Skip to content

Commit

Permalink
Update UT
Browse files Browse the repository at this point in the history
  • Loading branch information
@CbcWestwolf
CbcWestwolf committed Oct 28, 2022
1 parent 5f3294d commit 340811b
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
7 changes: 7 additions & 0 deletions executor/simpletest/simple_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -717,6 +717,7 @@ func TestUser(t *testing.T) {
tk.MustQuery(`SELECT plugin, token_issuer FROM mysql.user WHERE user = 'token_user'`).Check(testkit.Rows("tidb_auth_token issuer-abc"))
tk.MustExec(`ALTER USER token_user REQUIRE token_issuer 'issuer-123'`)
tk.MustQuery(`SELECT plugin, token_issuer FROM mysql.user WHERE user = 'token_user'`).Check(testkit.Rows("tidb_auth_token issuer-123"))
tk.MustExec(`ALTER USER token_user IDENTIFIED WITH 'tidb_auth_token'`)
tk.MustExec(`CREATE USER token_user1 IDENTIFIED WITH 'tidb_auth_token'`)
tk.MustQuery(`show warnings`).Check(testkit.RowsWithSep("|", "Warning|1105|TOKEN_ISSUER is needed for 'tidb_auth_token' user, please use 'alter user' to declare it"))
tk.MustExec(`CREATE USER temp_user IDENTIFIED WITH 'mysql_native_password' BY '1234' REQUIRE token_issuer 'issuer-abc'`)
Expand All @@ -727,6 +728,12 @@ func TestUser(t *testing.T) {
tk.MustQuery(`show warnings`).Check(testkit.RowsWithSep("|", "Warning|1105|TOKEN_ISSUER is not needed for the auth plugin"))
tk.MustExec(`ALTER USER temp_user IDENTIFIED WITH 'tidb_auth_token'`)
tk.MustQuery(`show warnings`).Check(testkit.RowsWithSep("|", "Warning|1105|Auth plugin 'tidb_auth_plugin' needs TOKEN_ISSUER"))
tk.MustExec(`ALTER USER token_user REQUIRE SSL`)
tk.MustQuery(`show warnings`).Check(testkit.Rows())
tk.MustExec(`ALTER USER token_user IDENTIFIED WITH 'mysql_native_password' BY '1234'`)
tk.MustQuery(`show warnings`).Check(testkit.Rows())
tk.MustExec(`ALTER USER token_user IDENTIFIED WITH 'tidb_auth_token' REQUIRE token_issuer 'issuer-abc'`)
tk.MustQuery(`show warnings`).Check(testkit.Rows())

// Test alter user.
createUserSQL = `CREATE USER 'test1'@'localhost' IDENTIFIED BY '123', 'test2'@'localhost' IDENTIFIED BY '123', 'test3'@'localhost' IDENTIFIED BY '123', 'test4'@'localhost' IDENTIFIED BY '123';`
Expand Down
3 changes: 3 additions & 0 deletions privilege/privileges/privileges.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,9 @@ func (p *UserPrivileges) GetAuthPlugin(user, host string) (string, error) {
if record == nil {
return "", errors.New("Failed to get user record")
}
if record.AuthPlugin == mysql.AuthTiDBAuthToken {
return record.AuthPlugin, nil
}
// zero-length auth string means no password for native and caching_sha2 auth.
// but for auth_socket it means there should be a 1-to-1 mapping between the TiDB user
// and the OS user.
Expand Down

0 comments on commit 340811b

Please sign in to comment.