creating a binding with SCOPE connection visibility when an existing PRIVATE connection with the same name is prohibited

author: hcpp <[email protected]> 2022-09-22 10:25:58 +0300
committer: hcpp <[email protected]> 2022-09-22 10:25:58 +0300
commit: f3c0db3124e7960338b0514c431553c8726670d4 (patch)
tree: 33dd00970dfca9e716343323fb951e6d23acedf7
parent: e35fa9e920c824c1f2faef732d637164202ee522 (diff)
3 files changed, 49 insertions, 0 deletions
diff --git a/ydb/core/yq/libs/control_plane_storage/validators.cpp b/ydb/core/yq/libs/control_plane_storage/validators.cpp
index 4c720b0ce64..75f61dc1b8a 100644
--- a/ydb/core/yq/libs/control_plane_storage/validators.cpp
+++ b/ydb/core/yq/libs/control_plane_storage/validators.cpp
@@ -333,6 +333,42 @@ TValidationQuery CreateConnectionExistsValidator(const TString& scope,
     return {query.Sql, query.Params, validator};
 }
 
+TValidationQuery CreateBindingConnectionValidator(const TString& scope,
+                                                 const TString& connectionId,
+                                                 const TString& user,
+                                                 const TString& tablePathPrefix) {
+    TSqlQueryBuilder queryBuilder(tablePathPrefix);
+    queryBuilder.AddString("scope", scope);
+    queryBuilder.AddString("connection_id", connectionId);
+    queryBuilder.AddString("user", user);
+    queryBuilder.AddInt64("private_visibility", YandexQuery::Acl::PRIVATE);
+    queryBuilder.AddText(
+        "$name = SELECT `" NAME_COLUMN_NAME "`\n"
+        "FROM `" CONNECTIONS_TABLE_NAME "` WHERE `" SCOPE_COLUMN_NAME "` = $scope AND `" CONNECTION_ID_COLUMN_NAME "` = $connection_id;\n"
+        "SELECT `" CONNECTION_ID_COLUMN_NAME "`, `" NAME_COLUMN_NAME "`\n"
+        "FROM `" CONNECTIONS_TABLE_NAME "` WHERE `" SCOPE_COLUMN_NAME "` = $scope AND `" CONNECTION_ID_COLUMN_NAME "` != $connection_id AND `" USER_COLUMN_NAME "` = $user AND `" NAME_COLUMN_NAME "` = $name AND `" VISIBILITY_COLUMN_NAME "` = $private_visibility;\n"
+    );
+
+    auto validator = [connectionId](NYdb::NTable::TDataQueryResult result) {
+        const auto& resultSets = result.GetResultSets();
+        if (resultSets.size() != 1) {
+            ythrow TControlPlaneStorageException(TIssuesIds::INTERNAL_ERROR) << "Result set size is not equal to 1 but equal " << resultSets.size() << ". Please contact internal support";
+        }
+
+        TResultSetParser parser(resultSets.front());
+        if (!parser.TryNextRow()) {
+            return false;
+        }
+
+        TString privateConnectionName = parser.ColumnParser(NAME_COLUMN_NAME).GetOptionalString().GetOrElse("");
+        TString privateConnectionId = parser.ColumnParser(CONNECTION_ID_COLUMN_NAME).GetOptionalString().GetOrElse("");
+
+        ythrow TControlPlaneStorageException(TIssuesIds::BAD_REQUEST) << "The connection with id " << connectionId << " is overridden by the private conection with id " << privateConnectionId << " (" << privateConnectionName << "). Please rename the private connection or use another connection";
+    };
+    const auto query = queryBuilder.Build();
+    return {query.Sql, query.Params, validator};
+}
+
 TValidationQuery CreateTtlValidator(const TString& tableName,
                                     const TString& columnName,
                                     const TString& scope,
diff --git a/ydb/core/yq/libs/control_plane_storage/validators.h b/ydb/core/yq/libs/control_plane_storage/validators.h
index cb63b841bf5..9d98f3cf96a 100644
--- a/ydb/core/yq/libs/control_plane_storage/validators.h
+++ b/ydb/core/yq/libs/control_plane_storage/validators.h
@@ -88,6 +88,11 @@ TValidationQuery CreateConnectionExistsValidator(const TString& scope,
                                                  YandexQuery::Acl::Visibility bindingVisibility,
                                                  const TString& tablePathPrefix);
 
+TValidationQuery CreateBindingConnectionValidator(const TString& scope,
+                                                 const TString& connectionId,
+                                                 const TString& user,
+                                                 const TString& tablePathPrefix);
+
 TValidationQuery CreateTtlValidator(const TString& tableName,
                                     const TString& columnName,
                                     const TString& scope,
diff --git a/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp b/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
index 6325686004f..12cfefd822d 100644
--- a/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
+++ b/ydb/core/yq/libs/control_plane_storage/ydb_control_plane_storage_bindings.cpp
@@ -107,6 +107,13 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvCreateBindi
         content.acl().visibility(),
         YdbConnection->TablePathPrefix);
 
+    auto connectionValidator = CreateBindingConnectionValidator(
+        scope,
+        connectionId,
+        user,
+        YdbConnection->TablePathPrefix);
+
+
     TVector<TValidationQuery> validators;
     if (idempotencyKey) {
         validators.push_back(CreateIdempotencyKeyValidator(scope, idempotencyKey, response, YdbConnection->TablePathPrefix));
@@ -115,6 +122,7 @@ void TYdbControlPlaneStorageActor::Handle(TEvControlPlaneStorage::TEvCreateBindi
     validators.push_back(validatorName);
     validators.push_back(validatorCountBindings);
     validators.push_back(validatorConnectionExists);
+    validators.push_back(connectionValidator);
 
     const auto query = queryBuilder.Build();
     auto debugInfo = Config.Proto.GetEnableDebugMode() ? std::make_shared<TDebugInfo>() : TDebugInfoPtr{};
author	hcpp <[email protected]>	2022-09-22 10:25:58 +0300
committer	hcpp <[email protected]>	2022-09-22 10:25:58 +0300
commit	f3c0db3124e7960338b0514c431553c8726670d4 (patch)
tree	33dd00970dfca9e716343323fb951e6d23acedf7
parent	e35fa9e920c824c1f2faef732d637164202ee522 (diff)