github.com/whtcorpsinc/milevadb-prod@v0.0.0-20211104133533-f57f4be3b597/causetstore/petri/acyclic/privilege/privileges/privileges_test.go (about)

     1  // Copyright 2020 WHTCORPS INC, Inc.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // See the License for the specific language governing permissions and
    12  // limitations under the License.
    13  
    14  package privileges_test
    15  
    16  import (
    17  	"bytes"
    18  	"context"
    19  	"crypto/tls"
    20  	"crypto/x509"
    21  	"crypto/x509/pkix"
    22  	"fmt"
    23  	"net/url"
    24  	"os"
    25  	"strings"
    26  	"testing"
    27  
    28  	"github.com/whtcorpsinc/BerolinaSQL/allegrosql"
    29  	"github.com/whtcorpsinc/BerolinaSQL/auth"
    30  	"github.com/whtcorpsinc/BerolinaSQL/terror"
    31  	. "github.com/whtcorpsinc/check"
    32  	"github.com/whtcorpsinc/milevadb/causet/embedded"
    33  	"github.com/whtcorpsinc/milevadb/causetstore/mockstore"
    34  	"github.com/whtcorpsinc/milevadb/ekv"
    35  	"github.com/whtcorpsinc/milevadb/petri"
    36  	"github.com/whtcorpsinc/milevadb/privilege"
    37  	"github.com/whtcorpsinc/milevadb/privilege/privileges"
    38  	"github.com/whtcorpsinc/milevadb/soliton"
    39  	"github.com/whtcorpsinc/milevadb/soliton/solitonutil"
    40  	"github.com/whtcorpsinc/milevadb/soliton/testkit"
    41  	"github.com/whtcorpsinc/milevadb/soliton/testleak"
    42  	"github.com/whtcorpsinc/milevadb/stochastik"
    43  	"github.com/whtcorpsinc/milevadb/stochastikctx"
    44  )
    45  
    46  func TestT(t *testing.T) {
    47  	CustomVerboseFlag = true
    48  	TestingT(t)
    49  }
    50  
    51  var _ = Suite(&testPrivilegeSuite{})
    52  
    53  type testPrivilegeSuite struct {
    54  	causetstore ekv.CausetStorage
    55  	dom         *petri.Petri
    56  	dbName      string
    57  
    58  	createDBALLEGROSQL                      string
    59  	createDB1ALLEGROSQL                     string
    60  	droFIDelBALLEGROSQL                     string
    61  	useDBALLEGROSQL                         string
    62  	createBlockALLEGROSQL                   string
    63  	createSystemDBALLEGROSQL                string
    64  	createUserBlockALLEGROSQL               string
    65  	createDBPrivBlockALLEGROSQL             string
    66  	createBlockPrivBlockALLEGROSQL          string
    67  	createDeferredCausetPrivBlockALLEGROSQL string
    68  }
    69  
    70  func (s *testPrivilegeSuite) SetUpSuite(c *C) {
    71  	testleak.BeforeTest()
    72  	s.dbName = "test"
    73  	s.dom, s.causetstore = newStore(c, s.dbName)
    74  }
    75  
    76  func (s *testPrivilegeSuite) TearDownSuite(c *C) {
    77  	s.dom.Close()
    78  	s.causetstore.Close()
    79  	testleak.AfterTest(c)()
    80  }
    81  
    82  func (s *testPrivilegeSuite) SetUpTest(c *C) {
    83  	se := newStochastik(c, s.causetstore, s.dbName)
    84  	s.createDBALLEGROSQL = fmt.Sprintf("create database if not exists %s;", s.dbName)
    85  	s.createDB1ALLEGROSQL = fmt.Sprintf("create database if not exists %s1;", s.dbName)
    86  	s.droFIDelBALLEGROSQL = fmt.Sprintf("drop database if exists %s;", s.dbName)
    87  	s.useDBALLEGROSQL = fmt.Sprintf("use %s;", s.dbName)
    88  	s.createBlockALLEGROSQL = `CREATE TABLE test(id INT NOT NULL DEFAULT 1, name varchar(255), PRIMARY KEY(id));`
    89  
    90  	mustInterDirc(c, se, s.createDBALLEGROSQL)
    91  	mustInterDirc(c, se, s.createDB1ALLEGROSQL) // create database test1
    92  	mustInterDirc(c, se, s.useDBALLEGROSQL)
    93  	mustInterDirc(c, se, s.createBlockALLEGROSQL)
    94  
    95  	s.createSystemDBALLEGROSQL = fmt.Sprintf("create database if not exists %s;", allegrosql.SystemDB)
    96  	s.createUserBlockALLEGROSQL = stochastik.CreateUserBlock
    97  	s.createDBPrivBlockALLEGROSQL = stochastik.CreateDBPrivBlock
    98  	s.createBlockPrivBlockALLEGROSQL = stochastik.CreateBlockPrivBlock
    99  	s.createDeferredCausetPrivBlockALLEGROSQL = stochastik.CreateDeferredCausetPrivBlock
   100  
   101  	mustInterDirc(c, se, s.createSystemDBALLEGROSQL)
   102  	mustInterDirc(c, se, s.createUserBlockALLEGROSQL)
   103  	mustInterDirc(c, se, s.createDBPrivBlockALLEGROSQL)
   104  	mustInterDirc(c, se, s.createBlockPrivBlockALLEGROSQL)
   105  	mustInterDirc(c, se, s.createDeferredCausetPrivBlockALLEGROSQL)
   106  }
   107  
   108  func (s *testPrivilegeSuite) TearDownTest(c *C) {
   109  	// drop EDB
   110  	se := newStochastik(c, s.causetstore, s.dbName)
   111  	mustInterDirc(c, se, s.droFIDelBALLEGROSQL)
   112  }
   113  
   114  func (s *testPrivilegeSuite) TestCheckDBPrivilege(c *C) {
   115  	rootSe := newStochastik(c, s.causetstore, s.dbName)
   116  	mustInterDirc(c, rootSe, `CREATE USER 'testcheck'@'localhost';`)
   117  	mustInterDirc(c, rootSe, `CREATE USER 'testcheck_tmp'@'localhost';`)
   118  
   119  	se := newStochastik(c, s.causetstore, s.dbName)
   120  	activeRoles := make([]*auth.RoleIdentity, 0)
   121  	c.Assert(se.Auth(&auth.UserIdentity{Username: "testcheck", Hostname: "localhost"}, nil, nil), IsTrue)
   122  	pc := privilege.GetPrivilegeManager(se)
   123  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.SelectPriv), IsFalse)
   124  
   125  	mustInterDirc(c, rootSe, `GRANT SELECT ON *.* TO  'testcheck'@'localhost';`)
   126  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.SelectPriv), IsTrue)
   127  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.UFIDelatePriv), IsFalse)
   128  
   129  	mustInterDirc(c, rootSe, `GRANT UFIDelate ON test.* TO  'testcheck'@'localhost';`)
   130  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.UFIDelatePriv), IsTrue)
   131  
   132  	activeRoles = append(activeRoles, &auth.RoleIdentity{Username: "testcheck", Hostname: "localhost"})
   133  	mustInterDirc(c, rootSe, `GRANT 'testcheck'@'localhost' TO 'testcheck_tmp'@'localhost';`)
   134  	se2 := newStochastik(c, s.causetstore, s.dbName)
   135  	c.Assert(se2.Auth(&auth.UserIdentity{Username: "testcheck_tmp", Hostname: "localhost"}, nil, nil), IsTrue)
   136  	pc = privilege.GetPrivilegeManager(se2)
   137  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.SelectPriv), IsTrue)
   138  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.UFIDelatePriv), IsTrue)
   139  }
   140  
   141  func (s *testPrivilegeSuite) TestCheckPointGetDBPrivilege(c *C) {
   142  	rootSe := newStochastik(c, s.causetstore, s.dbName)
   143  	mustInterDirc(c, rootSe, `CREATE USER 'tester'@'localhost';`)
   144  	mustInterDirc(c, rootSe, `GRANT SELECT,UFIDelATE ON test.* TO  'tester'@'localhost';`)
   145  	mustInterDirc(c, rootSe, `flush privileges;`)
   146  	mustInterDirc(c, rootSe, `create database test2`)
   147  	mustInterDirc(c, rootSe, `create causet test2.t(id int, v int, primary key(id))`)
   148  	mustInterDirc(c, rootSe, `insert into test2.t(id, v) values(1, 1)`)
   149  
   150  	se := newStochastik(c, s.causetstore, s.dbName)
   151  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tester", Hostname: "localhost"}, nil, nil), IsTrue)
   152  	mustInterDirc(c, se, `use test;`)
   153  	_, err := se.InterDircute(context.Background(), `select * from test2.t where id = 1`)
   154  	c.Assert(terror.ErrorEqual(err, embedded.ErrBlockaccessDenied), IsTrue)
   155  	_, err = se.InterDircute(context.Background(), "uFIDelate test2.t set v = 2 where id = 1")
   156  	c.Assert(terror.ErrorEqual(err, embedded.ErrBlockaccessDenied), IsTrue)
   157  }
   158  
   159  func (s *testPrivilegeSuite) TestCheckBlockPrivilege(c *C) {
   160  	rootSe := newStochastik(c, s.causetstore, s.dbName)
   161  	mustInterDirc(c, rootSe, `CREATE USER 'test1'@'localhost';`)
   162  	mustInterDirc(c, rootSe, `CREATE USER 'test1_tmp'@'localhost';`)
   163  
   164  	se := newStochastik(c, s.causetstore, s.dbName)
   165  	activeRoles := make([]*auth.RoleIdentity, 0)
   166  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test1", Hostname: "localhost"}, nil, nil), IsTrue)
   167  	pc := privilege.GetPrivilegeManager(se)
   168  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.SelectPriv), IsFalse)
   169  
   170  	mustInterDirc(c, rootSe, `GRANT SELECT ON *.* TO  'test1'@'localhost';`)
   171  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.SelectPriv), IsTrue)
   172  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.UFIDelatePriv), IsFalse)
   173  
   174  	mustInterDirc(c, rootSe, `GRANT UFIDelate ON test.* TO  'test1'@'localhost';`)
   175  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.UFIDelatePriv), IsTrue)
   176  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.IndexPriv), IsFalse)
   177  
   178  	activeRoles = append(activeRoles, &auth.RoleIdentity{Username: "test1", Hostname: "localhost"})
   179  	se2 := newStochastik(c, s.causetstore, s.dbName)
   180  	mustInterDirc(c, rootSe, `GRANT 'test1'@'localhost' TO 'test1_tmp'@'localhost';`)
