Add RBAC enhancement interfaces for V2 (#1185)

Signed-off-by: yhmo <yihua.mo@zilliz.com>

src/main/java/io/milvus/v2/client/MilvusClientV2.java

@@ -42,8 +42,7 @@ import io.milvus.v2.service.index.request.*;
 import io.milvus.v2.service.index.response.*;
 import io.milvus.v2.service.partition.PartitionService;
 import io.milvus.v2.service.partition.request.*;
-import io.milvus.v2.service.rbac.RoleService;
-import io.milvus.v2.service.rbac.UserService;
+import io.milvus.v2.service.rbac.RBACService;
 import io.milvus.v2.service.rbac.request.*;
 import io.milvus.v2.service.rbac.response.*;
 import io.milvus.v2.service.utility.UtilityService;
@@ -73,8 +72,7 @@ public class MilvusClientV2 {
     private final IndexService indexService = new IndexService();
     private final VectorService vectorService = new VectorService();
     private final PartitionService partitionService = new PartitionService();
-    private final UserService userService = new UserService();
-    private final RoleService roleService = new RoleService();
+    private final RBACService rbacService = new RBACService();
     private final UtilityService utilityService = new UtilityService();
     private ConnectConfig connectConfig;
     private RetryConfig retryConfig = RetryConfig.builder().build();
@@ -625,7 +623,7 @@ public class MilvusClientV2 {
      * @return List of String usernames
      */
     public List<String> listUsers() {
-        return retry(()->userService.listUsers(this.getRpcStub()));
+        return retry(()->rbacService.listUsers(this.getRpcStub()));
     }
     /**
      * describe user
@@ -634,7 +632,7 @@ public class MilvusClientV2 {
      * @return DescribeUserResp
      */
     public DescribeUserResp describeUser(DescribeUserReq request) {
-        return retry(()->userService.describeUser(this.getRpcStub(), request));
+        return retry(()->rbacService.describeUser(this.getRpcStub(), request));
     }
     /**
      * create user
@@ -642,7 +640,7 @@ public class MilvusClientV2 {
      * @param request create user request
      */
     public void createUser(CreateUserReq request) {
-        retry(()->userService.createUser(this.getRpcStub(), request));
+        retry(()->rbacService.createUser(this.getRpcStub(), request));
     }
     /**
      * change password
@@ -650,7 +648,7 @@ public class MilvusClientV2 {
      * @param request change password request
      */
     public void updatePassword(UpdatePasswordReq request) {
-        retry(()->userService.updatePassword(this.getRpcStub(), request));
+        retry(()->rbacService.updatePassword(this.getRpcStub(), request));
     }
     /**
      * drop user
@@ -658,7 +656,7 @@ public class MilvusClientV2 {
      * @param request drop user request
      */
     public void dropUser(DropUserReq request) {
-        retry(()->userService.dropUser(this.getRpcStub(), request));
+        retry(()->rbacService.dropUser(this.getRpcStub(), request));
     }
     // role operations
     /**
@@ -667,7 +665,7 @@ public class MilvusClientV2 {
      * @return List of String role names
      */
     public List<String> listRoles() {
-        return retry(()->roleService.listRoles(this.getRpcStub()));
+        return retry(()->rbacService.listRoles(this.getRpcStub()));
