Merge pull request #281 from pingcap/shenli/add-priv-step1

add priv step1

bootstrap.go

@@ -29,7 +29,58 @@ import (
 
 const (
 	// CreateUserTable is the SQL statement creates User table in system db.
-	CreateUserTable = "CREATE TABLE if not exists mysql.user (Host CHAR(64), User CHAR(16), Password CHAR(41), PRIMARY KEY (Host, User));"
+	CreateUserTable = `CREATE TABLE if not exists mysql.user (
+		Host CHAR(64), 
+		User CHAR(16), 
+		Password CHAR(41), 
+		Select_priv  ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Insert_priv  ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Update_priv  ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Delete_priv  ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Create_priv  ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Drop_priv    ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Grant_priv   ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Alter_priv   ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Show_db_priv ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Execute_priv ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		Create_user_priv ENUM('N','Y') NOT NULL  DEFAULT 'N',
+		PRIMARY KEY (Host, User));`
+	// CreateDBPrivTable is the SQL statement creates DB scope privilege table in system db.
+	CreateDBPrivTable = `CREATE TABLE if not exists mysql.db (
+		Host		CHAR(60),
+		DB		CHAR(64),
+		User		CHAR(16),
+		Select_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Insert_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Update_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Delete_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Create_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Drop_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Grant_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Alter_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		Execute_priv	ENUM('N','Y') Not Null  DEFAULT 'N',
+		PRIMARY KEY (Host, DB, User));`
+	// CreateTablePrivTable is the SQL statement creates table scope privilege table in system db.
+	CreateTablePrivTable = `CREATE TABLE if not exists mysql.tables_priv (
+		Host		CHAR(60),
+		DB		CHAR(64),
+		User		CHAR(16),
+		Table_name	CHAR(64),
+		Grantor		CHAR(77),
+		Timestamp	Timestamp DEFAULT CURRENT_TIMESTAMP,
+		Table_priv	SET('Select','Insert','Update','Delete','Create','Drop','Grant', 'Index','Alter'),
+		Column_priv	SET('Select','Insert','Update'),
+		PRIMARY KEY (Host, DB, User, Table_name));`
+	// CreateColumnPrivTable is the SQL statement creates column scope privilege table in system db.
+	CreateColumnPrivTable = `CREATE TABLE if not exists mysql.columns_priv(
+		Host		CHAR(60),
+		DB		CHAR(64),
+		User		CHAR(16),
+		Table_name	CHAR(64),
+		Column_name	CHAR(64),
+		Timestamp	Timestamp DEFAULT CURRENT_TIMESTAMP,
+		Column_priv	SET('Select','Insert','Update'),
+		PRIMARY KEY (Host, DB, User, Table_name, Column_name));`
 )
 
 // Bootstrap initiates system DB for a store.
@@ -47,12 +98,22 @@ func bootstrap(s Session) {
 	}
 	mustExecute(s, fmt.Sprintf("CREATE DATABASE %s;", mysql.SystemDB))
 	initUserTable(s)
+	initPrivTables(s)
 }
 
 func initUserTable(s Session) {
 	mustExecute(s, CreateUserTable)
 	// Insert a default user with empty password.
-	mustExecute(s, `INSERT INTO mysql.user VALUES ("localhost", "root", ""), ("127.0.0.1", "root", ""), ("::1", "root", "");`)
+	mustExecute(s, `INSERT INTO mysql.user VALUES ("localhost", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y"), 
+		("127.0.0.1", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y"), 
+		("::1", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y");`)
+}
+
+// Initiates privilege tables including mysql.db, mysql.tables_priv and mysql.column_priv.
+func initPrivTables(s Session) {
+	mustExecute(s, CreateDBPrivTable)
+	mustExecute(s, CreateTablePrivTable)
+	mustExecute(s, CreateColumnPrivTable)
 }
 
 func mustExecute(s Session, sql string) {

mysqldef/const.go

@@ -123,3 +123,32 @@ const (
 	// UserTable is the table in system db contains user info.
 	UserTable = "User"
 )
+
+// PrivilegeType  privilege
+type PrivilegeType uint32
+
+const (
+	_ PrivilegeType = 1 << iota
+	// CreatePriv is the privilege to create schema/table.
+	CreatePriv
+	// SelectPriv is the privilege to read from table.
+	SelectPriv
+	// InsertPriv is the privilege to insert data into table.
+	InsertPriv
+	// UpdatePriv is the privilege to update data in table.
+	UpdatePriv
+	// DeletePriv is the privilege to delete data from table.
+	DeletePriv
+	// ShowPriv is the privilege to run show statement.
+	ShowPriv
+	// CreateUserPriv is the privilege to create user.
+	CreateUserPriv
+	// DropPriv is the privilege to drop schema/table.
+	DropPriv
+	// GrantPriv is the privilege to grant privilege to user.
+	GrantPriv
+	// AlterPriv is the privilege to run alter statement.
+	AlterPriv
+	// ExecutePriv is the privilege to run execute statement.
+	ExecutePriv
+)

