fix grant creation by adding the actual privilege

Signed-off-by: Alex Giurgiu <[email protected]>

client/client.go

@@ -202,7 +202,7 @@ type Client interface {
 	// ListGrants lists all assigned privileges and objects for the role.
 	ListGrants(ctx context.Context, role string, dbName string) ([]entity.RoleGrants, error)
 	// Grant adds privilege for role.
-	Grant(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string) error
+	Grant(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string, privilege string) error
 	// Revoke removes privilege from role.
 	Revoke(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string) error
 

client/rbac.go

@@ -320,7 +320,7 @@ func (c *GrpcClient) ListGrant(ctx context.Context, role string, object string,
 }
 
 // Grant adds object privileged for role.
-func (c *GrpcClient) Grant(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string) error {
+func (c *GrpcClient) Grant(ctx context.Context, role string, objectType entity.PriviledgeObjectType, object string, privilege string) error {
 	if c.Service == nil {
 		return ErrClientNotReady
 	}
@@ -333,6 +333,11 @@ func (c *GrpcClient) Grant(ctx context.Context, role string, objectType entity.P
 			Object: &milvuspb.ObjectEntity{
 				Name: commonpb.ObjectType_name[int32(objectType)],
 			},
+			Grantor: &milvuspb.GrantorEntity{
+				Privilege: &milvuspb.PrivilegeEntity{
+					Name: privilege,
+				},
+			},
 			ObjectName: object,
 		},
 		Type: milvuspb.OperatePrivilegeType_Grant,

client/rbac_test.go

@@ -629,6 +629,7 @@ func (s *RBACSuite) TestGrant() {
 	roleName := "testRole"
 	objectName := testCollectionName
 	objectType := entity.PriviledegeObjectTypeCollection
+	privilegeName := "testPrivilege"
 
 	s.Run("normal run", func() {
 		ctx, cancel := context.WithCancel(ctx)
@@ -641,7 +642,7 @@ func (s *RBACSuite) TestGrant() {
 			s.Equal(milvuspb.OperatePrivilegeType_Grant, req.GetType())
 		}).Return(&commonpb.Status{ErrorCode: commonpb.ErrorCode_Success}, nil)
 
-		err := s.client.Grant(ctx, roleName, objectType, objectName)
+		err := s.client.Grant(ctx, roleName, objectType, objectName, privilegeName)
 
 		s.NoError(err)
 	})
@@ -652,7 +653,7 @@ func (s *RBACSuite) TestGrant() {
 		defer s.resetMock()
 		s.mock.EXPECT().OperatePrivilege(mock.Anything, mock.Anything).Return(nil, errors.New("mock error"))
 
-		err := s.client.Grant(ctx, roleName, objectType, objectName)
+		err := s.client.Grant(ctx, roleName, objectType, objectName, privilegeName)
 		s.Error(err)
 	})
 
@@ -662,7 +663,7 @@ func (s *RBACSuite) TestGrant() {
 		defer s.resetMock()
 		s.mock.EXPECT().OperatePrivilege(mock.Anything, mock.Anything).Return(&commonpb.Status{ErrorCode: commonpb.ErrorCode_UnexpectedError}, nil)
 
-		err := s.client.Grant(ctx, roleName, objectType, objectName)
+		err := s.client.Grant(ctx, roleName, objectType, objectName, privilegeName)
 		s.Error(err)
 	})
 
@@ -671,7 +672,7 @@ func (s *RBACSuite) TestGrant() {
 		defer cancel()
 
 		c := &GrpcClient{}
-		err := c.Grant(ctx, roleName, objectType, objectName)
+		err := c.Grant(ctx, roleName, objectType, objectName, privilegeName)
 		s.Error(err)
 		s.ErrorIs(err, ErrClientNotReady)
 	})