User manager for graph layer #1842
Conversation
bright-starry-sky
requested review from
monadbobo,
dutor,
yixinglu,
darionyaphet,
sherman-the-tank,
CPWstatic,
critical27,
dangleptr,
laura-ding,
liuyu85cn and
panda-sheep
bright-starry-sky
added
ready-for-testing
|
Its better to use term Super Admin/User than GOD. |
|
Great job, LGTM |
src/parser/scanner.lex
Outdated
| @@ -157,6 +153,15 @@ SNAPSHOT ([Ss][Nn][Aa][Pp][Ss][Hh][Oo][Tt]) | |||
| SNAPSHOTS ([Ss][Nn][Aa][Pp][Ss][Hh][Oo][Tt][Ss]) | |||
| FORCE ([Ff][Oo][Rr][Cc][Ee]) | |||
| BIDIRECT ([Bb][Ii][Dd][Ii][Rr][Ee][Cc][Tt]) | |||
| MAX_QUERIES_PER_HOUR ([Mm][Aa][Xx][_][Qq][Uu][Ee][Rr][Ii][Ee][Ss][_][Pp][Ee][Rr][_][Hh][Oo][Uu][Rr]) | |||
There was a problem hiding this comment.
Actually, we don't need them anymore.
src/parser/test/ScannerTest.cpp
Outdated
| @@ -429,6 +421,26 @@ TEST(Scanner, Basic) { | |||
| CHECK_SEMANTIC_TYPE("SNAPSHOTS", TokenType::KW_SNAPSHOTS), | |||
| CHECK_SEMANTIC_TYPE("Snapshots", TokenType::KW_SNAPSHOTS), | |||
| CHECK_SEMANTIC_TYPE("snapshots", TokenType::KW_SNAPSHOTS), | |||
| CHECK_SEMANTIC_TYPE("MAX_QUERIES_PER_HOUR", TokenType::KW_MAX_QUERIES_PER_HOUR), | |||
src/interface/common.thrift
Outdated
| // encoded password | ||
| 4: optional string encoded_pwd, | ||
| // The number of queries an account can issue per hour | ||
| 5: optional i32 max_queries_per_hour, |
There was a problem hiding this comment.
We don't need them any more before we don't implement user's isolation.
There was a problem hiding this comment.
We don't need them any more before we don't implement user's isolation.
Good suggest !
Yes , They are useless here if we don't implement user's isolation.
I also hesitated to add these options at that time. Now, let me delete them.
src/interface/common.thrift
Outdated
| } | ||
|
|
||
| struct UserItem { | ||
| 1: required string account; |
There was a problem hiding this comment.
Do we have id for user?
I've removed user id . because we can using user name to keep the uniqueness for users.
src/interface/common.thrift
Outdated
|
|
||
| struct RoleItem { | ||
| 1: string user, | ||
| 2: string space, |
There was a problem hiding this comment.
ditto
fixed.
| return; | ||
| } | ||
| if (roleItem.get_role_type() == nebula::cpp2::RoleType::GOD) { | ||
| spaceId = kDefaultSpaceId; |
There was a problem hiding this comment.
Do we support to grant a user to be GOD?
There was a problem hiding this comment.
Do we support to grant a user to be GOD?
Only supported to grant a user to GOD in initialization phase.
We need to initialize a root user before the authority flag turn on.
| if (!ret.ok()) { | ||
| if (req.get_missing_ok()) { | ||
| if (req.get_if_exists()) { | ||
| handleErrorCode(cpp2::ErrorCode::SUCCEEDED); |
There was a problem hiding this comment.
Please recheck "handleErrorCode", IIRC "onFinished" has been called inside?
There was a problem hiding this comment.
Please recheck "handleErrorCode", IIRC "onFinished" has been called inside?
emm... seems It's works well now, "onFinished" have not call "handleErrorCode" inside.
| return Status::OK(); | ||
| } | ||
|
|
||
| void ChangePasswordExecutor::execute() { |
There was a problem hiding this comment.
Do we need "change password" Or just "resetPassword" ?
src/meta/MetaServiceUtils.cpp
Outdated
| std::string MetaServiceUtils::replaceUserVal(const nebula::cpp2::UserItem& user, | ||
| folly::StringPiece val) { | ||
| nebula::cpp2::UserItem oldUser; | ||
| apache::thrift::CompactSerializer::deserialize(val, oldUser); |
There was a problem hiding this comment.
Why not serialize the newUser and overwrite the old one directly
|
Refactored root user initialize logic. Now we have only one super user naming "root". |
| @@ -43,7 +43,19 @@ void DropSpaceProcessor::process(const cpp2::DropSpaceReq& req) { | |||
| deleteKeys.emplace_back(MetaServiceUtils::spaceKey(spaceId)); | |||
|
|
|||
| // delete related role data. | |||
| // TODO(boshengchen) delete related role data under the space | |||
| auto rolePrefix = MetaServiceUtils::roleSpacePrefix(spaceId); | |||
There was a problem hiding this comment.
Add some LOGs when deleting the users information.
There was a problem hiding this comment.
Add some LOGs when deleting the users information.
fixed.
| @@ -145,26 +129,6 @@ struct HostItem { | |||
| 4: map<string, list<common.PartitionID>> (cpp.template = "std::unordered_map") all_parts, | |||
| } | |||
|
|
|||
| struct UserItem { | |||
There was a problem hiding this comment.
We don't need it any more?
There was a problem hiding this comment.
I don't think we need it any more, currently we only have one item of password, we can storage it direct.
If there are new elements in the future, we can add this struct at that time.
| /** | ||
| * Only leader part needed. | ||
| */ | ||
| auto ret = kvstore->partLeader(nebula::meta::kDefaultSpaceId, |
There was a problem hiding this comment.
Please check the logic on real cluster
There was a problem hiding this comment.
Please check the logic on real cluster
Yes, I've simple tested two meta nodes on virtual machines.
I will do complete integration test at later.
| LOG(ERROR) << "Create User Failed :" << user.get_account() << " have existed"; | ||
| handleErrorCode(cpp2::ErrorCode::E_EXISTED); | ||
| LOG(ERROR) << "Create User Failed : User " << account | ||
| << " have existed!"; |
* push filter down traverse rule * fix conflicts * fix tck * fix exists func Co-authored-by: jie.wang <38901892+jievince@users.noreply.github.com>
User manager for graph layer.