Merge pull request #8132 from influxdata/er-db-privs
Ensure privileges can't be set on non-existent DBpull/8521/merge
Edd Robinson
GitHub
commit
87975c7b2b
13
CHANGELOG.md
13
CHANGELOG.md
|
|
@ -4,16 +4,17 @@
|
|||
|
||||
#### `[collectd]` Section
|
||||
|
||||
* `parse-multivalue-plugin` was added with a default of `split`. When set to `split`, multivalue plugin data (e.g. df free:5000,used:1000) will be split into separate measurements (e.g., (df_free, value=5000) (df_used, value=1000)). When set to `join`, multivalue plugin will be stored as a single multi-value measurement (e.g., (df, free=5000,used=1000)).
|
||||
* `parse-multivalue-plugin` was added with a default of `split`. When set to `split`, multivalue plugin data (e.g. df free:5000,used:1000) will be split into separate measurements (e.g., (df_free, value=5000) (df_used, value=1000)). When set to `join`, multivalue plugin will be stored as a single multi-value measurement (e.g., (df, free=5000,used=1000)).
|
||||
|
||||
### Features
|
||||
|
||||
- [#8426](https://github.com/influxdata/influxdb/issues/8426): Add `parse-multivalue-plugin` to allow users to choose how multivalue plugins should be handled by the collectd service.
|
||||
- [#8426](https://github.com/influxdata/influxdb/issues/8426): Add `parse-multivalue-plugin` to allow users to choose how multivalue plugins should be handled by the collectd service.
|
||||
|
||||
### Bugfixes
|
||||
|
||||
- [#8480](https://github.com/influxdata/influxdb/pull/8480): Change the default stats interval to 1 second instead of 10 seconds.
|
||||
- [#8466](https://github.com/influxdata/influxdb/issues/8466): illumos build broken on syscall.Mmap
|
||||
- [#8124](https://github.com/influxdata/influxdb/issues/8124): Prevent privileges on non-existent databases from being set.
|
||||
|
||||
## v1.3.0 [unreleased]
|
||||
|
||||
|
|
@ -44,15 +45,15 @@ The admin UI is removed and unusable in this release. The `[admin]` configuratio
|
|||
|
||||
* The top-level config `bind-address` now defaults to `localhost:8088`.
|
||||
The previous default was just `:8088`, causing the backup and restore port to be bound on all available interfaces (i.e. including interfaces on the public internet).
|
||||
|
||||
|
||||
The following new configuration options are available.
|
||||
|
||||
#### `[http]` Section
|
||||
|
||||
* `max-body-size` was added with a default of 25,000,000, but can be disabled by setting it to 0.
|
||||
* `max-body-size` was added with a default of 25,000,000, but can be disabled by setting it to 0.
|
||||
Specifies the maximum size (in bytes) of a client request body. When a client sends data that exceeds
|
||||
the configured maximum size, a `413 Request Entity Too Large` HTTP response is returned.
|
||||
|
||||
the configured maximum size, a `413 Request Entity Too Large` HTTP response is returned.
|
||||
|
||||
#### `[continuous_queries]` Section
|
||||
|
||||
* `query-stats-enabled` was added with a default of `false`. When set to `true`, continuous query execution statistics are written to the default monitor store.
|
||||
|
|
|
|||
|
|
@ -611,6 +611,10 @@ func (data *Data) SetPrivilege(name, database string, p influxql.Privilege) erro
|
|||
return ErrUserNotFound
|
||||
}
|
||||
|
||||
if data.Database(database) == nil {
|
||||
return influxdb.ErrDatabaseNotFound(database)
|
||||
}
|
||||
|
||||
if ui.Privileges == nil {
|
||||
ui.Privileges = make(map[string]influxql.Privilege)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/influxdata/influxdb"
|
||||
"github.com/influxdata/influxdb/influxql"
|
||||
|
||||
"github.com/influxdata/influxdb/services/meta"
|
||||
|
|
@ -188,6 +189,32 @@ func TestData_AdminUserExists(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestData_SetPrivilege(t *testing.T) {
|
||||
data := meta.Data{}
|
||||
if err := data.CreateDatabase("db0"); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
if err := data.CreateUser("user1", "", false); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
// When the user does not exist, SetPrivilege returns an error.
|
||||
if got, exp := data.SetPrivilege("not a user", "db0", influxql.AllPrivileges), meta.ErrUserNotFound; got != exp {
|
||||
t.Fatalf("got %v, expected %v", got, exp)
|
||||
}
|
||||
|
||||
// When the database does not exist, SetPrivilege returns an error.
|
||||
if got, exp := data.SetPrivilege("user1", "db1", influxql.AllPrivileges), influxdb.ErrDatabaseNotFound("db1"); got == nil || got.Error() != exp.Error() {
|
||||
t.Fatalf("got %v, expected %v", got, exp)
|
||||
}
|
||||
|
||||
// Otherwise, SetPrivilege sets the expected privileges.
|
||||
if got := data.SetPrivilege("user1", "db0", influxql.AllPrivileges); got != nil {
|
||||
t.Fatalf("got %v, expected %v", got, nil)
|
||||
}
|
||||
}
|
||||
|
||||
func TestUserInfo_AuthorizeDatabase(t *testing.T) {
|
||||
emptyUser := &meta.UserInfo{}
|
||||
if !emptyUser.AuthorizeDatabase(influxql.NoPrivileges, "anydb") {
|
||||
|
|
|
|||
Loading…
Reference in New Issue