From febed0abb7de38e1c4f78c679328eb87fd82fc49 Mon Sep 17 00:00:00 2001
From: sthuang <167743503+shaoting-huang@users.noreply.github.com>
Date: Wed, 4 Dec 2024 17:58:40 +0800
Subject: [PATCH] enhance: [2.4] add list aliases privilege into public role
 and fix typo (#38208)

cherry-pick from master: https://github.com/milvus-io/milvus/pull/38176,
https://github.com/milvus-io/milvus/pull/38195
related issue: https://github.com/milvus-io/milvus/issues/37031

---------

Signed-off-by: shaoting-huang <shaoting.huang@zilliz.com>
---
 internal/proxy/impl.go                | 2 +-
 internal/proxy/util.go                | 7 +++++++
 internal/rootcoord/root_coord.go      | 1 +
 internal/rootcoord/root_coord_test.go | 2 +-
 4 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/internal/proxy/impl.go b/internal/proxy/impl.go
index be2a32fa441f0..62345664582c3 100644
--- a/internal/proxy/impl.go
+++ b/internal/proxy/impl.go
@@ -5276,7 +5276,7 @@ func (node *Proxy) validateOperatePrivilegeV2Params(req *milvuspb.OperatePrivile
 			return err
 		}
 	}
-	if err := ValidateObjectName(req.CollectionName); err != nil {
+	if err := ValidateCollectionName(req.CollectionName); err != nil {
 		return err
 	}
 	return nil
diff --git a/internal/proxy/util.go b/internal/proxy/util.go
index a3aadeb433b2f..699c741781fef 100644
--- a/internal/proxy/util.go
+++ b/internal/proxy/util.go
@@ -928,6 +928,13 @@ func ValidateObjectName(entity string) error {
 	return validateName(entity, "object name")
 }
 
+func ValidateCollectionName(entity string) error {
+	if util.IsAnyWord(entity) {
+		return nil
+	}
+	return validateName(entity, "collection name")
+}
+
 func ValidateObjectType(entity string) error {
 	return validateName(entity, "ObjectType")
 }
diff --git a/internal/rootcoord/root_coord.go b/internal/rootcoord/root_coord.go
index 612b3838fa1b6..11c2c06f70071 100644
--- a/internal/rootcoord/root_coord.go
+++ b/internal/rootcoord/root_coord.go
@@ -566,6 +566,7 @@ func (c *Core) initPublicRolePrivilege() error {
 	// grant privileges for the public role
 	globalPrivileges := []string{
 		commonpb.ObjectPrivilege_PrivilegeDescribeCollection.String(),
+		commonpb.ObjectPrivilege_PrivilegeListAliases.String(),
 	}
 	collectionPrivileges := []string{
 		commonpb.ObjectPrivilege_PrivilegeIndexDetail.String(),
diff --git a/internal/rootcoord/root_coord_test.go b/internal/rootcoord/root_coord_test.go
index 59cd1d95409d4..62b8b16811d85 100644
--- a/internal/rootcoord/root_coord_test.go
+++ b/internal/rootcoord/root_coord_test.go
@@ -1864,7 +1864,7 @@ func TestCore_InitRBAC(t *testing.T) {
 		meta := mockrootcoord.NewIMetaTable(t)
 		c := newTestCore(withHealthyCode(), withMeta(meta))
 		meta.EXPECT().CreateRole(mock.Anything, mock.Anything).Return(nil).Twice()
-		meta.EXPECT().OperatePrivilege(mock.Anything, mock.Anything, mock.Anything).Return(nil).Twice()
+		meta.EXPECT().OperatePrivilege(mock.Anything, mock.Anything, mock.Anything).Return(nil).Times(3)
 
 		Params.Save(Params.RoleCfg.Enabled.Key, "false")
 		Params.Save(Params.ProxyCfg.EnablePublicPrivilege.Key, "true")