From 2086b4f75d5326a8dc7e5e7a29e7baebfe8fa4f6 Mon Sep 17 00:00:00 2001
From: "yihao.dai" <yihao.dai@zilliz.com>
Date: Thu, 8 Jun 2023 20:28:35 +0800
Subject: [PATCH] Add RBAC for FlushAll (#24751)

Signed-off-by: bigsheeper <yihao.dai@zilliz.com>
---
 go.mod                                |   2 +-
 go.sum                                |   2 +
 internal/core/src/pb/common.pb.cc     | 105 +++++++++++++++-----------
 internal/core/src/pb/common.pb.h      |  12 ++-
 internal/distributed/proxy/service.go |  23 ++++++
 internal/proxy/impl.go                |  23 ++++++
 pkg/util/constant.go                  |   1 +
 7 files changed, 119 insertions(+), 49 deletions(-)

diff --git a/go.mod b/go.mod
index 7e891012b9..0acacb3cd6 100644
--- a/go.mod
+++ b/go.mod
@@ -23,7 +23,7 @@ require (
 	github.com/klauspost/compress v1.16.5
 	github.com/lingdor/stackerror v0.0.0-20191119040541-976d8885ed76
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d
-	github.com/milvus-io/milvus-proto/go-api v0.0.0-20230531124827-410c849303a9
+	github.com/milvus-io/milvus-proto/go-api v0.0.0-20230608062631-c453ef1b870a
 	github.com/minio/minio-go/v7 v7.0.17
 	github.com/nats-io/nats-server/v2 v2.9.17
 	github.com/nats-io/nats.go v1.24.0
diff --git a/go.sum b/go.sum
index d7cc541ee9..615c88a8fc 100644
--- a/go.sum
+++ b/go.sum
@@ -583,6 +583,8 @@ github.com/milvus-io/gorocksdb v0.0.0-20220624081344-8c5f4212846b h1:TfeY0NxYxZz
 github.com/milvus-io/gorocksdb v0.0.0-20220624081344-8c5f4212846b/go.mod h1:iwW+9cWfIzzDseEBCCeDSN5SD16Tidvy8cwQ7ZY8Qj4=
 github.com/milvus-io/milvus-proto/go-api v0.0.0-20230531124827-410c849303a9 h1:l4UDSKK29zXAg5+oqa4eAZaAfRHsyFsij3QPxu1tqvk=
 github.com/milvus-io/milvus-proto/go-api v0.0.0-20230531124827-410c849303a9/go.mod h1:148qnlmZ0Fdm1Fq+Mj/OW2uDoEP25g3mjh0vMGtkgmk=
+github.com/milvus-io/milvus-proto/go-api v0.0.0-20230608062631-c453ef1b870a h1:kAQIZ883jq7ZypLibJZfA5NSPDKalaOhvt8qBR1VWSc=
+github.com/milvus-io/milvus-proto/go-api v0.0.0-20230608062631-c453ef1b870a/go.mod h1:148qnlmZ0Fdm1Fq+Mj/OW2uDoEP25g3mjh0vMGtkgmk=
 github.com/milvus-io/pulsar-client-go v0.6.10 h1:eqpJjU+/QX0iIhEo3nhOqMNXL+TyInAs1IAHZCrCM/A=
 github.com/milvus-io/pulsar-client-go v0.6.10/go.mod h1:lQqCkgwDF8YFYjKA+zOheTk1tev2B+bKj5j7+nm8M1w=
 github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8 h1:AMFGa4R4MiIpspGNG7Z948v4n35fFGB3RR3G/ry4FWs=
diff --git a/internal/core/src/pb/common.pb.cc b/internal/core/src/pb/common.pb.cc
index e5821a43c5..d7ded69b46 100755
--- a/internal/core/src/pb/common.pb.cc
+++ b/internal/core/src/pb/common.pb.cc
@@ -522,7 +522,7 @@ const char descriptor_table_protodef_common_2eproto[] PROTOBUF_SECTION_VARIABLE(
   "\n\n\006Sealed\020\003\022\013\n\007Flushed\020\004\022\014\n\010Flushing\020\005\022\013"
   "\n\007Dropped\020\006\022\r\n\tImporting\020\007*>\n\017Placeholde"
   "rType\022\010\n\004None\020\000\022\020\n\014BinaryVector\020d\022\017\n\013Flo"
-  "atVector\020e*\343\017\n\007MsgType\022\r\n\tUndefined\020\000\022\024\n"
+  "atVector\020e*\237\020\n\007MsgType\022\r\n\tUndefined\020\000\022\024\n"
   "\020CreateCollection\020d\022\022\n\016DropCollection\020e\022"
   "\021\n\rHasCollection\020f\022\026\n\022DescribeCollection"
