[Enhancement] (nereids)implement CreateEncryptKeyCommand in nereids (a…

…pache#44807)

Issue Number: close apache#42591

fe/fe-core/src/main/antlr4/org/apache/doris/nereids/DorisParser.g4

@@ -188,6 +188,7 @@ supportedCreateStatement
         USING LEFT_PAREN booleanExpression RIGHT_PAREN                    #createRowPolicy
     | CREATE SQL_BLOCK_RULE (IF NOT EXISTS)?
         name=identifier properties=propertyClause?                        #createSqlBlockRule
+    | CREATE ENCRYPTKEY (IF NOT EXISTS)? multipartIdentifier AS STRING_LITERAL  #createEncryptkey
     ;
 
 supportedAlterStatement
@@ -767,7 +768,6 @@ unsupportedCreateStatement
         (CONDITIONS LEFT_PAREN workloadPolicyConditions RIGHT_PAREN)?
         (ACTIONS LEFT_PAREN workloadPolicyActions RIGHT_PAREN)?
         properties=propertyClause?                                              #createWorkloadPolicy
-    | CREATE ENCRYPTKEY (IF NOT EXISTS)? multipartIdentifier AS STRING_LITERAL  #createEncryptkey
     | CREATE STORAGE POLICY (IF NOT EXISTS)?
         name=identifier properties=propertyClause?                              #createStoragePolicy
     | BUILD INDEX name=identifier ON tableName=multipartIdentifier

fe/fe-core/src/main/java/org/apache/doris/catalog/EncryptKeyHelper.java

@@ -32,10 +32,16 @@ public class EncryptKeyHelper {
 
     public static void createEncryptKey(CreateEncryptKeyStmt stmt) throws UserException {
         EncryptKeyName name = stmt.getEncryptKeyName();
-        Database db = Env.getCurrentInternalCatalog().getDbOrDdlException(name.getDb());
-        db.addEncryptKey(stmt.getEncryptKey(), stmt.isIfNotExists());
+        createEncryptKey(name.getDb(), stmt.getEncryptKey(), stmt.isIfNotExists());
+    }
+
+    public static void createEncryptKey(String dbName, EncryptKey encryptKey,
+                                        boolean isIfNotExists) throws UserException {
+        Database db = Env.getCurrentInternalCatalog().getDbOrDdlException(dbName);
+        db.addEncryptKey(encryptKey, isIfNotExists);
     }
 
+
     public static void replayCreateEncryptKey(EncryptKey encryptKey) throws MetaNotFoundException {
         String dbName = encryptKey.getEncryptKeyName().getDb();
         Database db = Env.getCurrentInternalCatalog().getDbOrMetaException(dbName);

fe/fe-core/src/main/java/org/apache/doris/nereids/parser/LogicalPlanBuilder.java

@@ -89,6 +89,7 @@
 import org.apache.doris.nereids.DorisParser.ComplexColTypeListContext;
 import org.apache.doris.nereids.DorisParser.ComplexDataTypeContext;
 import org.apache.doris.nereids.DorisParser.ConstantContext;
+import org.apache.doris.nereids.DorisParser.CreateEncryptkeyContext;
 import org.apache.doris.nereids.DorisParser.CreateMTMVContext;
 import org.apache.doris.nereids.DorisParser.CreateProcedureContext;
 import org.apache.doris.nereids.DorisParser.CreateRoutineLoadContext;
@@ -476,6 +477,7 @@
 import org.apache.doris.nereids.trees.plans.commands.CleanAllProfileCommand;
 import org.apache.doris.nereids.trees.plans.commands.Command;
 import org.apache.doris.nereids.trees.plans.commands.Constraint;
+import org.apache.doris.nereids.trees.plans.commands.CreateEncryptkeyCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreateJobCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreateMTMVCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreatePolicyCommand;
@@ -4749,6 +4751,13 @@ public LogicalPlan visitDropRole(DropRoleContext ctx) {
         return new DropRoleCommand(ctx.name.getText(), ctx.EXISTS() != null);
     }
 
+    @Override
+    public LogicalPlan visitCreateEncryptkey(CreateEncryptkeyContext ctx) {
+        List<String> nameParts = visitMultipartIdentifier(ctx.multipartIdentifier());
+        return new CreateEncryptkeyCommand(new EncryptKeyName(nameParts), ctx.EXISTS() != null,
+                                            stripQuotes(ctx.STRING_LITERAL().getText()));
+    }
+
     @Override
     public LogicalPlan visitDropEncryptkey(DropEncryptkeyContext ctx) {
         List<String> nameParts = visitMultipartIdentifier(ctx.name);

fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/PlanType.java

@@ -237,5 +237,6 @@ public enum PlanType {
     RECOVER_TABLE_COMMAND,
     RECOVER_PARTITION_COMMAND,
     REPLAY_COMMAND,
+    CREATE_ENCRYPTKEY_COMMAND,
     CREATE_ROUTINE_LOAD_COMMAND
 }

fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/commands/CreateEncryptkeyCommand.java