   181  	c.Assert(se2.Auth(&auth.UserIdentity{Username: "test1_tmp", Hostname: "localhost"}, nil, nil), IsTrue)
   182  	pc2 := privilege.GetPrivilegeManager(se2)
   183  	c.Assert(pc2.RequestVerification(activeRoles, "test", "test", "", allegrosql.SelectPriv), IsTrue)
   184  	c.Assert(pc2.RequestVerification(activeRoles, "test", "test", "", allegrosql.UFIDelatePriv), IsTrue)
   185  	c.Assert(pc2.RequestVerification(activeRoles, "test", "test", "", allegrosql.IndexPriv), IsFalse)
   186  
   187  	mustInterDirc(c, rootSe, `GRANT Index ON test.test TO  'test1'@'localhost';`)
   188  	c.Assert(pc.RequestVerification(activeRoles, "test", "test", "", allegrosql.IndexPriv), IsTrue)
   189  	c.Assert(pc2.RequestVerification(activeRoles, "test", "test", "", allegrosql.IndexPriv), IsTrue)
   190  }
   191  
   192  func (s *testPrivilegeSuite) TestCheckViewPrivilege(c *C) {
   193  	rootSe := newStochastik(c, s.causetstore, s.dbName)
   194  	mustInterDirc(c, rootSe, `CREATE USER 'vuser'@'localhost';`)
   195  	mustInterDirc(c, rootSe, `CREATE VIEW v AS SELECT * FROM test;`)
   196  
   197  	se := newStochastik(c, s.causetstore, s.dbName)
   198  	activeRoles := make([]*auth.RoleIdentity, 0)
   199  	c.Assert(se.Auth(&auth.UserIdentity{Username: "vuser", Hostname: "localhost"}, nil, nil), IsTrue)
   200  	pc := privilege.GetPrivilegeManager(se)
   201  	c.Assert(pc.RequestVerification(activeRoles, "test", "v", "", allegrosql.SelectPriv), IsFalse)
   202  
   203  	mustInterDirc(c, rootSe, `GRANT SELECT ON test.v TO 'vuser'@'localhost';`)
   204  	c.Assert(pc.RequestVerification(activeRoles, "test", "v", "", allegrosql.SelectPriv), IsTrue)
   205  	c.Assert(pc.RequestVerification(activeRoles, "test", "v", "", allegrosql.ShowViewPriv), IsFalse)
   206  
   207  	mustInterDirc(c, rootSe, `GRANT SHOW VIEW ON test.v TO 'vuser'@'localhost';`)
   208  	c.Assert(pc.RequestVerification(activeRoles, "test", "v", "", allegrosql.SelectPriv), IsTrue)
   209  	c.Assert(pc.RequestVerification(activeRoles, "test", "v", "", allegrosql.ShowViewPriv), IsTrue)
   210  }
   211  
   212  func (s *testPrivilegeSuite) TestCheckPrivilegeWithRoles(c *C) {
   213  	rootSe := newStochastik(c, s.causetstore, s.dbName)
   214  	mustInterDirc(c, rootSe, `CREATE USER 'test_role'@'localhost';`)
   215  	mustInterDirc(c, rootSe, `CREATE ROLE r_1, r_2, r_3;`)
   216  	mustInterDirc(c, rootSe, `GRANT r_1, r_2, r_3 TO 'test_role'@'localhost';`)
   217  
   218  	se := newStochastik(c, s.causetstore, s.dbName)
   219  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_role", Hostname: "localhost"}, nil, nil), IsTrue)
   220  	mustInterDirc(c, se, `SET ROLE r_1, r_2;`)
   221  	mustInterDirc(c, rootSe, `SET DEFAULT ROLE r_1 TO 'test_role'@'localhost';`)
   222  
   223  	mustInterDirc(c, rootSe, `GRANT SELECT ON test.* TO r_1;`)
   224  	pc := privilege.GetPrivilegeManager(se)
   225  	activeRoles := se.GetStochastikVars().ActiveRoles
   226  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.SelectPriv), IsTrue)
   227  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.UFIDelatePriv), IsFalse)
   228  	mustInterDirc(c, rootSe, `GRANT UFIDelATE ON test.* TO r_2;`)
   229  	c.Assert(pc.RequestVerification(activeRoles, "test", "", "", allegrosql.UFIDelatePriv), IsTrue)
   230  
   231  	mustInterDirc(c, se, `SET ROLE NONE;`)
   232  	c.Assert(len(se.GetStochastikVars().ActiveRoles), Equals, 0)
   233  	mustInterDirc(c, se, `SET ROLE DEFAULT;`)
   234  	c.Assert(len(se.GetStochastikVars().ActiveRoles), Equals, 1)
   235  	mustInterDirc(c, se, `SET ROLE ALL;`)
   236  	c.Assert(len(se.GetStochastikVars().ActiveRoles), Equals, 3)
   237  	mustInterDirc(c, se, `SET ROLE ALL EXCEPT r_1, r_2;`)
   238  	c.Assert(len(se.GetStochastikVars().ActiveRoles), Equals, 1)
   239  }
   240  
   241  func (s *testPrivilegeSuite) TestShowGrants(c *C) {
   242  	se := newStochastik(c, s.causetstore, s.dbName)
   243  	ctx, _ := se.(stochastikctx.Context)
   244  	mustInterDirc(c, se, `CREATE USER 'show'@'localhost' identified by '123';`)
   245  	mustInterDirc(c, se, `GRANT Index ON *.* TO  'show'@'localhost';`)
   246  	pc := privilege.GetPrivilegeManager(se)
   247  
   248  	gs, err := pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   249  	c.Assert(err, IsNil)
   250  	c.Assert(gs, HasLen, 1)
   251  	c.Assert(gs[0], Equals, `GRANT Index ON *.* TO 'show'@'localhost'`)
   252  
   253  	mustInterDirc(c, se, `GRANT Select ON *.* TO  'show'@'localhost';`)
   254  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   255  	c.Assert(err, IsNil)
   256  	c.Assert(gs, HasLen, 1)
   257  	c.Assert(gs[0], Equals, `GRANT Select,Index ON *.* TO 'show'@'localhost'`)
   258  
   259  	// The order of privs is the same with AllGlobalPrivs
   260  	mustInterDirc(c, se, `GRANT UFIDelate ON *.* TO  'show'@'localhost';`)
   261  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   262  	c.Assert(err, IsNil)
   263  	c.Assert(gs, HasLen, 1)
   264  	c.Assert(gs[0], Equals, `GRANT Select,UFIDelate,Index ON *.* TO 'show'@'localhost'`)
   265  
   266  	// All privileges
   267  	mustInterDirc(c, se, `GRANT ALL ON *.* TO  'show'@'localhost';`)
   268  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   269  	c.Assert(err, IsNil)
   270  	c.Assert(gs, HasLen, 1)
   271  	c.Assert(gs[0], Equals, `GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`)
   272  
   273  	// All privileges with grant option
   274  	mustInterDirc(c, se, `GRANT ALL ON *.* TO 'show'@'localhost' WITH GRANT OPTION;`)
   275  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   276  	c.Assert(err, IsNil)
   277  	c.Assert(gs, HasLen, 1)
   278  	c.Assert(gs[0], Equals, `GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost' WITH GRANT OPTION`)
   279  
   280  	// Revoke grant option
   281  	mustInterDirc(c, se, `REVOKE GRANT OPTION ON *.* FROM 'show'@'localhost';`)
   282  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   283  	c.Assert(err, IsNil)
   284  	c.Assert(gs, HasLen, 1)
   285  	c.Assert(gs[0], Equals, `GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`)
   286  
   287  	// Add EDB scope privileges
   288  	mustInterDirc(c, se, `GRANT Select ON test.* TO  'show'@'localhost';`)
   289  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   290  	c.Assert(err, IsNil)
   291  	c.Assert(gs, HasLen, 2)
   292  	expected := []string{`GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`,
   293  		`GRANT Select ON test.* TO 'show'@'localhost'`}
   294  	c.Assert(solitonutil.CompareUnorderedStringSlice(gs, expected), IsTrue)
   295  
   296  	mustInterDirc(c, se, `GRANT Index ON test1.* TO  'show'@'localhost';`)
   297  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   298  	c.Assert(err, IsNil)
   299  	c.Assert(gs, HasLen, 3)
   300  	expected = []string{`GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`,
   301  		`GRANT Select ON test.* TO 'show'@'localhost'`,
   302  		`GRANT Index ON test1.* TO 'show'@'localhost'`}
   303  	c.Assert(solitonutil.CompareUnorderedStringSlice(gs, expected), IsTrue)
   304  
   305  	mustInterDirc(c, se, `GRANT ALL ON test1.* TO  'show'@'localhost';`)
   306  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   307  	c.Assert(err, IsNil)
   308  	c.Assert(gs, HasLen, 3)
   309  	expected = []string{`GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`,
   310  		`GRANT Select ON test.* TO 'show'@'localhost'`,
   311  		`GRANT ALL PRIVILEGES ON test1.* TO 'show'@'localhost'`}
   312  	c.Assert(solitonutil.CompareUnorderedStringSlice(gs, expected), IsTrue)
   313  
   314  	// Add causet scope privileges
   315  	mustInterDirc(c, se, `GRANT UFIDelate ON test.test TO  'show'@'localhost';`)
   316  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   317  	c.Assert(err, IsNil)
   318  	c.Assert(gs, HasLen, 4)
   319  	expected = []string{`GRANT ALL PRIVILEGES ON *.* TO 'show'@'localhost'`,
   320  		`GRANT Select ON test.* TO 'show'@'localhost'`,
   321  		`GRANT ALL PRIVILEGES ON test1.* TO 'show'@'localhost'`,
   322  		`GRANT UFIDelate ON test.test TO 'show'@'localhost'`}
   323  	c.Assert(solitonutil.CompareUnorderedStringSlice(gs, expected), IsTrue)
   324  
   325  	// Expected behavior: Usage still exists after revoking all privileges
   326  	mustInterDirc(c, se, `REVOKE ALL PRIVILEGES ON *.* FROM 'show'@'localhost'`)
   327  	mustInterDirc(c, se, `REVOKE Select on test.* FROM 'show'@'localhost'`)
   328  	mustInterDirc(c, se, `REVOKE ALL ON test1.* FROM 'show'@'localhost'`)
   329  	mustInterDirc(c, se, `REVOKE UFIDelATE on test.test FROM 'show'@'localhost'`)
   330  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   331  	c.Assert(err, IsNil)
   332  	c.Assert(gs, HasLen, 1)
   333  	c.Assert(gs[0], Equals, `GRANT USAGE ON *.* TO 'show'@'localhost'`)
   334  
   335  	// Usage should not exist after dropping the user
   336  	// Which we need privileges to do so!
