Tarantool development patches archive
 help / color / mirror / Atom feed
From: Ilya Markov <imarkov@tarantool.org>
To: georgy@tarantool.org
Cc: tarantool-patches@freelists.org
Subject: [tarantool-patches] [security 1/3] box: Add system view for _sequence system space
Date: Wed, 28 Mar 2018 11:09:25 +0300	[thread overview]
Message-ID: <3f5051442aa740d81a73a0fdd02517c2319098c9.1522224470.git.imarkov@tarantool.org> (raw)
In-Reply-To: <cover.1522224470.git.imarkov@tarantool.org>
In-Reply-To: <cover.1522224470.git.imarkov@tarantool.org>

Introduce _vsequence system space.

Prerequisite of #3250
---
 src/box/bootstrap.snap             | Bin 1504 -> 1540 bytes
 src/box/lua/space.cc               |   2 +
 src/box/lua/upgrade.lua            |  34 +++++++++++-----
 src/box/schema.h                   |  13 +++----
 src/box/schema_def.h               |   2 +
 src/box/sysview_index.c            |  28 ++++++++++++++
 test/app-tap/tarantoolctl.test.lua |   4 +-
 test/box-py/bootstrap.result       |  11 +++++-
 test/box/access_misc.result        |   5 +++
 test/box/access_sysview.result     |  77 +++++++++++++++++++++++++++++++++----
 test/box/access_sysview.test.lua   |  28 +++++++++++++-
 test/box/alter.result              |   3 ++
 test/xlog/upgrade.result           |  11 +++++-
 13 files changed, 189 insertions(+), 29 deletions(-)

diff --git a/src/box/bootstrap.snap b/src/box/bootstrap.snap
index 85579a7c1fa829b6739a333bbd8003d8ab6b4858..b610828c9c9ae9a22acdd8c150c16c6838b7a273 100644
GIT binary patch
delta 1537
zcmV+c2LAcr3xo`i6@M`>E-)=LFfC_eH#agdIWh`KZgX^DZewLSAUR=UVKrqjHZ3z_
zW@arkW@b1oVK`<mEnzrjHZ(I~WjSRsWC~V8Y;R+0Iv{&7Iv_WF3JTS_3%bn(hycza
zBY(A}0000004TLD{Qyw?D*y&P)=JP8aRLBeJcwM)BGF(z1b>7x@aA+-<K_*})i*Fo