plan/plans/info_test.go

@@ -83,7 +83,7 @@ func (p *testInfoSchemaSuit) TestInfoSchema(c *C) {
 	cnt = mustQuery(c, testDB, "select * from information_schema.columns")
 	c.Assert(cnt, Greater, 0)
 	cnt = mustQuery(c, testDB, "select * from information_schema.statistics")
-	c.Assert(cnt, Equals, 2)
+	c.Assert(cnt, Equals, 14)
 	cnt = mustQuery(c, testDB, "select * from information_schema.character_sets")
 	c.Assert(cnt, Greater, 0)
 	cnt = mustQuery(c, testDB, "select * from information_schema.collations")

stmt/stmts/account_manage.go

@@ -118,6 +118,7 @@ func (s *CreateUserStmt) Exec(ctx context.Context) (rset.Recordset, error) {
 			Name:   model.NewCIStr(mysql.UserTable),
 			Schema: model.NewCIStr(mysql.SystemDB),
 		},
+		ColNames: []string{"Host", "User", "Password"},
 	}
 	values := make([][]expression.Expression, 0, len(s.Specs))
 	for _, spec := range s.Specs {

stmt/stmts/account_manage_test.go

@@ -52,7 +52,7 @@ func (s *testStmtSuite) TestCreateUserStmt(c *C) {
 
 func (s *testStmtSuite) TestSetPwdStmt(c *C) {
 	tx := mustBegin(c, s.testDB)
-	tx.Query(`INSERT INTO mysql.User VALUES ("localhost", "root", ""), ("127.0.0.1", "root", "")`)
+	tx.Query(`INSERT INTO mysql.User VALUES ("localhost", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y"), ("127.0.0.1", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y")`)
 	rows, err := tx.Query(`SELECT Password FROM mysql.User WHERE User="root" and Host="localhost"`)
 	c.Assert(err, IsNil)
 	rows.Next()

tidb_test.go

@@ -901,12 +901,16 @@ func (s *testSessionSuite) TestBootstrap(c *C) {
 	row, err := r.Next()
 	c.Assert(err, IsNil)
 	c.Assert(row, NotNil)
-	match(c, row.Data, "localhost", "root", "")
+	match(c, row.Data, "localhost", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y")
 	row, err = r.Next()
 	c.Assert(err, IsNil)
 	c.Assert(row, NotNil)
-	match(c, row.Data, "127.0.0.1", "root", "")
+	match(c, row.Data, "127.0.0.1", "root", "", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y", "Y")
 	mustExecSQL(c, se, "USE test;")
+	// Check privilege tables.
+	mustExecSQL(c, se, "SELECT * from mysql.db;")
+	mustExecSQL(c, se, "SELECT * from mysql.tables_priv;")
+	mustExecSQL(c, se, "SELECT * from mysql.columns_priv;")
 }
 
 func (s *testSessionSuite) TestEnum(c *C) {

util/types/etc.go

@@ -147,6 +147,10 @@ func TypeToStr(tp byte, binary bool) string {
 		return "timestamp"
 	case mysql.TypeBit:
 		return "bit"
+	case mysql.TypeEnum:
+		return "enum"
+	case mysql.TypeSet:
+		return "set"
 	default:
 		log.Errorf("unkown type %d, binary %v", tp, binary)
 	}

util/types/etc_test.go

@@ -96,6 +96,8 @@ func (s *testTypeEtcSuite) TestTypeToStr(c *C) {
 	testTypeToStr(c, mysql.TypeDecimal, true, "decimal")
 	testTypeToStr(c, 0xdd, true, "")
 	testTypeToStr(c, mysql.TypeBit, true, "bit")
+	testTypeToStr(c, mysql.TypeEnum, true, "enum")
+	testTypeToStr(c, mysql.TypeSet, true, "set")
 }
 
 func (s *testTypeEtcSuite) TestEOFAsNil(c *C) {