From 48dfc36c2d95d0b379196c4bfbfaf1049ab054e5 Mon Sep 17 00:00:00 2001 From: sthuang <167743503+shaoting-huang@users.noreply.github.com> Date: Mon, 9 Dec 2024 19:04:34 +0800 Subject: [PATCH] fix: optional db for grant/revoke v2 (#852) issue: https://github.com/milvus-io/milvus/issues/37031 Signed-off-by: shaoting-huang --- client/client.go | 8 ++++---- client/rbac.go | 16 ++++++++++++---- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/client/client.go b/client/client.go index 23b4ce1e..0bff2158 100644 --- a/client/client.go +++ b/client/client.go @@ -222,10 +222,10 @@ type Client interface { Grant(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string, privilege string, options ...entity.OperatePrivilegeOption) error // Revoke removes privilege from role. Revoke(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string, privilege string, options ...entity.OperatePrivilegeOption) error - // GrantV2 adds privilege for role. - GrantV2(ctx context.Context, role string, privilege string, dbName string, colName string) error - // RevokeV2 removes privilege from role. - RevokeV2(ctx context.Context, role string, privilege string, dbName string, colName string) error + // GrantV2 adds privilege for role. It will use default database if the option is not provided. + GrantV2(ctx context.Context, role string, colName string, privilege string, options ...entity.OperatePrivilegeOption) error + // RevokeV2 removes privilege from role. It will use default database if the option is not provided. + RevokeV2(ctx context.Context, role string, colName string, privilege string, options ...entity.OperatePrivilegeOption) error // GetLoadingProgress get the collection or partitions loading progress GetLoadingProgress(ctx context.Context, collectionName string, partitionNames []string) (int64, error) diff --git a/client/rbac.go b/client/rbac.go index 462d7012..700254fc 100644 --- a/client/rbac.go +++ b/client/rbac.go @@ -394,11 +394,15 @@ func (c *GrpcClient) Revoke(ctx context.Context, role string, objectType entity. } // GrantV2 adds object privilege for role without object type -func (c *GrpcClient) GrantV2(ctx context.Context, role string, privilege string, dbName string, colName string) error { +func (c *GrpcClient) GrantV2(ctx context.Context, role string, colName string, privilege string, options ...entity.OperatePrivilegeOption) error { if c.Service == nil { return ErrClientNotReady } + grantOpt := &entity.OperatePrivilegeOpt{} + for _, opt := range options { + opt(grantOpt) + } req := &milvuspb.OperatePrivilegeV2Request{ Role: &milvuspb.RoleEntity{ Name: role, @@ -409,7 +413,7 @@ func (c *GrpcClient) GrantV2(ctx context.Context, role string, privilege string, }, }, Type: milvuspb.OperatePrivilegeType_Grant, - DbName: dbName, + DbName: grantOpt.Database, CollectionName: colName, } @@ -422,11 +426,15 @@ func (c *GrpcClient) GrantV2(ctx context.Context, role string, privilege string, } // Revoke removes privilege from role without object type -func (c *GrpcClient) RevokeV2(ctx context.Context, role string, privilege string, dbName string, colName string) error { +func (c *GrpcClient) RevokeV2(ctx context.Context, role string, colName string, privilege string, options ...entity.OperatePrivilegeOption) error { if c.Service == nil { return ErrClientNotReady } + revokeOpt := &entity.OperatePrivilegeOpt{} + for _, opt := range options { + opt(revokeOpt) + } req := &milvuspb.OperatePrivilegeV2Request{ Role: &milvuspb.RoleEntity{ Name: role, @@ -437,7 +445,7 @@ func (c *GrpcClient) RevokeV2(ctx context.Context, role string, privilege string }, }, Type: milvuspb.OperatePrivilegeType_Revoke, - DbName: dbName, + DbName: revokeOpt.Database, CollectionName: colName, }