z_hd%YAUl;JC7GYL^1Ee&z>{-2bM)F^DFIB#Mpl`zk^qgjr*`I;FO*VB0l)yb0LuU(
z{zlP8%KCnNGoIjUSLV9x0ke>t9X;lbMREMRAvF}>bMQP2>zYgF-MQ^aS+C{j?4URu
z_OKJf{`GP1R)13}&<{=o;96?RHiqR*-d^3Me|O%)BY)lyi*hYBcLbq9LIqEKaQw0^
zZ*_+Y-D{~y3sgO3zCU*JaV<52DiD}G91OG7YpEH+tW@1hH`C!?onm58ty2hM)v0UA
zd?yg&)(q}I7bp8WFU9XR<5DW6Oj2@GE?l7}M4HenL4UC{Cu7%myKb?(N$;#31KNIG
zrWRaF%~vlmZ9gx)v!YUbe7X!{o~@b`TuaTeKlkzJGW5<`O0dHr*qA&s&koLmI(xR-
zasWuo8&XLIuBB!v;@COs81#zNl>*mNQ{xxMu_b=8e|`8n`^KH0I9O*G&wkf;op0oK
zUIU`P)PM2Z^QkHXZa&AjjNfA3t&RrZz43`*dkk$ZEQV*-<@kA^_&NO1*`?q1<3CJt
z&sIeOuB9f4VLZH(V=bZ1FZ+4<@`5wAj?_xyN+Wuz4UG+}Mnq+WV1ZbDSb11=nAvQ%
zqFr|_HSerPH<OY{#iUdy4k#E@%7ij)&@sJ~PJbm0*HTlbl!3!A<4i53S<3~I1yTi)
z%ZuaJ3I&x3Dx6Boh-E|?tyn8ksWY7<RU|<aq1Ms0)C`H}Oh?I=I<hWpJpOmD(Uc0b
z!?i#FzvKP-T^`RwetH<GHV>|)=B(pSm%DpDwZ_4<)GTLSPi2K-d6TOK*HZIcFXmX@
zq<@dszsJ!UfBpj?%&#7EP|1WHKB2-6pSmzqox<?raFR)V4F2%S#YvrUEE_B}Dh<}P
zu{ASRGEy;2Ft`^a7j@L)T58%*1v)K@s>j?vU4}ij(ztF#P*4z)T5~NmMfCapSk`5a
zifgHfVrivuU5fo=$<NAy;>#lW`={O$FMp1^_GPhElD2AT9Lj{wFc6=$mbjLhAY9>#
zlyQ+}#fdLNj2nL=bJ0=cikpwUVn|Z>#ZM%DeLg()^Rm|Ym#(u?8iyirEj4Lqu;8g<
zfgq^STx3iM%m4s@04M+<21hAoMGq2yz&MJdFbZH821E!r3Jn+m0KtKfpa`HA41Yp~
zyc6BI3qu$KYT3207JFeYj>@?c6V#)WgjHk@yH_}i!Xcvw@q-YDq2fo$3reJAyii23
z#R+gFD1gV6oJTd(ZT3r&o5zCbY$~e7BhW6T0>`OjbXmB$N#x&Irn6E}G+QdV21aj)
z*Q?IqN=PecZ=%PXqqffww8kMDXMcvH+lcy9EmFYZkd`T6b4(V=0Ndi2BI(*;4tmF)
z<n(`~-a8<kdTXoB-G6fM?~&W*-dY{XX%WchK_DAuK}u%|q|m?{+Jlh53vF|F_Sk-~
zw^~{Sp24P<UVN)efGG*)<T|sH`Hni`$|kt@^ciXZpt=O8Bsz`2sLy&&W`8sKYs7TJ
zFiWjjN7El4Zo8JCG3uLX&}ghSic*cC7O1fjwmGdtk|Re5WF*cf|NT8HgpyzAoeEN%
zrHKM2GSNAM9q}x*77=lAl!w(m0_)(JRFf)i){a4KKrCRol`*=wWGI9MlE353vJKCi
z@wRhjVFu(fbM8d3fFY-~eR@AR*>KUFb`PMr;8q8DGq_+p!cgu}^2RjfloDN<L;ma(
zy?sY7c|?<ev*az@&jfPL$Vb9%@#Une@T6*ACI3iv9=$uN0K4X8665(jRHW5XQ}Orq
ntXkIy@%_k{U|^;OD*azr*Oo^POSq0q;OiJYNhYHl)ex=i+4b68

