New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
executor: grant table level privilege should check table exist #14540
Conversation
Fix a bug that TiDB can grant privileges on non-exist table. This check also fix the misspelled case sensitive table name case.
/run-all-tests |
/run-all-tests tidb-test=pr/980 |
@@ -192,6 +193,8 @@ func (s *testSuite3) TestColumnScope(c *C) { | |||
func (s *testSuite3) TestIssue2456(c *C) { | |||
tk := testkit.NewTestKit(c, s.store) | |||
tk.MustExec("CREATE USER 'dduser'@'%' IDENTIFIED by '123456';") | |||
tk.MustExec("CREATE DATABASE `dddb_%`;") | |||
tk.MustExec("CREATE table `dddb_%`.`te%` (id int);") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this mean we will never support wildcard in table name ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
LGTM |
/merge |
/run-all-tests |
@tiancaiamao merge failed. |
This one should be merged together with https://github.com/pingcap/tidb-test/pull/980 |
/merge |
/run-all-tests |
cherry pick to release-3.0 failed |
What problem does this PR solve?
MySQL:
TiDB:
Allow grant on non-exist tables causes some more serious bugs than I first thought.
There are two records in
mysql.tables_priv
forgenius@%
and those two records are loaded, they overwrite each other.The user
genius@%
doesn't really haveSelect,Insert,Update,Create
privileges.What is changed and how it works?
Check the table exist before the grant operation.
Check List
Tests
Related changes
Release note