   "\020g\022\023\n\017ShowCollections\020h\022\024\n\020GetSystemConf"
@@ -572,57 +572,62 @@ const char descriptor_table_protodef_common_2eproto[] PROTOBUF_SECTION_VARIABLE(
   "olicy\020\311\014\022\030\n\023CreateResourceGroup\020\244\r\022\026\n\021Dr"
   "opResourceGroup\020\245\r\022\027\n\022ListResourceGroups"
   "\020\246\r\022\032\n\025DescribeResourceGroup\020\247\r\022\021\n\014Trans"
-  "ferNode\020\250\r\022\024\n\017TransferReplica\020\251\r*\"\n\007DslT"
-  "ype\022\007\n\003Dsl\020\000\022\016\n\nBoolExprV1\020\001*B\n\017Compacti"
-  "onState\022\021\n\rUndefiedState\020\000\022\r\n\tExecuting\020"
-  "\001\022\r\n\tCompleted\020\002*X\n\020ConsistencyLevel\022\n\n\006"
-  "Strong\020\000\022\013\n\007Session\020\001\022\013\n\007Bounded\020\002\022\016\n\nEv"
-  "entually\020\003\022\016\n\nCustomized\020\004*\236\001\n\013ImportSta"
-  "te\022\021\n\rImportPending\020\000\022\020\n\014ImportFailed\020\001\022"
-  "\021\n\rImportStarted\020\002\022\023\n\017ImportPersisted\020\005\022"
-  "\021\n\rImportFlushed\020\010\022\023\n\017ImportCompleted\020\006\022"
-  "\032\n\026ImportFailedAndCleaned\020\007*2\n\nObjectTyp"
-  "e\022\016\n\nCollection\020\000\022\n\n\006Global\020\001\022\010\n\004User\020\002*"
-  "\227\007\n\017ObjectPrivilege\022\020\n\014PrivilegeAll\020\000\022\035\n"
-  "\031PrivilegeCreateCollection\020\001\022\033\n\027Privileg"
-  "eDropCollection\020\002\022\037\n\033PrivilegeDescribeCo"
-  "llection\020\003\022\034\n\030PrivilegeShowCollections\020\004"
-  "\022\021\n\rPrivilegeLoad\020\005\022\024\n\020PrivilegeRelease\020"
-  "\006\022\027\n\023PrivilegeCompaction\020\007\022\023\n\017PrivilegeI"
-  "nsert\020\010\022\023\n\017PrivilegeDelete\020\t\022\032\n\026Privileg"
-  "eGetStatistics\020\n\022\030\n\024PrivilegeCreateIndex"
-  "\020\013\022\030\n\024PrivilegeIndexDetail\020\014\022\026\n\022Privileg"
-  "eDropIndex\020\r\022\023\n\017PrivilegeSearch\020\016\022\022\n\016Pri"
-  "vilegeFlush\020\017\022\022\n\016PrivilegeQuery\020\020\022\030\n\024Pri"
-  "vilegeLoadBalance\020\021\022\023\n\017PrivilegeImport\020\022"
-  "\022\034\n\030PrivilegeCreateOwnership\020\023\022\027\n\023Privil"
-  "egeUpdateUser\020\024\022\032\n\026PrivilegeDropOwnershi"
-  "p\020\025\022\034\n\030PrivilegeSelectOwnership\020\026\022\034\n\030Pri"
-  "vilegeManageOwnership\020\027\022\027\n\023PrivilegeSele"
-  "ctUser\020\030\022\023\n\017PrivilegeUpsert\020\031\022 \n\034Privile"
-  "geCreateResourceGroup\020\032\022\036\n\032PrivilegeDrop"
-  "ResourceGroup\020\033\022\"\n\036PrivilegeDescribeReso"
-  "urceGroup\020\034\022\037\n\033PrivilegeListResourceGrou"
-  "ps\020\035\022\031\n\025PrivilegeTransferNode\020\036\022\034\n\030Privi"
-  "legeTransferReplica\020\037\022\037\n\033PrivilegeGetLoa"
-  "dingProgress\020 \022\031\n\025PrivilegeGetLoadState\020"
-  "!*S\n\tStateCode\022\020\n\014Initializing\020\000\022\013\n\007Heal"
-  "thy\020\001\022\014\n\010Abnormal\020\002\022\013\n\007StandBy\020\003\022\014\n\010Stop"
-  "ping\020\004*c\n\tLoadState\022\025\n\021LoadStateNotExist"
-  "\020\000\022\024\n\020LoadStateNotLoad\020\001\022\024\n\020LoadStateLoa"
-  "ding\020\002\022\023\n\017LoadStateLoaded\020\003:^\n\021privilege"
