*: support send restore rbac message (#884)

Signed-off-by: huanghaoyuanhhy <haoyuan.huang@zilliz.com>

Author: huanghaoyuanhhy

core/restore/conv/conv.go

@@ -4,7 +4,9 @@ import (
 	"encoding/base64"
 	"fmt"
 
+	"github.com/milvus-io/milvus-proto/go-api/v2/milvuspb"
 	"github.com/milvus-io/milvus-proto/go-api/v2/schemapb"
+	"github.com/samber/lo"
 	"google.golang.org/protobuf/proto"
 
 	"github.com/zilliztech/milvus-backup/core/proto/backuppb"
@@ -42,15 +44,15 @@ func Functions(bakFuncs []*backuppb.FunctionSchema) []*schemapb.FunctionSchema {
 	funcs := make([]*schemapb.FunctionSchema, 0, len(bakFuncs))
 	for _, bakFunc := range bakFuncs {
 		fun := &schemapb.FunctionSchema{
-			Name:             bakFunc.Name,
-			Id:               bakFunc.Id,
-			Description:      bakFunc.Description,
-			Type:             schemapb.FunctionType(bakFunc.Type),
-			InputFieldNames:  bakFunc.InputFieldNames,
-			InputFieldIds:    bakFunc.InputFieldIds,
-			OutputFieldNames: bakFunc.OutputFieldNames,
-			OutputFieldIds:   bakFunc.OutputFieldIds,
-			Params:           pbconv.BakKVToMilvusKV(bakFunc.Params),
+			Name:             bakFunc.GetName(),
+			Id:               bakFunc.GetId(),
+			Description:      bakFunc.GetDescription(),
+			Type:             schemapb.FunctionType(bakFunc.GetType()),
+			InputFieldNames:  bakFunc.GetInputFieldNames(),
+			InputFieldIds:    bakFunc.GetInputFieldIds(),
+			OutputFieldNames: bakFunc.GetOutputFieldNames(),
+			OutputFieldIds:   bakFunc.GetOutputFieldIds(),
+			Params:           pbconv.BakKVToMilvusKV(bakFunc.GetParams()),
 		}
 		funcs = append(funcs, fun)
 	}
@@ -138,3 +140,118 @@ func Schema(bakSchema *backuppb.CollectionSchema) (*schemapb.CollectionSchema, e
 
