Resolve the problem that everyone can alter table column data type. (#17089)

* Resolve the problem that everyone can alter table column data type.

* Delete spare codes.

Author: zerolbsony

integration-test/src/test/java/org/apache/iotdb/db/it/auth/IoTDBSeriesPermissionIT.java

@@ -112,6 +112,11 @@ private void testWriteSchema() {
         "803: No permissions for this operation, please add privilege WRITE_SCHEMA",
         "test",
         "test123123456");
+    assertNonQueryTestFail(
+        "alter timeseries root.test.d1.s1 set data type float",
+        "803: No permissions for this operation, please add privilege WRITE_SCHEMA on [root.test.d1.s1]",
+        "test",
+        "test123123456");
 
     grantUserSeriesPrivilege("test", PrivilegeType.WRITE_SCHEMA, "root.test.**");
 
@@ -126,6 +131,8 @@ private void testWriteSchema() {
     executeNonQuery(
         "create timeseries root.test.d1.s1 with dataType = int32", "test", "test123123456");
     executeNonQuery("ALTER timeseries root.test.d1.s1 ADD TAGS tag3=v3", "test", "test123123456");
+    executeNonQuery(
+        "alter timeseries root.test.d1.s1 set data type float", "test", "test123123456");
     executeNonQuery("drop timeseries root.test.d1.s1", "test", "test123123456");
     executeNonQuery("set TTL to root.test.** 10000", "test", "test123123456");
     executeNonQuery("unset TTL to root.test.**", "test", "test123123456");

integration-test/src/test/java/org/apache/iotdb/relational/it/db/it/IoTDBAuthenticationTableIT.java

@@ -1103,4 +1103,40 @@ public void testTableAuth() throws Exception {
               tmpDir.getAbsolutePath()));
     }
   }
+
+  @Test
+  public void testAlter() throws IoTDBConnectionException, StatementExecutionException {
+    try (ITableSession sessionRoot = EnvFactory.getEnv().getTableSessionConnection()) {
+      sessionRoot.executeNonQueryStatement("CREATE DATABASE test3");
+      sessionRoot.executeNonQueryStatement("USE test3");
+      sessionRoot.executeNonQueryStatement("CREATE TABLE t1 (c1 INT32)");
+
+      // test users
+      sessionRoot.executeNonQueryStatement("CREATE USER userA 'userA1234567'");
+      sessionRoot.executeNonQueryStatement("CREATE USER userB 'userB1234567'");
+
+      try (ITableSession sessionA =
+              EnvFactory.getEnv().getTableSessionConnection("userA", "userA1234567");
+          ITableSession sessionB =
+              EnvFactory.getEnv().getTableSessionConnection("userB", "userB1234567")) {
+        sessionRoot.executeNonQueryStatement(
+            "GRANT SELECT,INSERT,DELETE ON test3.t1 TO USER userA");
+        sessionRoot.executeNonQueryStatement(
+            "GRANT SELECT,ALTER,INSERT,DELETE ON test3.t1 TO USER userB");
+        sessionA.executeNonQueryStatement("USE test3");
+        sessionB.executeNonQueryStatement("USE test3");
+
+        try {
+          sessionA.executeNonQueryStatement("ALTER TABLE t1 ALTER COLUMN c1 SET DATA TYPE FLOAT");
+          fail("Should have thrown an exception");
+        } catch (StatementExecutionException e) {
+          assertEquals(
+              "803: Access Denied: No permissions for this operation, please add privilege ALTER ON test3.t1",
+              e.getMessage());
+        }
+
+        sessionB.executeNonQueryStatement("ALTER TABLE t1 ALTER COLUMN c1 SET DATA TYPE FLOAT");
+      }
+    }
+  }
 }

iotdb-core/datanode/src/main/java/org/apache/iotdb/db/queryengine/plan/execution/config/TableConfigTaskVisitor.java

@@ -636,6 +636,10 @@ protected IConfigTask visitAlterColumnDataType(
     final DataType dataType = node.getDataType();
     final boolean ifTableExists = node.isIfTableExists();
     final boolean ifColumnExists = node.isIfColumnExists();
+    accessControl.checkCanAlterTable(
+        context.getSession().getUserName(),
+        new QualifiedObjectName(databaseTablePair.getLeft(), databaseTablePair.getRight()),
+        context);
     return new AlterColumnDataTypeTask(
         databaseTablePair.getLeft(),
         databaseTablePair.getRight(),