     }
     /**
      * describe role
@@ -676,7 +674,7 @@ public class MilvusClientV2 {
      * @return DescribeRoleResp
      */
     public DescribeRoleResp describeRole(DescribeRoleReq request) {
-        return retry(()->roleService.describeRole(this.getRpcStub(), request));
+        return retry(()->rbacService.describeRole(this.getRpcStub(), request));
     }
     /**
      * create role
@@ -684,7 +682,7 @@ public class MilvusClientV2 {
      * @param request create role request
      */
     public void createRole(CreateRoleReq request) {
-        retry(()->roleService.createRole(this.getRpcStub(), request));
+        retry(()->rbacService.createRole(this.getRpcStub(), request));
     }
     /**
      * drop role
@@ -692,7 +690,7 @@ public class MilvusClientV2 {
      * @param request drop role request
      */
     public void dropRole(DropRoleReq request) {
-        retry(()->roleService.dropRole(this.getRpcStub(), request));
+        retry(()->rbacService.dropRole(this.getRpcStub(), request));
     }
     /**
      * grant privilege
@@ -700,7 +698,7 @@ public class MilvusClientV2 {
      * @param request grant privilege request
      */
     public void grantPrivilege(GrantPrivilegeReq request) {
-        retry(()->roleService.grantPrivilege(this.getRpcStub(), request));
+        retry(()->rbacService.grantPrivilege(this.getRpcStub(), request));
     }
     /**
      * revoke privilege
@@ -708,7 +706,7 @@ public class MilvusClientV2 {
      * @param request revoke privilege request
      */
     public void revokePrivilege(RevokePrivilegeReq request) {
-        retry(()->roleService.revokePrivilege(this.getRpcStub(), request));
+        retry(()->rbacService.revokePrivilege(this.getRpcStub(), request));
     }
     /**
      * grant role
@@ -716,7 +714,7 @@ public class MilvusClientV2 {
      * @param request grant role request
      */
     public void grantRole(GrantRoleReq request) {
-        retry(()->roleService.grantRole(this.getRpcStub(), request));
+        retry(()->rbacService.grantRole(this.getRpcStub(), request));
     }
     /**
      * revoke role
@@ -724,7 +722,27 @@ public class MilvusClientV2 {
      * @param request revoke role request
      */
     public void revokeRole(RevokeRoleReq request) {
-        retry(()->roleService.revokeRole(this.getRpcStub(), request));
+        retry(()->rbacService.revokeRole(this.getRpcStub(), request));
+    }
+
+    public void createPrivilegeGroup(CreatePrivilegeGroupReq request) {
+        retry(()->rbacService.createPrivilegeGroup(this.getRpcStub(), request));
+    }
+
+    public void dropPrivilegeGroup(DropPrivilegeGroupReq request) {
+        retry(()->rbacService.dropPrivilegeGroup(this.getRpcStub(), request));
+    }
+
+    public ListPrivilegeGroupsResp listPrivilegeGroups(ListPrivilegeGroupsReq request) {
+        return retry(()->rbacService.listPrivilegeGroups(this.getRpcStub(), request));
+    }
+
+    public void addPrivilegesToGroup(AddPrivilegesToGroupReq request) {
+        retry(()->rbacService.addPrivilegesToGroup(this.getRpcStub(), request));
+    }
+
+    public void removePrivilegesFromGroup(RemovePrivilegesFromGroupReq request) {
+        retry(()->rbacService.removePrivilegesFromGroup(this.getRpcStub(), request));
     }
 
