aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorauzhegov <auzhegov@yandex-team.com>2023-10-30 22:39:38 +0300
committerauzhegov <auzhegov@yandex-team.com>2023-10-30 22:56:39 +0300
commitaf7253a7a91de48c280d8e72d8c72ca17f25d6ba (patch)
tree33b2c8566376dfcff5ecb9c18e8ad14407ea361b
parent05f313c7030d1d0b5ae3a12f27ed1be14b782464 (diff)
downloadydb-af7253a7a91de48c280d8e72d8c72ca17f25d6ba.tar.gz
YQv2 name uniqueness constraint validation
Initial version
Diffstat
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.cpp142
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.h30
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/actors/counters.h2
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp11
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/control_plane_proxy.cpp111
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/events/events.h8
-rw-r--r--ydb/core/fq/libs/control_plane_proxy/ut/control_plane_proxy_ut.cpp12
-rw-r--r--ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp2
-rw-r--r--ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp4
9 files changed, 294 insertions, 28 deletions
diff --git a/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.cpp b/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.cpp
index b404887ff6..ea4ef74e56 100644
--- a/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.cpp
+++ b/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.cpp
@@ -10,7 +10,6 @@
#include <ydb/core/fq/libs/control_plane_storage/events/events.h>
#include <ydb/library/yql/public/issue/yql_issue.h>
#include <ydb/public/api/protos/draft/fq.pb.h>
-#include <ydb/public/sdk/cpp/client/ydb_table/table.h>
namespace NFq {
namespace NPrivate {
@@ -51,8 +50,6 @@ public:
using TResultHandler =
std::function<void(const TEventRequestPtr& request,
const typename TCPSEventResponse::TProto& response)>;
- using TIssuesHandler = std::function<void(const TEventRequestPtr& request,
- const typename NYql::TIssues& issues)>;
TControlPlaneStorageRequesterActor(
const TActorId& proxyActorId,
@@ -433,5 +430,144 @@ NActors::IActor* MakeDescribeListedBindingActor(
entityNameExtractorFactoryMethod);
}
+template<class TProxyRequest, class TProxyResponse, class TCPSRequest, class TCPSResponse>
+NActors::IActor* MakeListEntityIdsActorTemplate(
+ const TActorId proxyActorId,
+ const typename TProxyRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions,
+ std::function<void(const typename TProxyRequest::TPtr& request,
+ const typename TCPSResponse::TProto& response)>
+ entityNameExtractorFactoryMethod,
+ const TString& errorMessage) {
+ auto cpsEventRequestPostProcessor = [](TCPSRequest& eventRequest) {
+ eventRequest.IsExactNameMatch = true;
+ };
+
+ auto cpsRequestFactory = [](const typename TProxyRequest::TPtr& event) {
+ typename TCPSRequest::TProto result;
+ auto newName = event->Get()->Request.content().name();
+ result.set_limit(1);
+ result.mutable_filter()->set_name(newName);
+ return result;
+ };
+
+ auto errorMessageFactoryMethod = [errorMessage](const NYql::TIssues& issues) -> TString {
+ Y_UNUSED(issues);
+ return errorMessage;
+ };
+
+ return new TControlPlaneStorageRequesterActor<TProxyRequest, TProxyResponse, TCPSRequest, TCPSResponse>(
+ proxyActorId,
+ request,
+ requestTimeout,
+ counters.GetCommonCounters(RTC_LIST_CPS_ENTITY),
+ permissions,
+ cpsRequestFactory,
+ errorMessageFactoryMethod,
+ std::move(entityNameExtractorFactoryMethod),
+ cpsEventRequestPostProcessor);
+}
+
+template<class TProxyRequest>
+void HandleListConnectionsResult(const typename TProxyRequest::TPtr& event,
+ const FederatedQuery::ListConnectionsResult& result) {
+ if (result.connection_size() != 0) {
+ event->Get()->EntityWithSameNameType =
+ TEvControlPlaneProxy::EEntityType::Connection;
+ }
+ event->Get()->ConnectionsWithSameNameWereListed = true;
+}
+
+template<class TProxyRequest>
+void HandleListBindingsResult(const typename TProxyRequest::TPtr& event,
+ const FederatedQuery::ListBindingsResult& result) {
+ if (result.binding_size() != 0) {
+ event->Get()->EntityWithSameNameType = TEvControlPlaneProxy::EEntityType::Binding;
