database/doris
2
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Modify the logic of setting password (#798)

Browse Source 
* Modify the logic of setting password
1. User can set password for current_user() or if it has GRANT priv
2. And USER() function support
This commit is contained in:
Mingyu Chen
2019-03-25 09:27:40 +08:00
committed by ZHAO Chun
parent 504fbc3627
commit d47600ed84
19 changed files with 295 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
fe/src/test/java/org/apache/doris/analysis/SetPassVarTest.java
View File

@ -47,6 +47,9 @@ public class SetPassVarTest {
analyzer = AccessTestUtil.fetchAdminAnalyzer(true);
MockedAuth.mockedAuth(auth);
MockedAuth.mockedConnectContext(ctx, "root", "192.168.1.1");
UserIdentity currentUser = new UserIdentity("root", "192.168.1.1");
currentUser.setIsAnalyzed();
ctx.setCurrentUserIdentitfy(currentUser);
}
@Test
@ -70,7 +73,7 @@ public class SetPassVarTest {
// empty password
stmt = new SetPassVar(null, null);
stmt.analyze(analyzer);
Assert.assertEquals("SET PASSWORD FOR 'testCluster:testUser'@'192.168.1.1' = '*XXX'", stmt.toString());
Assert.assertEquals("SET PASSWORD FOR 'root'@'192.168.1.1' = '*XXX'", stmt.toString());
}
@Test(expected = AnalysisException.class)

3
fe/src/test/java/org/apache/doris/mysql/MysqlChannelTest.java
View File

@ -17,14 +17,13 @@
package org.apache.doris.mysql;
import org.junit.Assert;
import org.easymock.EasyMock;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;

18
fe/src/test/java/org/apache/doris/mysql/MysqlProtoTest.java
View File

@ -17,6 +17,7 @@
package org.apache.doris.mysql;
import org.apache.doris.analysis.UserIdentity;
import org.apache.doris.catalog.Catalog;
import org.apache.doris.catalog.Database;
import org.apache.doris.common.DdlException;
@ -40,6 +41,7 @@ import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;
import java.util.List;
@RunWith(PowerMockRunner.class)
@PowerMockIgnore({ "org.apache.log4j.*", "javax.management.*" })
@ -56,9 +58,20 @@ public class MysqlProtoTest {
// mock auth
PaloAuth auth = EasyMock.createMock(PaloAuth.class);
EasyMock.expect(auth.checkGlobalPriv(EasyMock.anyObject(ConnectContext.class),
EasyMock.anyObject(PrivPredicate.class))).andReturn(true).anyTimes();
EasyMock.anyObject(PrivPredicate.class))).andReturn(true).anyTimes();
EasyMock.expect(auth.checkPassword(EasyMock.anyString(), EasyMock.anyString(), (byte[]) EasyMock.anyObject(),
(byte[]) EasyMock.anyObject())).andReturn(true).anyTimes();
(byte[]) EasyMock.anyObject(), (List<UserIdentity>) EasyMock.anyObject())).andDelegateTo(
new WrappedAuth() {
@Override
public boolean checkPassword(String remoteUser, String remoteHost, byte[] remotePasswd,
byte[] randomString,
List<UserIdentity> currentUser) {
UserIdentity userIdentity = new UserIdentity("defaut_cluster:user", "192.168.1.1");
currentUser.add(userIdentity);
return true;
}
}).anyTimes();
EasyMock.replay(auth);
// Mock catalog
@ -141,6 +154,7 @@ public class MysqlProtoTest {
mockAccess();
ConnectContext context = new ConnectContext(null);
context.setCatalog(catalog);
context.setThreadLocalInfo();
Assert.assertTrue(MysqlProto.negotiate(context));
}

36
fe/src/test/java/org/apache/doris/mysql/WrappedAuth.java Normal file
View File

@ -0,0 +1,36 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.doris.mysql;
import org.apache.doris.analysis.UserIdentity;
import org.apache.doris.mysql.privilege.PaloAuth;
import java.util.List;
/*
* Author: Chenmingyu
* Date: Mar 24, 2019
*/
public class WrappedAuth extends PaloAuth {
@Override
public boolean checkPassword(String remoteUser, String remoteHost, byte[] remotePasswd, byte[] randomString,
List<UserIdentity> currentUser) {
return true;
}
}

6
fe/src/test/java/org/apache/doris/mysql/privilege/MockedAuth.java
View File

@ -17,6 +17,7 @@
package org.apache.doris.mysql.privilege;
import org.apache.doris.analysis.UserIdentity;
import org.apache.doris.qe.ConnectContext;
import org.apache.doris.qe.QueryState;
@ -53,6 +54,11 @@ public class MockedAuth {
ctx.getState();
result = new QueryState();
ctx.getCurrentUserIdentity();
UserIdentity userIdentity = new UserIdentity(user, ip);
userIdentity.setIsAnalyzed();
result = userIdentity;
}
};
}