     // Utility Operations

src/main/java/io/milvus/v2/service/rbac/Privilege.java

@@ -0,0 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac;
+
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+@Data
+@SuperBuilder
+public class Privilege {
+    private String name;
+}

src/main/java/io/milvus/v2/service/rbac/PrivilegeGroup.java

@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac;
+
+import lombok.Builder;
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Data
+@SuperBuilder
+public class PrivilegeGroup {
+    private String groupName;
+    @Builder.Default
+    private List<Privilege> privileges = new ArrayList<>();
+}

src/main/java/io/milvus/v2/service/rbac/RBACService.java

@@ -0,0 +1,294 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac;
+
+import io.milvus.grpc.*;
+import io.milvus.v2.service.BaseService;
+import io.milvus.v2.service.rbac.request.*;
+import io.milvus.v2.service.rbac.response.DescribeRoleResp;
+import io.milvus.v2.service.rbac.response.DescribeUserResp;
+import io.milvus.v2.service.rbac.response.ListPrivilegeGroupsResp;
+
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+import java.util.stream.Collectors;
+
+public class RBACService extends BaseService {
+    public List<String> listRoles(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub) {
+        String title = "listRoles";
+        SelectRoleRequest request = SelectRoleRequest.newBuilder().build();
+        SelectRoleResponse response = blockingStub.selectRole(request);
+
+        rpcUtils.handleResponse(title, response.getStatus());
+        return response.getResultsList().stream().map(roleResult -> roleResult.getRole().getName()).collect(Collectors.toList());
+    }
+
+    public Void createRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, CreateRoleReq request) {
+        String title = "createRole";
+        CreateRoleRequest createRoleRequest = CreateRoleRequest.newBuilder()
+                .setEntity(RoleEntity.newBuilder()
+                        .setName(request.getRoleName())
+                        .build())
+                .build();
+        Status status = blockingStub.createRole(createRoleRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    public DescribeRoleResp describeRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DescribeRoleReq request) {
+        String title = "describeRole";
+        SelectGrantRequest selectGrantRequest = SelectGrantRequest.newBuilder()
+                .setEntity(GrantEntity.newBuilder()
+                        .setRole(RoleEntity.newBuilder()
+                                .setName(request.getRoleName())
+                                .build())
+                        .build())
+                .build();
+        SelectGrantResponse response = blockingStub.selectGrant(selectGrantRequest);
+        rpcUtils.handleResponse(title, response.getStatus());
+        DescribeRoleResp describeRoleResp = DescribeRoleResp.builder()
+                .grantInfos(response.getEntitiesList().stream().map(grantEntity -> DescribeRoleResp.GrantInfo.builder()
+                        .dbName(grantEntity.getDbName())
+                        .objectName(grantEntity.getObjectName())
+                        .objectType(grantEntity.getObject().getName())
+                        .privilege(grantEntity.getGrantor().getPrivilege().getName())
+                        .grantor(grantEntity.getGrantor().getUser().getName())
+                        .build()).collect(Collectors.toList()))
+                .build();
+        return describeRoleResp;
+    }
+
+    public Void dropRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DropRoleReq request) {
+        String title = "dropRole";
+        DropRoleRequest dropRoleRequest = DropRoleRequest.newBuilder()
+                .setRoleName(request.getRoleName())
+                .build();
+        Status status = blockingStub.dropRole(dropRoleRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    public Void grantPrivilege(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, GrantPrivilegeReq request) {
+        String title = "grantPrivilege";
+        GrantEntity entity = GrantEntity.newBuilder()
+                .setRole(RoleEntity.newBuilder()
+                        .setName(request.getRoleName())
+                        .build())
+                .setObjectName(request.getObjectName())
+                .setObject(ObjectEntity.newBuilder().setName(request.getObjectType()).build())
+                .setGrantor(GrantorEntity.newBuilder()
+                        .setPrivilege(PrivilegeEntity.newBuilder().setName(request.getPrivilege()).build()).build())
+                .build();
+        OperatePrivilegeRequest operatePrivilegeRequest = OperatePrivilegeRequest.newBuilder()
+                .setEntity(entity)
