*: make 'grant all privileges' work right

ast/misc.go

@@ -1612,51 +1612,17 @@ type PrivElem struct {
 
 // Restore implements Node interface.
 func (n *PrivElem) Restore(ctx *RestoreCtx) error {
-	switch n.Priv {
-	case 0:
+	if n.Priv == 0 {
 		ctx.WritePlain("/* UNSUPPORTED TYPE */")
-	case mysql.AllPriv:
+	} else if n.Priv == mysql.AllPriv {
 		ctx.WriteKeyWord("ALL")
-	case mysql.AlterPriv:
-		ctx.WriteKeyWord("ALTER")
-	case mysql.CreatePriv:
-		ctx.WriteKeyWord("CREATE")
-	case mysql.CreateUserPriv:
-		ctx.WriteKeyWord("CREATE USER")
-	case mysql.CreateRolePriv:
-		ctx.WriteKeyWord("CREATE ROLE")
-	case mysql.TriggerPriv:
-		ctx.WriteKeyWord("TRIGGER")
-	case mysql.DeletePriv:
-		ctx.WriteKeyWord("DELETE")
-	case mysql.DropPriv:
-		ctx.WriteKeyWord("DROP")
-	case mysql.ProcessPriv:
-		ctx.WriteKeyWord("PROCESS")
-	case mysql.ExecutePriv:
-		ctx.WriteKeyWord("EXECUTE")
-	case mysql.IndexPriv:
-		ctx.WriteKeyWord("INDEX")
-	case mysql.InsertPriv:
-		ctx.WriteKeyWord("INSERT")
-	case mysql.SelectPriv:
-		ctx.WriteKeyWord("SELECT")
-	case mysql.SuperPriv:
-		ctx.WriteKeyWord("SUPER")
-	case mysql.ShowDBPriv:
-		ctx.WriteKeyWord("SHOW DATABASES")
-	case mysql.UpdatePriv:
-		ctx.WriteKeyWord("UPDATE")
-	case mysql.GrantPriv:
-		ctx.WriteKeyWord("GRANT OPTION")
-	case mysql.ReferencesPriv:
-		ctx.WriteKeyWord("REFERENCES")
-	case mysql.CreateViewPriv:
-		ctx.WriteKeyWord("CREATE VIEW")
-	case mysql.ShowViewPriv:
-		ctx.WriteKeyWord("SHOW VIEW")
-	default:
-		return errors.New("Undefined privilege type")
+	} else {
+		str, ok := mysql.Priv2Str[n.Priv]
+		if ok {
+			ctx.WriteKeyWord(str)
+		} else {
+			return errors.New("Undefined privilege type")
+		}
 	}
 	if n.Cols != nil {
 		ctx.WritePlain(" (")

mysql/const.go

@@ -233,6 +233,13 @@ const (
 	CreateRolePriv
 	// DropRolePriv is the privilege to drop a role.
 	DropRolePriv
+
+	CreateTMPTablePriv
+	LockTablesPriv
+	CreateRoutinePriv
+	AlterRoutinePriv
+	EventPriv
+
 	// AllPriv is the privilege for all actions.
 	AllPriv
 )
@@ -276,26 +283,60 @@ const PWDHashLen = 40
 
 // Priv2UserCol is the privilege to mysql.user table column name.
 var Priv2UserCol = map[PrivilegeType]string{
-	CreatePriv:     "Create_priv",
-	SelectPriv:     "Select_priv",
-	InsertPriv:     "Insert_priv",
-	UpdatePriv:     "Update_priv",
-	DeletePriv:     "Delete_priv",
-	ShowDBPriv:     "Show_db_priv",
-	SuperPriv:      "Super_priv",
-	CreateUserPriv: "Create_user_priv",
-	TriggerPriv:    "Trigger_priv",
-	DropPriv:       "Drop_priv",
-	ProcessPriv:    "Process_priv",
-	GrantPriv:      "Grant_priv",
-	ReferencesPriv: "References_priv",
-	AlterPriv:      "Alter_priv",
-	ExecutePriv:    "Execute_priv",
-	IndexPriv:      "Index_priv",
-	CreateViewPriv: "Create_view_priv",
-	ShowViewPriv:   "Show_view_priv",
-	CreateRolePriv: "Create_role_priv",
-	DropRolePriv:   "Drop_role_priv",
+	CreatePriv:         "Create_priv",
+	SelectPriv:         "Select_priv",
+	InsertPriv:         "Insert_priv",
+	UpdatePriv:         "Update_priv",
+	DeletePriv:         "Delete_priv",
+	ShowDBPriv:         "Show_db_priv",
+	SuperPriv:          "Super_priv",
+	CreateUserPriv:     "Create_user_priv",
+	TriggerPriv:        "Trigger_priv",
+	DropPriv:           "Drop_priv",
+	ProcessPriv:        "Process_priv",
+	GrantPriv:          "Grant_priv",
+	ReferencesPriv:     "References_priv",
+	AlterPriv:          "Alter_priv",
+	ExecutePriv:        "Execute_priv",
+	IndexPriv:          "Index_priv",
+	CreateViewPriv:     "Create_view_priv",
+	ShowViewPriv:       "Show_view_priv",
+	CreateRolePriv:     "Create_role_priv",
+	DropRolePriv:       "Drop_role_priv",
+	CreateTMPTablePriv: "Create_tmp_table_priv",
+	LockTablesPriv:     "Lock_tables_priv",
+	CreateRoutinePriv:  "Create_routine_priv",
+	AlterRoutinePriv:   "Alter_routine_priv",
+	EventPriv:          "Event_priv",
+}
+
+// Col2PrivType is the privilege tables column name to privilege type.
+var Col2PrivType = map[string]PrivilegeType{
+	"Create_priv":           CreatePriv,
+	"Select_priv":           SelectPriv,
+	"Insert_priv":           InsertPriv,
+	"Update_priv":           UpdatePriv,
+	"Delete_priv":           DeletePriv,
+	"Show_db_priv":          ShowDBPriv,
+	"Super_priv":            SuperPriv,
+	"Create_user_priv":      CreateUserPriv,
+	"Trigger_priv":          TriggerPriv,
+	"Drop_priv":             DropPriv,
+	"Process_priv":          ProcessPriv,
+	"Grant_priv":            GrantPriv,
+	"References_priv":       ReferencesPriv,
+	"Alter_priv":            AlterPriv,
+	"Execute_priv":          ExecutePriv,
+	"Index_priv":            IndexPriv,
+	"Create_view_priv":      CreateViewPriv,
+	"Show_view_priv":        ShowViewPriv,
+	"Create_role_priv":      CreateRolePriv,
+	"Drop_role_priv":        DropRolePriv,
+	"Create_tmp_table_priv": CreateTMPTablePriv,
+	"Lock_tables_priv":      LockTablesPriv,
+	"Create_routine_priv":   CreateRoutinePriv,
+	"Alter_routine_priv":    AlterRoutinePriv,
+	"Event_priv":            EventPriv,
 }
 
