From a454c29f3d44b4fc41db450007710f603ff43d59 Mon Sep 17 00:00:00 2001 From: sthuang <167743503+shaoting-huang@users.noreply.github.com> Date: Wed, 4 Dec 2024 16:14:38 +0800 Subject: [PATCH 1/2] fix: grant v2 collection name and privilege error typo (#38195) issue: https://github.com/milvus-io/milvus/issues/38042 Signed-off-by: shaoting-huang --- internal/proxy/impl.go | 2 +- internal/proxy/util.go | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/internal/proxy/impl.go b/internal/proxy/impl.go index be2a32fa441f0..62345664582c3 100644 --- a/internal/proxy/impl.go +++ b/internal/proxy/impl.go @@ -5276,7 +5276,7 @@ func (node *Proxy) validateOperatePrivilegeV2Params(req *milvuspb.OperatePrivile return err } } - if err := ValidateObjectName(req.CollectionName); err != nil { + if err := ValidateCollectionName(req.CollectionName); err != nil { return err } return nil diff --git a/internal/proxy/util.go b/internal/proxy/util.go index a3aadeb433b2f..699c741781fef 100644 --- a/internal/proxy/util.go +++ b/internal/proxy/util.go @@ -928,6 +928,13 @@ func ValidateObjectName(entity string) error { return validateName(entity, "object name") } +func ValidateCollectionName(entity string) error { + if util.IsAnyWord(entity) { + return nil + } + return validateName(entity, "collection name") +} + func ValidateObjectType(entity string) error { return validateName(entity, "ObjectType") } From 746446f2b7a250ac0d5ea5c335ff93287ccbb6a2 Mon Sep 17 00:00:00 2001 From: sthuang <167743503+shaoting-huang@users.noreply.github.com> Date: Tue, 3 Dec 2024 23:42:39 +0800 Subject: [PATCH 2/2] enhance: add list aliases privilege into public role (#38176) related issue: https://github.com/milvus-io/milvus/issues/37031 Signed-off-by: shaoting-huang --- internal/rootcoord/root_coord.go | 1 + internal/rootcoord/root_coord_test.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/rootcoord/root_coord.go b/internal/rootcoord/root_coord.go index 612b3838fa1b6..11c2c06f70071 100644 --- a/internal/rootcoord/root_coord.go +++ b/internal/rootcoord/root_coord.go @@ -566,6 +566,7 @@ func (c *Core) initPublicRolePrivilege() error { // grant privileges for the public role globalPrivileges := []string{ commonpb.ObjectPrivilege_PrivilegeDescribeCollection.String(), + commonpb.ObjectPrivilege_PrivilegeListAliases.String(), } collectionPrivileges := []string{ commonpb.ObjectPrivilege_PrivilegeIndexDetail.String(), diff --git a/internal/rootcoord/root_coord_test.go b/internal/rootcoord/root_coord_test.go index 59cd1d95409d4..62b8b16811d85 100644 --- a/internal/rootcoord/root_coord_test.go +++ b/internal/rootcoord/root_coord_test.go @@ -1864,7 +1864,7 @@ func TestCore_InitRBAC(t *testing.T) { meta := mockrootcoord.NewIMetaTable(t) c := newTestCore(withHealthyCode(), withMeta(meta)) meta.EXPECT().CreateRole(mock.Anything, mock.Anything).Return(nil).Twice() - meta.EXPECT().OperatePrivilege(mock.Anything, mock.Anything, mock.Anything).Return(nil).Twice() + meta.EXPECT().OperatePrivilege(mock.Anything, mock.Anything, mock.Anything).Return(nil).Times(3) Params.Save(Params.RoleCfg.Enabled.Key, "false") Params.Save(Params.ProxyCfg.EnablePublicPrivilege.Key, "true")