+                .setType(OperatePrivilegeType.Grant)
+                .build();
+        Status status = blockingStub.operatePrivilege(operatePrivilegeRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    public Void revokePrivilege(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, RevokePrivilegeReq request) {
+        String title = "revokePrivilege";
+        GrantEntity entity = GrantEntity.newBuilder()
+                .setRole(RoleEntity.newBuilder()
+                        .setName(request.getRoleName())
+                        .build())
+                .setObjectName(request.getObjectName())
+                .setObject(ObjectEntity.newBuilder().setName(request.getObjectType()).build())
+                .setGrantor(GrantorEntity.newBuilder()
+                        .setPrivilege(PrivilegeEntity.newBuilder().setName(request.getPrivilege()).build()).build())
+                .build();
+        OperatePrivilegeRequest operatePrivilegeRequest = OperatePrivilegeRequest.newBuilder()
+                .setEntity(entity)
+                .setType(OperatePrivilegeType.Revoke)
+                .build();
+        Status status = blockingStub.operatePrivilege(operatePrivilegeRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    public Void grantRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, GrantRoleReq request) {
+        String title = "grantRole";
+        OperateUserRoleRequest operateUserRoleRequest = OperateUserRoleRequest.newBuilder()
+                .setUsername(request.getUserName())
+                .setRoleName(request.getRoleName())
+                .setType(OperateUserRoleType.AddUserToRole)
+                .build();
+        Status status = blockingStub.operateUserRole(operateUserRoleRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    public Void revokeRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, RevokeRoleReq request) {
+        String title = "grantRole";
+        OperateUserRoleRequest operateUserRoleRequest = OperateUserRoleRequest.newBuilder()
+                .setUsername(request.getUserName())
+                .setRoleName(request.getRoleName())
+                .setType(OperateUserRoleType.RemoveUserFromRole)
+                .build();
+        Status status = blockingStub.operateUserRole(operateUserRoleRequest);
+        rpcUtils.handleResponse(title, status);
+
+        return null;
+    }
+
+    ////////////////////////////////////////////////////////////////////////////////////////////////////////////
+    public List<String> listUsers(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub) {
+        String title = "list users";
+        ListCredUsersRequest request = ListCredUsersRequest.newBuilder().build();
+        ListCredUsersResponse response = blockingStub.listCredUsers(request);
+        rpcUtils.handleResponse(title, response.getStatus());
+        return response.getUsernamesList();
+    }
+
+    public DescribeUserResp describeUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DescribeUserReq request) {
+        String title = String.format("describe user %s", request.getUserName());
+        // TODO: check user exists
+        SelectUserRequest selectUserRequest = SelectUserRequest.newBuilder()
+                .setUser(UserEntity.newBuilder().setName(request.getUserName()).build())
+                .setIncludeRoleInfo(Boolean.TRUE)
+                .build();
+        io.milvus.grpc.SelectUserResponse response = blockingStub.selectUser(selectUserRequest);
+        rpcUtils.handleResponse(title, response.getStatus());
+        DescribeUserResp describeUserResp = DescribeUserResp.builder()
+                .roles(response.getResultsList().isEmpty()? null : response.getResultsList().get(0).getRolesList().stream().map(RoleEntity::getName).collect(Collectors.toList()))
+                .build();
+        return describeUserResp;
+    }
+
+    public Void createUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, CreateUserReq request) {
+        String title = String.format("create user %s", request.getUserName());
+        CreateCredentialRequest createCredentialRequest = CreateCredentialRequest.newBuilder()
+                .setUsername(request.getUserName())
+                .setPassword(Base64.getEncoder().encodeToString(request.getPassword().getBytes(StandardCharsets.UTF_8)))
+                .build();
+        Status response = blockingStub.createCredential(createCredentialRequest);
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+
+    public Void updatePassword(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, UpdatePasswordReq request) {
+        String title = String.format("update password for user %s", request.getUserName());
+        UpdateCredentialRequest updateCredentialRequest = UpdateCredentialRequest.newBuilder()
+                .setUsername(request.getUserName())