delta 1501
zcmV<31tR){4B!ip6@ND_HZ3tSHZ5l{Gh{S1W?~9SZgX^DZewLSATT*%GB{>7I4v?^
zVq+~dWiw+fI5T5mEi_^|W??inGh<?6FbY;fY;R+0Iv{&7Iv_B83JTS_3%bn(WB|@)
z><Wpc0000004TLD{QywiDgXw2(n;VJsQ@s{FvAQ}GO{f!<$nl63F7EpK{z~Ux=TWc
zJtPfFWGV?MiTdf@&ooWyc5xY4aCRkmX-kxhEYo0<aNCcq(+Qg&lu}9oz5ufT#{l3>
zl=c0(CM;R6U771K$I3%)a&(yc1;G%1MCeL@&ry5W)i#&TyYt(NvTnP<*)eT8>|y1F
z{R{ICM^z{fkbmw2z}891_J!pw;$GdQe|Mhak?}{QqS!jg9YSi9SW%<T3USsWj^=bL
z*49a;q);7ZzCVWhVe2G&C=V-tHWzlIwobAXbHX@<Nhwo`G(wT?YE(MOm`2{olNsSs
z>9jhbNEM#!?|cL?Zq}*LIh&~52)QI|^uTd4!vv+yn}1#3?ZU<K7Qd3B6wvnbk)&el
zBwu~JwEcYiO6n!}f%VvmeK#sXVCy8u{`?2lW9utv=s-?qU|+G!wH%vg>HOX3O95La
zIf6G<&iZA2MraEGTPLaSgJHM=vFu;?;<E4Cd1-TXhSm1FzUzz=zjIp<{iBZOpAKai
zQ1dy)Wq%wO`*0K_;O>3P3)^Aq=DJ|3?0O9G#{xgMc64^>zX5rCMgHCBC&kuDiWgSn
zT?}pD#bGpT=?t@<k1#Mc;R*?*v@RqfM`?th0fOcORe4aQQmE7^)nRt4D4B^e**Zx(
z^MNXnVn`&C=W+00ypd>wNP{RtNE8a$I!T-mhJWtDth4Y^VfI4d#qX<S0!zp8!r}sw
z0BQlT)cT1)XE;je2f_zL>BrVdt~{7CoFzZ%$a=i-_}|?&RVYtR_u_!{{qEQA`gks~
z<KqaW(ZJS8&iciA-2Ky`G%L1Fa-4lRs$vk!TTCsmb&~ITFvs#1b-s=t$12?U4+Gw6
zg?~#jrrS!bOrwiSs1Yu`X@pldW`yd{LdC37UWF%g)~RN=$e=M)7DlCck#a$5A!5<d
zP|ylnCs|i0Pgzw^9p;Yp*veH(>rg3rdU~2r6t+(CGoSB|Wj*Fj*g8p+Iw`F~nb<Fm
zyreEAa0bQSJJgbRFx)nr!PO|<Xr*=DjDOBB)-5Sj**eJ(uGUMGad3tO3amlKjjxft
z=$^=;=3}o|64HI~k$7KNhsS<C+B*NyRnkf8yb-oea;8R$T7eR%(O6`V5|{x100B?{
z5e7#oXEqNKfWSD4qc93#7zShrIEoDz0f4|DBp?E)1pt(+1#`>UjE15I%VGcyz<&Wa
z$QXFc<Qi{LQNQl6%M9tHCF(*T4iMrnEc_q|O=%>CcgH=bml{!d3<y@G>7@<T%zpKH
z`_WgcL7{DVJ_31g>o~iN20?a@Um$T7Tqd6{))vPg!Ef;v`<nH=NKq}k%SaQy+i~43
z5#taz2dvS<imHzQKN1eUsP=%t#(&b0GvQ6rku%{<mX5Ay>zz9Ylo8nw!lygLGz2<f
zu~d>mo@ml(2tm(lVN@L;2ew5WAP4p^1nJqxvX5R``A=xyq(1fAk)VGGygDkgwfhdc
z;>srYwe%|7>P@f&bDLgw)~Lg8`e7)c(kSqIAfuaGhNeFvV7u-?Oya6>kbi6Z64j8#
zaE)6N4AVs^F6AH^OvH)*<newD=$+jcYUqSCXX{$Jp^OkP*wM?9<|4u;N6{W8N0#D`
zi8`Y^B(7542KWKfu~)puA&GSWVg&4Sg=Wg|OSun@X&)XHYz#f|Ilyzloe=rWvJjBM
zG@c-N;WW*dhEBjk4t0{P>sGi|!nkGND)QPlG8fT#?-83VTAuWZJjsl!^&bg;<vT(Z
zh}R57Vm#M}2D-vv>Oc>eRalM2zneM<7tw0q)BmA$EeX`Hj_U{pzT(%Dgn`Qe)ex=i
DF`dsL

