mariadb/mysql-test/main/alter_user.test

--source include/not_embedded.inc

--disable_cursor_protocol
select priv into @root_priv from mysql.global_priv where user='root' and host='localhost';
--enable_cursor_protocol

select * from mysql.user where user = 'root' and host = 'localhost';
--echo # Test syntax
--echo #
--echo # These 2 selects should have no changes from the first one.
alter user CURRENT_USER;
select * from mysql.user where user = 'root' and host = 'localhost';
alter user CURRENT_USER();
select * from mysql.user where user = 'root' and host = 'localhost';

create user foo;
select * from mysql.user where user = 'foo';
alter user foo;
select * from mysql.user where user = 'foo';

--echo #
--echo # Test READ_ONLY privilege works correctly with a read only database.
--echo #

SET @start_read_only = @@global.read_only;
SET GLOBAL read_only=1;
grant create user on *.* to foo;

--echo # Currently no READ_ONLY ADMIN privileges.
connect (a, localhost, foo);
select @@global.read_only;

--error ER_OPTION_PREVENTS_STATEMENT
alter user foo;

--echo # Grant READ_ONLY ADMIN privilege to the user.
connection default;
grant READ_ONLY ADMIN on *.* to foo;

--echo # We now have READ_ONLY ADMIN privilege. We should be able to run alter user.
connect (b, localhost, foo);
alter user foo;

connection default;
SET GLOBAL read_only = @start_read_only;


--echo #
--echo # Test inexistant user.
--echo #

--error ER_CANNOT_USER
alter user boo;
--echo #--warning ER_CANNOT_USER
alter user if exists boo;


--echo #
--echo # Test password related altering.
--echo #

alter user foo identified by 'something';
select * from mysql.user where user = 'foo';

alter user foo identified by 'something2';
select * from mysql.user where user = 'foo';

alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';
select * from mysql.user where user = 'foo';

alter user foo identified by password 'invalid';
select * from mysql.user where user = 'foo';

--error ER_CANNOT_USER
alter user foo identified with 'somecoolplugin';
show warnings;

alter user foo identified with 'mysql_old_password';
select * from mysql.user where user = 'foo';

alter user foo identified with 'mysql_old_password' using '0123456789ABCDEF';
select * from mysql.user where user = 'foo';


--echo #
--echo # Test ssl related altering.
--echo #

alter user foo identified by 'something' require SSL;
select * from mysql.user where user = 'foo';

alter user foo identified by 'something' require X509;
select * from mysql.user where user = 'foo';

alter user foo identified by 'something'
require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
select * from mysql.user where user = 'foo';


--echo #
--echo # Test resource limits altering.
--echo #

alter user foo with MAX_QUERIES_PER_HOUR 10
                    MAX_UPDATES_PER_HOUR 20
                    MAX_CONNECTIONS_PER_HOUR 30
                    MAX_USER_CONNECTIONS 40;
select * from mysql.user where user = 'foo';
drop user foo;

--echo #
--echo # Bug #29882299: ALTER USER ... IDENTIFIED WITH ... BY ... SHOULD BE A PRIVILEGED OPERATION
--echo #
create user foo@localhost;
--connect x,localhost,foo
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
alter user current_user identified with 'something';
--connection default
--disconnect x
drop user foo@localhost;

update mysql.global_priv set priv=@root_priv where user='root' and host='localhost';
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`--source include/not_embedded.inc`

MDEV-31005: Make working cursor-protocol Updated tests: cases with bugs or which cannot be run with the cursor-protocol were excluded with "--disable_cursor_protocol"/"--enable_cursor_protocol" Fix for v.10.5 2024-05-23 03:54:14 +02:00			`--disable_cursor_protocol`
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests. 2018-11-24 14:13:41 +01:00			`select priv into @root_priv from mysql.global_priv where user='root' and host='localhost';`
MDEV-31005: Make working cursor-protocol Updated tests: cases with bugs or which cannot be run with the cursor-protocol were excluded with "--disable_cursor_protocol"/"--enable_cursor_protocol" Fix for v.10.5 2024-05-23 03:54:14 +02:00			`--enable_cursor_protocol`
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests. 2018-11-24 14:13:41 +01:00
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`select * from mysql.user where user = 'root' and host = 'localhost';`
			`--echo # Test syntax`
			`--echo #`
			`--echo # These 2 selects should have no changes from the first one.`
			`alter user CURRENT_USER;`
			`select * from mysql.user where user = 'root' and host = 'localhost';`
			`alter user CURRENT_USER();`
			`select * from mysql.user where user = 'root' and host = 'localhost';`

			`create user foo;`
			`select * from mysql.user where user = 'foo';`
			`alter user foo;`
			`select * from mysql.user where user = 'foo';`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo #`
			`--echo # Test READ_ONLY privilege works correctly with a read only database.`
			`--echo #`

