In IoTDB, users are prohibited from creating a database with the name __audit. (#17634)

Author: wenyanshi-123

integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBTemplateAuthIT.java

@@ -83,7 +83,7 @@ public void manageDataBaseTest() {
       assertNonQueryTestFail(
           adminStmt,
           "create database root.__audit",
-          "803: The database 'root.__audit' is read-only");
+          "803: The database name \"root.__audit\" is reserved, please use another valid database name.");
 
       assertNonQueryTestFail(
           adminStmt,

integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java

@@ -101,7 +101,9 @@ public void testInsert() throws IoTDBConnectionException, StatementExecutionExce
         sessionRoot.executeNonQueryStatement("CREATE DATABASE IF NOT EXISTS __audit");
         fail("Should have thrown an exception");
       } catch (StatementExecutionException e) {
-        assertEquals("803: Access Denied: The database '__audit' is read-only.", e.getMessage());
+        assertEquals(
+            "803: Access Denied: The database name \"__audit\" is reserved, please use another valid database name.",
+            e.getMessage());
       }
 
       sessionRoot.executeNonQueryStatement("CREATE DATABASE IF NOT EXISTS \"汉化\"");

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/AccessControlImpl.java

@@ -48,6 +48,7 @@
 
 import static org.apache.iotdb.commons.schema.table.Audit.TABLE_MODEL_AUDIT_DATABASE;
 import static org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE;
+import static org.apache.iotdb.commons.schema.table.Audit.getReservedDatabaseNameErrorMsg;
 import static org.apache.iotdb.commons.schema.table.Audit.includeByAuditTreeDB;
 import static org.apache.iotdb.db.auth.AuthorityChecker.ONLY_ADMIN_ALLOWED;
 import static org.apache.iotdb.db.auth.AuthorityChecker.SUCCEED;
@@ -77,6 +78,18 @@ private void checkAuditDatabase(String databaseName) {
   @Override
   public void checkCanCreateDatabase(
       String userName, String databaseName, IAuditEntity auditEntity) {
+    if (!AuthorityChecker.INTERNAL_AUDIT_USER.equals(userName)
+        && TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(databaseName)) {
+      DNAuditLogger.getInstance()
+          .recordObjectAuthenticationAuditLog(
+              auditEntity
+                  .setAuditLogOperation(AuditLogOperation.DDL)
+                  .setDatabase(databaseName)
+                  .setPrivilegeType(PrivilegeType.CREATE)
+                  .setResult(false),
+              () -> databaseName);
+      throw new AccessDeniedException(getReservedDatabaseNameErrorMsg(TABLE_MODEL_AUDIT_DATABASE));
+    }
     InformationSchemaUtils.checkDBNameInWrite(databaseName);
     authChecker.checkDatabasePrivilege(
         userName, databaseName, TableModelPrivilege.CREATE, auditEntity.setDatabase(databaseName));

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/relational/security/TreeAccessCheckVisitor.java

@@ -181,7 +181,9 @@
 
 import static org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE;
 import static org.apache.iotdb.commons.schema.table.Audit.TREE_MODEL_AUDIT_DATABASE_PATH;
+import static org.apache.iotdb.commons.schema.table.Audit.getReservedDatabaseNameErrorMsg;
 import static org.apache.iotdb.commons.schema.table.Audit.includeByAuditTreeDB;
+import static org.apache.iotdb.commons.schema.table.Audit.isAuditTreeDatabase;
 import static org.apache.iotdb.db.auth.AuthorityChecker.SUCCEED;
 import static org.apache.iotdb.db.auth.AuthorityChecker.getAuthorizedPathTree;
 import static org.apache.iotdb.db.queryengine.plan.relational.security.AccessControlImpl.READ_ONLY_DB_ERROR_MSG;
@@ -985,6 +987,17 @@ public TSStatus visitShowExternalService(
   @Override
   public TSStatus visitSetDatabase(
       DatabaseSchemaStatement statement, TreeAccessCheckContext context) {
+    if (!AuthorityChecker.INTERNAL_AUDIT_USER.equals(context.getUsername())
+        && isAuditTreeDatabase(statement.getDatabasePath())) {
+      context
+          .setDatabase(statement.getDatabasePath().getFullPath())
+          .setPrivilegeType(PrivilegeType.MANAGE_DATABASE)
+          .setAuditLogOperation(AuditLogOperation.DDL);
+      AUDIT_LOGGER.recordObjectAuthenticationAuditLog(
+          context.setResult(false), statement.getDatabasePath()::getFullPath);
+      return new TSStatus(TSStatusCode.NO_PERMISSION.getStatusCode())
+          .setMessage(getReservedDatabaseNameErrorMsg(TREE_MODEL_AUDIT_DATABASE));
+    }
     return checkCreateOrAlterDatabasePermission(
         context.setAuditLogOperation(AuditLogOperation.DDL), statement.getDatabasePath());
   }

iotdb-core/node-commons/src/main/java/org/apache/iotdb/commons/schema/table/Audit.java

@@ -28,6 +28,8 @@ public class Audit {
   public static final String TABLE_MODEL_AUDIT_DATABASE = "__audit";
   public static final String TREE_MODEL_AUDIT_DATABASE =
       String.format("%s.%s", ROOT, TABLE_MODEL_AUDIT_DATABASE);
+  public static final String RESERVED_DATABASE_NAME_ERROR_MSG =
+      "The database name \"%s\" is reserved, please use another valid database name.";
   public static final PartialPath TREE_MODEL_AUDIT_DATABASE_PATH =
       new PartialPath(new String[] {"root", TABLE_MODEL_AUDIT_DATABASE});
   public static final PartialPath TREE_MODEL_AUDIT_DATABASE_PATH_PATTERN =
@@ -42,4 +44,15 @@ public static boolean includeByAuditTreeDB(PartialPath prefixPath) {
     String[] nodes = prefixPath.getNodes();
     return nodes.length >= 2 && TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(nodes[1]);
   }
+
+  public static boolean isAuditTreeDatabase(PartialPath databasePath) {
+    String[] nodes = databasePath.getNodes();
+    return nodes.length == 2
+        && ROOT.equalsIgnoreCase(nodes[0])
+        && TABLE_MODEL_AUDIT_DATABASE.equalsIgnoreCase(nodes[1]);
+  }
+
+  public static String getReservedDatabaseNameErrorMsg(String databaseName) {
+    return String.format(RESERVED_DATABASE_NAME_ERROR_MSG, databaseName);
+  }
 }