Skip to content

Commit

Permalink
fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@dataroaring
dataroaring committed Sep 12, 2024
1 parent 78609f6 commit ae8d0cc
Show file tree
Hide file tree
Showing 8 changed files with 52 additions and 19 deletions.
18 changes: 13 additions & 5 deletions be/src/agent/heartbeat_server.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ Status HeartbeatServer::_heartbeat(const TMasterInfo& master_info) {
}

if (master_info.__isset.meta_service_endpoint != config::is_cloud_mode()) {
return Status::InvalidArgument(
return Status::InvalidArgument<false>(
"fe and be do not work in same mode, fe cloud mode: {},"
" be cloud mode: {}",
master_info.__isset.meta_service_endpoint, config::is_cloud_mode());
Expand All @@ -261,13 +261,21 @@ Status HeartbeatServer::_heartbeat(const TMasterInfo& master_info) {
}

if (config::cluster_id == -1 && master_info.cluster_id != -1) {
auto st = config::set_config("cluster_id", std::to_string(master_info.cluster_id),
true);
auto st = config::set_config("cluster_id", std::to_string(master_info.cluster_id), true);
config::set_cloud_unique_id(std::to_string(master_info.cluster_id));
LOG(INFO) << "set config cluster_id " << master_info.cluster_id << " "
<< st;
LOG(INFO) << "set config cluster_id " << master_info.cluster_id << " " << st;
}

if (config::cluster_id != master_info.cluster_id && master_info.cluster_id != -1) {
LOG(WARNING) << "fe and be run in different cluster, fe in cluster_id: "
<< master_info.cluster_id << " while be in cluster_id: "
<< config::cluster_id;
return Status::InvalidArgument<false>(
"cluster_id in be and fe are different, fe: {}, be : {}",
master_info.cluster_id, config::cluster_id);
}


return Status::OK();
}

Expand Down
10 changes: 5 additions & 5 deletions fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,8 +183,8 @@ unsupportedOtherStatement
| UNINSTALL PLUGIN name=identifierOrText #uninstallPlugin
| LOCK TABLES (lockTable (COMMA lockTable)*)? #lockTables
| UNLOCK TABLES #unlockTables
| WARM UP (CLUSTER | (COMPUTE GROUP)) destination=identifier WITH
(CLUSTER | (COMPUTE_GROUP) source=identifier | (warmUpItem (COMMA warmUpItem)*)) FORCE? #warmUpCluster
| WARM UP (CLUSTER | COMPUTE GROUP) destination=identifier WITH
(CLUSTER | COMPUTE GROUP) source=identifier | (warmUpItem (COMMA warmUpItem)*) FORCE? #warmUpCluster
| BACKUP SNAPSHOT label=multipartIdentifier TO repo=identifier
((ON | EXCLUDE) LEFT_PAREN baseTableRef (COMMA baseTableRef)* RIGHT_PAREN)?
properties=propertyClause? #backup
Expand Down Expand Up @@ -307,7 +307,7 @@ unsupportedShowStatement
| (FROM tableName=multipartIdentifier (ALL VERBOSE?)?))? #showQueryStats
| SHOW BUILD INDEX ((FROM | IN) database=multipartIdentifier)?
wildWhere? sortClause? limitClause? #showBuildIndex
| SHOW (CLUSTERS | (COMPUTE GROUPS)) #showClusters
| SHOW (CLUSTERS | COMPUTE GROUPS) #showClusters
| SHOW CONVERT_LSC ((FROM | IN) database=multipartIdentifier)? #showConvertLsc
| SHOW REPLICA STATUS FROM baseTableRef wildWhere? #showReplicaStatus
| SHOW REPLICA DISTRIBUTION FROM baseTableRef #showREplicaDistribution
Expand Down Expand Up @@ -495,13 +495,13 @@ unsupportedGrantRevokeStatement
: GRANT privilegeList ON multipartIdentifierOrAsterisk
TO (userIdentify | ROLE STRING_LITERAL) #grantTablePrivilege
| GRANT privilegeList ON
(RESOURCE | CLUSTER | (COMPUTE GROUP) | STAGE | STORAGE VAULT | WORKLOAD GROUP)
(RESOURCE | CLUSTER | COMPUTE GROUP | STAGE | STORAGE VAULT | WORKLOAD GROUP)
identifierOrTextOrAsterisk TO (userIdentify | ROLE STRING_LITERAL) #grantResourcePrivilege
| GRANT roles+=STRING_LITERAL (COMMA roles+=STRING_LITERAL)* TO userIdentify #grantRole
| REVOKE privilegeList ON multipartIdentifierOrAsterisk
FROM (userIdentify | ROLE STRING_LITERAL) #grantTablePrivilege
| REVOKE privilegeList ON
(RESOURCE | CLUSTER | (COMPUTE GROUP) | STAGE | STORAGE VAULT | WORKLOAD GROUP)
(RESOURCE | CLUSTER | COMPUTE GROUP | STAGE | STORAGE VAULT | WORKLOAD GROUP)
identifierOrTextOrAsterisk FROM (userIdentify | ROLE STRING_LITERAL) #grantResourcePrivilege
| REVOKE roles+=STRING_LITERAL (COMMA roles+=STRING_LITERAL)* FROM userIdentify #grantRole
;
Expand Down
7 changes: 7 additions & 0 deletions fe/fe-core/src/main/java/org/apache/doris/analysis/SetUserPropertyVar.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,13 @@ private void checkAccess(Analyzer analyzer, boolean isSelf) throws AnalysisExcep
.getCloudClusterNames().contains(value)) {
ErrorReport.reportAnalysisException(ErrorCode.ERR_CLOUD_CLUSTER_ERROR, value);
}