   337  	ctx.GetStochastikVars().User = &auth.UserIdentity{Username: "root", Hostname: "localhost"}
   338  	mustInterDirc(c, se, `DROP USER 'show'@'localhost'`)
   339  
   340  	// This should now return an error
   341  	_, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "show", Hostname: "localhost"}, nil)
   342  	c.Assert(err, NotNil)
   343  	// cant show grants for non-existent
   344  	c.Assert(terror.ErrorEqual(err, privileges.ErrNonexistingGrant), IsTrue)
   345  
   346  	// Test SHOW GRANTS with USING roles.
   347  	mustInterDirc(c, se, `CREATE ROLE 'r1', 'r2'`)
   348  	mustInterDirc(c, se, `GRANT SELECT ON test.* TO 'r1'`)
   349  	mustInterDirc(c, se, `GRANT INSERT, UFIDelATE ON test.* TO 'r2'`)
   350  	mustInterDirc(c, se, `CREATE USER 'testrole'@'localhost' IDENTIFIED BY 'u1pass'`)
   351  	mustInterDirc(c, se, `GRANT 'r1', 'r2' TO 'testrole'@'localhost'`)
   352  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, nil)
   353  	c.Assert(err, IsNil)
   354  	c.Assert(gs, HasLen, 2)
   355  	roles := make([]*auth.RoleIdentity, 0)
   356  	roles = append(roles, &auth.RoleIdentity{Username: "r2", Hostname: "%"})
   357  	mustInterDirc(c, se, `GRANT DELETE ON test.* TO 'testrole'@'localhost'`)
   358  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, roles)
   359  	c.Assert(err, IsNil)
   360  	c.Assert(gs, HasLen, 3)
   361  	roles = append(roles, &auth.RoleIdentity{Username: "r1", Hostname: "%"})
   362  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, roles)
   363  	c.Assert(err, IsNil)
   364  	c.Assert(gs, HasLen, 3)
   365  	mustInterDirc(c, se, `GRANT INSERT, DELETE ON test.test TO 'r2'`)
   366  	mustInterDirc(c, se, `create causet test.b (id int)`)
   367  	mustInterDirc(c, se, `GRANT UFIDelATE ON test.b TO 'testrole'@'localhost'`)
   368  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, roles)
   369  	c.Assert(err, IsNil)
   370  	c.Assert(gs, HasLen, 5)
   371  	mustInterDirc(c, se, `DROP ROLE 'r1', 'r2'`)
   372  	mustInterDirc(c, se, `DROP USER 'testrole'@'localhost'`)
   373  	mustInterDirc(c, se, `CREATE ROLE 'r1', 'r2'`)
   374  	mustInterDirc(c, se, `GRANT SELECT ON test.* TO 'r2'`)
   375  	mustInterDirc(c, se, `CREATE USER 'testrole'@'localhost' IDENTIFIED BY 'u1pass'`)
   376  	mustInterDirc(c, se, `GRANT 'r1' TO 'testrole'@'localhost'`)
   377  	mustInterDirc(c, se, `GRANT 'r2' TO 'r1'`)
   378  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, nil)
   379  	c.Assert(err, IsNil)
   380  	c.Assert(gs, HasLen, 2)
   381  	roles = make([]*auth.RoleIdentity, 0)
   382  	roles = append(roles, &auth.RoleIdentity{Username: "r1", Hostname: "%"})
   383  	gs, err = pc.ShowGrants(se, &auth.UserIdentity{Username: "testrole", Hostname: "localhost"}, roles)
   384  	c.Assert(err, IsNil)
   385  	c.Assert(gs, HasLen, 3)
   386  }
   387  
   388  func (s *testPrivilegeSuite) TestShowDeferredCausetGrants(c *C) {
   389  	se := newStochastik(c, s.causetstore, s.dbName)
   390  	mustInterDirc(c, se, `USE test`)
   391  	mustInterDirc(c, se, `CREATE USER 'column'@'%'`)
   392  	mustInterDirc(c, se, `CREATE TABLE column_block (a int, b int, c int)`)
   393  	mustInterDirc(c, se, `GRANT Select(a),UFIDelate(a,b),Insert(c) ON test.column_block TO  'column'@'%'`)
   394  
   395  	pc := privilege.GetPrivilegeManager(se)
   396  	gs, err := pc.ShowGrants(se, &auth.UserIdentity{Username: "column", Hostname: "%"}, nil)
   397  	c.Assert(err, IsNil)
   398  	c.Assert(strings.Join(gs, " "), Equals, "GRANT USAGE ON *.* TO 'column'@'%' GRANT Select(a), Insert(c), UFIDelate(a, b) ON test.column_block TO 'column'@'%'")
   399  }
   400  
   401  func (s *testPrivilegeSuite) TestDropBlockPriv(c *C) {
   402  	se := newStochastik(c, s.causetstore, s.dbName)
   403  	ctx, _ := se.(stochastikctx.Context)
   404  	mustInterDirc(c, se, `CREATE TABLE todrop(c int);`)
   405  	// ctx.GetStochastikVars().User = "root@localhost"
   406  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
   407  	mustInterDirc(c, se, `CREATE USER 'drop'@'localhost';`)
   408  	mustInterDirc(c, se, `GRANT Select ON test.todrop TO  'drop'@'localhost';`)
   409  
   410  	// ctx.GetStochastikVars().User = "drop@localhost"
   411  	c.Assert(se.Auth(&auth.UserIdentity{Username: "drop", Hostname: "localhost"}, nil, nil), IsTrue)
   412  	mustInterDirc(c, se, `SELECT * FROM todrop;`)
   413  	_, err := se.InterDircute(context.Background(), "DROP TABLE todrop;")
   414  	c.Assert(err, NotNil)
   415  
   416  	se = newStochastik(c, s.causetstore, s.dbName)
   417  	ctx.GetStochastikVars().User = &auth.UserIdentity{Username: "root", Hostname: "localhost"}
   418  	mustInterDirc(c, se, `GRANT Drop ON test.todrop TO  'drop'@'localhost';`)
   419  
   420  	se = newStochastik(c, s.causetstore, s.dbName)
   421  	ctx.GetStochastikVars().User = &auth.UserIdentity{Username: "drop", Hostname: "localhost"}
   422  	mustInterDirc(c, se, `DROP TABLE todrop;`)
   423  }
   424  
   425  func (s *testPrivilegeSuite) TestSetPasswdStmt(c *C) {
   426  
   427  	se := newStochastik(c, s.causetstore, s.dbName)
   428  
   429  	// high privileged user setting password for other user (passes)
   430  	mustInterDirc(c, se, "CREATE USER 'superuser'")
   431  	mustInterDirc(c, se, "CREATE USER 'nobodyuser'")
   432  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'superuser'")
   433  
   434  	c.Assert(se.Auth(&auth.UserIdentity{Username: "superuser", Hostname: "localhost", AuthUsername: "superuser", AuthHostname: "%"}, nil, nil), IsTrue)
   435  	mustInterDirc(c, se, "SET PASSWORD for 'nobodyuser' = 'newpassword'")
   436  	mustInterDirc(c, se, "SET PASSWORD for 'nobodyuser' = ''")
   437  
   438  	// low privileged user trying to set password for other user (fails)
   439  	c.Assert(se.Auth(&auth.UserIdentity{Username: "nobodyuser", Hostname: "localhost", AuthUsername: "nobodyuser", AuthHostname: "%"}, nil, nil), IsTrue)
   440  	_, err := se.InterDircute(context.Background(), "SET PASSWORD for 'superuser' = 'newpassword'")
   441  	c.Assert(err, NotNil)
   442  }
   443  
   444  func (s *testPrivilegeSuite) TestSelectViewSecurity(c *C) {
   445  	se := newStochastik(c, s.causetstore, s.dbName)
   446  	ctx, _ := se.(stochastikctx.Context)
   447  	mustInterDirc(c, se, `CREATE TABLE viewsecurity(c int);`)
   448  	// ctx.GetStochastikVars().User = "root@localhost"
   449  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
   450  	mustInterDirc(c, se, `CREATE USER 'selectusr'@'localhost';`)
   451  	mustInterDirc(c, se, `GRANT CREATE VIEW ON test.* TO  'selectusr'@'localhost';`)
   452  	mustInterDirc(c, se, `GRANT SELECT ON test.viewsecurity TO  'selectusr'@'localhost';`)
   453  
   454  	// ctx.GetStochastikVars().User = "selectusr@localhost"
   455  	c.Assert(se.Auth(&auth.UserIdentity{Username: "selectusr", Hostname: "localhost"}, nil, nil), IsTrue)
   456  	mustInterDirc(c, se, `SELECT * FROM test.viewsecurity;`)
