[MDEV-26875] Wrong user in SET DEFAULT ROLE error - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5.12
Fix Version/s: 10.5.24, 10.6.17, 10.11.7, 11.0.5, 11.1.4, 11.2.3, 11.3.2
Component/s: Authentication and Privilege System
Labels:
None

Description

The error message for SET DEFAULT ROLE refers to the user performing the operation instead of the target user. This is misleading as the user giving the grant doesn't require the grant itself, only the target user.

Here's an example (and a test case) that reproduces the problem:

MariaDB [test]> create role test_role;

Query OK, 0 rows affected (0.000 sec)

MariaDB [test]> create user test_user;

Query OK, 0 rows affected (0.000 sec)

MariaDB [test]> set default role test_role for test_user;

ERROR 1959 (OP000): User `maxuser`@`127.0.0.1` has not been granted role `test_role`

MariaDB [test]> grant test_role to maxuser@127.0.0.1;

Query OK, 0 rows affected (0.000 sec)

MariaDB [test]> set default role test_role for test_user;

ERROR 1959 (OP000): User `maxuser`@`127.0.0.1` has not been granted role `test_role`

MariaDB [test]> grant test_role to test_user;

Query OK, 0 rows affected (0.000 sec)

MariaDB [test]> set default role test_role for test_user;

Query OK, 0 rows affected (0.000 sec)

Attachments

Issue Links

duplicates

MDEV-27478 Misleading error message for SET DEFAULT ROLE

Closed

relates to

MDEV-22312 Bad error message for SET DEFAULT ROLE when user account is not granted the role

Closed

MDEV-26081 set role crashes when a hostname cannot be resolved

Closed

MDEV-6967 Wrong error code/message ER_INVALID_ROLE on setting a default role for non-existing user

Open

links to

PR 2362

Activity

Ascending order - Click to sort in descending order

markus makela created issue - 2021-10-21 08:50

markus makela made changes - 2021-10-21 08:50

Field	Original Value	New Value
Link		This issue relates to MDEV-6967 [ MDEV-6967 ]

Sergei Golubchik made changes - 2021-10-25 10:39

Fix Version/s		10.5 [ 23123 ]
Fix Version/s		10.6 [ 24028 ]

Sergei Golubchik made changes - 2021-10-25 10:39

Assignee

Anel Husakovic [ anel ]

Anel Husakovic made changes - 2021-10-25 12:12

Link

This issue relates to ~~MDEV-22312~~ [ ~~MDEV-22312~~ ]

Anel Husakovic made changes - 2021-10-25 12:33

Link

This issue relates to ~~MDEV-26081~~ [ ~~MDEV-26081~~ ]

Anel Husakovic made changes - 2021-10-25 12:46

Status

Open [ 1 ]

Confirmed [ 10101 ]

Anel Husakovic made changes - 2021-10-25 12:47

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	Confirmed [ 10101 ]	In Review [ 10002 ]

Sergei Golubchik made changes - 2021-12-06 21:36

Workflow

MariaDB v3 [ 126462 ]

MariaDB v4 [ 143805 ]

Sergei Golubchik made changes - 2022-01-11 18:04

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Sergei Golubchik made changes - 2022-01-12 15:17

Link

This issue duplicates ~~MDEV-27478~~ [ ~~MDEV-27478~~ ]

Daniel Black made changes - 2022-01-20 01:58

Status

Stalled [ 10000 ]

In Testing [ 10301 ]

Anel Husakovic made changes - 2022-01-24 06:41

Status

In Testing [ 10301 ]

Stalled [ 10000 ]

Anel Husakovic made changes - 2022-01-24 06:41

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	Stalled [ 10000 ]	In Review [ 10002 ]

Sergei Golubchik added a comment - 2022-01-28 19:25

I mean that thd->security_ctx->priv_user corresponds to thd->security_ctx->priv_host, there is a row in the mysql.user where username is thd->security_ctx->priv_user and hostname is thd->security_ctx->priv_host.

While user corresponds to host. They were both specified in the command SET DEFAULT ROLE FOR.

A pair or user and thd->security_ctx->priv_host is a wrong combination, it does not necessarily correspond to anything in particular.

Sergei Golubchik added a comment - 2022-01-28 19:25 I mean that thd->security_ctx->priv_user corresponds to thd->security_ctx->priv_host , there is a row in the mysql.user where username is thd->security_ctx->priv_user and hostname is thd->security_ctx->priv_host . While user corresponds to host . They were both specified in the command SET DEFAULT ROLE FOR . A pair or user and thd->security_ctx->priv_host is a wrong combination, it does not necessarily correspond to anything in particular.

Sergei Golubchik made changes - 2022-01-28 19:25

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Anel Husakovic added a comment - 2022-02-15 06:50

Hi Serg can you please review 585cd1f52e75e3f ?

Anel Husakovic added a comment - 2022-02-15 06:50 Hi Serg can you please review 585cd1f52e75e3f ?

Anel Husakovic made changes - 2022-02-15 06:50

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	Stalled [ 10000 ]	In Review [ 10002 ]

Sergei Golubchik made changes - 2022-04-25 16:53

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Anel Husakovic made changes - 2022-06-14 07:04

Status

Stalled [ 10000 ]

Open [ 1 ]

Elena Stepanova added a comment - 2022-12-06 23:13

anel,

Is it supposed to be in "in review"?