[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`SET @start_read_only = @@global.read_only;`
			`SET GLOBAL read_only=1;`
			`grant create user on . to foo;`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo # Currently no READ_ONLY ADMIN privileges.`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`connect (a, localhost, foo);`
			`select @@global.read_only;`

			`--error ER_OPTION_PREVENTS_STATEMENT`
			`alter user foo;`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo # Grant READ_ONLY ADMIN privilege to the user.`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`connection default;`
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`grant READ_ONLY ADMIN on . to foo;`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo # We now have READ_ONLY ADMIN privilege. We should be able to run alter user.`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`connect (b, localhost, foo);`
			`alter user foo;`

			`connection default;`
			`SET GLOBAL read_only = @start_read_only;`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00
			`--echo #`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`--echo # Test inexistant user.`
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo #`

[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`--error ER_CANNOT_USER`
			`alter user boo;`
			`--echo #--warning ER_CANNOT_USER`
MDEV-17941 ALTER USER IF EXISTS does not work, although documentation says it should. Mistake in syntax definition fixed - should be ALTER USER IF EXISTS, not ALTER IF EXISTS USER. 2020-02-10 21:19:37 +01:00			`alter user if exists boo;`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00
			`--echo #`
[MDEV-7978] Post review fixes and cleanups. * Maintain coding style in sql_yacc.yy in regards to optional clauses. * Remove unused variable from sql_acl.cc. * Update test case 2016-03-07 23:35:03 +01:00			`--echo # Test password related altering.`
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo #`

[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`alter user foo identified by 'something';`
			`select * from mysql.user where user = 'foo';`

			`alter user foo identified by 'something2';`
			`select * from mysql.user where user = 'foo';`

			`alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';`
			`select * from mysql.user where user = 'foo';`

MDEV-22974: mysql_native_password make "invalid" valid Per b9f3f06857ac, mysql_system_tables_data.sql creates a mysql_native_password with a salted hash of "invalid" so that `set password` will detect a native password can be applied:. SHOW CREATE USER; diligently uses this value in its output generating the SQL: MariaDB [(none)]> show create user; +---------------------------------------------------------------------------------------------------+ \| CREATE USER for dan@localhost \| +---------------------------------------------------------------------------------------------------+ \| CREATE USER `dan`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket \| +---------------------------------------------------------------------------------------------------+ Attempting to execute this before this patch results in: MariaDB [(none)]> CREATE USER `dan2`@`localhost` IDENTIFIED VIA mysql_native_password USING 'invalid' OR unix_socket; ERROR 1372 (HY000): Password hash should be a 41-digit hexadecimal number As such, deep the implementation of mysql_native_password we make "invalid" valid (pun intended) such that the above create user will succeed. We do this by storing "*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE" (credit: Oracle MySQL), that is of an INCORRECT length for a scramble. In native_password_authenticate we check the length of this cached value and immediately fail if it is anything other than the scramble length. native_password_get_salt is only called in the context of set_user_salt, so all setting of native passwords to hashed content of 'invalid', quite literally create an invalid password. So other forms of "invalid" are valid SQL in creating invalid passwords: MariaDB [(none)]> set password = 'invalid'; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> alter user dan@localhost IDENTIFIED BY PASSWORD 'invalid'; Query OK, 0 rows affected (0.000 sec) closes #1628 Reviewer: serg@mariadb.com 2020-07-16 08:31:59 +02:00			`alter user foo identified by password 'invalid';`
			`select * from mysql.user where user = 'foo';`

MDEV-12321 authentication plugin: SET PASSWORD support Support SET PASSWORD for authentication plugins. Authentication plugin API is extended with two optional methods: * hash_password() is used to compute a password hash (or digest) from the plain-text password. This digest will be stored in mysql.user table * preprocess_hash() is used to convert this digest into some memory representation that can be later used to authenticate a user. Build-in plugins convert the hash from hexadecimal or base64 to binary, to avoid doing it on every authentication attempt. Note a change in behavior: when loading privileges (on startup or on FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a warning (e.g. "Plugin 'foo' is not loaded"). But such an account could not be used for authentication until the plugin is installed. Now an account like that will not be loaded at all (with a warning, still). Indeed, without plugin's preprocess_hash() method the server cannot know how to load an account. Thus, if a new authentication plugin is installed run-time, one might need FLUSH PRIVILEGES to activate all existing accounts that were using this new plugin. 2018-10-17 12:48:13 +02:00			`--error ER_CANNOT_USER`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`alter user foo identified with 'somecoolplugin';`
MDEV-12321 authentication plugin: SET PASSWORD support Support SET PASSWORD for authentication plugins. Authentication plugin API is extended with two optional methods: * hash_password() is used to compute a password hash (or digest) from the plain-text password. This digest will be stored in mysql.user table * preprocess_hash() is used to convert this digest into some memory representation that can be later used to authenticate a user. Build-in plugins convert the hash from hexadecimal or base64 to binary, to avoid doing it on every authentication attempt. Note a change in behavior: when loading privileges (on startup or on FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a warning (e.g. "Plugin 'foo' is not loaded"). But such an account could not be used for authentication until the plugin is installed. Now an account like that will not be loaded at all (with a warning, still). Indeed, without plugin's preprocess_hash() method the server cannot know how to load an account. Thus, if a new authentication plugin is installed run-time, one might need FLUSH PRIVILEGES to activate all existing accounts that were using this new plugin. 2018-10-17 12:48:13 +02:00			`show warnings;`

