Skip to content

Pipe: Enabled config audit logger & Fixed some checks of config privilege & keep the tree model show pipes aligned with table model's & Fixed the bug that password with "-" prefix cannot be directly entered in Cli #16957

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Caideyipi wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Pipe: Enabled config audit logger & Fixed some checks of config privilege & keep the tree model show pipes aligned with table model's & Fixed the bug that password with "-" prefix cannot be directly entered in Cli #16957

Caideyipi wants to merge 16 commits into from

Conversation

@Caideyipi
Copy link
Collaborator

@Caideyipi Caideyipi commented Dec 26, 2025

Description

As the title said.

This PR has:

  • been self-reviewed.
    • concurrent read
    • concurrent write
    • concurrent read and write
  • added documentation for new or modified features or behaviors.
  • added Javadocs for most classes and all non-trivial methods.
  • added or updated version, license, or notice information
  • added comments explaining the "why" and the intent of the code wherever would not be obvious
    for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold
    for code coverage.
  • added integration tests.
  • been tested in a test IoTDB cluster.
Key changed/added classes (or packages if there are too many classes) in this PR

@Caideyipi Caideyipi changed the title Pipe: Enabled config audit logger & Fixed some checks of config privilege & keep the tree model show pipes aligned with table model's Pipe: Enabled config audit logger & Fixed some checks of config privilege & keep the tree model show pipes aligned with table model's & Fixed the bug that password with "-" prefix cannot be directly entered in Cli Dec 26, 2025
@codecov
Copy link

codecov bot commented Dec 26, 2025

Codecov Report

❌ Patch coverage is 27.92553% with 271 lines in your changes missing coverage. Please review.
✅ Project coverage is 39.33%. Comparing base (8e99486) to head (47429d0).
⚠️ Report is 3 commits behind head on master.

Files with missing lines Patch % Lines
...an/relational/security/TreeAccessCheckVisitor.java 1.36% 72 Missing ⚠️
...ne/plan/relational/security/AccessControlImpl.java 0.00% 71 Missing ⚠️
...e/source/PipeConfigTablePrivilegeParseVisitor.java 0.00% 69 Missing ⚠️
...lan/relational/security/ITableAuthCheckerImpl.java 0.00% 26 Missing ⚠️
...pe/source/PipeConfigTreePrivilegeParseVisitor.java 81.81% 22 Missing ⚠️
...pache/iotdb/commons/audit/AbstractAuditLogger.java 37.50% 5 Missing ⚠️
...e/manager/pipe/source/IoTDBConfigRegionSource.java 0.00% 3 Missing ⚠️
.../plan/execution/config/TableConfigTaskVisitor.java 0.00% 3 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff              @@
##             master   #16957      +/-   ##
============================================
+ Coverage     39.32%   39.33%   +0.01%     
  Complexity      212      212              
============================================
  Files          5053     5053              
  Lines        337216   337235      +19     
  Branches      42923    42925       +2     
============================================
+ Hits         132603   132665      +62     
+ Misses       204613   204570      -43

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 26, 2025

Quality Gate Passed Quality Gate passed

Issues
39 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
1.1% Duplication on New Code

See analysis details on SonarQube Cloud

CRZbulabula
CRZbulabula requested changes Dec 28, 2025
View reviewed changes
Copy link
Contributor

@CRZbulabula CRZbulabula left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PTAL.

iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/audit/AbstractAuditLogger.java
return true;
}

public void recordAuditLog(final IAuditEntity auditEntity, final Supplier<String> auditObject) {
Copy link
Contributor

@CRZbulabula CRZbulabula Dec 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it is a good idea that roughly moving the recordAuditLog function from AuthCheckImpl to AbstractAuditLogger, because the current implementation is only for OBJECT_AUTHENTICATION audit. If u indeed require this refactor, I know current change is for pipe audit, at least rename this interface to recordObjectAuthenticationAuditLog.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@CRZbulabula CRZbulabula CRZbulabula requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Caideyipi @CRZbulabula