Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #8132 from influxdata/er-db-privs 

Ensure privileges can't be set on non-existent DB
pull/8521/merge
Edd Robinson 2017-06-27 13:12:00 +01:00 committed by GitHub
parent 5f8761a78f e1a5ee4ede
commit 87975c7b2b
3 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
CHANGELOG.md
View File

@ -4,16 +4,17 @@
#### `[collectd]` Section #### `[collectd]` Section
* `parse-multivalue-plugin` was added with a default of `split`. When set to `split`, multivalue plugin data (e.g. df free:5000,used:1000) will be split into separate measurements (e.g., (df_free, value=5000) (df_used, value=1000)). When set to `join`, multivalue plugin will be stored as a single multi-value measurement (e.g., (df, free=5000,used=1000)). * `parse-multivalue-plugin` was added with a default of `split`. When set to `split`, multivalue plugin data (e.g. df free:5000,used:1000) will be split into separate measurements (e.g., (df_free, value=5000) (df_used, value=1000)). When set to `join`, multivalue plugin will be stored as a single multi-value measurement (e.g., (df, free=5000,used=1000)).
### Features ### Features
- [#8426](https://github.com/influxdata/influxdb/issues/8426): Add `parse-multivalue-plugin` to allow users to choose how multivalue plugins should be handled by the collectd service. - [#8426](https://github.com/influxdata/influxdb/issues/8426): Add `parse-multivalue-plugin` to allow users to choose how multivalue plugins should be handled by the collectd service.
### Bugfixes ### Bugfixes
- [#8480](https://github.com/influxdata/influxdb/pull/8480): Change the default stats interval to 1 second instead of 10 seconds. - [#8480](https://github.com/influxdata/influxdb/pull/8480): Change the default stats interval to 1 second instead of 10 seconds.
- [#8466](https://github.com/influxdata/influxdb/issues/8466): illumos build broken on syscall.Mmap - [#8466](https://github.com/influxdata/influxdb/issues/8466): illumos build broken on syscall.Mmap
- [#8124](https://github.com/influxdata/influxdb/issues/8124): Prevent privileges on non-existent databases from being set.
## v1.3.0 [unreleased] ## v1.3.0 [unreleased]
@ -44,15 +45,15 @@ The admin UI is removed and unusable in this release. The `[admin]` configuratio
* The top-level config `bind-address` now defaults to `localhost:8088`. * The top-level config `bind-address` now defaults to `localhost:8088`.
The previous default was just `:8088`, causing the backup and restore port to be bound on all available interfaces (i.e. including interfaces on the public internet). The previous default was just `:8088`, causing the backup and restore port to be bound on all available interfaces (i.e. including interfaces on the public internet).
The following new configuration options are available. The following new configuration options are available.
#### `[http]` Section #### `[http]` Section
* `max-body-size` was added with a default of 25,000,000, but can be disabled by setting it to 0. * `max-body-size` was added with a default of 25,000,000, but can be disabled by setting it to 0.
Specifies the maximum size (in bytes) of a client request body. When a client sends data that exceeds Specifies the maximum size (in bytes) of a client request body. When a client sends data that exceeds
the configured maximum size, a `413 Request Entity Too Large` HTTP response is returned. the configured maximum size, a `413 Request Entity Too Large` HTTP response is returned.
#### `[continuous_queries]` Section #### `[continuous_queries]` Section
* `query-stats-enabled` was added with a default of `false`. When set to `true`, continuous query execution statistics are written to the default monitor store. * `query-stats-enabled` was added with a default of `false`. When set to `true`, continuous query execution statistics are written to the default monitor store.

4
services/meta/data.go
View File

@ -611,6 +611,10 @@ func (data *Data) SetPrivilege(name, database string, p influxql.Privilege) erro
return ErrUserNotFound return ErrUserNotFound
} }
if data.Database(database) == nil {
return influxdb.ErrDatabaseNotFound(database)
}
if ui.Privileges == nil { if ui.Privileges == nil {
ui.Privileges = make(map[string]influxql.Privilege) ui.Privileges = make(map[string]influxql.Privilege)
} }

27
services/meta/data_test.go
View File

@ -5,6 +5,7 @@ import (
"testing" "testing"
"time" "time"
"github.com/influxdata/influxdb"
"github.com/influxdata/influxdb/influxql" "github.com/influxdata/influxdb/influxql"
"github.com/influxdata/influxdb/services/meta" "github.com/influxdata/influxdb/services/meta"
@ -188,6 +189,32 @@ func TestData_AdminUserExists(t *testing.T) {
} }
} }
func TestData_SetPrivilege(t *testing.T) {
data := meta.Data{}
if err := data.CreateDatabase("db0"); err != nil {
t.Fatal(err)
}
if err := data.CreateUser("user1", "", false); err != nil {
t.Fatal(err)
}
// When the user does not exist, SetPrivilege returns an error.
if got, exp := data.SetPrivilege("not a user", "db0", influxql.AllPrivileges), meta.ErrUserNotFound; got != exp {
t.Fatalf("got %v, expected %v", got, exp)
}
// When the database does not exist, SetPrivilege returns an error.
if got, exp := data.SetPrivilege("user1", "db1", influxql.AllPrivileges), influxdb.ErrDatabaseNotFound("db1"); got == nil || got.Error() != exp.Error() {
t.Fatalf("got %v, expected %v", got, exp)
}
// Otherwise, SetPrivilege sets the expected privileges.
if got := data.SetPrivilege("user1", "db0", influxql.AllPrivileges); got != nil {
t.Fatalf("got %v, expected %v", got, nil)
}
}
func TestUserInfo_AuthorizeDatabase(t *testing.T) { func TestUserInfo_AuthorizeDatabase(t *testing.T) {
emptyUser := &meta.UserInfo{} emptyUser := &meta.UserInfo{}
if !emptyUser.AuthorizeDatabase(influxql.NoPrivileges, "anydb") { if !emptyUser.AuthorizeDatabase(influxql.NoPrivileges, "anydb") {