-  "_ext_obj\022\037.google.protobuf.MessageOption"
-  "s\030\351\007 \001(\0132!.milvus.proto.common.Privilege"
-  "ExtBf\n\016io.milvus.grpcB\013CommonProtoP\001Z1gi"
-  "thub.com/milvus-io/milvus-proto/go-api/c"
-  "ommonpb\240\001\001\252\002\016IO.Milvus.Grpcb\006proto3"
+  "ferNode\020\250\r\022\024\n\017TransferReplica\020\251\r\022\023\n\016Crea"
+  "teDatabase\020\211\016\022\021\n\014DropDatabase\020\212\016\022\022\n\rList"
+  "Databases\020\213\016*\"\n\007DslType\022\007\n\003Dsl\020\000\022\016\n\nBool"
+  "ExprV1\020\001*B\n\017CompactionState\022\021\n\rUndefiedS"
+  "tate\020\000\022\r\n\tExecuting\020\001\022\r\n\tCompleted\020\002*X\n\020"
+  "ConsistencyLevel\022\n\n\006Strong\020\000\022\013\n\007Session\020"
+  "\001\022\013\n\007Bounded\020\002\022\016\n\nEventually\020\003\022\016\n\nCustom"
+  "ized\020\004*\236\001\n\013ImportState\022\021\n\rImportPending\020"
+  "\000\022\020\n\014ImportFailed\020\001\022\021\n\rImportStarted\020\002\022\023"
+  "\n\017ImportPersisted\020\005\022\021\n\rImportFlushed\020\010\022\023"
+  "\n\017ImportCompleted\020\006\022\032\n\026ImportFailedAndCl"
+  "eaned\020\007*2\n\nObjectType\022\016\n\nCollection\020\000\022\n\n"
+  "\006Global\020\001\022\010\n\004User\020\002*\241\010\n\017ObjectPrivilege\022"
+  "\020\n\014PrivilegeAll\020\000\022\035\n\031PrivilegeCreateColl"
+  "ection\020\001\022\033\n\027PrivilegeDropCollection\020\002\022\037\n"
+  "\033PrivilegeDescribeCollection\020\003\022\034\n\030Privil"
+  "egeShowCollections\020\004\022\021\n\rPrivilegeLoad\020\005\022"
+  "\024\n\020PrivilegeRelease\020\006\022\027\n\023PrivilegeCompac"
+  "tion\020\007\022\023\n\017PrivilegeInsert\020\010\022\023\n\017Privilege"
+  "Delete\020\t\022\032\n\026PrivilegeGetStatistics\020\n\022\030\n\024"
+  "PrivilegeCreateIndex\020\013\022\030\n\024PrivilegeIndex"
+  "Detail\020\014\022\026\n\022PrivilegeDropIndex\020\r\022\023\n\017Priv"
+  "ilegeSearch\020\016\022\022\n\016PrivilegeFlush\020\017\022\022\n\016Pri"
+  "vilegeQuery\020\020\022\030\n\024PrivilegeLoadBalance\020\021\022"
+  "\023\n\017PrivilegeImport\020\022\022\034\n\030PrivilegeCreateO"
+  "wnership\020\023\022\027\n\023PrivilegeUpdateUser\020\024\022\032\n\026P"
+  "rivilegeDropOwnership\020\025\022\034\n\030PrivilegeSele"
+  "ctOwnership\020\026\022\034\n\030PrivilegeManageOwnershi"
+  "p\020\027\022\027\n\023PrivilegeSelectUser\020\030\022\023\n\017Privileg"
+  "eUpsert\020\031\022 \n\034PrivilegeCreateResourceGrou"
+  "p\020\032\022\036\n\032PrivilegeDropResourceGroup\020\033\022\"\n\036P"
+  "rivilegeDescribeResourceGroup\020\034\022\037\n\033Privi"
+  "legeListResourceGroups\020\035\022\031\n\025PrivilegeTra"
+  "nsferNode\020\036\022\034\n\030PrivilegeTransferReplica\020"
+  "\037\022\037\n\033PrivilegeGetLoadingProgress\020 \022\031\n\025Pr"
+  "ivilegeGetLoadState\020!\022\035\n\031PrivilegeRename"
+  "Collection\020\"\022\033\n\027PrivilegeCreateDatabase\020"
+  "#\022\031\n\025PrivilegeDropDatabase\020$\022\032\n\026Privileg"
+  "eListDatabases\020%\022\025\n\021PrivilegeFlushAll\020&*"
+  "S\n\tStateCode\022\020\n\014Initializing\020\000\022\013\n\007Health"