+ }
+ event->Get()->BindingWithSameNameWereListed = true;
+}
+
+NActors::IActor* MakeListBindingIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateConnectionRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions) {
+ return MakeListEntityIdsActorTemplate<TEvControlPlaneProxy::TEvCreateConnectionRequest,
+ TEvControlPlaneProxy::TEvCreateConnectionResponse,
+ TEvControlPlaneStorage::TEvListBindingsRequest,
+ TEvControlPlaneStorage::TEvListBindingsResponse>(
+ proxyActorId,
+ request,
+ counters,
+ requestTimeout,
+ permissions,
+ std::function(
+ HandleListBindingsResult<TEvControlPlaneProxy::TEvCreateConnectionRequest>),
+ "Couldn't list bindings");
+}
+
+NActors::IActor* MakeListConnectionIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateConnectionRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions) {
+ return MakeListEntityIdsActorTemplate<TEvControlPlaneProxy::TEvCreateConnectionRequest,
+ TEvControlPlaneProxy::TEvCreateConnectionResponse,
+ TEvControlPlaneStorage::TEvListConnectionsRequest,
+ TEvControlPlaneStorage::TEvListConnectionsResponse>(
+ proxyActorId,
+ request,
+ counters,
+ requestTimeout,
+ permissions,
+ std::function(
+ HandleListConnectionsResult<TEvControlPlaneProxy::TEvCreateConnectionRequest>),
+ "Couldn't list connections");
+}
+
+NActors::IActor* MakeListBindingIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateBindingRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions) {
+ return MakeListEntityIdsActorTemplate<TEvControlPlaneProxy::TEvCreateBindingRequest,
+ TEvControlPlaneProxy::TEvCreateBindingResponse,
+ TEvControlPlaneStorage::TEvListBindingsRequest,
+ TEvControlPlaneStorage::TEvListBindingsResponse>(
+ proxyActorId,
+ request,
+ counters,
+ requestTimeout,
+ permissions,
+ std::function(
+ HandleListBindingsResult<TEvControlPlaneProxy::TEvCreateBindingRequest>),
+ "Couldn't list bindings");
+}
+
+NActors::IActor* MakeListConnectionIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateBindingRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions) {
+ return MakeListEntityIdsActorTemplate<TEvControlPlaneProxy::TEvCreateBindingRequest,
+ TEvControlPlaneProxy::TEvCreateBindingResponse,
+ TEvControlPlaneStorage::TEvListConnectionsRequest,
+ TEvControlPlaneStorage::TEvListConnectionsResponse>(
+ proxyActorId,
+ request,
+ counters,
+ requestTimeout,
+ permissions,
+ std::function(
+ HandleListConnectionsResult<TEvControlPlaneProxy::TEvCreateBindingRequest>),
+ "Couldn't list connections");
+}
+
} // namespace NPrivate
} // namespace NFq
diff --git a/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.h b/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.h
index b34729a2a4..85012503a2 100644
--- a/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.h
+++ b/ydb/core/fq/libs/control_plane_proxy/actors/control_plane_storage_requester_actor.h
@@ -71,5 +71,35 @@ NActors::IActor* MakeDescribeListedBindingActor(
TDuration requestTimeout,
TPermissions permissions);
+/// Uniqueness constraint
+
+NActors::IActor* MakeListBindingIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateConnectionRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions);
+
+NActors::IActor* MakeListConnectionIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateConnectionRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions);
+
+NActors::IActor* MakeListBindingIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateBindingRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions);
+
+NActors::IActor* MakeListConnectionIdsActor(
+ const TActorId proxyActorId,
+ const TEvControlPlaneProxy::TEvCreateBindingRequest::TPtr& request,
+ TCounters& counters,
+ TDuration requestTimeout,
+ TPermissions permissions);
+
} // namespace NPrivate
} // namespace NFq
diff --git a/ydb/core/fq/libs/control_plane_proxy/actors/counters.h b/ydb/core/fq/libs/control_plane_proxy/actors/counters.h
index 8ab5730295..32dec96a72 100644
--- a/ydb/core/fq/libs/control_plane_proxy/actors/counters.h
+++ b/ydb/core/fq/libs/control_plane_proxy/actors/counters.h
