mirror of
https://github.com/percona/percona-toolkit.git
synced 2026-05-16 01:07:12 +08:00
Revert "Merge pull request #320 from percona/PT-1488_mysql_8_support_pt-show-grants"
This reverts commitb90043ff0b, reversing changes made tod8a2466666.
This commit is contained in:
Carlos Salguero
@@ -12,7 +12,6 @@ v3.0.9
|
||||
* Feature PT-1508 : Adding --read-only-interval flag, and read-only check on wake-up (Thanks Shlomi Noach)
|
||||
* Improvement PT-1507 : pt-summary does not reliably read in the transparent huge pages setting (Thanks Nick Veenhof)
|
||||
* New tool PT-1501 : pt-secure-collect - New tool to collect and sanitize pt-tools outputs
|
||||
* Improvement PT-1488 : pt-show-grants support for MySQL 8.0
|
||||
* Feature PT-243 : Adding --max-hostname-length and --max-line-length to pt-query-digest
|
||||
|
||||
v3.0.8 released 2018-03-13
|
||||
|
||||
@@ -1922,23 +1922,6 @@ sub main {
|
||||
my $ignore_users = $o->get('ignore');
|
||||
|
||||
my $exit_status = 0;
|
||||
my $roles = get_roles($dbh);
|
||||
if ($roles && scalar @$roles > 0) {
|
||||
print "-- Roles\n";
|
||||
my $count=0;
|
||||
|
||||
for my $role (@$roles) {
|
||||
next if ($o->get("skip-unused-roles") && $role->{active} == 0);
|
||||
$count++;
|
||||
printf('CREATE ROLE IF NOT EXISTS `%s`;'."\n", $role->{name});
|
||||
}
|
||||
|
||||
if ($count == 0) {
|
||||
print "No active roles found\n";
|
||||
}
|
||||
print "-- End of roles listing\n";
|
||||
}
|
||||
|
||||
USER:
|
||||
foreach my $u ( @$users ) {
|
||||
my $user_host = "'$u->{User}'\@'$u->{Host}'";
|
||||
@@ -2101,38 +2084,6 @@ sub parse_user {
|
||||
return ( $user, $host );
|
||||
}
|
||||
|
||||
sub get_roles {
|
||||
my $dbh = shift;
|
||||
my $query = <<__EOQ;
|
||||
SELECT DISTINCT user.user AS name, IF(from_user IS NULL,0, 1) AS active
|
||||
FROM mysql.user
|
||||
LEFT JOIN mysql.role_edges ON role_edges.from_user=user.user
|
||||
WHERE `account_locked`='Y'
|
||||
AND `password_expired`='Y'
|
||||
AND `authentication_string`=''
|
||||
__EOQ
|
||||
PTDEBUG && _d("Getting roles");
|
||||
PTDEBUG && _d($query);
|
||||
my $roles;
|
||||
eval { $roles = $dbh->selectall_arrayref($query, { Slice => {} }) };
|
||||
if ($EVAL_ERROR) {
|
||||
PTDEBUG && _d("Cannot list roles: $EVAL_ERROR");
|
||||
}
|
||||
return $roles;
|
||||
}
|
||||
|
||||
sub is_role {
|
||||
my ($users, $grant) = @_;
|
||||
foreach my $u ( @$users ) {
|
||||
my $user_host = "`$u->{User}`\@`$u->{Host}`";
|
||||
warn "> user_host: $user_host";
|
||||
if ($grant eq $user_host) {
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub split_grants {
|
||||
my ($grants) = @_;
|
||||
return unless $grants;
|
||||
@@ -2395,10 +2346,6 @@ example, specifying C<--set-vars wait_timeout=500> overrides the defaultvalue of
|
||||
|
||||
The tool prints a warning and continues if a variable cannot be set.
|
||||
|
||||
=item --skip-unused-roles
|
||||
|
||||
When dumping MySQL 8+ roles, skip unused roles.