+  "y\020\001\022\014\n\010Abnormal\020\002\022\013\n\007StandBy\020\003\022\014\n\010Stoppi"
+  "ng\020\004*c\n\tLoadState\022\025\n\021LoadStateNotExist\020\000"
+  "\022\024\n\020LoadStateNotLoad\020\001\022\024\n\020LoadStateLoadi"
+  "ng\020\002\022\023\n\017LoadStateLoaded\020\003:^\n\021privilege_e"
+  "xt_obj\022\037.google.protobuf.MessageOptions\030"
+  "\351\007 \001(\0132!.milvus.proto.common.PrivilegeEx"
+  "tBf\n\016io.milvus.grpcB\013CommonProtoP\001Z1gith"
+  "ub.com/milvus-io/milvus-proto/go-api/com"
+  "monpb\240\001\001\252\002\016IO.Milvus.Grpcb\006proto3"
   ;
 static const ::_pbi::DescriptorTable* const descriptor_table_common_2eproto_deps[1] = {
   &::descriptor_table_google_2fprotobuf_2fdescriptor_2eproto,
 };
 static ::_pbi::once_flag descriptor_table_common_2eproto_once;
 const ::_pbi::DescriptorTable descriptor_table_common_2eproto = {
-    false, false, 6835, descriptor_table_protodef_common_2eproto,
+    false, false, 7033, descriptor_table_protodef_common_2eproto,
     "common.proto",
     &descriptor_table_common_2eproto_once, descriptor_table_common_2eproto_deps, 1, 16,
     schemas, file_default_instances, TableStruct_common_2eproto::offsets,
@@ -864,6 +869,9 @@ bool MsgType_IsValid(int value) {
     case 1703:
     case 1704:
     case 1705:
+    case 1801:
+    case 1802:
+    case 1803:
       return true;
     default:
       return false;
@@ -990,6 +998,11 @@ bool ObjectPrivilege_IsValid(int value) {
     case 31:
     case 32:
     case 33:
+    case 34:
+    case 35:
+    case 36:
+    case 37:
+    case 38:
       return true;
     default:
       return false;
diff --git a/internal/core/src/pb/common.pb.h b/internal/core/src/pb/common.pb.h
index 835d502e2f..23d22d1bff 100755
--- a/internal/core/src/pb/common.pb.h
+++ b/internal/core/src/pb/common.pb.h
@@ -390,12 +390,15 @@ enum MsgType : int {
   DescribeResourceGroup = 1703,
   TransferNode = 1704,
   TransferReplica = 1705,
+  CreateDatabase = 1801,
+  DropDatabase = 1802,
+  ListDatabases = 1803,
   MsgType_INT_MIN_SENTINEL_DO_NOT_USE_ = std::numeric_limits<int32_t>::min(),
   MsgType_INT_MAX_SENTINEL_DO_NOT_USE_ = std::numeric_limits<int32_t>::max()
 };
 bool MsgType_IsValid(int value);
 constexpr MsgType MsgType_MIN = Undefined;
-constexpr MsgType MsgType_MAX = TransferReplica;
+constexpr MsgType MsgType_MAX = ListDatabases;
 constexpr int MsgType_ARRAYSIZE = MsgType_MAX + 1;
 
 const ::PROTOBUF_NAMESPACE_ID::EnumDescriptor* MsgType_descriptor();
@@ -582,12 +585,17 @@ enum ObjectPrivilege : int {
   PrivilegeTransferReplica = 31,
   PrivilegeGetLoadingProgress = 32,
   PrivilegeGetLoadState = 33,
+  PrivilegeRenameCollection = 34,
+  PrivilegeCreateDatabase = 35,
+  PrivilegeDropDatabase = 36,
+  PrivilegeListDatabases = 37,
+  PrivilegeFlushAll = 38,
   ObjectPrivilege_INT_MIN_SENTINEL_DO_NOT_USE_ = std::numeric_limits<int32_t>::min(),
   ObjectPrivilege_INT_MAX_SENTINEL_DO_NOT_USE_ = std::numeric_limits<int32_t>::max()
 };
 bool ObjectPrivilege_IsValid(int value);
 constexpr ObjectPrivilege ObjectPrivilege_MIN = PrivilegeAll;
-constexpr ObjectPrivilege ObjectPrivilege_MAX = PrivilegeGetLoadState;
+constexpr ObjectPrivilege ObjectPrivilege_MAX = PrivilegeFlushAll;
