a/test/box/alter.result +++ b/test/box/alter.result @@ -183,7 +183,11 @@ _index:select{} --- - - [272, 0, 'primary', 'tree', {'unique': true}, [[0, 'string']]] - [276, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] - - [276, 1, 'name', 'tree', {'unique': true}, [[1, 'string']]] + - [276, 1, 'owner', 'tree', {'unique': false}, [[2, 'unsigned']]] + - [276, 2, 'name', 'tree', {'unique': true}, [[1, 'string']]] + - [277, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] + - [277, 1, 'owner', 'tree', {'unique': false}, [[2, 'unsigned']]] + - [277, 2, 'name', 'tree', {'unique': true}, [[1, 'string']]] - [280, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]] - [280, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]] - [280, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]] -- 2.17.2 (Apple Git-113)