 	return schema, nil
 }
+
+func Users(bacUsers []*backuppb.UserInfo, curUsers []*milvuspb.UserInfo) []*milvuspb.UserInfo {
+	um := lo.SliceToMap(curUsers, func(user *milvuspb.UserInfo) (string, struct{}) {
+		return user.User, struct{}{}
+	})
+
+	users := make([]*milvuspb.UserInfo, 0, len(bacUsers))
+	for _, user := range bacUsers {
+		// skip if user already exist
+		if _, ok := um[user.GetUser()]; ok {
+			continue
+		}
+
+		ur := lo.Map(user.GetRoles(), func(role *backuppb.RoleEntity, index int) *milvuspb.RoleEntity {
+			return &milvuspb.RoleEntity{Name: role.Name}
+		})
+		userEntity := &milvuspb.UserInfo{
+			User:     user.User,
+			Password: user.Password,
+			Roles:    ur,
+		}
+		users = append(users, userEntity)
+	}
+
+	return users
+}
+
+func Roles(bakRoles []*backuppb.RoleEntity, curRoles []*milvuspb.RoleEntity) []*milvuspb.RoleEntity {
+	rm := lo.SliceToMap(curRoles, func(role *milvuspb.RoleEntity) (string, struct{}) {
+		return role.Name, struct{}{}
+	})
+
+	roles := make([]*milvuspb.RoleEntity, 0, len(bakRoles))
+	for _, role := range bakRoles {
+		// skip if role already exist
+		if _, ok := rm[role.GetName()]; ok {
+			continue
+		}
+
+		roleEntity := &milvuspb.RoleEntity{
+			Name: role.GetName(),
+		}
+		roles = append(roles, roleEntity)
+	}
+
+	return roles
+}
+
+func backupGrantKey(grant *backuppb.GrantEntity) string {
+	return fmt.Sprintf("%s/%s/%s/%s/%s/%s",
+		grant.GetObject().GetName(),
+		grant.GetObjectName(),
+		grant.GetRole().GetName(),
+		grant.GetGrantor().GetUser().GetName(),
+		grant.GetGrantor().GetPrivilege().GetName(),
+		grant.GetDbName())
+}
+
+func milvusGrantKey(grant *milvuspb.GrantEntity) string {
+	return fmt.Sprintf("%s/%s/%s/%s/%s/%s",
+		grant.GetObject().GetName(),
+		grant.GetObjectName(),
+		grant.GetRole().GetName(),
+		grant.GetGrantor().GetUser().GetName(),
+		grant.GetGrantor().GetPrivilege().GetName(),
+		grant.GetDbName())
+}
+
+func Grants(bakGrants []*backuppb.GrantEntity, curGrants []*milvuspb.GrantEntity) []*milvuspb.GrantEntity {
+	gm := lo.SliceToMap(curGrants, func(grant *milvuspb.GrantEntity) (string, struct{}) {
+		return milvusGrantKey(grant), struct{}{}
+	})
+	grants := make([]*milvuspb.GrantEntity, 0, len(bakGrants))
+	for _, grant := range bakGrants {
+		// skip if grant already exist
+		if _, ok := gm[backupGrantKey(grant)]; ok {
+			continue
+		}
+
+		grantEntity := &milvuspb.GrantEntity{
+			Role:       &milvuspb.RoleEntity{Name: grant.GetRole().GetName()},
+			Object:     &milvuspb.ObjectEntity{Name: grant.GetObject().GetName()},
+			ObjectName: grant.GetObjectName(),
+			Grantor: &milvuspb.GrantorEntity{
+				User:      &milvuspb.UserEntity{Name: grant.GetGrantor().GetUser().GetName()},
+				Privilege: &milvuspb.PrivilegeEntity{Name: grant.GetGrantor().GetPrivilege().GetName()},
+			},
+			DbName: grant.GetDbName(),
+		}
+		grants = append(grants, grantEntity)
+	}
+
+	return grants
+}
+
+func PrivilegeGroups(bakGroups []*backuppb.PrivilegeGroupInfo, curGroups []*milvuspb.PrivilegeGroupInfo) []*milvuspb.PrivilegeGroupInfo {
+	curGroupName := lo.SliceToMap(curGroups, func(group *milvuspb.PrivilegeGroupInfo) (string, struct{}) {
+		return group.GetGroupName(), struct{}{}
+	})
+
+	groups := make([]*milvuspb.PrivilegeGroupInfo, 0, len(bakGroups))
+	for _, group := range bakGroups {
+		if _, ok := curGroupName[group.GetGroupName()]; ok {
+			continue
+		}
+
+		privileges := lo.Map(group.GetPrivileges(), func(privilege *backuppb.PrivilegeEntity, _ int) *milvuspb.PrivilegeEntity {
+			return &milvuspb.PrivilegeEntity{Name: privilege.GetName()}
+		})
+		g := &milvuspb.PrivilegeGroupInfo{GroupName: group.GetGroupName(), Privileges: privileges}
+		groups = append(groups, g)
+	}
+
+	return groups
+}

core/restore/conv/conv_test.go

@@ -4,6 +4,7 @@ import (
 	"encoding/base64"
 	"testing"
 