   457  	mustInterDirc(c, se, `CREATE ALGORITHM = UNDEFINED ALLEGROALLEGROSQL SECURITY DEFINER VIEW test.selectviewsecurity as select * FROM test.viewsecurity;`)
   458  
   459  	se = newStochastik(c, s.causetstore, s.dbName)
   460  	ctx.GetStochastikVars().User = &auth.UserIdentity{Username: "root", Hostname: "localhost"}
   461  	mustInterDirc(c, se, "SELECT * FROM test.selectviewsecurity")
   462  	mustInterDirc(c, se, `REVOKE Select ON test.viewsecurity FROM  'selectusr'@'localhost';`)
   463  	_, err := se.InterDircute(context.Background(), "select * from test.selectviewsecurity")
   464  	c.Assert(err.Error(), Equals, embedded.ErrViewInvalid.GenWithStackByArgs("test", "selectviewsecurity").Error())
   465  }
   466  
   467  func (s *testPrivilegeSuite) TestRoleAdminSecurity(c *C) {
   468  	se := newStochastik(c, s.causetstore, s.dbName)
   469  	mustInterDirc(c, se, `CREATE USER 'ar1'@'localhost';`)
   470  	mustInterDirc(c, se, `CREATE USER 'ar2'@'localhost';`)
   471  	mustInterDirc(c, se, `GRANT ALL ON *.* to ar1@localhost`)
   472  	defer func() {
   473  		c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "%"}, nil, nil), IsTrue)
   474  		mustInterDirc(c, se, "drop user 'ar1'@'localhost'")
   475  		mustInterDirc(c, se, "drop user 'ar2'@'localhost'")
   476  	}()
   477  
   478  	c.Assert(se.Auth(&auth.UserIdentity{Username: "ar1", Hostname: "localhost"}, nil, nil), IsTrue)
   479  	mustInterDirc(c, se, `create role r_test1@localhost`)
   480  
   481  	c.Assert(se.Auth(&auth.UserIdentity{Username: "ar2", Hostname: "localhost"}, nil, nil), IsTrue)
   482  	_, err := se.InterDircute(context.Background(), `create role r_test2@localhost`)
   483  	c.Assert(terror.ErrorEqual(err, embedded.ErrSpecificAccessDenied), IsTrue)
   484  }
   485  
   486  func (s *testPrivilegeSuite) TestCheckCertBasedAuth(c *C) {
   487  	se := newStochastik(c, s.causetstore, s.dbName)
   488  	mustInterDirc(c, se, `CREATE USER 'r1'@'localhost';`)
   489  	mustInterDirc(c, se, `CREATE USER 'r2'@'localhost' require none;`)
   490  	mustInterDirc(c, se, `CREATE USER 'r3'@'localhost' require ssl;`)
   491  	mustInterDirc(c, se, `CREATE USER 'r4'@'localhost' require x509;`)
   492  	mustInterDirc(c, se, `CREATE USER 'r5'@'localhost' require issuer '/C=US/ST=California/L=San Francisco/O=WHTCORPS INC/OU=MilevaDB/CN=MilevaDB admin'
   493  		subject '/C=ZH/ST=Beijing/L=Haidian/O=WHTCORPS INC.Inc/OU=MilevaDB/CN=tester1' cipher 'TLS_AES_128_GCM_SHA256'`)
   494  	mustInterDirc(c, se, `CREATE USER 'r6'@'localhost' require issuer '/C=US/ST=California/L=San Francisco/O=WHTCORPS INC/OU=MilevaDB/CN=MilevaDB admin'
   495  		subject '/C=ZH/ST=Beijing/L=Haidian/O=WHTCORPS INC.Inc/OU=MilevaDB/CN=tester1'`)
   496  	mustInterDirc(c, se, `CREATE USER 'r7_issuer_only'@'localhost' require issuer '/C=US/ST=California/L=San Francisco/O=WHTCORPS INC/OU=MilevaDB/CN=MilevaDB admin'`)
   497  	mustInterDirc(c, se, `CREATE USER 'r8_subject_only'@'localhost' require subject '/C=ZH/ST=Beijing/L=Haidian/O=WHTCORPS INC.Inc/OU=MilevaDB/CN=tester1'`)
   498  	mustInterDirc(c, se, `CREATE USER 'r9_subject_disorder'@'localhost' require subject '/ST=Beijing/C=ZH/L=Haidian/O=WHTCORPS INC.Inc/OU=MilevaDB/CN=tester1'`)
   499  	mustInterDirc(c, se, `CREATE USER 'r10_issuer_disorder'@'localhost' require issuer '/ST=California/C=US/L=San Francisco/O=WHTCORPS INC/OU=MilevaDB/CN=MilevaDB admin'`)
   500  	mustInterDirc(c, se, `CREATE USER 'r11_cipher_only'@'localhost' require cipher 'TLS_AES_256_GCM_SHA384'`)
   501  	mustInterDirc(c, se, `CREATE USER 'r12_old_milevadb_user'@'localhost'`)
   502  	mustInterDirc(c, se, "DELETE FROM allegrosql.global_priv WHERE `user` = 'r12_old_milevadb_user' and `host` = 'localhost'")
   503  	mustInterDirc(c, se, `CREATE USER 'r13_broken_user'@'localhost'require issuer '/C=US/ST=California/L=San Francisco/O=WHTCORPS INC/OU=MilevaDB/CN=MilevaDB admin'
   504  		subject '/C=ZH/ST=Beijing/L=Haidian/O=WHTCORPS INC.Inc/OU=MilevaDB/CN=tester1'`)
   505  	mustInterDirc(c, se, "UFIDelATE allegrosql.global_priv set priv = 'abc' where `user` = 'r13_broken_user' and `host` = 'localhost'")
   506  	mustInterDirc(c, se, `CREATE USER 'r14_san_only_pass'@'localhost' require san 'URI:spiffe://mesh.whtcorpsinc.com/ns/timesh/sa/me1'`)
   507  	mustInterDirc(c, se, `CREATE USER 'r15_san_only_fail'@'localhost' require san 'URI:spiffe://mesh.whtcorpsinc.com/ns/timesh/sa/me2'`)
   508  	mustInterDirc(c, se, "flush privileges")
   509  
   510  	defer func() {
   511  		c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "%"}, nil, nil), IsTrue)
   512  		mustInterDirc(c, se, "drop user 'r1'@'localhost'")
   513  		mustInterDirc(c, se, "drop user 'r2'@'localhost'")
   514  		mustInterDirc(c, se, "drop user 'r3'@'localhost'")
   515  		mustInterDirc(c, se, "drop user 'r4'@'localhost'")
   516  		mustInterDirc(c, se, "drop user 'r5'@'localhost'")
   517  		mustInterDirc(c, se, "drop user 'r6'@'localhost'")
   518  		mustInterDirc(c, se, "drop user 'r7_issuer_only'@'localhost'")
   519  		mustInterDirc(c, se, "drop user 'r8_subject_only'@'localhost'")
   520  		mustInterDirc(c, se, "drop user 'r9_subject_disorder'@'localhost'")
   521  		mustInterDirc(c, se, "drop user 'r10_issuer_disorder'@'localhost'")
   522  		mustInterDirc(c, se, "drop user 'r11_cipher_only'@'localhost'")
   523  		mustInterDirc(c, se, "drop user 'r12_old_milevadb_user'@'localhost'")
   524  		mustInterDirc(c, se, "drop user 'r13_broken_user'@'localhost'")
   525  		mustInterDirc(c, se, "drop user 'r14_san_only_pass'@'localhost'")
   526  		mustInterDirc(c, se, "drop user 'r15_san_only_fail'@'localhost'")
   527  	}()
   528  
   529  	// test without ssl or ca
   530  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r1", Hostname: "localhost"}, nil, nil), IsTrue)
   531  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r2", Hostname: "localhost"}, nil, nil), IsTrue)
   532  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r3", Hostname: "localhost"}, nil, nil), IsFalse)
   533  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r4", Hostname: "localhost"}, nil, nil), IsFalse)
   534  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsFalse)
   535  
   536  	// test use ssl without ca
   537  	se.GetStochastikVars().TLSConnectionState = &tls.ConnectionState{VerifiedChains: nil}
   538  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r1", Hostname: "localhost"}, nil, nil), IsTrue)
   539  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r2", Hostname: "localhost"}, nil, nil), IsTrue)
   540  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r3", Hostname: "localhost"}, nil, nil), IsTrue)
   541  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r4", Hostname: "localhost"}, nil, nil), IsFalse)
   542  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsFalse)
   543  
   544  	// test use ssl with signed but info wrong ca.