			`alter user foo identified with 'mysql_old_password';`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`select * from mysql.user where user = 'foo';`

MDEV-12321 authentication plugin: SET PASSWORD support Support SET PASSWORD for authentication plugins. Authentication plugin API is extended with two optional methods: * hash_password() is used to compute a password hash (or digest) from the plain-text password. This digest will be stored in mysql.user table * preprocess_hash() is used to convert this digest into some memory representation that can be later used to authenticate a user. Build-in plugins convert the hash from hexadecimal or base64 to binary, to avoid doing it on every authentication attempt. Note a change in behavior: when loading privileges (on startup or on FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a warning (e.g. "Plugin 'foo' is not loaded"). But such an account could not be used for authentication until the plugin is installed. Now an account like that will not be loaded at all (with a warning, still). Indeed, without plugin's preprocess_hash() method the server cannot know how to load an account. Thus, if a new authentication plugin is installed run-time, one might need FLUSH PRIVILEGES to activate all existing accounts that were using this new plugin. 2018-10-17 12:48:13 +02:00			`alter user foo identified with 'mysql_old_password' using '0123456789ABCDEF';`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`select * from mysql.user where user = 'foo';`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00
			`--echo #`
[MDEV-7978] Post review fixes and cleanups. * Maintain coding style in sql_yacc.yy in regards to optional clauses. * Remove unused variable from sql_acl.cc. * Update test case 2016-03-07 23:35:03 +01:00			`--echo # Test ssl related altering.`
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo #`

[MDEV-7978] Post review fixes and cleanups. * Maintain coding style in sql_yacc.yy in regards to optional clauses. * Remove unused variable from sql_acl.cc. * Update test case 2016-03-07 23:35:03 +01:00			`alter user foo identified by 'something' require SSL;`
			`select * from mysql.user where user = 'foo';`

			`alter user foo identified by 'something' require X509;`
			`select * from mysql.user where user = 'foo';`

			`alter user foo identified by 'something'`
			`require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';`
			`select * from mysql.user where user = 'foo';`

MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00
			`--echo #`
[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`--echo # Test resource limits altering.`
MDEV-21743 Split up SUPER privilege to smaller privileges 2020-02-28 18:59:01 +01:00			`--echo #`

[MDEV-7978] Implement alter user and tested create user Implemented the alter user syntax. Also tested that create user creates users accordingly. 2016-01-18 01:16:59 +01:00			`alter user foo with MAX_QUERIES_PER_HOUR 10`
			`MAX_UPDATES_PER_HOUR 20`
			`MAX_CONNECTIONS_PER_HOUR 30`
			`MAX_USER_CONNECTIONS 40;`
			`select * from mysql.user where user = 'foo';`
			`drop user foo;`
MDEV-12321 authentication plugin: SET PASSWORD support Support SET PASSWORD for authentication plugins. Authentication plugin API is extended with two optional methods: * hash_password() is used to compute a password hash (or digest) from the plain-text password. This digest will be stored in mysql.user table * preprocess_hash() is used to convert this digest into some memory representation that can be later used to authenticate a user. Build-in plugins convert the hash from hexadecimal or base64 to binary, to avoid doing it on every authentication attempt. Note a change in behavior: when loading privileges (on startup or on FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a warning (e.g. "Plugin 'foo' is not loaded"). But such an account could not be used for authentication until the plugin is installed. Now an account like that will not be loaded at all (with a warning, still). Indeed, without plugin's preprocess_hash() method the server cannot know how to load an account. Thus, if a new authentication plugin is installed run-time, one might need FLUSH PRIVILEGES to activate all existing accounts that were using this new plugin. 2018-10-17 12:48:13 +02:00
test cases for MySQL bugs also fix a comment, and update a macro just in case 2022-01-21 12:40:20 +01:00			`--echo #`
			`--echo # Bug #29882299: ALTER USER ... IDENTIFIED WITH ... BY ... SHOULD BE A PRIVILEGED OPERATION`
			`--echo #`
			`create user foo@localhost;`
			`--connect x,localhost,foo`
			`--error ER_SPECIFIC_ACCESS_DENIED_ERROR`
			`alter user current_user identified with 'something';`
			`--connection default`
			`--disconnect x`
			`drop user foo@localhost;`
Merge branch '10.3' into 10.4 2022-01-30 09:46:52 +01:00
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests. 2018-11-24 14:13:41 +01:00			`update mysql.global_priv set priv=@root_priv where user='root' and host='localhost';`