prohibit creating secrets with duplicating names (#11680)

ydb/core/testlib/common_helper.cpp

@@ -53,7 +53,7 @@ void THelper::WaitForSchemeOperation(TActorId sender, ui64 txId) {
 
 void THelper::StartScanRequest(const TString& request, const bool expectSuccess, TVector<THashMap<TString, NYdb::TValue>>* result) const {
     NYdb::NTable::TTableClient tClient(Server.GetDriver(),
-        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken("root@builtin"));
+        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken(AuthToken));
     auto expectation = expectSuccess;
     bool resultReady = false;
     TVector<THashMap<TString, NYdb::TValue>> rows;
@@ -109,7 +109,7 @@ void THelper::StartScanRequest(const TString& request, const bool expectSuccess,
 
 void THelper::StartDataRequest(const TString& request, const bool expectSuccess, TString* result) const {
     NYdb::NTable::TTableClient tClient(Server.GetDriver(),
-        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken("root@builtin"));
+        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken(AuthToken));
     auto expectation = expectSuccess;
     bool resultReady = false;
     bool* rrPtr = &resultReady;
@@ -144,7 +144,7 @@ void THelper::StartDataRequest(const TString& request, const bool expectSuccess,
 
 void THelper::StartSchemaRequestTableServiceImpl(const TString& request, const bool expectation, const bool waiting) const {
     NYdb::NTable::TTableClient tClient(Server.GetDriver(),
-        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken("root@builtin"));
+        NYdb::NTable::TClientSettings().UseQueryCache(false).AuthToken(AuthToken));
 
     std::shared_ptr<bool> rrPtr = std::make_shared<bool>(false);
     tClient.CreateSession().Subscribe([rrPtr, request, expectation](NThreading::TFuture<NYdb::NTable::TCreateSessionResult> f) {
@@ -171,7 +171,7 @@ void THelper::StartSchemaRequestTableServiceImpl(const TString& request, const b
 
 void THelper::StartSchemaRequestQueryServiceImpl(const TString& request, const bool expectation, const bool waiting) const {
     NYdb::NQuery::TQueryClient qClient(Server.GetDriver(),
-        NYdb::NQuery::TClientSettings().AuthToken("root@builtin"));
+        NYdb::NQuery::TClientSettings().AuthToken(AuthToken));
 
     std::shared_ptr<bool> rrPtr = std::make_shared<bool>(false);
     auto future = qClient.ExecuteQuery(request, NYdb::NQuery::TTxControl::NoTx());

ydb/core/testlib/common_helper.h

@@ -54,6 +54,10 @@ class TLoggerInit {
 };
 
 class THelper {
+private:
+    inline static const TString DefaultAuthToken = "root@builtin";
+    YDB_ACCESSOR(TString, AuthToken, DefaultAuthToken);
+
 protected:
     void WaitForSchemeOperation(TActorId sender, ui64 txId);
     void PrintResultSet(const NYdb::TResultSet& resultSet, NYson::TYsonWriter& writer) const;
@@ -73,6 +77,10 @@ class THelper {
         UseQueryService = use;
     }
 
+    void ResetAuthToken() {
+        AuthToken = DefaultAuthToken;
+    }
+
     void DropTable(const TString& tablePath);
 
     void StartScanRequest(const TString& request, const bool expectSuccess, TVector<THashMap<TString, NYdb::TValue>>* result) const;

ydb/mvp/meta/meta_cloud.h

@@ -14,7 +14,6 @@
 #include <ydb/public/api/protos/ydb_discovery.pb.h>
 #include <ydb/public/api/protos/ydb_table.pb.h>
 #include <ydb/public/sdk/cpp/client/ydb_result/result.h>
-#include <ydb/core/kqp/provider/yql_kikimr_results.h>
 #include <ydb/core/ydb_convert/ydb_convert.h>
 #include <ydb/public/api/client/yc_private/resourcemanager/cloud_service.grpc.pb.h>
 #include <ydb/mvp/core/core_ydb.h>