   545  	se.GetStochastikVars().TLSConnectionState = &tls.ConnectionState{VerifiedChains: [][]*x509.Certificate{{{}}}}
   546  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r1", Hostname: "localhost"}, nil, nil), IsTrue)
   547  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r2", Hostname: "localhost"}, nil, nil), IsTrue)
   548  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r3", Hostname: "localhost"}, nil, nil), IsTrue)
   549  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r4", Hostname: "localhost"}, nil, nil), IsTrue)
   550  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsFalse)
   551  
   552  	// test a all pass case
   553  	se.GetStochastikVars().TLSConnectionState = connectionState(
   554  		pkix.Name{
   555  			Names: []pkix.AttributeTypeAndValue{
   556  				soliton.MockPkixAttribute(soliton.Country, "US"),
   557  				soliton.MockPkixAttribute(soliton.Province, "California"),
   558  				soliton.MockPkixAttribute(soliton.Locality, "San Francisco"),
   559  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC"),
   560  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   561  				soliton.MockPkixAttribute(soliton.CommonName, "MilevaDB admin"),
   562  			},
   563  		},
   564  		pkix.Name{
   565  			Names: []pkix.AttributeTypeAndValue{
   566  				soliton.MockPkixAttribute(soliton.Country, "ZH"),
   567  				soliton.MockPkixAttribute(soliton.Province, "Beijing"),
   568  				soliton.MockPkixAttribute(soliton.Locality, "Haidian"),
   569  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC.Inc"),
   570  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   571  				soliton.MockPkixAttribute(soliton.CommonName, "tester1"),
   572  			},
   573  		},
   574  		tls.TLS_AES_128_GCM_SHA256, func(c *x509.Certificate) {
   575  			var url url.URL
   576  			url.UnmarshalBinary([]byte("spiffe://mesh.whtcorpsinc.com/ns/timesh/sa/me1"))
   577  			c.URIs = append(c.URIs, &url)
   578  		})
   579  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r1", Hostname: "localhost"}, nil, nil), IsTrue)
   580  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r2", Hostname: "localhost"}, nil, nil), IsTrue)
   581  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r3", Hostname: "localhost"}, nil, nil), IsTrue)
   582  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r4", Hostname: "localhost"}, nil, nil), IsTrue)
   583  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsTrue)
   584  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r14_san_only_pass", Hostname: "localhost"}, nil, nil), IsTrue)
   585  
   586  	// test require but give nothing
   587  	se.GetStochastikVars().TLSConnectionState = nil
   588  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsFalse)
   589  
   590  	// test mismatch cipher
   591  	se.GetStochastikVars().TLSConnectionState = connectionState(
   592  		pkix.Name{
   593  			Names: []pkix.AttributeTypeAndValue{
   594  				soliton.MockPkixAttribute(soliton.Country, "US"),
   595  				soliton.MockPkixAttribute(soliton.Province, "California"),
   596  				soliton.MockPkixAttribute(soliton.Locality, "San Francisco"),
   597  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC"),
   598  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   599  				soliton.MockPkixAttribute(soliton.CommonName, "MilevaDB admin"),
   600  			},
   601  		},
   602  		pkix.Name{
   603  			Names: []pkix.AttributeTypeAndValue{
   604  				soliton.MockPkixAttribute(soliton.Country, "ZH"),
   605  				soliton.MockPkixAttribute(soliton.Province, "Beijing"),
   606  				soliton.MockPkixAttribute(soliton.Locality, "Haidian"),
   607  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC.Inc"),
   608  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   609  				soliton.MockPkixAttribute(soliton.CommonName, "tester1"),
   610  			},
   611  		},
   612  		tls.TLS_AES_256_GCM_SHA384)
   613  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r5", Hostname: "localhost"}, nil, nil), IsFalse)
   614  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r6", Hostname: "localhost"}, nil, nil), IsTrue) // not require cipher
   615  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r11_cipher_only", Hostname: "localhost"}, nil, nil), IsTrue)
   616  
   617  	// test only subject or only issuer
   618  	se.GetStochastikVars().TLSConnectionState = connectionState(
   619  		pkix.Name{
   620  			Names: []pkix.AttributeTypeAndValue{
   621  				soliton.MockPkixAttribute(soliton.Country, "US"),
   622  				soliton.MockPkixAttribute(soliton.Province, "California"),
   623  				soliton.MockPkixAttribute(soliton.Locality, "San Francisco"),
   624  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC"),
   625  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   626  				soliton.MockPkixAttribute(soliton.CommonName, "MilevaDB admin"),
   627  			},
   628  		},
   629  		pkix.Name{
   630  			Names: []pkix.AttributeTypeAndValue{
   631  				soliton.MockPkixAttribute(soliton.Country, "AZ"),
   632  				soliton.MockPkixAttribute(soliton.Province, "Beijing"),
   633  				soliton.MockPkixAttribute(soliton.Locality, "Shijingshang"),
   634  				soliton.MockPkixAttribute(soliton.Organization, "CAPPing.Inc"),
   635  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   636  				soliton.MockPkixAttribute(soliton.CommonName, "tester2"),
   637  			},
   638  		},
   639  		tls.TLS_AES_128_GCM_SHA256)
   640  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r7_issuer_only", Hostname: "localhost"}, nil, nil), IsTrue)
   641  	se.GetStochastikVars().TLSConnectionState = connectionState(
   642  		pkix.Name{
   643  			Names: []pkix.AttributeTypeAndValue{
   644  				soliton.MockPkixAttribute(soliton.Country, "AU"),
   645  				soliton.MockPkixAttribute(soliton.Province, "California"),
   646  				soliton.MockPkixAttribute(soliton.Locality, "San Francisco"),
   647  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC"),
   648  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   649  				soliton.MockPkixAttribute(soliton.CommonName, "MilevaDB admin2"),
   650  			},
   651  		},
   652  		pkix.Name{
   653  			Names: []pkix.AttributeTypeAndValue{
   654  				soliton.MockPkixAttribute(soliton.Country, "ZH"),
   655  				soliton.MockPkixAttribute(soliton.Province, "Beijing"),
   656  				soliton.MockPkixAttribute(soliton.Locality, "Haidian"),
   657  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC.Inc"),
   658  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   659  				soliton.MockPkixAttribute(soliton.CommonName, "tester1"),
   660  			},
   661  		},
   662  		tls.TLS_AES_128_GCM_SHA256)
   663  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r8_subject_only", Hostname: "localhost"}, nil, nil), IsTrue)
   664  
   665  	// test disorder issuer or subject
   666  	se.GetStochastikVars().TLSConnectionState = connectionState(
   667  		pkix.Name{
   668  			Names: []pkix.AttributeTypeAndValue{},
   669  		},
   670  		pkix.Name{
   671  			Names: []pkix.AttributeTypeAndValue{
   672  				soliton.MockPkixAttribute(soliton.Country, "ZH"),
   673  				soliton.MockPkixAttribute(soliton.Province, "Beijing"),
   674  				soliton.MockPkixAttribute(soliton.Locality, "Haidian"),
   675  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC.Inc"),
   676  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   677  				soliton.MockPkixAttribute(soliton.CommonName, "tester1"),
   678  			},
   679  		},
   680  		tls.TLS_AES_128_GCM_SHA256)
   681  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r9_subject_disorder", Hostname: "localhost"}, nil, nil), IsFalse)
   682  	se.GetStochastikVars().TLSConnectionState = connectionState(
   683  		pkix.Name{
   684  			Names: []pkix.AttributeTypeAndValue{
   685  				soliton.MockPkixAttribute(soliton.Country, "US"),
   686  				soliton.MockPkixAttribute(soliton.Province, "California"),
   687  				soliton.MockPkixAttribute(soliton.Locality, "San Francisco"),
   688  				soliton.MockPkixAttribute(soliton.Organization, "WHTCORPS INC"),
   689  				soliton.MockPkixAttribute(soliton.OrganizationalUnit, "MilevaDB"),
   690  				soliton.MockPkixAttribute(soliton.CommonName, "MilevaDB admin"),
   691  			},
   692  		},
   693  		pkix.Name{
   694  			Names: []pkix.AttributeTypeAndValue{},
   695  		},
   696  		tls.TLS_AES_128_GCM_SHA256)
   697  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r10_issuer_disorder", Hostname: "localhost"}, nil, nil), IsFalse)
   698  
   699  	// test mismatch san
   700  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r15_san_only_fail", Hostname: "localhost"}, nil, nil), IsFalse)
   701  
   702  	// test old data and broken data
   703  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r12_old_milevadb_user", Hostname: "localhost"}, nil, nil), IsTrue)
   704  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r13_broken_user", Hostname: "localhost"}, nil, nil), IsFalse)
   705  
   706  }
   707  
   708  func connectionState(issuer, subject pkix.Name, cipher uint16, opt ...func(c *x509.Certificate)) *tls.ConnectionState {