+                .setOldPassword(Base64.getEncoder().encodeToString(request.getPassword().getBytes(StandardCharsets.UTF_8)))
+                .setNewPassword(Base64.getEncoder().encodeToString(request.getNewPassword().getBytes(StandardCharsets.UTF_8)))
+                .build();
+        Status response = blockingStub.updateCredential(updateCredentialRequest);
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+    public Void dropUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DropUserReq request) {
+        String title = String.format("drop user %s", request.getUserName());
+        DeleteCredentialRequest deleteCredentialRequest = DeleteCredentialRequest.newBuilder()
+                .setUsername(request.getUserName())
+                .build();
+        Status response = blockingStub.deleteCredential(deleteCredentialRequest);
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+    ////////////////////////////////////////////////////////////////////////////////////////////////////////////
+    public Void createPrivilegeGroup(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, CreatePrivilegeGroupReq request) {
+        String title = String.format("create privilege group %s", request.getGroupName());
+        CreatePrivilegeGroupRequest createPrivilegeGroupRequest = CreatePrivilegeGroupRequest.newBuilder()
+                .setGroupName(request.getGroupName())
+                .build();
+        Status response = blockingStub.createPrivilegeGroup(createPrivilegeGroupRequest);
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+    public Void dropPrivilegeGroup(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DropPrivilegeGroupReq request) {
+        String title = String.format("drop privilege group %s", request.getGroupName());
+        DropPrivilegeGroupRequest dropPrivilegeGroupRequest = DropPrivilegeGroupRequest.newBuilder()
+                .setGroupName(request.getGroupName())
+                .build();
+        Status response = blockingStub.dropPrivilegeGroup(dropPrivilegeGroupRequest);
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+    public ListPrivilegeGroupsResp listPrivilegeGroups(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, ListPrivilegeGroupsReq request) {
+        String title = "list privilege groups";
+        ListPrivilegeGroupsRequest listPrivilegeGroupsRequest = ListPrivilegeGroupsRequest.newBuilder()
+                .build();
+        ListPrivilegeGroupsResponse response = blockingStub.listPrivilegeGroups(listPrivilegeGroupsRequest);
+        rpcUtils.handleResponse(title, response.getStatus());
+
+        List<PrivilegeGroup> privilegeGroups = new ArrayList<>();
+        response.getPrivilegeGroupsList().forEach((privilegeGroupInfo)->{
+            List<Privilege> privileges = new ArrayList<>();
+            privilegeGroupInfo.getPrivilegesList().forEach((privilege)->{
+                privileges.add(Privilege.builder().name(privilege.getName()).build());
+            });
+            privilegeGroups.add(PrivilegeGroup.builder().privileges(privileges).build());
+        });
+
+        return ListPrivilegeGroupsResp.builder()
+                .privilegeGroups(privilegeGroups)
+                .build();
+    }
+
+    public Void addPrivilegesToGroup(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, AddPrivilegesToGroupReq request) {
+        String title = String.format("add privilege to group %s", request.getGroupName());
+        OperatePrivilegeGroupRequest.Builder builder = OperatePrivilegeGroupRequest.newBuilder()
+                .setGroupName(request.getGroupName())
+                .setType(OperatePrivilegeGroupType.AddPrivilegesToGroup);
+        for (Privilege privilege : request.getPrivileges()) {
+            builder.addPrivileges(PrivilegeEntity.newBuilder().setName(privilege.getName()).build());
+        }
+
+        Status response = blockingStub.operatePrivilegeGroup(builder.build());
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+
+    public Void removePrivilegesFromGroup(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, RemovePrivilegesFromGroupReq request) {
+        String title = String.format("remove privilege from group %s", request.getGroupName());
+        OperatePrivilegeGroupRequest.Builder builder = OperatePrivilegeGroupRequest.newBuilder()
+                .setGroupName(request.getGroupName())
+                .setType(OperatePrivilegeGroupType.RemovePrivilegesFromGroup);
+        for (Privilege privilege : request.getPrivileges()) {
+            builder.addPrivileges(PrivilegeEntity.newBuilder().setName(privilege.getName()).build());
+        }
+
+        Status response = blockingStub.operatePrivilegeGroup(builder.build());
+        rpcUtils.handleResponse(title, response);
+
+        return null;
+    }
+}