ydb/mvp/meta/meta_cluster.h

@@ -13,7 +13,6 @@
 #include <ydb/public/api/grpc/ydb_scripting_v1.grpc.pb.h>
 #include <ydb/public/api/protos/ydb_discovery.pb.h>
 #include <ydb/public/sdk/cpp/client/ydb_result/result.h>
-#include <ydb/core/kqp/provider/yql_kikimr_results.h>
 #include <ydb/core/ydb_convert/ydb_convert.h>
 #include <ydb/mvp/core/core_ydb.h>
 #include <ydb/mvp/core/core_ydb_impl.h>

ydb/mvp/meta/meta_clusters.h

@@ -21,7 +21,6 @@
 #include <ydb/public/sdk/cpp/client/ydb_proto/accessor.h>
 #include <ydb/public/sdk/cpp/client/draft/ydb_scripting.h>
 #include <ydb/public/sdk/cpp/client/ydb_result/result.h>
-#include <ydb/core/kqp/provider/yql_kikimr_results.h>
 #include <ydb/core/ydb_convert/ydb_convert.h>
 #include <ydb/mvp/core/core_ydb.h>
 #include <ydb/mvp/core/core_ydb_impl.h>

ydb/mvp/meta/meta_cp_databases.h

@@ -14,7 +14,6 @@
 #include <ydb/public/api/grpc/ydb_scripting_v1.grpc.pb.h>
 #include <ydb/public/api/protos/ydb_discovery.pb.h>
 #include <ydb/public/sdk/cpp/client/ydb_result/result.h>
-#include <ydb/core/kqp/provider/yql_kikimr_results.h>
 #include <ydb/core/ydb_convert/ydb_convert.h>
 #include <ydb/mvp/core/core_ydb.h>
 #include <ydb/mvp/core/core_ydb_impl.h>

ydb/mvp/meta/meta_db_clusters.h

@@ -13,7 +13,6 @@
 #include <ydb/public/api/grpc/ydb_scripting_v1.grpc.pb.h>
 #include <ydb/public/api/protos/ydb_discovery.pb.h>
 #include <ydb/public/sdk/cpp/client/ydb_result/result.h>
-#include <ydb/core/kqp/provider/yql_kikimr_results.h>
 #include <ydb/core/ydb_convert/ydb_convert.h>
 #include <ydb/mvp/core/core_ydb.h>
 #include <ydb/mvp/core/core_ydb_impl.h>

ydb/services/metadata/manager/abstract.h

@@ -4,16 +4,17 @@
 
 #include <ydb/core/protos/kqp_physical.pb.h>
 #include <ydb/core/tx/locks/sys_tables.h>
+
 #include <ydb/library/accessor/accessor.h>
 #include <ydb/library/aclib/aclib.h>
-#include <ydb/library/conclusion/status.h>
+#include <ydb/library/actors/core/actorsystem.h>
 #include <ydb/library/conclusion/result.h>
-
+#include <ydb/library/conclusion/status.h>
 #include <ydb/services/metadata/abstract/kqp_common.h>
 #include <ydb/services/metadata/abstract/parsing.h>
+#include <ydb/services/metadata/manager/modification.h>
 
 #include <library/cpp/threading/future/core/future.h>
-#include <ydb/library/actors/core/actorsystem.h>
 #include <yql/essentials/sql/settings/translation_settings.h>
 
 namespace NKikimr::NMetadata::NModifications {
@@ -168,6 +169,11 @@ class IObjectOperationsManager: public IOperationsManager {
         const TInternalModificationContext& context, const TAlterOperationContext& alterContext) const {
         return DoPrepareObjectsBeforeModification(std::move(patchedObjects), controller, context, alterContext);
     }
+
+    virtual std::vector<TModificationStage::TPtr> GetPreconditions(
+        const std::vector<TObject>& /*objects*/, const IOperationsManager::TInternalModificationContext& /*context*/) const {
+        return {};
+    }
 };
 
