planner/core: fix privilege check for update

[tiancaiamao]

What problem does this PR solve?

create database service;
create database report;
CREATE TABLE service.t1 (
  id int(11) DEFAULT NULL,
  a bigint(20) NOT NULL,
  b text DEFAULT NULL,
  PRIMARY KEY (a)
);
CREATE TABLE report.t2 (
  a bigint(20) DEFAULT NULL,
  c bigint(20) NOT NULL
);
create user 'test'@'%';
grant all privileges on service.* to test;
grant all privileges on report.* to test;

Login as test, run this update statement:

mysql> update service.t1 s,
    -> report.t2 t
    -> set s.a = t.a
    -> WHERE
    -> s.a = t.a
    -> and t.c >=  1 and t.c <= 10000
    -> and s.b !='xx';
ERROR 1105 (HY000): privilege check fail

What is changed and how it works?

One of the visitInfo record is

db=""
table="t1"
user="test"

It doesn't match any privilege record in the cache, so privilege check fail.

The bug is, db should not be "" here.

Check List

Tests

• Unit test
• Manual test (add detailed scripts or steps below)

Related change

• Need to cherry-pick to the release branch

[tiancaiamao]

@zimulala @winkyao

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (master@4cf3630). Click here to learn what that means.
The diff coverage is n/a.

@@             Coverage Diff             @@
##             master     #10281   +/-   ##
===========================================
  Coverage          ?   77.6715%           
===========================================
  Files             ?        411           
  Lines             ?      85447           
  Branches          ?          0           
===========================================
  Hits              ?      66368           
  Misses            ?      14118           
  Partials          ?       4961

[shenli]

Could you add a comment here? Why should we check the currentDB name and set DBName to empty string?

[winkyao]

We can put an example here.

[tiancaiamao]

I don't know why we set col.DBName = model.NewCIStr("") here @zimulala
I should remove this line ... but it would make explain result (column name) change and affect many rows in the test

[tiancaiamao]

OK, I'll remove this line... that's a better fix, anyway

[zimulala]

@tiancaiamao
I am not sure, I just changed the name of DBName. This line of code was originally written like this.
PTAL @XuHuaiyu

[XuHuaiyu]

I guess the reason may be this:
When a table has an alias name, this "virtual table" does not belong to any database, we thought the DBName should be blank.
But I think it seems ok to keep the DBName here.

[tiancaiamao]

This line is the real change in this PR

[zz-jason]

why add an empty database name can fix the issue?

[tiancaiamao]

One of the visitInfo record is

db=""
table="t1"
user="test"

It doesn't match any privilege record in the cache, so privilege check fail.

@zz-jason

[tiancaiamao]

The db name is not set correctly...

[tiancaiamao]

The db name is set to "", and we should not set it to ""

[tiancaiamao]

PTAL @winkyao @zimulala @shenli

[winkyao]

LGTM

[zimulala]

Is it dt is alias name? If it's true, it is called dt here, but it's called test.dt on line 165. Is this a bit confused?

[zimulala]

@eurekaka

[eurekaka]

You mean we should use test.dt in line 166? Currently, we do not print database name for PhysicalTableScan.

func (p *PhysicalTableScan) ExplainInfo() string {
    buffer := bytes.NewBufferString("")
    tblName := p.Table.Name.O
    if p.TableAsName != nil && p.TableAsName.O != "" {
        tblName = p.TableAsName.O
    }
    fmt.Fprintf(buffer, "table:%s", tblName)
    ...
}

If needed, we can print DBName as well, since it is recorded in PhysicalTableScan.

[zimulala]

@eurekaka
No, I want to say if this situation will make you feel troubled.

[eurekaka]

Oh I think it is not bothering since we merely meet queries where 2 tables share same name but from different databases.

[zimulala]

Got it.

[zimulala]

LGTM

[zimulala]

/run-all-tests