   709  	cert := &x509.Certificate{Issuer: issuer, Subject: subject}
   710  	for _, o := range opt {
   711  		o(cert)
   712  	}
   713  	return &tls.ConnectionState{
   714  		VerifiedChains: [][]*x509.Certificate{{cert}},
   715  		CipherSuite:    cipher,
   716  	}
   717  }
   718  
   719  func (s *testPrivilegeSuite) TestCheckAuthenticate(c *C) {
   720  
   721  	se := newStochastik(c, s.causetstore, s.dbName)
   722  	mustInterDirc(c, se, `CREATE USER 'u1'@'localhost';`)
   723  	mustInterDirc(c, se, `CREATE USER 'u2'@'localhost' identified by 'abc';`)
   724  	mustInterDirc(c, se, `CREATE USER 'u3@example.com'@'localhost';`)
   725  	mustInterDirc(c, se, `CREATE USER u4@localhost;`)
   726  
   727  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u1", Hostname: "localhost"}, nil, nil), IsTrue)
   728  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u2", Hostname: "localhost"}, nil, nil), IsFalse)
   729  	salt := []byte{85, 92, 45, 22, 58, 79, 107, 6, 122, 125, 58, 80, 12, 90, 103, 32, 90, 10, 74, 82}
   730  	authentication := []byte{24, 180, 183, 225, 166, 6, 81, 102, 70, 248, 199, 143, 91, 204, 169, 9, 161, 171, 203, 33}
   731  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u2", Hostname: "localhost"}, authentication, salt), IsTrue)
   732  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u3@example.com", Hostname: "localhost"}, nil, nil), IsTrue)
   733  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u4", Hostname: "localhost"}, nil, nil), IsTrue)
   734  
   735  	se1 := newStochastik(c, s.causetstore, s.dbName)
   736  	mustInterDirc(c, se1, "drop user 'u1'@'localhost'")
   737  	mustInterDirc(c, se1, "drop user 'u2'@'localhost'")
   738  	mustInterDirc(c, se1, "drop user 'u3@example.com'@'localhost'")
   739  	mustInterDirc(c, se1, "drop user u4@localhost")
   740  
   741  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u1", Hostname: "localhost"}, nil, nil), IsFalse)
   742  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u2", Hostname: "localhost"}, nil, nil), IsFalse)
   743  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u3@example.com", Hostname: "localhost"}, nil, nil), IsFalse)
   744  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u4", Hostname: "localhost"}, nil, nil), IsFalse)
   745  
   746  	se2 := newStochastik(c, s.causetstore, s.dbName)
   747  	mustInterDirc(c, se2, "create role 'r1'@'localhost'")
   748  	mustInterDirc(c, se2, "create role 'r2'@'localhost'")
   749  	mustInterDirc(c, se2, "create role 'r3@example.com'@'localhost'")
   750  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r1", Hostname: "localhost"}, nil, nil), IsFalse)
   751  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r2", Hostname: "localhost"}, nil, nil), IsFalse)
   752  	c.Assert(se.Auth(&auth.UserIdentity{Username: "r3@example.com", Hostname: "localhost"}, nil, nil), IsFalse)
   753  
   754  	mustInterDirc(c, se1, "drop user 'r1'@'localhost'")
   755  	mustInterDirc(c, se1, "drop user 'r2'@'localhost'")
   756  	mustInterDirc(c, se1, "drop user 'r3@example.com'@'localhost'")
   757  }
   758  
   759  func (s *testPrivilegeSuite) TestUseDB(c *C) {
   760  
   761  	se := newStochastik(c, s.causetstore, s.dbName)
   762  	// high privileged user
   763  	mustInterDirc(c, se, "CREATE USER 'usesuper'")
   764  	mustInterDirc(c, se, "CREATE USER 'usenobody'")
   765  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'usesuper'")
   766  	//without grant option
   767  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usesuper", Hostname: "localhost", AuthUsername: "usesuper", AuthHostname: "%"}, nil, nil), IsTrue)
   768  	_, e := se.InterDircute(context.Background(), "GRANT SELECT ON allegrosql.* TO 'usenobody'")
   769  	c.Assert(e, NotNil)
   770  	//with grant option
   771  	se = newStochastik(c, s.causetstore, s.dbName)
   772  	// high privileged user
   773  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'usesuper' WITH GRANT OPTION")
   774  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usesuper", Hostname: "localhost", AuthUsername: "usesuper", AuthHostname: "%"}, nil, nil), IsTrue)
   775  	mustInterDirc(c, se, "use allegrosql")
   776  	// low privileged user
   777  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usenobody", Hostname: "localhost", AuthUsername: "usenobody", AuthHostname: "%"}, nil, nil), IsTrue)
   778  	_, err := se.InterDircute(context.Background(), "use allegrosql")
   779  	c.Assert(err, NotNil)
   780  
   781  	// try again after privilege granted
   782  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usesuper", Hostname: "localhost", AuthUsername: "usesuper", AuthHostname: "%"}, nil, nil), IsTrue)
   783  	mustInterDirc(c, se, "GRANT SELECT ON allegrosql.* TO 'usenobody'")
   784  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usenobody", Hostname: "localhost", AuthUsername: "usenobody", AuthHostname: "%"}, nil, nil), IsTrue)
   785  	_, err = se.InterDircute(context.Background(), "use allegrosql")
   786  	c.Assert(err, IsNil)
   787  
   788  	// test `use EDB` for role.
   789  	c.Assert(se.Auth(&auth.UserIdentity{Username: "usesuper", Hostname: "localhost", AuthUsername: "usesuper", AuthHostname: "%"}, nil, nil), IsTrue)
   790  	mustInterDirc(c, se, `CREATE DATABASE app_db`)
   791  	mustInterDirc(c, se, `CREATE ROLE 'app_developer'`)
   792  	mustInterDirc(c, se, `GRANT ALL ON app_db.* TO 'app_developer'`)
   793  	mustInterDirc(c, se, `CREATE USER 'dev'@'localhost'`)
   794  	mustInterDirc(c, se, `GRANT 'app_developer' TO 'dev'@'localhost'`)
   795  	mustInterDirc(c, se, `SET DEFAULT ROLE 'app_developer' TO 'dev'@'localhost'`)
   796  	c.Assert(se.Auth(&auth.UserIdentity{Username: "dev", Hostname: "localhost", AuthUsername: "dev", AuthHostname: "localhost"}, nil, nil), IsTrue)
   797  	_, err = se.InterDircute(context.Background(), "use app_db")
   798  	c.Assert(err, IsNil)
   799  	_, err = se.InterDircute(context.Background(), "use allegrosql")
   800  	c.Assert(err, NotNil)
   801  }
   802  
   803  func (s *testPrivilegeSuite) TestRevokePrivileges(c *C) {
   804  	se := newStochastik(c, s.causetstore, s.dbName)
   805  	mustInterDirc(c, se, "CREATE USER 'hasgrant'")
   806  	mustInterDirc(c, se, "CREATE USER 'withoutgrant'")
   807  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'hasgrant'")
   808  	mustInterDirc(c, se, "GRANT ALL ON allegrosql.* TO 'withoutgrant'")
   809  	// Without grant option
   810  	c.Assert(se.Auth(&auth.UserIdentity{Username: "hasgrant", Hostname: "localhost", AuthUsername: "hasgrant", AuthHostname: "%"}, nil, nil), IsTrue)
   811  	_, e := se.InterDircute(context.Background(), "REVOKE SELECT ON allegrosql.* FROM 'withoutgrant'")
   812  	c.Assert(e, NotNil)
   813  	// With grant option
   814  	se = newStochastik(c, s.causetstore, s.dbName)
   815  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'hasgrant' WITH GRANT OPTION")
   816  	c.Assert(se.Auth(&auth.UserIdentity{Username: "hasgrant", Hostname: "localhost", AuthUsername: "hasgrant", AuthHostname: "%"}, nil, nil), IsTrue)
   817  	mustInterDirc(c, se, "REVOKE SELECT ON allegrosql.* FROM 'withoutgrant'")
   818  	mustInterDirc(c, se, "REVOKE ALL ON allegrosql.* FROM withoutgrant")
   819  }
   820  
   821  func (s *testPrivilegeSuite) TestSetGlobal(c *C) {
   822  	se := newStochastik(c, s.causetstore, s.dbName)
   823  	mustInterDirc(c, se, `CREATE USER setglobal_a@localhost`)
   824  	mustInterDirc(c, se, `CREATE USER setglobal_b@localhost`)
   825  	mustInterDirc(c, se, `GRANT SUPER ON *.* to setglobal_a@localhost`)
   826  
   827  	c.Assert(se.Auth(&auth.UserIdentity{Username: "setglobal_a", Hostname: "localhost"}, nil, nil), IsTrue)
   828  	mustInterDirc(c, se, `set global innodb_commit_concurrency=16`)
   829  
   830  	c.Assert(se.Auth(&auth.UserIdentity{Username: "setglobal_b", Hostname: "localhost"}, nil, nil), IsTrue)
   831  	_, err := se.InterDircute(context.Background(), `set global innodb_commit_concurrency=16`)
   832  	c.Assert(terror.ErrorEqual(err, embedded.ErrSpecificAccessDenied), IsTrue)
   833  }
   834  
   835  func (s *testPrivilegeSuite) TestCreateDropUser(c *C) {
   836  	se := newStochastik(c, s.causetstore, s.dbName)
   837  	mustInterDirc(c, se, `CREATE USER tcd1, tcd2`)
   838  	mustInterDirc(c, se, `GRANT ALL ON *.* to tcd2 WITH GRANT OPTION`)
   839  
   840  	// should fail
   841  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tcd1", Hostname: "localhost", AuthUsername: "tcd1", AuthHostname: "%"}, nil, nil), IsTrue)
   842  	_, err := se.InterDircute(context.Background(), `CREATE USER acdc`)
   843  	c.Assert(terror.ErrorEqual(err, embedded.ErrSpecificAccessDenied), IsTrue)
   844  	_, err = se.InterDircute(context.Background(), `DROP USER tcd2`)
   845  	c.Assert(terror.ErrorEqual(err, embedded.ErrSpecificAccessDenied), IsTrue)
   846  
   847  	// should pass
   848  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tcd2", Hostname: "localhost", AuthUsername: "tcd2", AuthHostname: "%"}, nil, nil), IsTrue)
   849  	mustInterDirc(c, se, `DROP USER tcd1`)