 // Command2Str is the command information to command name.
@@ -334,55 +375,33 @@ var Command2Str = map[byte]string{
 	ComResetConnection:  "Reset connect",
 }
 
-// Col2PrivType is the privilege tables column name to privilege type.
-var Col2PrivType = map[string]PrivilegeType{
-	"Create_priv":      CreatePriv,
-	"Select_priv":      SelectPriv,
-	"Insert_priv":      InsertPriv,
-	"Update_priv":      UpdatePriv,
-	"Delete_priv":      DeletePriv,
-	"Show_db_priv":     ShowDBPriv,
-	"Super_priv":       SuperPriv,
-	"Create_user_priv": CreateUserPriv,
-	"Trigger_priv":     TriggerPriv,
-	"Drop_priv":        DropPriv,
-	"Process_priv":     ProcessPriv,
-	"Grant_priv":       GrantPriv,
-	"References_priv":  ReferencesPriv,
-	"Alter_priv":       AlterPriv,
-	"Execute_priv":     ExecutePriv,
-	"Index_priv":       IndexPriv,
-	"Create_view_priv": CreateViewPriv,
-	"Show_view_priv":   ShowViewPriv,
-	"Create_role_priv": CreateRolePriv,
-	"Drop_role_priv":   DropRolePriv,
-}
-
-// AllGlobalPrivs is all the privileges in global scope.
-var AllGlobalPrivs = []PrivilegeType{SelectPriv, InsertPriv, UpdatePriv, DeletePriv, CreatePriv, DropPriv, ProcessPriv, GrantPriv, ReferencesPriv, AlterPriv, ShowDBPriv, SuperPriv, ExecutePriv, IndexPriv, CreateUserPriv, TriggerPriv, CreateViewPriv, ShowViewPriv, CreateRolePriv, DropRolePriv}
-
 // Priv2Str is the map for privilege to string.
 var Priv2Str = map[PrivilegeType]string{
-	CreatePriv:     "Create",
-	SelectPriv:     "Select",
-	InsertPriv:     "Insert",
-	UpdatePriv:     "Update",
-	DeletePriv:     "Delete",
-	ShowDBPriv:     "Show Databases",
-	SuperPriv:      "Super",
-	CreateUserPriv: "Create User",
-	TriggerPriv:    "Trigger",
-	DropPriv:       "Drop",
-	ProcessPriv:    "Process",
-	GrantPriv:      "Grant Option",
-	ReferencesPriv: "References",
-	AlterPriv:      "Alter",
-	ExecutePriv:    "Execute",
-	IndexPriv:      "Index",
-	CreateViewPriv: "Create View",
-	ShowViewPriv:   "Show View",
-	CreateRolePriv: "Create Role",
-	DropRolePriv:   "Drop Role",
+	CreatePriv:         "Create",
+	SelectPriv:         "Select",
+	InsertPriv:         "Insert",
+	UpdatePriv:         "Update",
+	DeletePriv:         "Delete",
+	ShowDBPriv:         "Show Databases",
+	SuperPriv:          "Super",
+	CreateUserPriv:     "Create User",
+	TriggerPriv:        "Trigger",
+	DropPriv:           "Drop",
+	ProcessPriv:        "Process",
+	GrantPriv:          "Grant Option",
+	ReferencesPriv:     "References",
+	AlterPriv:          "Alter",
+	ExecutePriv:        "Execute",
+	IndexPriv:          "Index",
+	CreateViewPriv:     "Create View",
+	ShowViewPriv:       "Show View",
+	CreateRolePriv:     "Create Role",
+	DropRolePriv:       "Drop Role",
+	CreateTMPTablePriv: "CREATE TEMPORARY TABLES",
+	LockTablesPriv:     "LOCK TABLES",
+	CreateRoutinePriv:  "CREATE ROUTINE",
+	AlterRoutinePriv:   "ALTER ROUTINE",
+	EventPriv:          "EVENT",
 }
 