 class IObjectModificationCommand {

ydb/services/metadata/manager/alter.h

@@ -15,8 +15,8 @@ class TUpdateObjectActor: public TModificationActor<TObject> {
     using TBase = TModificationActor<TObject>;
 protected:
     virtual bool ProcessPreparedObjects(NInternal::TTableRecords&& records) const override {
-        TBase::Register(new TUpdateObjectsActor<TObject>(std::move(records), TBase::UserToken,
-            TBase::InternalController, TBase::SessionId, TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken()));
+        TBase::Register(new TUpdateObjectsActor<TObject>(std::move(records), TBase::UserToken, TBase::InternalController, TBase::SessionId,
+            TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken(), TBase::Preconditions));
         return true;
     }
 
@@ -33,9 +33,8 @@ class TUpsertObjectActor: public TModificationActor<TObject> {
     using TBase = TModificationActor<TObject>;
 protected:
     virtual bool ProcessPreparedObjects(NInternal::TTableRecords&& records) const override {
-        TBase::Register(new TUpsertObjectsActor<TObject>(std::move(records), TBase::UserToken,
-            TBase::InternalController, TBase::SessionId, TBase::TransactionId,
-            TBase::Context.GetExternalData().GetUserToken()));
+        TBase::Register(new TUpsertObjectsActor<TObject>(std::move(records), TBase::UserToken, TBase::InternalController, TBase::SessionId,
+            TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken(), TBase::Preconditions));
         return true;
     }
 
@@ -53,9 +52,8 @@ class TCreateObjectActor: public TModificationActor<TObject> {
     bool ExistingOk = false;
 protected:
     virtual bool ProcessPreparedObjects(NInternal::TTableRecords&& records) const override {
-        TBase::Register(new TInsertObjectsActor<TObject>(std::move(records), TBase::UserToken,
-            TBase::InternalController, TBase::SessionId, TBase::TransactionId,
-            TBase::Context.GetExternalData().GetUserToken(), ExistingOk));
+        TBase::Register(new TInsertObjectsActor<TObject>(std::move(records), TBase::UserToken, TBase::InternalController, TBase::SessionId,
+            TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken(), TBase::Preconditions, ExistingOk));
         return true;
     }
 
@@ -103,8 +101,8 @@ class TDeleteObjectActor: public TModificationActor<TObject> {
     using TBase::TBase;
 
     virtual bool ProcessPreparedObjects(NInternal::TTableRecords&& records) const override {
-        TBase::Register(new TDeleteObjectsActor<TObject>(std::move(records), TBase::UserToken,
-            TBase::InternalController, TBase::SessionId, TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken()));
+        TBase::Register(new TDeleteObjectsActor<TObject>(std::move(records), TBase::UserToken, TBase::InternalController, TBase::SessionId,
+            TBase::TransactionId, TBase::Context.GetExternalData().GetUserToken(), TBase::Preconditions));
         return true;
     }
 

ydb/services/metadata/manager/alter_impl.h

@@ -58,6 +58,7 @@ class TModificationActorImpl: public NActors::TActorBootstrapped<TModificationAc
     typename IObjectOperationsManager<TObject>::TPtr Manager;
     const IOperationsManager::TInternalModificationContext Context;
     std::vector<NInternal::TTableRecord> Patches;
+    std::vector<TModificationStage::TPtr> Preconditions;
     NInternal::TTableRecords RestoreObjectIds;
     const NACLib::TUserToken UserToken = NACLib::TSystemUsers::Metadata();
     virtual bool PrepareRestoredObjects(std::vector<TObject>& objects) const = 0;
@@ -179,6 +180,7 @@ class TModificationActorImpl: public NActors::TActorBootstrapped<TModificationAc
     }
 
     void Handle(typename TEvAlterPreparationFinished<TObject>::TPtr& ev) {
+        Preconditions = Manager->GetPreconditions(ev->Get()->GetObjects(), Context);
         NInternal::TTableRecords records;
         records.InitColumns(Manager->GetSchema().GetYDBColumns());
         records.ReserveRows(ev->Get()->GetObjects().size());