Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql: fix sql input to security.SQLUsername issue #68830

Merged
merged 1 commit into from
Aug 18, 2021
Merged

sql: fix sql input to security.SQLUsername issue #68830

merged 1 commit into from
Aug 18, 2021

Conversation

e-mbrown
Copy link
Contributor

@e-mbrown e-mbrown commented Aug 12, 2021
edited
Loading

Resolves: #67818

The statements drop owned by and reassigned owned by were case-sensitive because they relied on role_spec_list which wasn't correctly generating security.SQLusername. With this change the two statement use NameLists that are then converted into security.SQLusernames.

role_spec_list has been removed from the parser because it is no longer being used.

Release note: None

@e-mbrown e-mbrown requested review from RichardJCai and a team August 12, 2021 21:23
@cockroach-teamcity
Copy link
Member

This change is Reviewable

@e-mbrown e-mbrown force-pushed the eb/sqlusername branch 3 times, most recently from 0be26a4 to 1e44f3a Compare August 13, 2021 18:23
@e-mbrown e-mbrown marked this pull request as ready for review August 13, 2021 18:27
RichardJCai
RichardJCai approved these changes Aug 16, 2021
View reviewed changes
pkg/sql/sem/tree/reassign_owned_by.go Outdated Show resolved Hide resolved
RichardJCai
RichardJCai reviewed Aug 16, 2021
View reviewed changes
pkg/sql/parser/sql.y
@@ -8869,10 +8858,10 @@ multiple_set_clause:
// TO {<name> | CURRENT_USER | SESSION_USER}
// %SeeAlso: DROP OWNED BY
reassign_owned_by_stmt:
REASSIGN OWNED BY role_spec_list TO role_spec
REASSIGN OWNED BY name_list TO role_spec
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you look into normalizing role_spec correctly as well?

See:
#55396

and:
https://github.com/cockroachdb/cockroach/blob/master/pkg/sql/parser/sql.y#L1319
https://github.com/cockroachdb/cockroach/blob/master/pkg/sql/parser/sql.y#L2478

Can be a separate PR

@e-mbrown
sql: fix sql input to security.SQLUsername issue
c3f09f1 
The statements drop owned by and reassigned owned were case-sensitive
because they relied on role_spec_list which wasnt correctly generating
security.SQLusername. With this change the two statement use NameLists
that are then converted into security.SQLusernames. role_spec_list has
been removed from the parser because it is no longer being used.

Release note: None
@e-mbrown e-mbrown requested a review from a team August 16, 2021 18:58
@e-mbrown
Copy link
Contributor Author

bors r=RichardJCai

@craig
Copy link
Contributor

craig bot commented Aug 18, 2021

Build succeeded:

@craig craig bot merged commit 61fdb08 into cockroachdb:master Aug 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RichardJCai RichardJCai RichardJCai approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

sql: properly convert user name as sql input to security.SQLUsername
3 participants
@e-mbrown @cockroach-teamcity @RichardJCai