[Auth].Fix error when check role and fix cache refresh token.

integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBAuthIT.java

@@ -382,6 +382,12 @@ public void rolePrivilegeTest() throws SQLException {
         adminStmt.execute("CREATE ROLE admin");
         adminStmt.execute("GRANT MANAGE_DATABASE,WRITE_SCHEMA,WRITE_DATA on root.** TO ROLE admin");
         adminStmt.execute("GRANT ROLE admin TO tempuser");
+        adminStmt.execute("CREATE ROLE admin_temp");
+
+        // tempuser can get privileges of his role
+        userStmt.execute("LIST PRIVILEGES OF ROLE admin");
+        Assert.assertThrows(
+            SQLException.class, () -> userStmt.execute("LIST PRIVILEGS OF ROLE admin_temp"));
 
         userStmt.execute("CREATE DATABASE root.a");
         userStmt.execute("CREATE TIMESERIES root.a.b WITH DATATYPE=INT32,ENCODING=PLAIN");

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/auth/ClusterAuthorityFetcher.java

@@ -377,6 +377,7 @@ public void refreshToken() {
     if (currentTime - heartBeatTimeStamp > CONFIG.getDatanodeTokenTimeoutMS()) {
       cacheOutDate = true;
     }
+    heartBeatTimeStamp = currentTime;
   }
 
   private void checkCacheAvailable() {
@@ -430,7 +431,7 @@ public boolean checkRole(String userName, String roleName) {
     checkCacheAvailable();
     User user = iAuthorCache.getUserCache(userName);
     if (user != null) {
-      return user.isOpenIdUser() || user.getRoleList().contains(userName);
+      return user.isOpenIdUser() || user.getRoleList().contains(roleName);
     } else {
       return checkRoleFromConfigNode(userName, roleName);
     }
@@ -485,6 +486,13 @@ private List<Integer> checkPathFromConfigNode(
 
   private boolean checkRoleFromConfigNode(String username, String rolename) {
     TAuthorizerReq req = new TAuthorizerReq();
+    // just reuse authorizer request. only need username and rolename field.
+    req.setAuthorType(0);
+    req.setPassword("");
+    req.setNewPassword("");
+    req.setNodeNameList(AuthUtils.serializePartialPathList(Collections.emptyList()));
+    req.setPermissions(Collections.emptySet());
+    req.setGrantOpt(false);
     req.setUserName(username);
     req.setRoleName(rolename);
     TPermissionInfoResp permissionInfoResp;

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/statement/sys/AuthorStatement.java

@@ -315,7 +315,7 @@ public TSStatus checkPermissionBeforeProcess(String userName) {
         }
         return AuthorityChecker.getOptTSStatus(
             AuthorityChecker.checkGrantOption(userName, privilegeList, nodeNameList),
-            "Has no permission to "
+            "Has no permission to execute"
                 + authorType
                 + ", please ensure you have these privileges and the grant option is TRUE when granted");
 
@@ -326,7 +326,7 @@ public TSStatus checkPermissionBeforeProcess(String userName) {
         }
         return AuthorityChecker.getOptTSStatus(
             AuthorityChecker.checkGrantOption(userName, privilegeList, nodeNameList),
-            "Has no permission to "
+            "Has no permission to execute "
                 + authorType
                 + ", please ensure you have these privileges and the grant option is TRUE when granted");
       default: