diff --git a/src/query/ast/src/ast/statements/system_action.rs b/src/query/ast/src/ast/statements/system_action.rs index fbe3a89759f5e..aaa33a8bb90cf 100644 --- a/src/query/ast/src/ast/statements/system_action.rs +++ b/src/query/ast/src/ast/statements/system_action.rs @@ -32,6 +32,7 @@ impl Display for SystemStmt { #[derive(Debug, Clone, PartialEq, Eq, Drive, DriveMut)] pub enum SystemAction { Backtrace(bool), + FlushPrivileges, } impl Display for SystemAction { @@ -41,6 +42,7 @@ impl Display for SystemAction { true => write!(f, "ENABLE EXCEPTION_BACKTRACE"), false => write!(f, "DISABLE EXCEPTION_BACKTRACE"), }, + SystemAction::FlushPrivileges => write!(f, "FLUSH PRIVILEGES"), } } } diff --git a/src/query/ast/src/parser/statement.rs b/src/query/ast/src/parser/statement.rs index 85570a1c6881f..869d7b008ac3c 100644 --- a/src/query/ast/src/parser/statement.rs +++ b/src/query/ast/src/parser/statement.rs @@ -5054,15 +5054,21 @@ pub fn priority(i: Input) -> IResult { } pub fn action(i: Input) -> IResult { - let mut backtrace = parser_fn(map( + let backtrace = parser_fn(map( rule! { #switch ~ EXCEPTION_BACKTRACE }, |(switch, _)| SystemAction::Backtrace(switch), )); + let flush_privileges = parser_fn(map( + rule! { + FLUSH ~ PRIVILEGES + }, + |_| SystemAction::FlushPrivileges, + )); // add other system action type here rule!( - #backtrace + #backtrace | #flush_privileges ) .parse(i) } diff --git a/src/query/ast/src/parser/token.rs b/src/query/ast/src/parser/token.rs index 4b120493368df..086d1c10f5e4f 100644 --- a/src/query/ast/src/parser/token.rs +++ b/src/query/ast/src/parser/token.rs @@ -683,6 +683,8 @@ pub enum TokenKind { FORMAT_NAME, #[token("FORMATS", ignore(ascii_case))] FORMATS, + #[token("FLUSH", ignore(ascii_case))] + FLUSH, #[token("FRAGMENTS", ignore(ascii_case))] FRAGMENTS, #[token("FRIDAY", ignore(ascii_case))] diff --git a/src/query/service/src/interpreters/interpreter_system_action.rs b/src/query/service/src/interpreters/interpreter_system_action.rs index e0b2b192a3a70..125c04a14255b 100644 --- a/src/query/service/src/interpreters/interpreter_system_action.rs +++ b/src/query/service/src/interpreters/interpreter_system_action.rs @@ -20,6 +20,7 @@ use databend_common_exception::set_backtrace; use databend_common_exception::Result; use databend_common_sql::plans::SystemAction; use databend_common_sql::plans::SystemPlan; +use databend_common_users::RoleCacheManager; use crate::clusters::ClusterHelper; use crate::clusters::FlightParams; @@ -90,6 +91,10 @@ impl Interpreter for SystemActionInterpreter { SystemAction::Backtrace(switch) => { set_backtrace(switch); } + SystemAction::FlushPrivileges => { + let tenant = self.ctx.get_tenant(); + RoleCacheManager::instance().force_reload(&tenant).await?; + } } Ok(PipelineBuildResult::create()) } diff --git a/src/query/service/src/servers/flight/v1/actions/mod.rs b/src/query/service/src/servers/flight/v1/actions/mod.rs index f5f244b92f168..97f8db0d67f47 100644 --- a/src/query/service/src/servers/flight/v1/actions/mod.rs +++ b/src/query/service/src/servers/flight/v1/actions/mod.rs @@ -45,7 +45,8 @@ use crate::sessions::SessionManager; pub(crate) fn create_session() -> Result> { let config = GlobalConfig::instance(); - let settings = Settings::create(config.query.tenant_id.clone()); + let tenant_id = config.query.tenant_id.clone(); + let settings = Settings::create(tenant_id); match SessionManager::instance().create_with_settings(SessionType::FlightRPC, settings, None) { Err(cause) => Err(cause), Ok(session) => Ok(Arc::new(session)), diff --git a/src/query/sql/src/planner/binder/system.rs b/src/query/sql/src/planner/binder/system.rs index d811441bde23e..aa9d0107b784f 100644 --- a/src/query/sql/src/planner/binder/system.rs +++ b/src/query/sql/src/planner/binder/system.rs @@ -29,6 +29,9 @@ impl Binder { AstSystemAction::Backtrace(switch) => Ok(Plan::System(Box::new(SystemPlan { action: SystemAction::Backtrace(*switch), }))), + AstSystemAction::FlushPrivileges => Ok(Plan::System(Box::new(SystemPlan { + action: SystemAction::FlushPrivileges, + }))), } } } diff --git a/src/query/sql/src/planner/plans/system.rs b/src/query/sql/src/planner/plans/system.rs index 2c43342cea0f4..e9901059af00e 100644 --- a/src/query/sql/src/planner/plans/system.rs +++ b/src/query/sql/src/planner/plans/system.rs @@ -23,4 +23,5 @@ pub struct SystemPlan { #[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)] pub enum SystemAction { Backtrace(bool), + FlushPrivileges, } diff --git a/tests/nox/java_client/prepare.py b/tests/nox/java_client/prepare.py index 4c44b767b0c1c..ea6d935b6b9e3 100644 --- a/tests/nox/java_client/prepare.py +++ b/tests/nox/java_client/prepare.py @@ -57,10 +57,7 @@ def create_user(): "CREATE USER databend IDENTIFIED BY 'databend' with default_role='account_admin'" ) exec("GRANT ROLE account_admin TO USER databend") - # need for cluster to sync the GRANT op - time.sleep(16) - for p in [8001, 8002, 8003]: - exec("SHOW GRANTS FOR USER databend", port=p) + exec("SYSTEM FLUSH PRIVILEGES") def download_testng(): diff --git a/tests/sqllogictests/suites/base/20+_others/20_0017_system_action.test b/tests/sqllogictests/suites/base/20+_others/20_0017_system_action.test index b0fea51f0ae2a..c96ada33a1418 100644 --- a/tests/sqllogictests/suites/base/20+_others/20_0017_system_action.test +++ b/tests/sqllogictests/suites/base/20+_others/20_0017_system_action.test @@ -3,3 +3,6 @@ SYSTEM ENABLE EXCEPTION_BACKTRACE; statement ok SYSTEM DISABLE EXCEPTION_BACKTRACE; + +statement ok +SYSTEM FLUSH PRIVILEGES; \ No newline at end of file