Elena Stepanova added a comment - 2022-12-06 23:13 anel , Is it supposed to be in "in review"?

Anel Husakovic added a comment - 2022-12-07 13:00

Yes I think it should be. I will update with test case related to this MDEV only. Thank you elenst.

Anel Husakovic added a comment - 2022-12-07 13:00 Yes I think it should be. I will update with test case related to this MDEV only. Thank you elenst .

Anel Husakovic made changes - 2022-12-07 13:21

Remote Link

This issue links to "PR 2362 (Web Link)" [ 34674 ]

Anel Husakovic made changes - 2022-12-07 13:21

Status

Open [ 1 ]

Confirmed [ 10101 ]

Anel Husakovic made changes - 2022-12-07 13:21

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	Confirmed [ 10101 ]	In Review [ 10002 ]

Sergei Golubchik added a comment - 2022-12-25 18:11

you wrote

if (!host)

do you have a test case for that condition? I mean, a test case where host == NULL ?

Sergei Golubchik added a comment - 2022-12-25 18:11 you wrote if (!host) do you have a test case for that condition? I mean, a test case where host == NULL ?

Sergei Golubchik made changes - 2022-12-25 18:11

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Anel Husakovic made changes - 2023-01-24 08:32

Status

Stalled [ 10000 ]

In Progress [ 3 ]

Anel Husakovic added a comment - 2023-01-27 15:13

Hi Serg, yes I have update the test case for PR 2362

Anel Husakovic added a comment - 2023-01-27 15:13 Hi Serg, yes I have update the test case for PR 2362

Anel Husakovic made changes - 2023-01-27 15:13

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	In Progress [ 3 ]	In Review [ 10002 ]

Sergei Golubchik added a comment - 2023-07-21 07:27

https://github.com/MariaDB/server/pull/2362#discussion_r1270317522

Sergei Golubchik added a comment - 2023-07-21 07:27 https://github.com/MariaDB/server/pull/2362#discussion_r1270317522

Sergei Golubchik made changes - 2023-07-21 07:27

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Anel Husakovic added a comment - 2023-08-14 08:51 - edited

Have updated PR 2362 per review.
Added additional commit for testing the grants of anonymous user.

Anel Husakovic added a comment - 2023-08-14 08:51 - edited Have updated PR 2362 per review. Added additional commit for testing the grants of anonymous user.

Anel Husakovic made changes - 2023-08-14 08:51

Assignee	Anel Husakovic [ anel ]	Sergei Golubchik [ serg ]
Status	Stalled [ 10000 ]	In Review [ 10002 ]

Sergei Golubchik added a comment - 2023-10-28 07:41 - edited

7349633b2c59 is ok to push

you can squash both commits into one or commit separately, as you like

Sergei Golubchik added a comment - 2023-10-28 07:41 - edited 7349633b2c59 is ok to push you can squash both commits into one or commit separately, as you like

Sergei Golubchik made changes - 2023-10-28 07:41

Assignee	Sergei Golubchik [ serg ]	Anel Husakovic [ anel ]
Status	In Review [ 10002 ]	Stalled [ 10000 ]

Anel Husakovic added a comment - 2023-10-30 17:41

Thanks pushed with ee773753778e741c.

Anel Husakovic added a comment - 2023-10-30 17:41 Thanks pushed with ee773753778e741c .

Anel Husakovic made changes - 2023-10-30 17:41

Component/s		Authentication and Privilege System [ 13101 ]
Fix Version/s		10.5.23 [ 29012 ]
Fix Version/s		10.6.16 [ 29014 ]
Fix Version/s		10.10.7 [ 29018 ]
Fix Version/s		11.0.4 [ 29021 ]
Fix Version/s		11.1.3 [ 29023 ]
Fix Version/s		11.2.2 [ 29035 ]
Fix Version/s		11.3.1 [ 29416 ]
Fix Version/s	10.5 [ 23123 ]
Fix Version/s	10.6 [ 24028 ]
Resolution		Fixed [ 1 ]
Status	Stalled [ 10000 ]	Closed [ 6 ]

JiraAutomate made changes - 2023-10-30 17:41

Fix Version/s

10.11.6 [ 29020 ]

Daniel Bartholomew made changes - 2023-11-13 16:46

Fix Version/s		10.5.24 [ 29517 ]
Fix Version/s		10.6.17 [ 29518 ]
Fix Version/s		10.11.7 [ 29519 ]
Fix Version/s		11.0.5 [ 29520 ]
Fix Version/s		11.1.4 [ 29024 ]
Fix Version/s		11.2.3 [ 29521 ]
Fix Version/s		11.3.2 [ 29522 ]
Fix Version/s	10.5.23 [ 29012 ]
Fix Version/s	10.6.16 [ 29014 ]
Fix Version/s	10.10.7 [ 29018 ]
Fix Version/s	10.11.6 [ 29020 ]
Fix Version/s	11.0.4 [ 29021 ]
Fix Version/s	11.1.3 [ 29023 ]
Fix Version/s	11.2.2 [ 29035 ]
Fix Version/s	11.3.1 [ 29416 ]

People

Assignee:: Anel Husakovic

Reporter:: markus makela

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2021-10-21 08:50

Updated:: 2023-11-13 16:46

Resolved:: 2023-10-30 17:41

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Issue Links

Activity

People

Dates

Git Integration