@@ -170,6 +170,7 @@ enum ERequestTypeCommon {
RTC_DELETE_CONNECTION_IN_YDB,
RTC_DELETE_BINDING_IN_YDB,
RTC_CREATE_COMPUTE_DATABASE,
+ RTC_LIST_CPS_ENTITY,
RTC_MAX,
};
@@ -226,6 +227,7 @@ class TCounters : public virtual TThrRefBase {
{MakeIntrusive<TRequestCommonCounters>("DeleteConnectionInYDB")},
{MakeIntrusive<TRequestCommonCounters>("DeleteBindingInYDB")},
{MakeIntrusive<TRequestCommonCounters>("CreateComputeDatabase")},
+ {MakeIntrusive<TRequestCommonCounters>("ListCPSEntities")},
});
TTtlCache<TMetricsScope, TScopeCountersPtr, TMap> ScopeCounters{TTtlCacheSettings{}.SetTtl(TDuration::Days(1))};
diff --git a/ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp b/ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp
index eb1625d6ac..8c2cad260c 100644
--- a/ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp
+++ b/ydb/core/fq/libs/control_plane_proxy/actors/query_utils.cpp
@@ -250,17 +250,6 @@ TMaybe<TString> DropSecretObjectQuery(const TString& name) {
"secret_name3"_a = EncloseAndEscapeString(name, '`'));
}
-TString MakeDeleteExternalDataSourceQuery(
- const FederatedQuery::ConnectionContent& connectionContent,
- const TSigner::TPtr&) {
- using namespace fmt::literals;
- return fmt::format(
- R"(
- DROP EXTERNAL DATA SOURCE {external_source};
- )",
- "external_source"_a = EncloseAndEscapeString(connectionContent.name(), '`'));
-}
-
TString MakeDeleteExternalDataTableQuery(const TString& tableName) {
using namespace fmt::literals;
return fmt::format("DROP EXTERNAL TABLE {external_table};",
diff --git a/ydb/core/fq/libs/control_plane_proxy/control_plane_proxy.cpp b/ydb/core/fq/libs/control_plane_proxy/control_plane_proxy.cpp
index 576a670b51..55bd1265e9 100644
--- a/ydb/core/fq/libs/control_plane_proxy/control_plane_proxy.cpp
+++ b/ydb/core/fq/libs/control_plane_proxy/control_plane_proxy.cpp
@@ -569,6 +569,57 @@ private:
return issues;
}
+ template<class TProxyRequest, class TProxyResponse, class TProbe>
+ void ValidationFailedHandler(typename TProxyRequest::TPtr ev,
+ const NYql::TIssues& issues,
+ TRequestCounters& requestCounters,
+ const TInstant& startTime,
+ const TProbe& probe,
+ const TString& requestName) {
+ CPS_LOG_E(requestName << ", validation failed: " << ev->Get()->Scope << " "
+ << ev->Get()->User << " "
+ << NKikimr::MaskTicket(ev->Get()->Token) << " "
+ << ev->Get()->Request.DebugString()
+ << " error: " << issues.ToString());
+ Send(ev->Sender, new TProxyResponse(issues, ev->Get()->SubjectType), 0, ev->Cookie);
+ requestCounters.IncError();
+ TDuration delta = TInstant::Now() - startTime;
+ requestCounters.Common->LatencyMs->Collect(delta.MilliSeconds());
+ probe(delta, false, false);
+ }
+
+ template<class TProxyRequest, class TProxyResponse, class TProbe>
+ bool ValidateNameUniquenessConstraint(typename TProxyRequest::TPtr& ev,
+ TRequestCounters& requestCounters,
+ const TInstant& startTime,
+ const TProbe& probe,
+ const TString& requestName) {
+ bool entityWithSameNameExists = ev->Get()->EntityWithSameNameType.Defined();
+ if (entityWithSameNameExists) {
+ TString errorMessage;
+ switch (*ev->Get()->EntityWithSameNameType) {
+ case TEvControlPlaneProxy::EEntityType::Connection:
+ errorMessage =
+ "Connection with the same name already exists. Please choose another name";
+ break;
+
+ case TEvControlPlaneProxy::EEntityType::Binding:
+ errorMessage =
+ "Binding with the same name already exists. Please choose another name";
+ break;
+ }
+
+ ValidationFailedHandler<TProxyRequest, TProxyResponse>(
+ std::move(ev),
+ NYql::TIssues{NYql::TIssue{errorMessage}},
+ requestCounters,
+ startTime,
+ probe,
+ requestName);
+ }
+ return !entityWithSameNameExists;
+ }
+
void Handle(TEvControlPlaneProxy::TEvCreateQueryRequest::TPtr& ev) {
TInstant startTime = TInstant::Now();
FederatedQuery::CreateQueryRequest request = ev->Get()->Request;
@@ -1340,9 +1391,35 @@ private:
static const TPermissions availablePermissions {
TPermissions::TPermission::MANAGE_PUBLIC
+ | TPermissions::TPermission::VIEW_PUBLIC
};
if (isYDBOperationEnabled) {
+ if (!ev->Get()->ConnectionsWithSameNameWereListed) {