src/main/java/io/milvus/v2/service/rbac/RoleService.java

@@ -1,155 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package io.milvus.v2.service.rbac;
-
-import io.milvus.grpc.*;
-import io.milvus.v2.service.BaseService;
-import io.milvus.v2.service.rbac.request.*;
-import io.milvus.v2.service.rbac.response.DescribeRoleResp;
-
-import java.util.List;
-import java.util.stream.Collectors;
-
-public class RoleService extends BaseService {
-
-    public List<String> listRoles(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub) {
-        String title = "listRoles";
-        SelectRoleRequest request = SelectRoleRequest.newBuilder().build();
-        SelectRoleResponse response = blockingStub.selectRole(request);
-
-        rpcUtils.handleResponse(title, response.getStatus());
-        return response.getResultsList().stream().map(roleResult -> roleResult.getRole().getName()).collect(Collectors.toList());
-    }
-
-    public Void createRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, CreateRoleReq request) {
-        String title = "createRole";
-        CreateRoleRequest createRoleRequest = CreateRoleRequest.newBuilder()
-                .setEntity(RoleEntity.newBuilder()
-                        .setName(request.getRoleName())
-                        .build())
-                .build();
-        Status status = blockingStub.createRole(createRoleRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-
-    public DescribeRoleResp describeRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DescribeRoleReq request) {
-        String title = "describeRole";
-        SelectGrantRequest selectGrantRequest = SelectGrantRequest.newBuilder()
-                .setEntity(GrantEntity.newBuilder()
-                        .setRole(RoleEntity.newBuilder()
-                                .setName(request.getRoleName())
-                                .build())
-                        .build())
-                .build();
-        SelectGrantResponse response = blockingStub.selectGrant(selectGrantRequest);
-        rpcUtils.handleResponse(title, response.getStatus());
-        DescribeRoleResp describeRoleResp = DescribeRoleResp.builder()
-                .grantInfos(response.getEntitiesList().stream().map(grantEntity -> DescribeRoleResp.GrantInfo.builder()
-                        .dbName(grantEntity.getDbName())
-                        .objectName(grantEntity.getObjectName())
-                        .objectType(grantEntity.getObject().getName())
-                        .privilege(grantEntity.getGrantor().getPrivilege().getName())
-                        .grantor(grantEntity.getGrantor().getUser().getName())
-                        .build()).collect(Collectors.toList()))
-                .build();
-        return describeRoleResp;
-    }
-
-    public Void dropRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DropRoleReq request) {
-        String title = "dropRole";
-        DropRoleRequest dropRoleRequest = DropRoleRequest.newBuilder()
-                .setRoleName(request.getRoleName())
-                .build();
-        Status status = blockingStub.dropRole(dropRoleRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-
-    public Void grantPrivilege(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, GrantPrivilegeReq request) {
-        String title = "grantPrivilege";
-        GrantEntity entity = GrantEntity.newBuilder()
-                .setRole(RoleEntity.newBuilder()
-                        .setName(request.getRoleName())
-                        .build())
-                .setObjectName(request.getObjectName())
-                .setObject(ObjectEntity.newBuilder().setName(request.getObjectType()).build())
-                .setGrantor(GrantorEntity.newBuilder()
-                        .setPrivilege(PrivilegeEntity.newBuilder().setName(request.getPrivilege()).build()).build())
-                .build();
-        OperatePrivilegeRequest operatePrivilegeRequest = OperatePrivilegeRequest.newBuilder()
-                .setEntity(entity)
-                .setType(OperatePrivilegeType.Grant)
-                .build();
-        Status status = blockingStub.operatePrivilege(operatePrivilegeRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-
-    public Void revokePrivilege(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, RevokePrivilegeReq request) {
-        String title = "revokePrivilege";
-        GrantEntity entity = GrantEntity.newBuilder()
-                .setRole(RoleEntity.newBuilder()
-                        .setName(request.getRoleName())
-                        .build())
-                .setObjectName(request.getObjectName())
-                .setObject(ObjectEntity.newBuilder().setName(request.getObjectType()).build())
-                .setGrantor(GrantorEntity.newBuilder()
-                        .setPrivilege(PrivilegeEntity.newBuilder().setName(request.getPrivilege()).build()).build())
-                .build();
-        OperatePrivilegeRequest operatePrivilegeRequest = OperatePrivilegeRequest.newBuilder()
-                .setEntity(entity)
-                .setType(OperatePrivilegeType.Revoke)
-                .build();
-        Status status = blockingStub.operatePrivilege(operatePrivilegeRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-
-    public Void grantRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, GrantRoleReq request) {
-        String title = "grantRole";
-        OperateUserRoleRequest operateUserRoleRequest = OperateUserRoleRequest.newBuilder()
-                .setUsername(request.getUserName())
-                .setRoleName(request.getRoleName())
-                .setType(OperateUserRoleType.AddUserToRole)
-                .build();
-        Status status = blockingStub.operateUserRole(operateUserRoleRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-
-    public Void revokeRole(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, RevokeRoleReq request) {
-        String title = "grantRole";
-        OperateUserRoleRequest operateUserRoleRequest = OperateUserRoleRequest.newBuilder()
-                .setUsername(request.getUserName())
-                .setRoleName(request.getRoleName())
-                .setType(OperateUserRoleType.RemoveUserFromRole)
-                .build();
-        Status status = blockingStub.operateUserRole(operateUserRoleRequest);
-        rpcUtils.handleResponse(title, status);
-
-        return null;
-    }
-}

