Starrock version: 3.2
Starrocks表操作复现步骤:
set default_catalog;
GRANT CREATE TABLE,DROP,ALTER ON mydb TO USER ‘myuser’;
use mydb;
create table test(
id
int,
name varchar
);
GRANT SELECT ON TABLE mydb.test TO USER ‘myuser’;
此时权限列表
default_catalog | GRANT CREATE TABLE, DROP, ALTER ON DATABASES mydb TO USER 'myuser'@'%'
default_catalog | GRANT SELECT ON TABLE mydb.test TO USER 'myuser'@'%'
-- 执行:ALTER TABLE mydb.test RENAME mydb.test_2024
此时权限列表发生改变
default_catalog | GRANT CREATE TABLE, DROP, ALTER ON DATABASES mydb TO USER 'myuser'@'%'
default_catalog | GRANT SELECT ON TABLE mydb.test_2024 TO USER 'myuser'@'%'
-- 执行:DROP TABLE mydb.test_2024
此时权限列表发生改变
default_catalog | GRANT CREATE TABLE, DROP, ALTER ON DATABASES mydb TO USER 'myuser'@'%'
结论:此时再次创建 mydb.test 表后需要重新申请 SELECT 权限。
预期:保留原有权限并且新增rename后的权限
default_catalog | GRANT CREATE TABLE, DROP, ALTER ON DATABASES mydb TO USER 'myuser'@'%'
default_catalog | GRANT SELECT ON TABLE mydb.test TO USER 'myuser'@'%'
default_catalog | GRANT SELECT ON TABLE mydb.test_2024 TO USER 'myuser'@'%'
hive catalog表操作复现步骤:
set hive_catalog;
GRANT USAGE ON CATALOG hive_catalog TO USER myuser;
GRANT SELECT ON TABLE test.myhivetable TO USER myuser;
此时权限列表
hive_catalog | GRANT SELECT ON TABLE test.myhivetable TO USER 'myuser'@'%'
hive_catalog | GRANT USAGE ON CATALOG hive_catalog TO USER 'myuser'@'%'
-- 执行:hive中:DROP table test.myhivetable;
-- 执行:starrocks中:
set hive_catalog;
SELECT * FROM test.myhivetable LIMIT 1;
报错:SELECT privilege(s) on TABLE tmp_external_test for this operation. Please ask the admin to grant permission(s) or try activating existing roles using ‹set [default] role›. Current role(s): HOIE. Inactivated role(s): IONE.
此时权限列表
hive_catalog | GRANT SELECT ON TABLE test.myhivetable TO USER 'myuser'@'%'
hive_catalog | GRANT USAGE ON CATALOG hive_catalog TO USER 'myuser'@'%'
hive执行恢复test.myhivetable表后,还是报错 SELECT privilege(s) ....
重新申请该表的权限后权限列表会重复增加一条权限项
hive_catalog | GRANT SELECT ON TABLE test.myhivetable TO USER 'myuser'@'%'
hive_catalog | GRANT USAGE ON CATALOG hive_catalog TO USER 'myuser'@'%'
hive_catalog | GRANT SELECT ON TABLE test.myhivetable TO USER 'myuser'@'%'
预期:删除表再次重建后不需要重新申请该权限
以上出现的情况是BUG还是SR有意这样设计?新版本是否已经改变?