|
||||
|
||||
=item --socket
|
||||
|
||||
short form: -S; type: string
|
||||
|
||||
+1
-1
@@ -391,7 +391,7 @@ sub verify_test_data {
|
||||
my @diffs;
|
||||
foreach my $c ( @checksums ) {
|
||||
next unless $c->{checksum};
|
||||
if ( $ref->{$c->{table}} && $c->{checksum} ne $ref->{$c->{table}}->{checksum} ) {
|
||||
if ( $c->{checksum} ne $ref->{$c->{table}}->{checksum} ) {
|
||||
push @diffs, $c->{table};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -82,9 +82,8 @@ unlike(
|
||||
'It has no timestamp',
|
||||
);
|
||||
|
||||
# 'mysql.infoschema'@'localhost' user only exists on MySQL 8.0+
|
||||
$output = output(
|
||||
sub { pt_show_grants::main('-F', $cnf, '--ignore', 'baron,msandbox,root,root@localhost,user,mysql.session@localhost,mysql.sys@localhost,sys,mysql.infoschema@localhost'); }
|
||||
sub { pt_show_grants::main('-F', $cnf, '--ignore', 'baron,msandbox,root,root@localhost,user,mysql.session@localhost,mysql.sys@localhost,sys'); }
|
||||
);
|
||||
unlike(
|
||||
$output,
|
||||
@@ -95,7 +94,7 @@ like(
|
||||
$output,
|
||||
qr/\d\d:\d\d:\d\d\n\z/,
|
||||
'No output when all users skipped'
|
||||
) or diag($output);
|
||||
);
|
||||
# #############################################################################
|
||||
# pt-show-grant doesn't support column-level grants
|
||||
# https://bugs.launchpad.net/percona-toolkit/+bug/866075
|
||||
|
||||
@@ -1,109 +0,0 @@
|
||||
#!/usr/bin/env perl
|
||||
|
||||
BEGIN {
|
||||
die "The PERCONA_TOOLKIT_BRANCH environment variable is not set.\n"
|
||||
unless $ENV{PERCONA_TOOLKIT_BRANCH} && -d $ENV{PERCONA_TOOLKIT_BRANCH};
|
||||
unshift @INC, "$ENV{PERCONA_TOOLKIT_BRANCH}/lib";
|
||||
};
|
||||
|
||||
use strict;
|
||||
use warnings FATAL => 'all';
|
||||
use English qw(-no_match_vars);
|
||||
use Test::More;
|
||||
|
||||
use PerconaTest;
|
||||
use Sandbox;
|
||||
use SqlModes;
|
||||
require "$trunk/bin/pt-show-grants";
|
||||
|
||||
my $dp = new DSNParser(opts=>$dsn_opts);
|
||||
my $sb = new Sandbox(basedir => '/tmp', DSNParser => $dp);
|
||||
my $dbh = $sb->get_dbh_for('master');
|
||||
|
||||
if ( !$dbh ) {
|
||||
plan skip_all => 'Cannot connect to sandbox master';
|
||||
} elsif ($sandbox_version < '8.0') {
|
||||
plan skip_all => "There are no roles in this MySQL version. Need MySQL 8.0+";
|
||||
} else {
|
||||
plan tests => 49;
|
||||
}
|
||||
|
||||
$sb->wipe_clean($dbh);
|
||||
|
||||
my $setup_queries = [
|
||||
"CREATE ROLE IF NOT EXISTS 'app_developer', 'app_read', 'app_write', 'tester';",
|
||||
"GRANT ALL ON test.* TO 'app_developer';",
|
||||
"GRANT SELECT ON test.* TO 'app_read';",
|
||||
"GRANT SELECT ON test.* TO 'tester';",
|
||||
"CREATE USER 'zapp'\@'localhost' IDENTIFIED WITH 'mysql_native_password' BY 'test1234';",
|
||||
"GRANT 'app_read','app_write' TO 'zapp'\@'localhost';",
|
||||
"GRANT 'tester' TO 'zapp'\@'localhost' WITH ADMIN OPTION;",
|
||||
"FLUSH PRIVILEGES",
|
||||
];
|
||||
|
||||
my $cleanup_queries = [
|
||||
"DROP USER IF EXISTS 'zapp'\@'localhost'",
|
||||
"DROP ROLE IF EXISTS 'app_developer', 'app_read', 'app_write', 'tester'",
|
||||
"FLUSH PRIVILEGES",
|
||||
];
|
||||
for my $query(@$setup_queries) {
|
||||
$sb->do_as_root('master', $query);
|
||||
}
|
||||
|
||||
my $output;
|
||||
my $cnf = '/tmp/12345/my.sandbox.cnf';
|
||||
|
||||
eval {
|
||||
$output = output(
|
||||
sub { pt_show_grants::main('-F', $cnf, '--skip-unused-roles'); }
|
||||
);
|
||||
};
|
||||
is(
|
||||
$EVAL_ERROR,
|
||||
'',
|
||||
'Does not die on anonymous user (issue 445)',
|
||||
);
|
||||
|
||||
like(
|
||||
$output,
|
||||
qr/CREATE ROLE IF NOT EXISTS `app_read`;/,
|
||||
'Roles has been created'
|
||||
) or diag($output);
|
||||
|
||||
unlike(
|
||||
$output,
|
||||
qr/CREATE ROLE IF NOT EXISTS `app_developer`;/,
|
||||
'Unused roles has been skipped'
|
||||
|
||||
);
|
||||
|
||||
## Do a cleanup and try to run all the queries from the output
|
||||
for my $query(@$cleanup_queries) {
|
||||
$sb->do_as_root('master', $query);
|
||||
}
|
||||
|
||||
my @lines = split(/\n/, $output);
|
||||
my $count=0;
|
||||
|
||||
for my $query(@lines) {
|
||||
next if $query =~ m/^-- /;
|
||||
$count++;
|
||||
eval { $sb->do_as_root('master', $query) };
|
||||
is(
|
||||
$EVAL_ERROR,
|
||||
'',
|
||||
"Ran query $count from the output of pt-show grants",
|
||||
) or diag("Cannot execute query from the output: $query -> $EVAL_ERROR");
|
||||
}
|
||||
|
||||
## Cleanup to leave sandbox ready for next test file.
|
||||
for my $query(@$cleanup_queries) {
|
||||
$sb->do_as_root('master', $query);
|
||||
}
|
||||
|
||||
# #############################################################################
|
||||
# Done.
|
||||
# #############################################################################
|
||||
$sb->wipe_clean($dbh);
|
||||
ok($sb->ok(), "Sandbox servers") or BAIL_OUT(__FILE__ . " broke the sandbox");
|
||||
exit;
|
||||
Reference in New Issue
Block a user