@@ -0,0 +1,73 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.doris.nereids.trees.plans.commands;
+
+import org.apache.doris.analysis.EncryptKeyName;
+import org.apache.doris.analysis.StmtType;
+import org.apache.doris.catalog.EncryptKey;
+import org.apache.doris.catalog.EncryptKeyHelper;
+import org.apache.doris.catalog.Env;
+import org.apache.doris.common.AnalysisException;
+import org.apache.doris.common.ErrorCode;
+import org.apache.doris.common.ErrorReport;
+import org.apache.doris.mysql.privilege.PrivPredicate;
+import org.apache.doris.nereids.trees.plans.PlanType;
+import org.apache.doris.nereids.trees.plans.visitor.PlanVisitor;
+import org.apache.doris.qe.ConnectContext;
+import org.apache.doris.qe.StmtExecutor;
+
+import com.google.common.base.Strings;
+
+/** CreateEncryptkeyCommand */
+public class CreateEncryptkeyCommand extends Command implements ForwardWithSync {
+    private final boolean ifNotExists;
+    private final EncryptKeyName encryptKeyName;
+    private final String keyString;
+
+    public CreateEncryptkeyCommand(EncryptKeyName encryptKeyName, boolean ifNotExists, String keyString) {
+        super(PlanType.CREATE_ENCRYPTKEY_COMMAND);
+        this.ifNotExists = ifNotExists;
+        this.encryptKeyName = encryptKeyName;
+        this.keyString = keyString;
+    }
+
+    @Override
+    public void run(ConnectContext ctx, StmtExecutor executor) throws Exception {
+        // check operation privilege
+        if (!Env.getCurrentEnv().getAccessManager().checkGlobalPriv(ConnectContext.get(), PrivPredicate.ADMIN)) {
+            ErrorReport.reportAnalysisException(ErrorCode.ERR_SPECIFIC_ACCESS_DENIED_ERROR, "ADMIN");
+        }
+
+        encryptKeyName.analyze(ctx);
+        if (Strings.isNullOrEmpty(keyString)) {
+            throw new AnalysisException("keyString can not be null or empty string.");
+        }
+        EncryptKeyHelper.createEncryptKey(encryptKeyName.getDb(),
+                                            new EncryptKey(encryptKeyName, keyString), ifNotExists);
+    }
+
+    @Override
+    public <R, C> R accept(PlanVisitor<R, C> visitor, C context) {
+        return visitor.visitCreateEncryptKeyCommand(this, context);
+    }
+
+    @Override
+    public StmtType stmtType() {
+        return StmtType.CREATE;
+    }
+}

fe/fe-core/src/main/java/org/apache/doris/nereids/trees/plans/visitor/CommandVisitor.java

@@ -33,6 +33,7 @@
 import org.apache.doris.nereids.trees.plans.commands.CancelWarmUpJobCommand;
 import org.apache.doris.nereids.trees.plans.commands.CleanAllProfileCommand;
 import org.apache.doris.nereids.trees.plans.commands.Command;
+import org.apache.doris.nereids.trees.plans.commands.CreateEncryptkeyCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreateJobCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreateMTMVCommand;
 import org.apache.doris.nereids.trees.plans.commands.CreatePolicyCommand;
@@ -175,6 +176,10 @@ default R visitExportCommand(ExportCommand exportCommand, C context) {
         return visitCommand(exportCommand, context);
     }
 
+    default R visitCreateEncryptKeyCommand(CreateEncryptkeyCommand createEncryptKeyCommand, C context) {
+        return visitCommand(createEncryptKeyCommand, context);
+    }
+
     default R visitCreateTableCommand(CreateTableCommand createTableCommand, C context) {
         return visitCommand(createTableCommand, context);
     }

regression-test/suites/nereids_p0/test_nereids_encrypt_test.groovy

@@ -20,7 +20,7 @@ suite("test_nereids_encrypt_test") {
     sql """ create database IF NOT EXISTS ${dbName}; """
     sql """ use ${dbName}; """
     checkNereidsExecute("drop encryptkey if exists ${encryptkeyName}")    
-    sql """CREATE ENCRYPTKEY ${encryptkeyName} AS "ABCD123456789";"""
+    checkNereidsExecute("""CREATE ENCRYPTKEY ${encryptkeyName} AS "ABCD123456789";""")
     qt_check_encrypt_1("SHOW ENCRYPTKEYS FROM ${dbName}")
     checkNereidsExecute("drop encryptkey ${encryptkeyName}")
     qt_check_encrypt_2("SHOW ENCRYPTKEYS FROM ${dbName}")