diff --git a/src/box/lua/space.cc b/src/box/lua/space.cc
index 29a9aca..071818a 100644
--- a/src/box/lua/space.cc
+++ b/src/box/lua/space.cc
@@ -429,6 +429,8 @@ box_lua_space_init(struct lua_State *L)
 	lua_setfield(L, -2, "SEQUENCE_ID");
 	lua_pushnumber(L, BOX_SEQUENCE_DATA_ID);
 	lua_setfield(L, -2, "SEQUENCE_DATA_ID");
+	lua_pushnumber(L, BOX_VSEQUENCE_ID);
+	lua_setfield(L, -2, "VSEQUENCE_ID");
 	lua_pushnumber(L, BOX_SPACE_SEQUENCE_ID);
 	lua_setfield(L, -2, "SPACE_SEQUENCE_ID");
 	lua_pushnumber(L, BOX_SYSTEM_ID_MIN);
diff --git a/src/box/lua/upgrade.lua b/src/box/lua/upgrade.lua
index 01f9cd6..5891619 100644
--- a/src/box/lua/upgrade.lua
+++ b/src/box/lua/upgrade.lua
@@ -839,6 +839,15 @@ local function initial_1_7_5()
     _schema:insert({'version', 1, 7, 5})
 end
 
+local sequence_format = {{name = 'id', type = 'unsigned'},
+                         {name = 'owner', type = 'unsigned'},
+                         {name = 'name', type = 'string'},
+                         {name = 'step', type = 'integer'},
+                         {name = 'min', type = 'integer'},
+                         {name = 'max', type = 'integer'},
+                         {name = 'start', type = 'integer'},
+                         {name = 'cache', type = 'integer'},
+                         {name = 'cycle', type = 'boolean'}}
 --------------------------------------------------------------------------------
 -- Tarantool 1.7.6
 local function create_sequence_space()
@@ -850,16 +859,7 @@ local function create_sequence_space()
     local MAP = setmap({})
 
     log.info("create space _sequence")
-    _space:insert{_sequence.id, ADMIN, '_sequence', 'memtx', 0, MAP,
-                  {{name = 'id', type = 'unsigned'},
-                   {name = 'owner', type = 'unsigned'},
-                   {name = 'name', type = 'string'},
-                   {name = 'step', type = 'integer'},
-                   {name = 'min', type = 'integer'},
-                   {name = 'max', type = 'integer'},
-                   {name = 'start', type = 'integer'},
-                   {name = 'cache', type = 'integer'},
-                   {name = 'cycle', type = 'boolean'}}}
+    _space:insert{_sequence.id, ADMIN, '_sequence', 'memtx', 0, MAP, sequence_format}
     log.info("create index _sequence:primary")
     _index:insert{_sequence.id, 0, 'primary', 'tree', {unique = true}, {{0, 'unsigned'}}}
     log.info("create index _sequence:owner")
@@ -950,6 +950,19 @@ local function upgrade_to_1_7_7()
     _priv:replace({ADMIN, SUPER, 'universe', 0, 4294967295})
 end
 
+--------------------------------------------------------------------------------
+--- Tarantool 1.10.0
+--------------------------------------------------------------------------------
+local function create_vsequence_space()
+    create_sysview(box.schema.SEQUENCE_ID, box.schema.VSEQUENCE_ID)
+    box.space._vsequence:format(sequence_format)
+end
+
+local function upgrade_to_1_10_0()
+    create_vsequence_space()
+end
+
+
 local function get_version()
     local version = box.space._schema:get{'version'}
     if version == nil then
@@ -975,6 +988,7 @@ local function upgrade(options)
         {version = mkversion(1, 7, 5), func = upgrade_to_1_7_5, auto = true},
         {version = mkversion(1, 7, 6), func = upgrade_to_1_7_6, auto = false},
         {version = mkversion(1, 7, 7), func = upgrade_to_1_7_7, auto = true},
+        {version = mkversion(1, 10, 0), func = upgrade_to_1_10_0, auto = true},
     }
 
     for _, handler in ipairs(handlers) do
diff --git a/src/box/schema.h b/src/box/schema.h
index 56f39b3..2b87f5f 100644
--- a/src/box/schema.h
+++ b/src/box/schema.h
@@ -97,6 +97,12 @@ space_foreach(int (*func)(struct space *sp, void *udata), void *udata);
 const char *
 schema_find_name(enum schema_object_type type, uint32_t object_id);
 
+/**
+ * Find a sequence by id. Return NULL if the sequence was
+ * not found.
+ */
+struct sequence *
+sequence_by_id(uint32_t id);
 #if defined(__cplusplus)
 } /* extern "C" */
 
@@ -178,13 +184,6 @@ bool
 schema_find_grants(const char *type, uint32_t id);
 
 /**
- * Find a sequence by id. Return NULL if the sequence was
- * not found.
- */
-struct sequence *
-sequence_by_id(uint32_t id);
-
-/**
  * A wrapper around sequence_by_id() that raises an exception
  * if the sequence was not found in the cache.
  */
diff --git a/src/box/schema_def.h b/src/box/schema_def.h
index d0de175..dd3aae2 100644
--- a/src/box/schema_def.h
+++ b/src/box/schema_def.h
@@ -78,6 +78,8 @@ enum {
 	BOX_SEQUENCE_ID = 284,
 	/** Space id of _sequence_data. */
 	BOX_SEQUENCE_DATA_ID = 285,
+	/** Space id of _vspace view. */
+	BOX_VSEQUENCE_ID = 286,
 	/** Space id of _index. */
 	BOX_INDEX_ID = 288,
 	/** Space id of _vindex view. */
diff --git a/src/box/sysview_index.c b/src/box/sysview_index.c
index 0bec302..bf0442b 100644
--- a/src/box/sysview_index.c
+++ b/src/box/sysview_index.c
@@ -33,6 +33,7 @@
 #include <small/mempool.h>
 #include "fiber.h"
 #include "schema.h"
+#include "sequence.h"
 #include "space.h"
 #include "func.h"
 #include "tuple.h"
@@ -258,6 +259,28 @@ vfunc_filter(struct space *source, struct tuple *tuple)
 	return false;
 }
 
