Support ALL PRIVILEGES ON DB.* in MySQLDatabasePrivilegeChecker

apache · Dec 13, 2024 · 61851f5 · 61851f5
1 parent f23d908
commit 61851f5
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 6 deletions.
diff --git a/...org/apache/shardingsphere/infra/database/mysql/checker/MySQLDatabasePrivilegeChecker.java b/...org/apache/shardingsphere/infra/database/mysql/checker/MySQLDatabasePrivilegeChecker.java
@@ -98,7 +98,8 @@ private String[][] getRequiredPrivileges(final Connection connection, final Priv
     }
 
     private String[][] getSelectRequiredPrivilege(final Connection connection) throws SQLException {
-        return new String[][]{{"ALL PRIVILEGES", "ON *.*"}, {"SELECT", "ON *.*"}, {"SELECT", String.format("ON `%s`.*", connection.getCatalog()).toUpperCase()}};
+        String onCatalog = String.format("ON `%s`.*", connection.getCatalog().toUpperCase());
+        return new String[][]{{"ALL PRIVILEGES", "ON *.*"}, {"SELECT", "ON *.*"}, {"ALL PRIVILEGES", onCatalog}, {"SELECT", onCatalog}};
     }
 
     private boolean matchPrivileges(final String grantedPrivileges, final String[][] requiredPrivileges) {

diff --git a/...apache/shardingsphere/infra/database/mysql/checker/MySQLDatabasePrivilegeCheckerTest.java b/...apache/shardingsphere/infra/database/mysql/checker/MySQLDatabasePrivilegeCheckerTest.java
@@ -56,7 +56,7 @@ void setUp() throws SQLException {
     }
 
     @Test
-    void assertCheckPrivilegeWithParticularSuccess() throws SQLException {
+    void assertCheckPipelinePrivilegeWithParticularSuccess() throws SQLException {
         when(preparedStatement.executeQuery()).thenReturn(resultSet);
         when(resultSet.next()).thenReturn(true);
         when(resultSet.getString(1)).thenReturn("GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO '%'@'%'");
@@ -65,22 +65,22 @@ void assertCheckPrivilegeWithParticularSuccess() throws SQLException {
     }
 
     @Test
-    void assertCheckPrivilegeWithAllSuccess() throws SQLException {
+    void assertCheckPipelinePrivilegeWithAllSuccess() throws SQLException {
         when(preparedStatement.executeQuery()).thenReturn(resultSet);
         when(resultSet.next()).thenReturn(true);
-        when(resultSet.getString(1)).thenReturn("GRANT ALL PRIVILEGES CLIENT ON *.* TO '%'@'%'");
+        when(resultSet.getString(1)).thenReturn("GRANT ALL PRIVILEGES ON *.* TO '%'@'%'");
         new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.PIPELINE);
         verify(preparedStatement).executeQuery();
     }
 
     @Test
-    void assertCheckPrivilegeLackPrivileges() throws SQLException {
+    void assertCheckPipelinePrivilegeWithLackPrivileges() throws SQLException {
         when(preparedStatement.executeQuery()).thenReturn(resultSet);
         assertThrows(MissingRequiredPrivilegeException.class, () -> new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.PIPELINE));
     }
 
     @Test
-    void assertCheckPrivilegeFailure() throws SQLException {
+    void assertCheckPipelinePrivilegeFailure() throws SQLException {
         when(preparedStatement.executeQuery()).thenReturn(resultSet);
         when(resultSet.next()).thenThrow(new SQLException(""));
         assertThrows(CheckDatabaseEnvironmentFailedException.class, () -> new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.PIPELINE));
@@ -127,4 +127,50 @@ void assertCheckXAPrivilegeFailureInMySQL8() throws SQLException {
         when(resultSet.next()).thenThrow(new SQLException(""));
         assertThrows(CheckDatabaseEnvironmentFailedException.class, () -> new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.XA));
     }
+
+    @Test
+    void assertCheckSelectWithSelectPrivileges() throws SQLException {
+        when(dataSource.getConnection().getCatalog()).thenReturn("foo_db");
+        when(preparedStatement.executeQuery()).thenReturn(resultSet);
+        when(resultSet.next()).thenReturn(true);
+        when(resultSet.getString(1)).thenReturn("GRANT SELECT ON *.* TO '%'@'%'");
+        new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.SELECT);
+        verify(preparedStatement).executeQuery();
+    }
+
+    @Test
+    void assertCheckSelectWithSelectOnDatabasePrivileges() throws SQLException {
+        when(dataSource.getConnection().getCatalog()).thenReturn("foo_db");
+        when(preparedStatement.executeQuery()).thenReturn(resultSet);
+        when(resultSet.next()).thenReturn(true);
+        when(resultSet.getString(1)).thenReturn("GRANT SELECT ON `FOO_DB`.* TO '%'@'%'");
+        new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.SELECT);
+        verify(preparedStatement).executeQuery();
+    }
+
+    @Test
+    void assertCheckSelectWithAllPrivileges() throws SQLException {
+        when(dataSource.getConnection().getCatalog()).thenReturn("foo_db");
+        when(preparedStatement.executeQuery()).thenReturn(resultSet);
+        when(resultSet.next()).thenReturn(true);
+        when(resultSet.getString(1)).thenReturn("GRANT ALL PRIVILEGES ON *.* TO '%'@'%'");
+        new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.SELECT);
+        verify(preparedStatement).executeQuery();
+    }
+
+    @Test
+    void assertCheckSelectWithAllPrivilegesOnDatabase() throws SQLException {
+        when(dataSource.getConnection().getCatalog()).thenReturn("foo_db");
+        when(preparedStatement.executeQuery()).thenReturn(resultSet);
+        when(resultSet.next()).thenReturn(true);
+        when(resultSet.getString(1)).thenReturn("GRANT ALL PRIVILEGES ON `FOO_DB`.* TO '%'@'%'");
+        new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.SELECT);
+        verify(preparedStatement).executeQuery();
+    }
+
+    @Test
+    void assertCheckSelectWithLackPrivileges() throws SQLException {
+        when(preparedStatement.executeQuery()).thenReturn(resultSet);
+        assertThrows(MissingRequiredPrivilegeException.class, () -> new MySQLDatabasePrivilegeChecker().check(dataSource, PrivilegeCheckType.SELECT));
+    }
 }