Skip to content

Commit 811d124

Browse files
author
Vitaly Baranov
authored
Merge pull request #12002 from vitlibar/fix-partial-revokes
Fix partial revokes
2 parents f0e715a + c39eb8f commit 811d124

31 files changed

+1350
-1044
lines changed

src/Access/AccessControlManager.cpp

Lines changed: 20 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -40,27 +40,8 @@ class AccessControlManager::ContextAccessCache
4040
public:
4141
explicit ContextAccessCache(const AccessControlManager & manager_) : manager(manager_) {}
4242

43-
std::shared_ptr<const ContextAccess> getContextAccess(
44-
const UUID & user_id,
45-
const boost::container::flat_set<UUID> & current_roles,
46-
bool use_default_roles,
47-
const Settings & settings,
48-
const String & current_database,
49-
const ClientInfo & client_info)
43+
std::shared_ptr<const ContextAccess> getContextAccess(const ContextAccessParams & params)
5044
{
51-
ContextAccess::Params params;
52-
params.user_id = user_id;
53-
params.current_roles = current_roles;
54-
params.use_default_roles = use_default_roles;
55-
params.current_database = current_database;
56-
params.readonly = settings.readonly;
57-
params.allow_ddl = settings.allow_ddl;
58-
params.allow_introspection = settings.allow_introspection_functions;
59-
params.interface = client_info.interface;
60-
params.http_method = client_info.http_method;
61-
params.address = client_info.current_address.host();
62-
params.quota_key = client_info.quota_key;
63-
6445
std::lock_guard lock{mutex};
6546
auto x = cache.get(params);
6647
if (x)
@@ -119,7 +100,25 @@ std::shared_ptr<const ContextAccess> AccessControlManager::getContextAccess(
119100
const String & current_database,
120101
const ClientInfo & client_info) const
121102
{
122-
return context_access_cache->getContextAccess(user_id, current_roles, use_default_roles, settings, current_database, client_info);
103+
ContextAccessParams params;
104+
params.user_id = user_id;
105+
params.current_roles = current_roles;
106+
params.use_default_roles = use_default_roles;
107+
params.current_database = current_database;
108+
params.readonly = settings.readonly;
109+
params.allow_ddl = settings.allow_ddl;
110+
params.allow_introspection = settings.allow_introspection_functions;
111+
params.interface = client_info.interface;
112+
params.http_method = client_info.http_method;
113+
params.address = client_info.current_address.host();
114+
params.quota_key = client_info.quota_key;
115+
return getContextAccess(params);
116+
}
117+
118+
119+
std::shared_ptr<const ContextAccess> AccessControlManager::getContextAccess(const ContextAccessParams & params) const
120+
{
121+
return context_access_cache->getContextAccess(params);
123122
}
124123

125124

src/Access/AccessControlManager.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ namespace Poco
2121
namespace DB
2222
{
2323
class ContextAccess;
24+
struct ContextAccessParams;
2425
struct User;
2526
using UserPtr = std::shared_ptr<const User>;
2627
class EnabledRoles;
@@ -58,6 +59,8 @@ class AccessControlManager : public MultipleAccessStorage
5859
const String & current_database,
5960
const ClientInfo & client_info) const;
6061

62+
std::shared_ptr<const ContextAccess> getContextAccess(const ContextAccessParams & params) const;
63+
6164
std::shared_ptr<const EnabledRoles> getEnabledRoles(
6265
const boost::container::flat_set<UUID> & current_roles,
6366
const boost::container::flat_set<UUID> & current_roles_with_admin_option) const;

0 commit comments

Comments
 (0)