+static bool
+vsequence_filter(struct space *source, struct tuple *tuple)
+{
+	struct credentials *cr = effective_user();
+	if ((PRIV_R | PRIV_X) & cr->universal_access)
+		return true; /* read or execute access to unverse */
+	if (PRIV_R & source->access[cr->auth_token].effective)
+		return true; /* read access to original space */
+
+	uint32_t id;
+	if (tuple_field_u32(tuple, BOX_SEQUENCE_FIELD_ID, &id) != 0)
+		return false;
+	struct sequence *sequence = sequence_by_id(id);
+	if (sequence == NULL)
+		return false;
+	uint8_t effective = sequence->access[cr->auth_token].effective;
+	if (sequence->def->uid == cr->uid || ((PRIV_W | PRIV_R) & effective))
+		return true;
+	return false;
+}
+
+
 struct sysview_index *
 sysview_index_new(struct sysview_engine *sysview,
 		  struct index_def *def, const char *space_name)
@@ -299,6 +322,11 @@ sysview_index_new(struct sysview_engine *sysview,
 		source_index_id = def->iid;
 		filter = vpriv_filter;
 		break;
+	case BOX_VSEQUENCE_ID:
+		source_space_id = BOX_SEQUENCE_ID;
+		source_index_id = def->iid;
+		filter = vsequence_filter;
+		break;
 	default:
 		diag_set(ClientError, ER_MODIFY_INDEX,
 			 def->name, space_name,
diff --git a/test/app-tap/tarantoolctl.test.lua b/test/app-tap/tarantoolctl.test.lua
index d757530..6946c83 100755
--- a/test/app-tap/tarantoolctl.test.lua
+++ b/test/app-tap/tarantoolctl.test.lua
@@ -338,8 +338,8 @@ do
             check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1", "\n", 3)
             check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 1 --replica 2", "\n", 3)
             check_ctlcat_xlog(test_i, dir, "--from=3 --to=6 --format=json --show-system --replica 2", "\n", 0)
-            check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 17)
-            check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 40)
+            check_ctlcat_snap(test_i, dir, "--space=280", "---\n", 18)
+            check_ctlcat_snap(test_i, dir, "--space=288", "---\n", 43)
         end)
     end)
 
