privileges: user@'' is different with user@'%' (#60082)
close pingcap/tidb#33174
This commit is contained in:
Hangjie Mo
@ -160,6 +160,10 @@ func (e *GrantExec) Next(ctx context.Context, _ *chunk.Chunk) error {
|
||||
}
|
||||
// Check which user is not exist.
|
||||
for _, user := range e.Users {
|
||||
if user.User.CurrentUser {
|
||||
user.User.Username = e.Ctx().GetSessionVars().User.AuthUsername
|
||||
user.User.Hostname = e.Ctx().GetSessionVars().User.AuthHostname
|
||||
}
|
||||
exists, err := userExists(ctx, e.Ctx(), user.User.Username, user.User.Hostname)
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
@ -220,9 +220,6 @@ func (e *SimpleExec) setDefaultRoleNone(s *ast.SetDefaultRoleStmt) error {
|
||||
}
|
||||
sql := new(strings.Builder)
|
||||
for _, u := range s.UserList {
|
||||
if u.Hostname == "" {
|
||||
u.Hostname = "%"
|
||||
}
|
||||
sql.Reset()
|
||||
sqlescape.MustFormatSQL(sql, "DELETE IGNORE FROM mysql.default_roles WHERE USER=%? AND HOST=%?;", u.Username, u.Hostname)
|
||||
if _, err := sqlExecutor.ExecuteInternal(ctx, sql.String()); err != nil {
|
||||
@ -271,9 +268,6 @@ func (e *SimpleExec) setDefaultRoleRegular(ctx context.Context, s *ast.SetDefaul
|
||||
}
|
||||
sql := new(strings.Builder)
|
||||
for _, user := range s.UserList {
|
||||
if user.Hostname == "" {
|
||||
user.Hostname = "%"
|
||||
}
|
||||
sql.Reset()
|
||||
sqlescape.MustFormatSQL(sql, "DELETE IGNORE FROM mysql.default_roles WHERE USER=%? AND HOST=%?;", user.Username, user.Hostname)
|
||||
if _, err := sqlExecutor.ExecuteInternal(internalCtx, sql.String()); err != nil {
|
||||
@ -331,9 +325,6 @@ func (e *SimpleExec) setDefaultRoleAll(ctx context.Context, s *ast.SetDefaultRol
|
||||
}
|
||||
sql := new(strings.Builder)
|
||||
for _, user := range s.UserList {
|
||||
if user.Hostname == "" {
|
||||
user.Hostname = "%"
|
||||
}
|
||||
sql.Reset()
|
||||
sqlescape.MustFormatSQL(sql, "DELETE IGNORE FROM mysql.default_roles WHERE USER=%? AND HOST=%?;", user.Username, user.Hostname)
|
||||
if _, err := sqlExecutor.ExecuteInternal(internalCtx, sql.String()); err != nil {
|
||||
@ -362,9 +353,6 @@ func (e *SimpleExec) setDefaultRoleAll(ctx context.Context, s *ast.SetDefaultRol
|
||||
func (e *SimpleExec) setDefaultRoleForCurrentUser(ctx context.Context, s *ast.SetDefaultRoleStmt) (err error) {
|
||||
checker := privilege.GetPrivilegeManager(e.Ctx())
|
||||
user := s.UserList[0]
|
||||
if user.Hostname == "" {
|
||||
user.Hostname = "%"
|
||||
}
|
||||
restrictedCtx, err := e.GetSysSession()
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
@ -256,9 +256,6 @@ type roleGraphEdgesTable struct {
|
||||
|
||||
// Find method is used to find role from table
|
||||
func (g roleGraphEdgesTable) Find(user, host string) bool {
|
||||
if host == "" {
|
||||
host = "%"
|
||||
}
|
||||
if g.roleList == nil {
|
||||
return false
|
||||
}
|
||||
@ -267,6 +264,10 @@ func (g roleGraphEdgesTable) Find(user, host string) bool {
|
||||
Hostname: host,
|
||||
}
|
||||
_, ok := g.roleList[key]
|
||||
if !ok && key.Hostname == "" {
|
||||
key.Hostname = "%"
|
||||
_, ok = g.roleList[key]
|
||||
}
|
||||
return ok
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user