   850  	mustInterDirc(c, se, `CREATE USER tcd1`)
   851  
   852  	// should pass
   853  	mustInterDirc(c, se, `GRANT tcd2 TO tcd1`)
   854  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tcd1", Hostname: "localhost", AuthUsername: "tcd1", AuthHostname: "%"}, nil, nil), IsTrue)
   855  	mustInterDirc(c, se, `SET ROLE tcd2;`)
   856  	mustInterDirc(c, se, `CREATE USER tcd3`)
   857  	mustInterDirc(c, se, `DROP USER tcd3`)
   858  }
   859  
   860  func (s *testPrivilegeSuite) TestConfigPrivilege(c *C) {
   861  	se := newStochastik(c, s.causetstore, s.dbName)
   862  	mustInterDirc(c, se, `DROP USER IF EXISTS tcd1`)
   863  	mustInterDirc(c, se, `CREATE USER tcd1`)
   864  	mustInterDirc(c, se, `GRANT ALL ON *.* to tcd1`)
   865  	mustInterDirc(c, se, `DROP USER IF EXISTS tcd2`)
   866  	mustInterDirc(c, se, `CREATE USER tcd2`)
   867  	mustInterDirc(c, se, `GRANT ALL ON *.* to tcd2`)
   868  	mustInterDirc(c, se, `REVOKE CONFIG ON *.* FROM tcd2`)
   869  
   870  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tcd1", Hostname: "localhost", AuthHostname: "tcd1", AuthUsername: "%"}, nil, nil), IsTrue)
   871  	mustInterDirc(c, se, `SET CONFIG EinsteinDB testkey="testval"`)
   872  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tcd2", Hostname: "localhost", AuthHostname: "tcd2", AuthUsername: "%"}, nil, nil), IsTrue)
   873  	_, err := se.InterDircute(context.Background(), `SET CONFIG EinsteinDB testkey="testval"`)
   874  	c.Assert(err, ErrorMatches, ".*you need \\(at least one of\\) the CONFIG privilege\\(s\\) for this operation")
   875  	mustInterDirc(c, se, `DROP USER tcd1, tcd2`)
   876  }
   877  
   878  func (s *testPrivilegeSuite) TestShowCreateBlock(c *C) {
   879  	se := newStochastik(c, s.causetstore, s.dbName)
   880  	mustInterDirc(c, se, `CREATE USER tsct1, tsct2`)
   881  	mustInterDirc(c, se, `GRANT select ON allegrosql.* to tsct2`)
   882  
   883  	// should fail
   884  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tsct1", Hostname: "localhost", AuthUsername: "tsct1", AuthHostname: "%"}, nil, nil), IsTrue)
   885  	_, err := se.InterDircute(context.Background(), `SHOW CREATE TABLE allegrosql.user`)
   886  	c.Assert(terror.ErrorEqual(err, embedded.ErrBlockaccessDenied), IsTrue)
   887  
   888  	// should pass
   889  	c.Assert(se.Auth(&auth.UserIdentity{Username: "tsct2", Hostname: "localhost", AuthUsername: "tsct2", AuthHostname: "%"}, nil, nil), IsTrue)
   890  	mustInterDirc(c, se, `SHOW CREATE TABLE allegrosql.user`)
   891  }
   892  
   893  func (s *testPrivilegeSuite) TestAnalyzeBlock(c *C) {
   894  
   895  	se := newStochastik(c, s.causetstore, s.dbName)
   896  	// high privileged user
   897  	mustInterDirc(c, se, "CREATE USER 'asuper'")
   898  	mustInterDirc(c, se, "CREATE USER 'anobody'")
   899  	mustInterDirc(c, se, "GRANT ALL ON *.* TO 'asuper' WITH GRANT OPTION")
   900  	mustInterDirc(c, se, "CREATE DATABASE atest")
   901  	mustInterDirc(c, se, "use atest")
   902  	mustInterDirc(c, se, "CREATE TABLE t1 (a int)")
   903  
   904  	c.Assert(se.Auth(&auth.UserIdentity{Username: "asuper", Hostname: "localhost", AuthUsername: "asuper", AuthHostname: "%"}, nil, nil), IsTrue)
   905  	mustInterDirc(c, se, "analyze causet allegrosql.user")
   906  	// low privileged user
   907  	c.Assert(se.Auth(&auth.UserIdentity{Username: "anobody", Hostname: "localhost", AuthUsername: "anobody", AuthHostname: "%"}, nil, nil), IsTrue)
   908  	_, err := se.InterDircute(context.Background(), "analyze causet t1")
   909  	c.Assert(terror.ErrorEqual(err, embedded.ErrBlockaccessDenied), IsTrue)
   910  	c.Assert(err.Error(), Equals, "[causet:1142]INSERT command denied to user 'anobody'@'%' for causet 't1'")
   911  
   912  	_, err = se.InterDircute(context.Background(), "select * from t1")
   913  	c.Assert(err.Error(), Equals, "[causet:1142]SELECT command denied to user 'anobody'@'%' for causet 't1'")
   914  
   915  	// try again after SELECT privilege granted
   916  	c.Assert(se.Auth(&auth.UserIdentity{Username: "asuper", Hostname: "localhost", AuthUsername: "asuper", AuthHostname: "%"}, nil, nil), IsTrue)
   917  	mustInterDirc(c, se, "GRANT SELECT ON atest.* TO 'anobody'")
   918  	c.Assert(se.Auth(&auth.UserIdentity{Username: "anobody", Hostname: "localhost", AuthUsername: "anobody", AuthHostname: "%"}, nil, nil), IsTrue)
   919  	_, err = se.InterDircute(context.Background(), "analyze causet t1")
   920  	c.Assert(terror.ErrorEqual(err, embedded.ErrBlockaccessDenied), IsTrue)
   921  	c.Assert(err.Error(), Equals, "[causet:1142]INSERT command denied to user 'anobody'@'%' for causet 't1'")
   922  	// Add INSERT privilege and it should work.
   923  	c.Assert(se.Auth(&auth.UserIdentity{Username: "asuper", Hostname: "localhost", AuthUsername: "asuper", AuthHostname: "%"}, nil, nil), IsTrue)
   924  	mustInterDirc(c, se, "GRANT INSERT ON atest.* TO 'anobody'")
   925  	c.Assert(se.Auth(&auth.UserIdentity{Username: "anobody", Hostname: "localhost", AuthUsername: "anobody", AuthHostname: "%"}, nil, nil), IsTrue)
   926  	_, err = se.InterDircute(context.Background(), "analyze causet t1")
   927  	c.Assert(err, IsNil)
   928  
   929  }
   930  
   931  func (s *testPrivilegeSuite) TestSystemSchema(c *C) {
   932  	// This test tests no privilege check for INFORMATION_SCHEMA database.
   933  	se := newStochastik(c, s.causetstore, s.dbName)
   934  	mustInterDirc(c, se, `CREATE USER 'u1'@'localhost';`)
   935  	c.Assert(se.Auth(&auth.UserIdentity{Username: "u1", Hostname: "localhost"}, nil, nil), IsTrue)
   936  	mustInterDirc(c, se, `select * from information_schema.blocks`)
   937  	mustInterDirc(c, se, `select * from information_schema.key_column_usage`)
   938  	_, err := se.InterDircute(context.Background(), "create causet information_schema.t(a int)")
   939  	c.Assert(strings.Contains(err.Error(), "denied to user"), IsTrue)
   940  	_, err = se.InterDircute(context.Background(), "drop causet information_schema.blocks")
   941  	c.Assert(strings.Contains(err.Error(), "denied to user"), IsTrue)
   942  	_, err = se.InterDircute(context.Background(), "uFIDelate information_schema.blocks set block_name = 'tst' where block_name = 'allegrosql'")
   943  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   944  
   945  	// Test performance_schema.
   946  	mustInterDirc(c, se, `select * from performance_schema.events_memexs_summary_by_digest`)
   947  	_, err = se.InterDircute(context.Background(), "drop causet performance_schema.events_memexs_summary_by_digest")
   948  	c.Assert(strings.Contains(err.Error(), "denied to user"), IsTrue)
   949  	_, err = se.InterDircute(context.Background(), "uFIDelate performance_schema.events_memexs_summary_by_digest set schema_name = 'tst'")
   950  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   951  	_, err = se.InterDircute(context.Background(), "delete from performance_schema.events_memexs_summary_by_digest")
   952  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   953  	_, err = se.InterDircute(context.Background(), "create causet performance_schema.t(a int)")
   954  	c.Assert(err, NotNil)
   955  	c.Assert(strings.Contains(err.Error(), "CREATE command denied"), IsTrue, Commentf(err.Error()))
   956  
   957  	// Test metric_schema.
   958  	mustInterDirc(c, se, `select * from metrics_schema.milevadb_query_duration`)
   959  	_, err = se.InterDircute(context.Background(), "drop causet metrics_schema.milevadb_query_duration")
   960  	c.Assert(strings.Contains(err.Error(), "denied to user"), IsTrue)
   961  	_, err = se.InterDircute(context.Background(), "uFIDelate metrics_schema.milevadb_query_duration set instance = 'tst'")
   962  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   963  	_, err = se.InterDircute(context.Background(), "delete from metrics_schema.milevadb_query_duration")
   964  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   965  	_, err = se.InterDircute(context.Background(), "create causet metric_schema.t(a int)")
   966  	c.Assert(err, NotNil)
   967  	c.Assert(strings.Contains(err.Error(), "CREATE command denied"), IsTrue, Commentf(err.Error()))
   968  }
   969  
   970  func (s *testPrivilegeSuite) TestAdminCommand(c *C) {
   971  	se := newStochastik(c, s.causetstore, s.dbName)
   972  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
   973  	mustInterDirc(c, se, `CREATE USER 'test_admin'@'localhost';`)
   974  	mustInterDirc(c, se, `CREATE TABLE t(a int)`)
   975  
   976  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_admin", Hostname: "localhost"}, nil, nil), IsTrue)
   977  	_, err := se.InterDircute(context.Background(), "ADMIN SHOW DBS JOBS")
   978  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   979  	_, err = se.InterDircute(context.Background(), "ADMIN CHECK TABLE t")
   980  	c.Assert(strings.Contains(err.Error(), "privilege check fail"), IsTrue)
   981  
   982  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
   983  	_, err = se.InterDircute(context.Background(), "ADMIN SHOW DBS JOBS")
   984  	c.Assert(err, IsNil)
   985  }
   986  
   987  func (s *testPrivilegeSuite) TestLoadDataPrivilege(c *C) {
   988  	// Create file.