 constexpr int ObjectPrivilege_ARRAYSIZE = ObjectPrivilege_MAX + 1;
 
 const ::PROTOBUF_NAMESPACE_ID::EnumDescriptor* ObjectPrivilege_descriptor();
diff --git a/internal/distributed/proxy/service.go b/internal/distributed/proxy/service.go
index 4b4b91223a..1cfe1dc7f7 100644
--- a/internal/distributed/proxy/service.go
+++ b/internal/distributed/proxy/service.go
@@ -942,3 +942,26 @@ func (s *Server) Connect(ctx context.Context, req *milvuspb.ConnectRequest) (*mi
 func (s *Server) ListClientInfos(ctx context.Context, req *proxypb.ListClientInfosRequest) (*proxypb.ListClientInfosResponse, error) {
 	return s.proxy.ListClientInfos(ctx, req)
 }
+
+func (s *Server) CreateDatabase(ctx context.Context, req *milvuspb.CreateDatabaseRequest) (*commonpb.Status, error) {
+	return &commonpb.Status{
+		ErrorCode: commonpb.ErrorCode_UnexpectedError,
+		Reason:    "TODO: implement me @jaime",
+	}, nil
+}
+
+func (s *Server) DropDatabase(ctx context.Context, req *milvuspb.DropDatabaseRequest) (*commonpb.Status, error) {
+	return &commonpb.Status{
+		ErrorCode: commonpb.ErrorCode_UnexpectedError,
+		Reason:    "TODO: implement me @jaime",
+	}, nil
+}
+
+func (s *Server) ListDatabases(ctx context.Context, req *milvuspb.ListDatabasesRequest) (*milvuspb.ListDatabasesResponse, error) {
+	return &milvuspb.ListDatabasesResponse{
+		Status: &commonpb.Status{
+			ErrorCode: commonpb.ErrorCode_UnexpectedError,
+			Reason:    "TODO: implement me @jaime",
+		},
+	}, nil
+}
diff --git a/internal/proxy/impl.go b/internal/proxy/impl.go
index c9b76f3ade..656a844dc7 100644
--- a/internal/proxy/impl.go
+++ b/internal/proxy/impl.go
@@ -5128,3 +5128,26 @@ func (node *Proxy) ListClientInfos(ctx context.Context, req *proxypb.ListClientI
 		ClientInfos: clients,
 	}, nil
 }
+
+func (node *Proxy) CreateDatabase(ctx context.Context, req *milvuspb.CreateDatabaseRequest) (*commonpb.Status, error) {
+	return &commonpb.Status{
+		ErrorCode: commonpb.ErrorCode_UnexpectedError,
+		Reason:    "TODO: implement me @jaime",
+	}, nil
+}
+
+func (node *Proxy) DropDatabase(ctx context.Context, req *milvuspb.DropDatabaseRequest) (*commonpb.Status, error) {
+	return &commonpb.Status{
+		ErrorCode: commonpb.ErrorCode_UnexpectedError,
+		Reason:    "TODO: implement me @jaime",
+	}, nil
+}
+
+func (node *Proxy) ListDatabases(ctx context.Context, req *milvuspb.ListDatabasesRequest) (*milvuspb.ListDatabasesResponse, error) {
+	return &milvuspb.ListDatabasesResponse{
+		Status: &commonpb.Status{
+			ErrorCode: commonpb.ErrorCode_UnexpectedError,
+			Reason:    "TODO: implement me @jaime",
+		},
+	}, nil
+}
diff --git a/pkg/util/constant.go b/pkg/util/constant.go
index c7de317b7d..f2feec6f14 100644
--- a/pkg/util/constant.go
+++ b/pkg/util/constant.go
@@ -107,6 +107,7 @@ var (
 			MetaStore2API(commonpb.ObjectPrivilege_PrivilegeListResourceGroups.String()),
 			MetaStore2API(commonpb.ObjectPrivilege_PrivilegeTransferReplica.String()),
 			MetaStore2API(commonpb.ObjectPrivilege_PrivilegeTransferNode.String()),
+			MetaStore2API(commonpb.ObjectPrivilege_PrivilegeFlushAll.String()),
 		},
 		commonpb.ObjectType_User.String(): {
 			MetaStore2API(commonpb.ObjectPrivilege_PrivilegeUpdateUser.String()),