diff --git a/test/box-py/bootstrap.result b/test/box-py/bootstrap.result
index 5e51aa2..16c2027 100644
--- a/test/box-py/bootstrap.result
+++ b/test/box-py/bootstrap.result
@@ -5,7 +5,7 @@ box.space._schema:select{}
 ---
 - - ['cluster', '<cluster uuid>']
   - ['max_id', 511]
-  - ['version', 1, 7, 7]
+  - ['version', 1, 10, 0]
 ...
 box.space._cluster:select{}
 ---
@@ -33,6 +33,11 @@ box.space._space:select{}
       {'name': 'cycle', 'type': 'boolean'}]]
   - [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
       {'name': 'value', 'type': 'integer'}]]
+  - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+      {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+        'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+        'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+        'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
   - [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
         'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
         'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
@@ -79,6 +84,9 @@ box.space._index:select{}
   - [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
   - [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+  - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [288, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
   - [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
   - [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
@@ -129,6 +137,7 @@ box.space._priv:select{}
   - [1, 2, 'function', 1, 4]
   - [1, 2, 'space', 276, 2]
   - [1, 2, 'space', 281, 1]
+  - [1, 2, 'space', 286, 1]
   - [1, 2, 'space', 289, 1]
   - [1, 2, 'space', 297, 1]
   - [1, 2, 'space', 305, 1]
diff --git a/test/box/access_misc.result b/test/box/access_misc.result
index 328603a..3a56a4c 100644
--- a/test/box/access_misc.result
+++ b/test/box/access_misc.result
@@ -752,6 +752,11 @@ box.space._space:select()
       {'name': 'cycle', 'type': 'boolean'}]]
   - [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
       {'name': 'value', 'type': 'integer'}]]
+  - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+      {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+        'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+        'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+        'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
   - [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
         'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
         'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
diff --git a/test/box/access_sysview.result b/test/box/access_sysview.result
index 63e30af..340ed21 100644
--- a/test/box/access_sysview.result
+++ b/test/box/access_sysview.result
@@ -123,6 +123,10 @@ box.session.su('guest')
 ---
 - error: Read access to space '_vfunc' is denied for user 'guest'
 ...
+#box.space._vsequence:select{}
+---
+- error: Read access to space '_vsequence' is denied for user 'guest'
+...
 box.session.su('admin')
 ---
 ...
@@ -134,11 +138,11 @@ box.session.su('guest')
 ...
 #box.space._vspace:select{}
 ---
-- 7
+- 8
 ...
 #box.space._vindex:select{}
 ---
-- 17
+- 20
 ...
 box.session.su('admin')
 ---
@@ -226,11 +230,11 @@ box.session.su('guest')
 ...
 #box.space._vspace:select{}
 ---
-- 18
+- 19
 ...
 #box.space._vindex:select{}
 ---
-- 41
+- 44
 ...
 #box.space._vuser:select{}
 ---
@@ -238,7 +242,7 @@ box.session.su('guest')
 ...
 #box.space._vpriv:select{}
 ---
-- 14
+- 15
 ...
 #box.space._vfunc:select{}
 ---
@@ -258,7 +262,7 @@ box.session.su('guest')
 ...
 #box.space._vindex:select{}
 ---
-- 41
+- 44
 ...
 #box.space._vuser:select{}
 ---
@@ -272,6 +276,10 @@ box.session.su('guest')
 ---
 - 1
 ...
+#box.space._vsequence:select{}
+---
+- 0
+...
 box.session.su('admin')
 ---
 ...
@@ -564,11 +572,66 @@ box.session.su('guest')
 - true
 ...
 --
--- view:alter() tests
+-- _vsequence
 --
+box.session.su('admin')
+---
+...
+seq = box.schema.sequence.create('test')
+---
+...
+-- read access to original sequence also allow to read a view
+seq_cnt = #box.space._sequence:select{}
+---
+...
+box.schema.user.grant("guest", "read", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+#box.space._vsequence:select{} == seq_cnt
+---
+- true
+...
+box.session.su('admin')
+---
+...
+box.schema.user.revoke("guest", "read", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+cnt = #box.space._vsequence:select{}
+---
+...
+cnt < seq_cnt
+---
+- true
+...
 session.su('admin')
 ---
 ...
+box.schema.user.grant("guest", "write", "sequence", "test")
+---
+...
+box.session.su("guest")
+---
+...
+#box.space._vsequence:select{} == cnt + 1
+---
+- true
+...
+session.su('admin')
+---
+...
+seq:drop()
+---
+...
+--
+-- view:alter() tests
+--
 box.space._vspace.index[1]:alter({parts = { 2, 'string' }})
 ---
 ...
diff --git a/test/box/access_sysview.test.lua b/test/box/access_sysview.test.lua
index ac7c179..7955ffc 100644
--- a/test/box/access_sysview.test.lua
+++ b/test/box/access_sysview.test.lua
@@ -47,6 +47,7 @@ box.session.su('guest')
 #box.space._vuser:select{}
 #box.space._vpriv:select{}
 #box.space._vfunc:select{}
+#box.space._vsequence:select{}
 
 box.session.su('admin')
 box.schema.user.grant('guest', 'public')
@@ -105,6 +106,7 @@ box.session.su('guest')
 #box.space._vuser:select{}
 #box.space._vpriv:select{}
 #box.space._vfunc:select{}
+#box.space._vsequence:select{}
 
 box.session.su('admin')
 box.schema.user.revoke('guest', 'write', 'universe')
@@ -238,10 +240,34 @@ box.session.su('guest')
 #box.space._vfunc:select{} == cnt
 