src/main/java/io/milvus/v2/service/rbac/UserService.java

@@ -1,96 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package io.milvus.v2.service.rbac;
-
-import io.milvus.grpc.*;
-import io.milvus.v2.service.BaseService;
-import io.milvus.v2.service.rbac.request.CreateUserReq;
-import io.milvus.v2.service.rbac.request.DescribeUserReq;
-import io.milvus.v2.service.rbac.request.DropUserReq;
-import io.milvus.v2.service.rbac.request.UpdatePasswordReq;
-import io.milvus.v2.service.rbac.response.DescribeUserResp;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import java.util.List;
-import java.util.stream.Collectors;
-
-public class UserService extends BaseService {
-
-    public List<String> listUsers(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub) {
-        String title = "list users";
-        ListCredUsersRequest request = ListCredUsersRequest.newBuilder().build();
-        ListCredUsersResponse response = blockingStub.listCredUsers(request);
-        rpcUtils.handleResponse(title, response.getStatus());
-        return response.getUsernamesList();
-    }
-
-    public DescribeUserResp describeUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DescribeUserReq request) {
-        String title = String.format("describe user %s", request.getUserName());
-        // TODO: check user exists
-        SelectUserRequest selectUserRequest = SelectUserRequest.newBuilder()
-                .setUser(UserEntity.newBuilder().setName(request.getUserName()).build())
-                .setIncludeRoleInfo(Boolean.TRUE)
-                .build();
-        io.milvus.grpc.SelectUserResponse response = blockingStub.selectUser(selectUserRequest);
-        rpcUtils.handleResponse(title, response.getStatus());
-        DescribeUserResp describeUserResp = DescribeUserResp.builder()
-                .roles(response.getResultsList().isEmpty()? null : response.getResultsList().get(0).getRolesList().stream().map(RoleEntity::getName).collect(Collectors.toList()))
-                .build();
-        return describeUserResp;
-    }
-
-    public Void createUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, CreateUserReq request) {
-        String title = String.format("create user %s", request.getUserName());
-        CreateCredentialRequest createCredentialRequest = CreateCredentialRequest.newBuilder()
-                .setUsername(request.getUserName())
-                .setPassword(Base64.getEncoder().encodeToString(request.getPassword().getBytes(StandardCharsets.UTF_8)))
-                .build();
-        Status response = blockingStub.createCredential(createCredentialRequest);
-        rpcUtils.handleResponse(title, response);
-
-        return null;
-    }
-
-
-    public Void updatePassword(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, UpdatePasswordReq request) {
-        String title = String.format("update password for user %s", request.getUserName());
-        UpdateCredentialRequest updateCredentialRequest = UpdateCredentialRequest.newBuilder()
-                .setUsername(request.getUserName())
-                .setOldPassword(Base64.getEncoder().encodeToString(request.getPassword().getBytes(StandardCharsets.UTF_8)))
-                .setNewPassword(Base64.getEncoder().encodeToString(request.getNewPassword().getBytes(StandardCharsets.UTF_8)))
-                .build();
-        Status response = blockingStub.updateCredential(updateCredentialRequest);
-        rpcUtils.handleResponse(title, response);
-
-        return null;
-    }
-
-    public Void dropUser(MilvusServiceGrpc.MilvusServiceBlockingStub blockingStub, DropUserReq request) {
-        String title = String.format("drop user %s", request.getUserName());
-        DeleteCredentialRequest deleteCredentialRequest = DeleteCredentialRequest.newBuilder()
-                .setUsername(request.getUserName())
-                .build();
-        Status response = blockingStub.deleteCredential(deleteCredentialRequest);
-        rpcUtils.handleResponse(title, response);
-
-        return null;
-    }
-}

src/main/java/io/milvus/v2/service/rbac/request/AddPrivilegesToGroupReq.java

@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.request;
+
+import io.milvus.v2.service.rbac.Privilege;
+import lombok.Builder;
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Data
+@SuperBuilder
+public class AddPrivilegesToGroupReq {
+    private String groupName;
+    @Builder.Default
+    private List<Privilege> privileges = new ArrayList<>();
+}

src/main/java/io/milvus/v2/service/rbac/request/CreatePrivilegeGroupReq.java

@@ -0,0 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.request;
+
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+@Data
+@SuperBuilder
+public class CreatePrivilegeGroupReq {
+    private String groupName;
+}

src/main/java/io/milvus/v2/service/rbac/request/DropPrivilegeGroupReq.java

@@ -0,0 +1,29 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.request;
+
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+@Data
+@SuperBuilder
+public class DropPrivilegeGroupReq {
+    private String groupName;
+}

src/main/java/io/milvus/v2/service/rbac/request/ListPrivilegeGroupsReq.java

@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.request;
+
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+@Data
+@SuperBuilder
+public class ListPrivilegeGroupsReq {
+}

src/main/java/io/milvus/v2/service/rbac/request/RemovePrivilegesFromGroupReq.java

@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.request;
+
+import io.milvus.v2.service.rbac.Privilege;
+import lombok.Builder;
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Data
+@SuperBuilder
+public class RemovePrivilegesFromGroupReq {
+    private String groupName;
+    @Builder.Default
+    private List<Privilege> privileges = new ArrayList<>();
+}

src/main/java/io/milvus/v2/service/rbac/response/ListPrivilegeGroupsResp.java

@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package io.milvus.v2.service.rbac.response;
+
+import io.milvus.v2.service.rbac.PrivilegeGroup;
+import lombok.Builder;
+import lombok.Data;
+import lombok.experimental.SuperBuilder;
+
+import java.util.*;
+
+@Data
+@SuperBuilder
+public class ListPrivilegeGroupsResp {
+    @Builder.Default
+    private List<PrivilegeGroup> privilegeGroups = new ArrayList<>();
+}