158
fe/src/test/java/org/apache/doris/mysql/privilege/SetPasswordTest.java Normal file
View File

@ -0,0 +1,158 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.doris.mysql.privilege;
import org.apache.doris.analysis.Analyzer;
import org.apache.doris.analysis.CreateUserStmt;
import org.apache.doris.analysis.SetPassVar;
import org.apache.doris.analysis.UserDesc;
import org.apache.doris.analysis.UserIdentity;
import org.apache.doris.catalog.Catalog;
import org.apache.doris.common.AnalysisException;
import org.apache.doris.common.DdlException;
import org.apache.doris.mysql.MysqlPassword;
import org.apache.doris.persist.EditLog;
import org.apache.doris.persist.PrivInfo;
import org.apache.doris.qe.ConnectContext;
import org.apache.doris.system.SystemInfoService;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import mockit.Mocked;
import mockit.NonStrictExpectations;
import mockit.internal.startup.Startup;
/*
* Author: Chenmingyu
* Date: Mar 24, 2019
*/
public class SetPasswordTest {
private PaloAuth auth;
@Mocked
public Catalog catalog;
@Mocked
private Analyzer analyzer;
@Mocked
private EditLog editLog;
static {
Startup.initializeIfPossible();
}
@Before
public void setUp() throws NoSuchMethodException, SecurityException, AnalysisException {
auth = new PaloAuth();
new NonStrictExpectations() {
{
analyzer.getClusterName();
minTimes = 0;
result = SystemInfoService.DEFAULT_CLUSTER;
Catalog.getCurrentCatalog();
minTimes = 0;
result = catalog;
catalog.getAuth();
minTimes = 0;
result = auth;
catalog.getEditLog();
minTimes = 0;
result = editLog;
editLog.logCreateUser((PrivInfo) any);
minTimes = 0;
MysqlPassword.checkPassword(anyString);
minTimes = 0;
result = new byte[10];
}
};
}
@Test
public void test() throws DdlException {
UserIdentity userIdentity = new UserIdentity("default_cluster:cmy", "%");
userIdentity.setIsAnalyzed();
CreateUserStmt stmt = new CreateUserStmt(new UserDesc(userIdentity));
auth.createUser(stmt);
ConnectContext ctx = new ConnectContext(null);
// set password for 'cmy'@'%'
UserIdentity currentUser1 = new UserIdentity("default_cluster:cmy", "%");
currentUser1.setIsAnalyzed();
ctx.setCurrentUserIdentitfy(currentUser1);
ctx.setThreadLocalInfo();
UserIdentity user1 = new UserIdentity("default_cluster:cmy", "%");
user1.setIsAnalyzed();
SetPassVar setPassVar = new SetPassVar(user1, null);
try {
setPassVar.analyze(analyzer);
} catch (AnalysisException e) {
e.printStackTrace();
Assert.fail();
}
// set password without for
SetPassVar setPassVar2 = new SetPassVar(null, null);
try {
setPassVar2.analyze(analyzer);
} catch (AnalysisException e) {
e.printStackTrace();
Assert.fail();
}
// create user cmy2@'192.168.1.1'
UserIdentity userIdentity2 = new UserIdentity("default_cluster:cmy2", "192.168.1.1");
userIdentity2.setIsAnalyzed();
stmt = new CreateUserStmt(new UserDesc(userIdentity2));
auth.createUser(stmt);
UserIdentity currentUser2 = new UserIdentity("default_cluster:cmy2", "192.168.1.1");
currentUser2.setIsAnalyzed();
ctx.setCurrentUserIdentitfy(currentUser2);
ctx.setThreadLocalInfo();
// set password without for
SetPassVar setPassVar3 = new SetPassVar(null, null);
try {
setPassVar3.analyze(analyzer);
} catch (AnalysisException e) {
e.printStackTrace();
Assert.fail();
}
// set password for cmy2@'192.168.1.1'
UserIdentity user2 = new UserIdentity("default_cluster:cmy2", "192.168.1.1");
user2.setIsAnalyzed();
SetPassVar setPassVar4 = new SetPassVar(user2, null);
try {
setPassVar4.analyze(analyzer);
} catch (AnalysisException e) {
e.printStackTrace();
Assert.fail();
}
}
}

4
fe/src/test/java/org/apache/doris/qe/SetExecutorTest.java
View File

@ -60,6 +60,10 @@ public class SetExecutorTest {
ctx.setCatalog(AccessTestUtil.fetchAdminCatalog());
ctx.setQualifiedUser("root");
ctx.setRemoteIP("192.168.1.1");
UserIdentity currentUser = new UserIdentity("root", "192.168.1.1");
currentUser.setIsAnalyzed();
ctx.setCurrentUserIdentitfy(currentUser);
ctx.setThreadLocalInfo();
new NonStrictExpectations() {
{