 --
--- view:alter() tests
+-- _vsequence
 --
 
+box.session.su('admin')
+seq = box.schema.sequence.create('test')
+
+-- read access to original sequence also allow to read a view
+seq_cnt = #box.space._sequence:select{}
+box.schema.user.grant("guest", "read", "sequence", "test")
+box.session.su("guest")
+#box.space._vsequence:select{} == seq_cnt
+box.session.su('admin')
+
+box.schema.user.revoke("guest", "read", "sequence", "test")
+box.session.su("guest")
+cnt = #box.space._vsequence:select{}
+cnt < seq_cnt
+session.su('admin')
+box.schema.user.grant("guest", "write", "sequence", "test")
+box.session.su("guest")
+#box.space._vsequence:select{} == cnt + 1
 session.su('admin')
+seq:drop()
+
+--
+-- view:alter() tests
+--
+
 box.space._vspace.index[1]:alter({parts = { 2, 'string' }})
 box.space._vspace.index[1]:select('xxx')
 box.space._vspace.index[1]:select(1)
diff --git a/test/box/alter.result b/test/box/alter.result
index 347de47..49d5c39 100644
--- a/test/box/alter.result
+++ b/test/box/alter.result
@@ -194,6 +194,9 @@ _index:select{}
   - [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
   - [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+  - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [288, 0, 'primary', 'tree', 1, 2, 0, 'unsigned', 1, 'unsigned']
   - [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
   - [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
diff --git a/test/xlog/upgrade.result b/test/xlog/upgrade.result
index 113c066..f02996b 100644
--- a/test/xlog/upgrade.result
+++ b/test/xlog/upgrade.result
@@ -36,7 +36,7 @@ box.space._schema:select()
 ---
 - - ['cluster', '<server_uuid>']
   - ['max_id', 513]
-  - ['version', 1, 7, 7]
+  - ['version', 1, 10, 0]
 ...
 box.space._space:select()
 ---
@@ -60,6 +60,11 @@ box.space._space:select()
       {'name': 'cycle', 'type': 'boolean'}]]
   - [285, 1, '_sequence_data', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'},
       {'name': 'value', 'type': 'integer'}]]
+  - [286, 1, '_vsequence', 'sysview', 0, {}, [{'name': 'id', 'type': 'unsigned'},
+      {'name': 'owner', 'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {
+        'name': 'step', 'type': 'integer'}, {'name': 'min', 'type': 'integer'}, {
+        'name': 'max', 'type': 'integer'}, {'name': 'start', 'type': 'integer'}, {
+        'name': 'cache', 'type': 'integer'}, {'name': 'cycle', 'type': 'boolean'}]]
   - [288, 1, '_index', 'memtx', 0, {}, [{'name': 'id', 'type': 'unsigned'}, {'name': 'iid',
         'type': 'unsigned'}, {'name': 'name', 'type': 'string'}, {'name': 'type',
         'type': 'string'}, {'name': 'opts', 'type': 'map'}, {'name': 'parts', 'type': 'array'}]]
@@ -109,6 +114,9 @@ box.space._index:select()
   - [284, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
   - [284, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [285, 0, 'primary', 'hash', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned']]]
+  - [286, 1, 'owner', 'tree', {'unique': false}, [[1, 'unsigned']]]
+  - [286, 2, 'name', 'tree', {'unique': true}, [[2, 'string']]]
   - [288, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
   - [288, 2, 'name', 'tree', {'unique': true}, [[0, 'unsigned'], [2, 'string']]]
   - [289, 0, 'primary', 'tree', {'unique': true}, [[0, 'unsigned'], [1, 'unsigned']]]
@@ -173,6 +181,7 @@ box.space._priv:select()
   - [1, 2, 'function', 2, 4]
   - [1, 2, 'space', 276, 2]
   - [1, 2, 'space', 281, 1]
+  - [1, 2, 'space', 286, 1]
   - [1, 2, 'space', 289, 1]
   - [1, 2, 'space', 297, 1]
   - [1, 2, 'space', 305, 1]
-- 
2.7.4

  reply	other threads:[~2018-03-28  8:09 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-28  8:09 [tarantool-patches] [security 0/3] System space access check lists Ilya Markov
2018-03-28  8:09 ` Ilya Markov [this message]
2018-03-28  8:09 ` [tarantool-patches] [security 2/3] security: Refactor reads from systems spaces Ilya Markov
2018-03-28  8:09 ` [tarantool-patches] [security 3/3] security: Refactor system space access checks Ilya Markov
2018-03-29  7:36 [tarantool-patches] [security 0/3] System space access check lists Ilya Markov
2018-03-29  7:36 ` [tarantool-patches] [security 1/3] box: Add system view for _sequence system space Ilya Markov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3f5051442aa740d81a73a0fdd02517c2319098c9.1522224470.git.imarkov@tarantool.org \
    --to=imarkov@tarantool.org \
    --cc=georgy@tarantool.org \
    --cc=tarantool-patches@freelists.org \
    --subject='Re: [tarantool-patches] [security 1/3] box: Add system view for _sequence system space' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox