Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: the db without permission can view the data from the first search iterator of the previous db #39117

Open
1 task done
qixuan0212 opened this issue Jan 9, 2025 · 2 comments
Open
1 task done

[Bug]: the db without permission can view the data from the first search iterator of the previous db #39117

qixuan0212 opened this issue Jan 9, 2025 · 2 comments
Assignees
@PwzXxm
Labels
kind/bug Issues or changes related a bug priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Milestone
2.5.3

Comments

@qixuan0212
Copy link
Contributor

qixuan0212 commented Jan 9, 2025
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Environment

- Milvus version: master-20250105-7128e36e-amd64
- Deployment mode(standalone or cluster): both
- MQ type(rocksmq, pulsar or kafka): pulsar
- SDK version(e.g. pymilvus v2.0.0rc2): 2.6.0rc49
- OS(Ubuntu or CentOS): 
- CPU/Memory: 
- GPU: 
- Others:

Current Behavior

  1. defaultDB - colA, db1 - colA
  2. self.create_user(client_root, user_name=user_name, password=password)
    self.create_role(client_root, role_name=role_name)
    self.grant_role(client_root, user_name=user_name, role_name=role_name)
    self.grant_privilege(client_root, role_name, "Collection", "Search", collection_name, "default")
    self.grant_privilege(client_root, role_name, "Collection", "Insert", collection_name, "db1")
    client, _ = self.init_milvus_client(uri=uri, user=user_name, password=password)
  3. db1 - colA search iterator
  4. using_database(client, db1)
  5. first search_iterator.next success

Expected Behavior

first search_iterator.next no permission

Steps To Reproduce

1. defaultDB - colA, db1 - colA
2. 
self.create_user(client_root, user_name=user_name, password=password)
self.create_role(client_root, role_name=role_name)
self.grant_role(client_root, user_name=user_name, role_name=role_name)
self.grant_privilege(client_root, role_name, "Collection", "Search", collection_name, "default")
self.grant_privilege(client_root, role_name, "Collection", "Insert", collection_name, "db1")
client, _ = self.init_milvus_client(uri=uri, user=user_name, password=password)
3. db1 - colA search iterator
4. using_database(client, db1)
5. first search_iterator.next

Milvus Log

https://grafana-4am.zilliz.cc/explore?orgId=1&panes=%7B%22knx%22:%7B%22datasource%22:%22vhI6Vw67k%22,%22queries%22:%5B%7B%22refId%22:%22A%22,%22expr%22:%22%7Bcluster%3D%5C%22devops%5C%22,namespace%3D%5C%22chaos-testing%5C%22,pod%3D~%5C%22searchiterator-v2-qx-hfghv.%2A%5C%22%7D%22,%22datasource%22:%7B%22type%22:%22loki%22,%22uid%22:%22vhI6Vw67k%22%7D%7D%5D,%22range%22:%7B%22from%22:%221736414582789%22,%22to%22:%221736414680339%22%7D%7D%7D&schemaVersion=1

Anything else?

N/A
@qixuan0212 qixuan0212 added kind/bug Issues or changes related a bug needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 9, 2025
@PwzXxm
Copy link
Contributor

PwzXxm commented Jan 9, 2025

/assign

@PwzXxm
Copy link
Contributor

PwzXxm commented Jan 9, 2025

wait for #39045 #39087 on query iterator fixed first.

@yanliang567 yanliang567 added this to the 2.5.3 milestone Jan 10, 2025
@yanliang567 yanliang567 added triage/accepted Indicates an issue or PR is ready to be actively worked on. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 10, 2025
@yanliang567 yanliang567 removed their assignment Jan 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PwzXxm PwzXxm

Labels
kind/bug Issues or changes related a bug priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
2.5.3
Development

No branches or pull requests
3 participants
@PwzXxm @yanliang567 @qixuan0212