Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

planner, privilege: check user priv on SET GLOBAL #8837

Merged
merged 7 commits into from
Jan 5, 2019
Merged

planner, privilege: check user priv on SET GLOBAL #8837

merged 7 commits into from
Jan 5, 2019

Conversation

morgo
Copy link
Contributor

@morgo morgo commented Dec 26, 2018
edited by c4pt0r
Loading

What problem does this PR solve?

Fixes #7403

What is changed and how it works?

Checks that SET GLOBAL requires the super privilege. Does not check any session level vars - I took a look, and I don't believe any in TiDB require privilege check.

(In MySQL commands like SET SESSION sql_log_bin=0 require super privs, but I believe this is not applicable to TiDB).

It is not 100% compatible with MySQL, since the error codes/messages differ, but this is not a new issue, and is inherint to all checking in visitInfo. I will create a separate issue to discuss how to enhance it, since I think it should have an argument to pass the error message on failure.

Check List

Tests

  • Unit test
  • Manual test (add detailed scripts or steps below)

Code changes

  • Has exported function/method change

Side effects

  • Increased code complexity
  • Breaking backward compatibility (broken apps)

Related changes

  • Need to be included in the release note

This change is Reviewable

@morgo
Copy link
Contributor Author

morgo commented Dec 26, 2018

PTAL @tiancaiamao , thx!

@morgo morgo added the type/bugfix This PR fixes a bug. label Dec 26, 2018
@morgo
Copy link
Contributor Author

morgo commented Dec 26, 2018

/run-all-tests

@morgo morgo mentioned this pull request Dec 27, 2018
Closed
tiancaiamao
tiancaiamao reviewed Jan 3, 2019
View reviewed changes
Copy link
Contributor

@tiancaiamao tiancaiamao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tiancaiamao tiancaiamao added the status/LGT1 Indicates that a PR has LGTM 1. label Jan 3, 2019
alivxxx
alivxxx previously approved these changes Jan 4, 2019
View reviewed changes
Copy link
Contributor

@alivxxx alivxxx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alivxxx alivxxx added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels Jan 4, 2019
@codecov-io
Copy link

codecov-io commented Jan 4, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@cfff965). Click here to learn what that means.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #8837   +/-   ##
=========================================
  Coverage          ?   67.54%           
=========================================
  Files             ?      363           
  Lines             ?    75101           
  Branches          ?        0           
=========================================
  Hits              ?    50725           
  Misses            ?    19903           
  Partials          ?     4473
Impacted Files Coverage Δ
planner/core/planbuilder.go 49.07% <100%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cfff965...ba2bada. Read the comment docs.

@morgo morgo merged commit 081a2c5 into pingcap:master Jan 5, 2019
@morgo morgo deleted the set-permission-check branch January 5, 2019 02:32
@sre-bot sre-bot added the contribution This PR is from a community contributor. label Dec 18, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tiancaiamao tiancaiamao tiancaiamao left review comments

@zimulala zimulala zimulala left review comments

@ngaut ngaut ngaut approved these changes

@alivxxx alivxxx alivxxx left review comments

Assignees
No one assigned
Labels
component/privilege contribution This PR is from a community contributor. sig/planner SIG: Planner status/LGT2 Indicates that a PR has LGTM 2. type/bugfix This PR fixes a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Check user privilege when setting global/session variables
7 participants
@morgo @codecov-io @ngaut @tiancaiamao @zimulala @alivxxx @sre-bot