if (key.equals(UserProperty.DEFAULT_COMPUTE_GROUP)
&& !Strings.isNullOrEmpty(value)
&& !((CloudSystemInfoService) Env.getCurrentSystemInfo())
.getCloudClusterNames().contains(value)) {
ErrorReport.reportAnalysisException(ErrorCode.ERR_CLOUD_CLUSTER_ERROR, value);
}
}
return;
}
Expand Down
4 changes: 2 additions & 2 deletions fe/fe-core/src/main/java/org/apache/doris/common/ErrorCode.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1228,9 +1228,9 @@ public enum ErrorCode {
"There can only be one stmt that returns the result and it is at the end."),

ERR_CLOUD_CLUSTER_ERROR(5098, new byte[]{'4', '2', '0', '0', '0'},
"Cluster %s not exist, use SQL 'SHOW CLUSTERS' to get a valid cluster"),
"Compute group (aka. Cloud cluster) %s not exist, use SQL 'SHOW COMPUTE GROUPS' to get a valid compute group"),

ERR_NO_CLUSTER_ERROR(5099, new byte[]{'4', '2', '0', '0', '0'}, "No cluster selected"),
ERR_NO_CLUSTER_ERROR(5099, new byte[]{'4', '2', '0', '0', '0'}, "No compute group (cloud cluster) selected"),

ERR_NOT_CLOUD_MODE(6000, new byte[]{'4', '2', '0', '0', '0'},
"Command only support in cloud mode.");
Expand Down
2 changes: 1 addition & 1 deletion fe/fe-core/src/main/java/org/apache/doris/common/proc/AuthProcDir.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public class AuthProcDir implements ProcDirInterface {
public static final ImmutableList<String> TITLE_NAMES = new ImmutableList.Builder<String>()
.add("UserIdentity").add("Comment").add("Password").add("Roles").add("GlobalPrivs").add("CatalogPrivs")
.add("DatabasePrivs").add("TablePrivs").add("ColPrivs").add("ResourcePrivs").add("CloudClusterPrivs")
.add("CloudStagePrivs").add("StorageVaultPrivs").add("WorkloadGroupPrivs")
.add("CloudStagePrivs").add("StorageVaultPrivs").add("WorkloadGroupPrivs").add("ComputeGroupPrivs")
.build();

private Auth auth;
Expand Down
18 changes: 18 additions & 0 deletions fe/fe-core/src/main/java/org/apache/doris/mysql/privilege/UserProperty.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ public class UserProperty implements Writable {
public static final String PROP_WORKLOAD_GROUP = "default_workload_group";

public static final String DEFAULT_CLOUD_CLUSTER = "default_cloud_cluster";
public static final String DEFAULT_COMPUTE_GROUP = "default_compute_group";

// for system user
public static final Set<Pattern> ADVANCED_PROPERTIES = Sets.newHashSet();
Expand Down Expand Up @@ -142,6 +143,7 @@ public class UserProperty implements Writable {
Pattern.CASE_INSENSITIVE));
COMMON_PROPERTIES.add(Pattern.compile("^" + PROP_WORKLOAD_GROUP + "$", Pattern.CASE_INSENSITIVE));
COMMON_PROPERTIES.add(Pattern.compile("^" + DEFAULT_CLOUD_CLUSTER + "$", Pattern.CASE_INSENSITIVE));
COMMON_PROPERTIES.add(Pattern.compile("^" + DEFAULT_COMPUTE_GROUP + "$", Pattern.CASE_INSENSITIVE));
}