+	"github.com/milvus-io/milvus-proto/go-api/v2/milvuspb"
 	"github.com/milvus-io/milvus-proto/go-api/v2/schemapb"
 	"github.com/stretchr/testify/assert"
 	"google.golang.org/protobuf/proto"
@@ -42,3 +43,139 @@ func TestDefaultValue(t *testing.T) {
 		assert.Nil(t, val)
 	})
 }
+
+func TestBackupGrantKey(t *testing.T) {
+	grant := &backuppb.GrantEntity{
+		Role:       &backuppb.RoleEntity{Name: "role.name"},
+		Object:     &backuppb.ObjectEntity{Name: "object.name"},
+		ObjectName: "objectName",
+		Grantor: &backuppb.GrantorEntity{
+			User:      &backuppb.UserEntity{Name: "grantor.user.name"},
+			Privilege: &backuppb.PrivilegeEntity{Name: "grantor.privilege.name"},
+		},
+		DbName: "dbName",
+	}
+
+	grantKey := backupGrantKey(grant)
+	expected := "object.name/objectName/role.name/grantor.user.name/grantor.privilege.name/dbName"
+	assert.Equal(t, expected, grantKey)
+}
+
+func TestMilvusGrantKey(t *testing.T) {
+	grant := &milvuspb.GrantEntity{
+		Role:       &milvuspb.RoleEntity{Name: "role.name"},
+		Object:     &milvuspb.ObjectEntity{Name: "object.name"},
+		ObjectName: "objectName",
+		Grantor: &milvuspb.GrantorEntity{
+			User:      &milvuspb.UserEntity{Name: "grantor.user.name"},
+			Privilege: &milvuspb.PrivilegeEntity{Name: "grantor.privilege.name"},
+		},
+		DbName: "dbName",
+	}
+
+	grantKey := milvusGrantKey(grant)
+	expected := "object.name/objectName/role.name/grantor.user.name/grantor.privilege.name/dbName"
+	assert.Equal(t, expected, grantKey)
+}
+
+func TestGrants(t *testing.T) {
+	bakGrants := []*backuppb.GrantEntity{
+		{
+			Role:       &backuppb.RoleEntity{Name: "role.name"},
+			Object:     &backuppb.ObjectEntity{Name: "object.name"},
+			ObjectName: "objectName",
+			Grantor: &backuppb.GrantorEntity{
+				User:      &backuppb.UserEntity{Name: "grantor.user.name"},
+				Privilege: &backuppb.PrivilegeEntity{Name: "grantor.privilege.name"},
+			},
+			DbName: "dbName",
+		},
+		{
+			Role:       &backuppb.RoleEntity{Name: "role1.name"}, // different role
+			Object:     &backuppb.ObjectEntity{Name: "object.name"},
+			ObjectName: "objectName",
+			Grantor: &backuppb.GrantorEntity{
+				User:      &backuppb.UserEntity{Name: "grantor.user.name"},
+				Privilege: &backuppb.PrivilegeEntity{Name: "grantor.privilege.name"},
+			},
+			DbName: "dbName",
+		},
+	}
+
+	curGrants := []*milvuspb.GrantEntity{
+		{
+			Role:       &milvuspb.RoleEntity{Name: "role.name"},
+			Object:     &milvuspb.ObjectEntity{Name: "object.name"},
+			ObjectName: "objectName",
+			Grantor: &milvuspb.GrantorEntity{
+				User:      &milvuspb.UserEntity{Name: "grantor.user.name"},
+				Privilege: &milvuspb.PrivilegeEntity{Name: "grantor.privilege.name"},
+			},
+			DbName: "dbName",
+		},
+	}
+
+	restoreGrants := Grants(bakGrants, curGrants)
+	assert.Len(t, restoreGrants, 1)
+}
+
+func TestRoles(t *testing.T) {
+	bakRoles := []*backuppb.RoleEntity{
+		{Name: "role.name"},
+		{Name: "role1.name"},
+	}
+
+	curRoles := []*milvuspb.RoleEntity{
+		{Name: "role.name"},
+	}
+
+	restoreRoles := Roles(bakRoles, curRoles)
+	assert.Len(t, restoreRoles, 1)
+	assert.Equal(t, "role1.name", restoreRoles[0].Name)
+}
+
+func TestUsers(t *testing.T) {
+	bakUsers := []*backuppb.UserInfo{
+		{User: "user.user"},
+		{User: "user1.user"},
+	}
+
+	curUsers := []*milvuspb.UserInfo{
+		{User: "user.user"},
+	}
+
+	restoreUsers := Users(bakUsers, curUsers)
+	assert.Len(t, restoreUsers, 1)
+	assert.Equal(t, "user1.user", restoreUsers[0].User)
+}
+
+func TestPrivilegeGroups(t *testing.T) {
+	bakPG := []*backuppb.PrivilegeGroupInfo{{
+		GroupName: "group1",
+		Privileges: []*backuppb.PrivilegeEntity{
+			{Name: "privilege1"},
+			{Name: "privilege2"},
+		},
+	}, {
+		GroupName: "group2",
+		Privileges: []*backuppb.PrivilegeEntity{
+			{Name: "privilege3"},
+			{Name: "privilege4"},
+		},
+	}}
+
+	curPrivilegeGroups := []*milvuspb.PrivilegeGroupInfo{{
+		GroupName: "group1",
+		Privileges: []*milvuspb.PrivilegeEntity{
+			{Name: "privilege1"},
+			{Name: "privilege2"},
+		},
+	}}
+
+	restorePG := PrivilegeGroups(bakPG, curPrivilegeGroups)
+	assert.Len(t, restorePG, 1)
+	assert.Equal(t, "group2", restorePG[0].GroupName)
+	assert.Equal(t, 2, len(restorePG[0].Privileges))
+	assert.Equal(t, "privilege3", restorePG[0].Privileges[0].Name)
+	assert.Equal(t, "privilege4", restorePG[0].Privileges[1].Name)
+}