+ Register(MakeListConnectionIdsActor(ControlPlaneProxyActorId(),
+ ev,
+ Counters,
+ Config.RequestTimeout,
+ availablePermissions));
+ return;
+ }
+ if (!ev->Get()->BindingWithSameNameWereListed) {
+ Register(MakeListBindingIdsActor(ControlPlaneProxyActorId(),
+ ev,
+ Counters,
+ Config.RequestTimeout,
+ availablePermissions));
+ return;
+ }
+ if (!ValidateNameUniquenessConstraint<
+ TEvControlPlaneProxy::TEvCreateConnectionRequest,
+ TEvControlPlaneProxy::TEvCreateConnectionResponse>(
+ ev, requestCounters, startTime, probe, "TEvCreateConnectionRequest")) {
+ return;
+ }
+ }
+
+ if (isYDBOperationEnabled) {
if (!ev->Get()->YDBClient) {
ev->Get()->YDBClient = CreateNewTableClient(ev,
Config.ComputeConfig,
@@ -1928,13 +2005,37 @@ private:
static const TPermissions availablePermissions {
TPermissions::TPermission::VIEW_PUBLIC
| TPermissions::TPermission::MANAGE_PUBLIC
- | TPermissions::TPermission::MANAGE_PRIVATE
};
- if (Config.ComputeConfig.IsYDBSchemaOperationsEnabled(
- ev->Get()->Scope,
- ev->Get()->Request.content().setting().binding_case()) &&
- !ydbOperationWasPerformed) {
+ bool isYDBOperationEnabled = Config.ComputeConfig.IsYDBSchemaOperationsEnabled(
+ ev->Get()->Scope,
+ ev->Get()->Request.content().setting().binding_case());
+
+ if (isYDBOperationEnabled) {
+ if (!ev->Get()->ConnectionsWithSameNameWereListed) {
+ Register(MakeListConnectionIdsActor(ControlPlaneProxyActorId(),
+ ev,
+ Counters,
+ Config.RequestTimeout,
+ availablePermissions));
+ return;
+ }
+ if (!ev->Get()->BindingWithSameNameWereListed) {
+ Register(MakeListBindingIdsActor(ControlPlaneProxyActorId(),
+ ev,
+ Counters,
+ Config.RequestTimeout,
+ availablePermissions));
+ return;
+ }
+ if (!ValidateNameUniquenessConstraint<TEvControlPlaneProxy::TEvCreateBindingRequest,
+ TEvControlPlaneProxy::TEvCreateBindingResponse>(
+ ev, requestCounters, startTime, probe, "TEvCreateBindingRequest")) {
+ return;
+ }
+ }
+
+ if (isYDBOperationEnabled && !ydbOperationWasPerformed) {
if (!ev->Get()->ConnectionContent) {
auto permissions = ExtractPermissions(ev, availablePermissions);
Register(MakeDiscoverYDBConnectionContentActor(ControlPlaneProxyActorId(),
diff --git a/ydb/core/fq/libs/control_plane_proxy/events/events.h b/ydb/core/fq/libs/control_plane_proxy/events/events.h
index e43b049f73..6ff0bf3bff 100644
--- a/ydb/core/fq/libs/control_plane_proxy/events/events.h
+++ b/ydb/core/fq/libs/control_plane_proxy/events/events.h
@@ -300,6 +300,8 @@ struct TEvControlPlaneProxy {
EventType>::TBaseControlPlaneRequest;
};
+ enum class EEntityType : ui8 { Connection, Binding };
+
template<>
struct TControlPlaneRequest<FederatedQuery::CreateConnectionRequest,
EvCreateConnectionRequest> :
@@ -311,6 +313,9 @@ struct TEvControlPlaneProxy {
FederatedQuery::CreateConnectionRequest,
EvCreateConnectionRequest>::TBaseControlPlaneRequest;
+ TMaybe<EEntityType> EntityWithSameNameType;
+ bool ConnectionsWithSameNameWereListed = false;
+ bool BindingWithSameNameWereListed = false;
};
template<>
@@ -356,6 +361,9 @@ struct TEvControlPlaneProxy {
EvCreateBindingRequest>::TBaseControlPlaneRequest;
TMaybe<FederatedQuery::ConnectionContent> ConnectionContent;
+ TMaybe<EEntityType> EntityWithSameNameType;
+ bool ConnectionsWithSameNameWereListed = false;
+ bool BindingWithSameNameWereListed = false;
};
template<>
diff --git a/ydb/core/fq/libs/control_plane_proxy/ut/control_plane_proxy_ut.cpp b/ydb/core/fq/libs/control_plane_proxy/ut/control_plane_proxy_ut.cpp
index 000bc9d6f5..463765566b 100644
--- a/ydb/core/fq/libs/control_plane_proxy/ut/control_plane_proxy_ut.cpp
+++ b/ydb/core/fq/libs/control_plane_proxy/ut/control_plane_proxy_ut.cpp
@@ -2396,7 +2396,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyCheckNegativePermissionsSuccess) {
auto event = request->Get<TEvControlPlaneStorage::TEvCreateConnectionRequest>();
auto permissions = event->Permissions;
UNIT_ASSERT_VALUES_EQUAL(event->Scope, "yandexcloud://my_folder");
- UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PUBLIC));
+ UNIT_ASSERT(permissions.Check(TPermissions::VIEW_PUBLIC));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