   989  	path := "/tmp/load_data_priv.csv"
   990  	fp, err := os.Create(path)
   991  	c.Assert(err, IsNil)
   992  	c.Assert(fp, NotNil)
   993  	defer func() {
   994  		err = fp.Close()
   995  		c.Assert(err, IsNil)
   996  		err = os.Remove(path)
   997  		c.Assert(err, IsNil)
   998  	}()
   999  	fp.WriteString("1\n")
  1000  
  1001  	se := newStochastik(c, s.causetstore, s.dbName)
  1002  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
  1003  	mustInterDirc(c, se, `CREATE USER 'test_load'@'localhost';`)
  1004  	mustInterDirc(c, se, `CREATE TABLE t_load(a int)`)
  1005  	mustInterDirc(c, se, `GRANT SELECT on *.* to 'test_load'@'localhost'`)
  1006  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_load", Hostname: "localhost"}, nil, nil), IsTrue)
  1007  	_, err = se.InterDircute(context.Background(), "LOAD DATA LOCAL INFILE '/tmp/load_data_priv.csv' INTO TABLE t_load")
  1008  	c.Assert(strings.Contains(err.Error(), "INSERT command denied to user 'test_load'@'localhost' for causet 't_load'"), IsTrue)
  1009  	c.Assert(se.Auth(&auth.UserIdentity{Username: "root", Hostname: "localhost"}, nil, nil), IsTrue)
  1010  	mustInterDirc(c, se, `GRANT INSERT on *.* to 'test_load'@'localhost'`)
  1011  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_load", Hostname: "localhost"}, nil, nil), IsTrue)
  1012  	_, err = se.InterDircute(context.Background(), "LOAD DATA LOCAL INFILE '/tmp/load_data_priv.csv' INTO TABLE t_load")
  1013  	c.Assert(err, IsNil)
  1014  }
  1015  
  1016  func (s *testPrivilegeSuite) TestSelectIntoNoPremissions(c *C) {
  1017  	se := newStochastik(c, s.causetstore, s.dbName)
  1018  	mustInterDirc(c, se, `CREATE USER 'nofile'@'localhost';`)
  1019  	c.Assert(se.Auth(&auth.UserIdentity{Username: "nofile", Hostname: "localhost"}, nil, nil), IsTrue)
  1020  	_, err := se.InterDircute(context.Background(), `select 1 into outfile '/tmp/doesntmatter-no-permissions'`)
  1021  	message := "Access denied; you need (at least one of) the FILE privilege(s) for this operation"
  1022  	c.Assert(strings.Contains(err.Error(), message), IsTrue)
  1023  }
  1024  
  1025  func (s *testPrivilegeSuite) TestGetEncodedPassword(c *C) {
  1026  	se := newStochastik(c, s.causetstore, s.dbName)
  1027  	mustInterDirc(c, se, `CREATE USER 'test_encode_u'@'localhost' identified by 'root';`)
  1028  	pc := privilege.GetPrivilegeManager(se)
  1029  	c.Assert(pc.GetEncodedPassword("test_encode_u", "localhost"), Equals, "*81F5E21E35407D884A6CD4A731AEBFB6AF209E1B")
  1030  }
  1031  
  1032  func (s *testPrivilegeSuite) TestAuthHost(c *C) {
  1033  	rootSe := newStochastik(c, s.causetstore, s.dbName)
  1034  	se := newStochastik(c, s.causetstore, s.dbName)
  1035  	mustInterDirc(c, rootSe, `CREATE USER 'test_auth_host'@'%';`)
  1036  	mustInterDirc(c, rootSe, `GRANT ALL ON *.* TO 'test_auth_host'@'%' WITH GRANT OPTION;`)
  1037  
  1038  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_auth_host", Hostname: "192.168.0.10"}, nil, nil), IsTrue)
  1039  	mustInterDirc(c, se, "CREATE USER 'test_auth_host'@'192.168.%';")
  1040  	mustInterDirc(c, se, "GRANT SELECT ON *.* TO 'test_auth_host'@'192.168.%';")
  1041  
  1042  	c.Assert(se.Auth(&auth.UserIdentity{Username: "test_auth_host", Hostname: "192.168.0.10"}, nil, nil), IsTrue)
  1043  	_, err := se.InterDircute(context.Background(), "create user test_auth_host_a")
  1044  	c.Assert(err, NotNil)
  1045  
  1046  	mustInterDirc(c, rootSe, "DROP USER 'test_auth_host'@'192.168.%';")
  1047  	mustInterDirc(c, rootSe, "DROP USER 'test_auth_host'@'%';")
  1048  }
  1049  
  1050  func (s *testPrivilegeSuite) TestDefaultRoles(c *C) {
  1051  	rootSe := newStochastik(c, s.causetstore, s.dbName)
  1052  	mustInterDirc(c, rootSe, `CREATE USER 'testdefault'@'localhost';`)
  1053  	mustInterDirc(c, rootSe, `CREATE ROLE 'testdefault_r1'@'localhost', 'testdefault_r2'@'localhost';`)
  1054  	mustInterDirc(c, rootSe, `GRANT 'testdefault_r1'@'localhost', 'testdefault_r2'@'localhost' TO 'testdefault'@'localhost';`)
  1055  
  1056  	se := newStochastik(c, s.causetstore, s.dbName)
  1057  	pc := privilege.GetPrivilegeManager(se)
  1058  
  1059  	ret := pc.GetDefaultRoles("testdefault", "localhost")
  1060  	c.Assert(len(ret), Equals, 0)
  1061  
  1062  	mustInterDirc(c, rootSe, `SET DEFAULT ROLE ALL TO 'testdefault'@'localhost';`)
  1063  	mustInterDirc(c, rootSe, `flush privileges;`)
  1064  	ret = pc.GetDefaultRoles("testdefault", "localhost")
  1065  	c.Assert(len(ret), Equals, 2)
  1066  
  1067  	mustInterDirc(c, rootSe, `SET DEFAULT ROLE NONE TO 'testdefault'@'localhost';`)
  1068  	mustInterDirc(c, rootSe, `flush privileges;`)
  1069  	ret = pc.GetDefaultRoles("testdefault", "localhost")
  1070  	c.Assert(len(ret), Equals, 0)
  1071  }
  1072  
  1073  func (s *testPrivilegeSuite) TestUserBlockConsistency(c *C) {
  1074  	tk := testkit.NewTestKit(c, s.causetstore)
  1075  	tk.MustInterDirc("create user superadmin")
  1076  	tk.MustInterDirc("grant all privileges on *.* to 'superadmin'")
  1077  
  1078  	// GrantPriv is not in AllGlobalPrivs any more, see whtcorpsinc/BerolinaSQL#581
  1079  	c.Assert(len(allegrosql.Priv2UserDefCaus), Equals, len(allegrosql.AllGlobalPrivs)+1)
  1080  
  1081  	var buf bytes.Buffer
  1082  	var res bytes.Buffer
  1083  	buf.WriteString("select ")
  1084  	i := 0
  1085  	for _, priv := range allegrosql.AllGlobalPrivs {
  1086  		if i != 0 {
  1087  			buf.WriteString(", ")
  1088  			res.WriteString(" ")
  1089  		}
  1090  		buf.WriteString(allegrosql.Priv2UserDefCaus[priv])
  1091  		res.WriteString("Y")
  1092  		i++
  1093  	}
  1094  	buf.WriteString(" from allegrosql.user where user = 'superadmin'")
  1095  	tk.MustQuery(buf.String()).Check(testkit.Rows(res.String()))
  1096  }
  1097  
  1098  func (s *testPrivilegeSuite) TestFieldList(c *C) { // Issue #14237 List fields RPC
  1099  	se := newStochastik(c, s.causetstore, s.dbName)
  1100  	mustInterDirc(c, se, `CREATE USER 'blockaccess'@'localhost'`)
  1101  	mustInterDirc(c, se, `CREATE TABLE fieldlistt1 (a int)`)
  1102  	c.Assert(se.Auth(&auth.UserIdentity{Username: "blockaccess", Hostname: "localhost"}, nil, nil), IsTrue)
  1103  	_, err := se.FieldList("fieldlistt1")
  1104  	message := "SELECT command denied to user 'blockaccess'@'localhost' for causet 'fieldlistt1'"
  1105  	c.Assert(strings.Contains(err.Error(), message), IsTrue)
  1106  }
  1107  
  1108  func mustInterDirc(c *C, se stochastik.Stochastik, allegrosql string) {
  1109  	_, err := se.InterDircute(context.Background(), allegrosql)
  1110  	c.Assert(err, IsNil)
  1111  }
  1112  
  1113  func newStore(c *C, dbPath string) (*petri.Petri, ekv.CausetStorage) {
  1114  	causetstore, err := mockstore.NewMockStore()
  1115  	stochastik.SetSchemaLease(0)
  1116  	stochastik.DisableStats4Test()
  1117  	c.Assert(err, IsNil)
  1118  	dom, err := stochastik.BootstrapStochastik(causetstore)
  1119  	c.Assert(err, IsNil)
  1120  	return dom, causetstore
  1121  }
  1122  
  1123  func newStochastik(c *C, causetstore ekv.CausetStorage, dbName string) stochastik.Stochastik {
  1124  	se, err := stochastik.CreateStochastik4Test(causetstore)
  1125  	c.Assert(err, IsNil)
  1126  	mustInterDirc(c, se, "create database if not exists "+dbName)
  1127  	mustInterDirc(c, se, "use "+dbName)
  1128  	return se
  1129  }