public UserProperty() {
Expand Down Expand Up @@ -263,6 +265,15 @@ public void update(List<Pair<String, String>> properties, boolean isReplay) thro
value = "";
}
newDefaultCloudCluster = value;
} else if (keyArr[0].equalsIgnoreCase(DEFAULT_COMPUTE_GROUP)) {
// set property "DEFAULT_CLOUD_CLUSTER" = "cluster1"
if (keyArr.length != 1) {
throw new DdlException(DEFAULT_COMPUTE_GROUP + " format error");
}
if (value == null) {
value = "";
}
newDefaultCloudCluster = value;
} else if (keyArr[0].equalsIgnoreCase(PROP_MAX_QUERY_INSTANCES)) {
// set property "max_query_instances" = "1000"
if (keyArr.length != 1) {
Expand Down Expand Up @@ -536,6 +547,13 @@ public List<List<String>> fetchProperty() {
result.add(Lists.newArrayList(DEFAULT_CLOUD_CLUSTER, ""));
}

// default cloud cluster
if (defaultCloudCluster != null) {
result.add(Lists.newArrayList(DEFAULT_COMPUTE_GROUP, defaultCloudCluster));
} else {
result.add(Lists.newArrayList(DEFAULT_COMPUTE_GROUP, ""));
}

for (Map.Entry<String, DppConfig> entry : clusterToDppConfig.entrySet()) {
String cluster = entry.getKey();
DppConfig dppConfig = entry.getValue();
Expand Down
6 changes: 3 additions & 3 deletions fe/fe-core/src/main/java/org/apache/doris/qe/ConnectContext.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1193,12 +1193,12 @@ public CloudClusterResult getCloudClusterByPolicy() {
// valid
r = new CloudClusterResult(defaultCloudCluster,
CloudClusterResult.Comment.FOUND_BY_DEFAULT_CLUSTER);
LOG.info("use default cluster {}", defaultCloudCluster);
LOG.info("use default compute group {}", defaultCloudCluster);
} else {
// invalid
r = new CloudClusterResult(defaultCloudCluster,
CloudClusterResult.Comment.DEFAULT_CLUSTER_SET_BUT_NOT_EXIST);
LOG.warn("default cluster {} current invalid, please change it", r);
LOG.warn("default compute group {} current invalid, please change it", r);
}
return r;
}
Expand All @@ -1214,7 +1214,7 @@ public CloudClusterResult getCloudClusterByPolicy() {
.getBackendsByClusterName(cloudClusterName);
AtomicBoolean hasAliveBe = new AtomicBoolean(false);
bes.stream().filter(Backend::isAlive).findAny().ifPresent(backend -> {
LOG.debug("get a clusterName {}, it's has more than one alive be {}", cloudCluster, backend);
LOG.debug("get a compute group {}, it's has more than one alive be {}", cloudCluster, backend);
hasAliveBe.set(true);
});
if (hasAliveBe.get()) {
Expand Down
6 changes: 3 additions & 3 deletions regression-test/suites/cloud_p0/auth/test_grant_revoke_cluster_to_user.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ suite("test_grant_revoke_cluster_to_user", "cloud_auth") {
sql """create user ${user3} identified by 'Cloud12345'"""
sql """GRANT SELECT_PRIV ON *.*.* TO '${user3}'@'%'"""
result = connect(user = "${user3}", password = 'Cloud12345', url = context.config.jdbcUrl) {
sql """SHOW CLUSTERS"""
sql """SHOW COMPUTE GROUPS"""
}
// not grant any cluster to user3
assertTrue(result.isEmpty())
Expand All @@ -119,7 +119,7 @@ suite("test_grant_revoke_cluster_to_user", "cloud_auth") {

// admin role user can grant cluster to use
result = connect(user = "${user1}", password = 'Cloud12345', url = context.config.jdbcUrl) {
sql """GRANT USAGE_PRIV ON CLUSTER '${cluster1}' TO '${user1}'"""
sql """GRANT USAGE_PRIV ON COMPUTE GROUP '${cluster1}' TO '${user1}'"""
}

// case run user(default root), and show grant again, should be same result
Expand Down Expand Up @@ -177,7 +177,7 @@ suite("test_grant_revoke_cluster_to_user", "cloud_auth") {
}

sql """SET PROPERTY FOR '${user2}' 'default_cloud_cluster' = '${validCluster}'"""
result = sql """REVOKE USAGE_PRIV ON CLUSTER '${validCluster}' FROM '${user2}'"""
result = sql """REVOKE USAGE_PRIV ON COMPUTE GROUP '${validCluster}' FROM '${user2}'"""
assertEquals(result[0][0], 0)
connect(user = "${user2}", password = 'Cloud12345', url = context.config.jdbcUrl) {
test {
Expand Down

0 comments on commit ae8d0cc

Please sign in to comment.