@@ -2415,7 +2415,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyCheckNegativePermissionsSuccess) {
auto event = request->Get<TEvControlPlaneStorage::TEvCreateConnectionRequest>();
auto permissions = event->Permissions;
UNIT_ASSERT_VALUES_EQUAL(event->Scope, "yandexcloud://my_folder");
- UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PUBLIC));
+ UNIT_ASSERT(permissions.Check(TPermissions::VIEW_PUBLIC));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
@@ -2571,7 +2571,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyCheckNegativePermissionsSuccess) {
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
- UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PRIVATE));
+ UNIT_ASSERT(!permissions.Check(TPermissions::MANAGE_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::QUERY_INVOKE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_QUERY_TEXT));
}
@@ -2881,7 +2881,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyShouldPassHids) {
auto event = request->Get<TEvControlPlaneStorage::TEvCreateConnectionRequest>();
auto permissions = event->Permissions;
UNIT_ASSERT_VALUES_EQUAL(event->Scope, "yandexcloud://my_folder");
- UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PUBLIC));
+ UNIT_ASSERT(permissions.Check(TPermissions::VIEW_PUBLIC));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
@@ -2993,7 +2993,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyShouldPassHids) {
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
- UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PRIVATE));
+ UNIT_ASSERT(!permissions.Check(TPermissions::MANAGE_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::QUERY_INVOKE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_QUERY_TEXT));
}
@@ -3289,7 +3289,7 @@ Y_UNIT_TEST_SUITE(TControlPlaneProxyShouldPassHids) {
auto event = request->Get<TEvControlPlaneStorage::TEvCreateConnectionRequest>();
auto permissions = event->Permissions;
UNIT_ASSERT_VALUES_EQUAL(event->Scope, "yandexcloud://my_folder");
- UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PUBLIC));
+ UNIT_ASSERT(permissions.Check(TPermissions::VIEW_PUBLIC));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_PRIVATE));
UNIT_ASSERT(!permissions.Check(TPermissions::VIEW_AST));
UNIT_ASSERT(permissions.Check(TPermissions::MANAGE_PUBLIC));
diff --git a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
index ddeaf865d2..64b0d7e6e2 100644
--- a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
+++ b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
@@ -215,7 +215,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvListBinding
if (request.filter().name()) {
queryBuilder.AddString("filter_name", request.filter().name());
if (event.IsExactNameMatch) {
- filters.push_back("`" NAME_COLUMN_NAME "` = '$filter_name'");
+ filters.push_back("`" NAME_COLUMN_NAME "` = $filter_name");
} else {
filters.push_back("`" NAME_COLUMN_NAME "` LIKE '%' || $filter_name || '%'");
}
diff --git a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp
index 79a32243f4..3078199784 100644
--- a/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp
+++ b/ydb/core/fq/libs/control_plane_storage/ydb_control_plane_storage_connections.cpp
@@ -226,7 +226,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvListConnect
if (request.filter().name()) {
queryBuilder.AddString("filter_name", request.filter().name());
if (event.IsExactNameMatch) {
- filters.push_back("`" NAME_COLUMN_NAME "` = '$filter_name'");
+ filters.push_back("`" NAME_COLUMN_NAME "` = $filter_name");
} else {
filters.push_back("`" NAME_COLUMN_NAME "` LIKE '%' || $filter_name || '%'");
}
@@ -374,7 +374,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvDescribeCon
if (!hasViewAccess) {
ythrow TCodeLineException(TIssuesIds::ACCESS_DENIED) << "Connection does not exist or permission denied. Please check the id connection or your access rights";
}
-
+
PrepareSensitiveFields(*result.mutable_connection(), extractSensitiveFields);
return result;
};
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-01 02:35:43 +0000