diff options
author | robot-piglet <robot-piglet@yandex-team.com> | 2023-12-14 09:27:46 +0300 |
---|---|---|
committer | robot-piglet <robot-piglet@yandex-team.com> | 2023-12-14 09:44:12 +0300 |
commit | 76b21190cb48636728f7ab6e26b812dcdecbd004 (patch) | |
tree | 30eb945eef36bd826b737d99baa9cbdb673e03d3 /contrib/clickhouse | |
parent | db7f91de8c86629d479db1daf8dddf9704186478 (diff) | |
download | ydb-76b21190cb48636728f7ab6e26b812dcdecbd004.tar.gz |
Intermediate changes
Diffstat (limited to 'contrib/clickhouse')
-rw-r--r-- | contrib/clickhouse/src/Interpreters/Access/InterpreterGrantQuery.cpp | 6 | ||||
-rw-r--r-- | contrib/clickhouse/src/Interpreters/removeOnClusterClauseIfNeeded.cpp | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/contrib/clickhouse/src/Interpreters/Access/InterpreterGrantQuery.cpp b/contrib/clickhouse/src/Interpreters/Access/InterpreterGrantQuery.cpp index 1a8268b9b1..518ef1d340 100644 --- a/contrib/clickhouse/src/Interpreters/Access/InterpreterGrantQuery.cpp +++ b/contrib/clickhouse/src/Interpreters/Access/InterpreterGrantQuery.cpp @@ -7,6 +7,7 @@ #include <Access/RolesOrUsersSet.h> #include <Access/User.h> #include <Interpreters/Context.h> +#include <Interpreters/removeOnClusterClauseIfNeeded.h> #include <Interpreters/QueryLog.h> #include <Interpreters/executeDDLQueryOnCluster.h> #include <boost/range/algorithm/copy.hpp> @@ -396,7 +397,8 @@ namespace BlockIO InterpreterGrantQuery::execute() { - auto & query = query_ptr->as<ASTGrantQuery &>(); + const auto updated_query = removeOnClusterClauseIfNeeded(query_ptr, getContext()); + auto & query = updated_query->as<ASTGrantQuery &>(); query.replaceCurrentUserTag(getContext()->getUserName()); query.access_rights_elements.eraseNonGrantable(); @@ -430,7 +432,7 @@ BlockIO InterpreterGrantQuery::execute() current_user_access->checkGranteesAreAllowed(grantees); DDLQueryOnClusterParams params; params.access_to_check = std::move(required_access); - return executeDDLQueryOnCluster(query_ptr, getContext(), params); + return executeDDLQueryOnCluster(updated_query, getContext(), params); } /// Check if the current user has corresponding access rights granted with grant option. diff --git a/contrib/clickhouse/src/Interpreters/removeOnClusterClauseIfNeeded.cpp b/contrib/clickhouse/src/Interpreters/removeOnClusterClauseIfNeeded.cpp index 7dc452a0fc..da3930d62a 100644 --- a/contrib/clickhouse/src/Interpreters/removeOnClusterClauseIfNeeded.cpp +++ b/contrib/clickhouse/src/Interpreters/removeOnClusterClauseIfNeeded.cpp @@ -14,6 +14,7 @@ #include <Parsers/Access/ASTCreateSettingsProfileQuery.h> #include <Parsers/Access/ASTCreateUserQuery.h> #include <Parsers/Access/ASTDropAccessEntityQuery.h> +#include <Parsers/Access/ASTGrantQuery.h> namespace DB @@ -33,7 +34,8 @@ static bool isAccessControlQuery(const ASTPtr & query) || query->as<ASTCreateRoleQuery>() || query->as<ASTCreateRowPolicyQuery>() || query->as<ASTCreateSettingsProfileQuery>() - || query->as<ASTDropAccessEntityQuery>(); + || query->as<ASTDropAccessEntityQuery>() + || query->as<ASTGrantQuery>(); } ASTPtr removeOnClusterClauseIfNeeded(const ASTPtr & query, ContextPtr context, const WithoutOnClusterASTRewriteParams & params) |