Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cli: ensure user set --password can also modify the password #28197

Merged
merged 1 commit into from
Aug 2, 2018
Merged

cli: ensure user set --password can also modify the password #28197

merged 1 commit into from
Aug 2, 2018

Conversation

knz
Copy link
Contributor

@knz knz commented Aug 2, 2018

Fixes #27882.

Until now the flag --password could only set the password if the
user did not exist previously (ie. during user creation). This patch
fixes the feature so that --password can be used to change an
existing user's password.

Release note (bug fix): cockroach user set --password can now change
the password of existing users.

@knz knz requested a review from BramGruneir August 2, 2018 12:48
@knz knz added this to To do in DB Server & Security via automation Aug 2, 2018
@knz knz requested a review from mberhault August 2, 2018 12:48
@knz knz requested a review from a team as a code owner August 2, 2018 12:48
@knz knz requested review from a team August 2, 2018 12:48
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@knz
Copy link
Contributor Author

knz commented Aug 2, 2018

@mberhault @bdarnell should we backport this to 2.0?

@knz knz moved this from To do to In progress in DB Server & Security Aug 2, 2018
petermattis
petermattis approved these changes Aug 2, 2018
View reviewed changes
Copy link
Collaborator

@petermattis petermattis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale)

mberhault
mberhault previously requested changes Aug 2, 2018
View reviewed changes
pkg/sql/create_user.go Outdated
}

n.run.rowsAffected, err = params.extendedEvalCtx.ExecCfg.InternalExecutor.Exec(
params.ctx,
opName,
params.p.txn,
"insert into system.users values ($1, $2, $3)",
`upsert into system.users(username, "hashedPassword", "isRole") values ($1, $2, $3)`,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this isn't right, you can't use the CREATE USER command to modify a user, that's what the ALTER USER command is for.

@knz
cli: ensure user set --password can also modify the password
b223c76 
Until now the flag `--password` could only set the password if the
user did not exist previously (ie. during user creation). This patch
fixes the feature so that `--password` can be used to change an
existing user's password.

Release note (bug fix): `cockroach user set --password` can now change
the password of existing users.
knz
knz commented Aug 2, 2018
View reviewed changes
Copy link
Contributor Author

@knz knz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale)

pkg/sql/create_user.go, line 125 at r1 (raw file):

Previously, mberhault (marc) wrote…

this isn't right, you can't use the CREATE USER command to modify a user, that's what the ALTER USER command is for.

Oh I see.

Thanks for catching this. Fixed. PTAL.

@mberhault
Copy link
Contributor

LGTM. Thanks for that.
This should be fairly safe to backport to 2.0 but given that we have an alternative solution with ALTER USER I think we can skip it.

@knz knz mentioned this pull request Aug 2, 2018
Merged
knz
knz commented Aug 2, 2018
View reviewed changes
Copy link
Contributor Author

@knz knz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All right. Thanks!

bors r+

Reviewable status: :shipit: complete! 0 of 0 LGTMs obtained (and 1 stale)

@craig
Copy link
Contributor

craig bot commented Aug 2, 2018

👎 Rejected by code reviews

@knz knz dismissed mberhault’s stale review August 2, 2018 15:53

lgtm received

@knz
Copy link
Contributor Author

knz commented Aug 2, 2018

bors r+

craig bot pushed a commit that referenced this pull request Aug 2, 2018
@knz
Merge #28197
4b698e0 
28197: cli: ensure user set --password can also modify the password r=knz a=knz

Fixes  #27882.

Until now the flag `--password` could only set the password if the
user did not exist previously (ie. during user creation). This patch
fixes the feature so that `--password` can be used to change an
existing user's password.

Release note (bug fix): `cockroach user set --password` can now change
the password of existing users.

Co-authored-by: Raphael 'kena' Poss <knz@cockroachlabs.com>
@craig
Copy link
Contributor

craig bot commented Aug 2, 2018

Build succeeded

@craig craig bot merged commit b223c76 into cockroachdb:master Aug 2, 2018
DB Server & Security automation moved this from In progress to Done Aug 2, 2018
craig bot pushed a commit that referenced this pull request Aug 7, 2018
@knz
Merge #28201
a0b764b 
28201: sql: test that the user statements can be properly prepared r=knz a=knz

Found while working on  #28197.

Release note: None

Co-authored-by: Raphael 'kena' Poss <knz@cockroachlabs.com>
@jseldess jseldess mentioned this pull request Aug 28, 2018
Closed
@knz knz deleted the 20180802-user-pwd branch February 14, 2019 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petermattis petermattis petermattis approved these changes

@mberhault mberhault mberhault left review comments

@BramGruneir BramGruneir Awaiting requested review from BramGruneir

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cli: cockroachdb user set --password not updating the password
4 participants
@knz @cockroach-teamcity @mberhault @petermattis