databend icon indicating copy to clipboard operation
databend copied to clipboard

Published 20 hours ago โ€ข verified publisher icon datafuselabs

feat(query): task support ownership

Open TCeason opened this issue 9 months ago โ€ข 5 comments

I hereby agree to the terms of the CLA available at: https://docs.databend.com/dev/policies/cla/

Summary

Ownership cover Task Object

  1. Added Task to OwnershipObject, storing the task name (After confirmation that the task will not have a rename operation, storing the name is more appropriate)

  2. task. proto adds task_names. Added owner judgment in tasks/task_history_table.rs

  3. owenrship.proto added the OwnershipTaskObject

  4. user.proto added GrantTaskObject

  5. Add the global permission to CREATE TASK. drop/alter task requires the DROP/ALTER permission. Only the owner of a task can execute the show/desc/execute task command

  6. Delete showtasksinterpreter

  7. grant task ownership when a task is created and revoke task ownership when a task is dropped

  8. Add list_tasks_ownerships and only list __fd_object_owners//task-by-name/ prefix

  9. if user has global Super privilege, it can execute/drop/alter/create/show all tasks and tasks_history

Attention:

  1. The ddl operation of the task also retains the previous permission verification. That so long as has the Global level of super permissions can be to create a task/drop/execute/desc/show.

  2. Integration testing is somewhat difficult and has been tested manually in the dev environment. warehouse 'task_p'.

  • Fixes #15453

Tests

  • [x] Unit Test
  • [ ] Logic Test
  • [ ] Benchmark Test
  • [ ] No Test - Explain why

Type of change

  • [ ] Bug Fix (non-breaking change which fixes an issue)
  • [x] New Feature (non-breaking change which adds functionality)
  • [ ] Breaking Change (fix or feature that could cause existing functionality not to work as expected)
  • [ ] Documentation Update
  • [ ] Refactoring
  • [ ] Performance Improvement
  • [ ] Other (please describe):

This change isโ€‚Reviewable

TCeason avatar May 09 '24 13:05 TCeason

If this pull request is ready for review, please mark it as Ready for review.

If it is not yet ready, I would prefer to be removed from the reviewer list to avoid being overwhelmed by notifications from pushes. ๐Ÿค”

drmingdrmer avatar May 10 '24 09:05 drmingdrmer

Reviewed 13 of 38 files at r1, 13 of 22 files at r3, all commit messages. Reviewable status: 26 of 40 files reviewed, 4 unresolved discussions (waiting on @TCeason and @ZhiHanZ)

src/meta/proto-conv/src/util.rs line 122 at r3 (raw file):

    (88, "2024-04-17: Add: SequenceMeta"),
    (89, "2024-04-19: Add: geometry_output_format settings"),
    (90, "2024-05-09: Add: GrantTaskObject"),

The name of the new message is OwnershipTaskObject?

Two

owenrship.proto added the OwnershipTaskObject

user.proto added GrantTaskObject

TCeason avatar May 10 '24 13:05 TCeason

This pr can be merged when this pr https://github.com/datafuselabs/databend/pull/15496 released.

TCeason avatar May 13 '24 10:05 TCeason

Docker Image for PR

  • tag: pr-15458-297dc76

note: this image tag is only available for internal use, please check the internal doc for more details.

github-actions[bot] avatar May 20 '24 07:05 github-actions[bot]

I generate some case and test this pr in cloud dev: warehouse 'task_p'.

So I think we can review this pr now. cc @flaneur2020 @ZhiHanZ

TCeason avatar May 20 '24 08:05 TCeason