 // Priv2SetStr is the map for privilege to string.
@@ -419,6 +438,9 @@ var SetStr2Priv = map[string]PrivilegeType{
 	"Show View":   ShowViewPriv,
 }
 
+// AllGlobalPrivs is all the privileges in global scope.
+var AllGlobalPrivs = []PrivilegeType{SelectPriv, InsertPriv, UpdatePriv, DeletePriv, CreatePriv, DropPriv, ProcessPriv, GrantPriv, ReferencesPriv, AlterPriv, ShowDBPriv, SuperPriv, ExecutePriv, IndexPriv, CreateUserPriv, TriggerPriv, CreateViewPriv, ShowViewPriv, CreateRolePriv, DropRolePriv, CreateTMPTablePriv, LockTablesPriv, CreateRoutinePriv, AlterRoutinePriv, EventPriv}
+
 // AllDBPrivs is all the privileges in database scope.
 var AllDBPrivs = []PrivilegeType{SelectPriv, InsertPriv, UpdatePriv, DeletePriv, CreatePriv, DropPriv, GrantPriv, AlterPriv, ExecutePriv, IndexPriv, CreateViewPriv, ShowViewPriv}
 

mysql/const_test.go

@@ -0,0 +1,54 @@
+// Copyright 2017 PingCAP, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package mysql
+
+import (
+	"testing"
+
+	. "github.com/pingcap/check"
+)
+
+var _ = Suite(&testConstSuite{})
+
+type testConstSuite struct{}
+
+func TestT(t *testing.T) {
+	TestingT(t)
+}
+
+func (s *testConstSuite) TestPrivAllConsistency(c *C) {
+	// AllPriv in mysql.user columns.
+	for priv := PrivilegeType(CreatePriv); priv != AllPriv; priv = priv << 1 {
+		_, ok := Priv2UserCol[priv]
+		c.Assert(ok, IsTrue, Commentf("priv fail %d", priv))
+	}
+
+	for _, v := range AllGlobalPrivs {
+		_, ok := Priv2UserCol[v]
+		c.Assert(ok, IsTrue)
+	}
+
+	c.Assert(len(Priv2UserCol), Equals, len(AllGlobalPrivs))
+
+	for _, v := range Priv2UserCol {
+		_, ok := Col2PrivType[v]
+		c.Assert(ok, IsTrue)
+	}
+	for _, v := range Col2PrivType {
+		_, ok := Priv2UserCol[v]
+		c.Assert(ok, IsTrue)
+	}
+
+	c.Assert(len(Priv2Str), Equals, len(Priv2UserCol))
+}

parser.y

@@ -8910,11 +8910,11 @@ PrivType:
 	}
 |	"CREATE" "TEMPORARY" "TABLES"
 	{
-		$$ = mysql.PrivilegeType(0)
+		$$ = mysql.CreateTMPTablePriv
 	}
 |	"LOCK" "TABLES"
 	{
-		$$ = mysql.PrivilegeType(0)
+		$$ = mysql.LockTablesPriv
 	}
 |	"CREATE" "VIEW"
 	{
@@ -8934,15 +8934,15 @@ PrivType:
 	}
 |	"CREATE" "ROUTINE"
 	{
-		$$ = mysql.PrivilegeType(0)
+		$$ = mysql.CreateRoutinePriv
 	}
 |	"ALTER" "ROUTINE"
 	{
-		$$ = mysql.PrivilegeType(0)
+		$$ = mysql.AlterRoutinePriv
 	}
 |	"EVENT"
 	{
-		$$ = mysql.PrivilegeType(0)
+		$$ = mysql.EventPriv
 	}
 
 ObjectType:

parser_test.go

@@ -2443,7 +2443,7 @@ func (s *testParserSuite) TestPrivilege(c *C) {
 		{"grant all privileges on zabbix.* to 'zabbix'@'localhost' identified by 'password';", true, "GRANT ALL ON `zabbix`.* TO `zabbix`@`localhost` IDENTIFIED BY 'password'"},
 		{"GRANT SELECT ON test.* to 'test'", true, "GRANT SELECT ON `test`.* TO `test`@`%`"}, // For issue 2654.
 		{"grant PROCESS,usage, REPLICATION SLAVE, REPLICATION CLIENT on *.* to 'xxxxxxxxxx'@'%' identified by password 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'", true, "GRANT PROCESS /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */ ON *.* TO `xxxxxxxxxx`@`%` IDENTIFIED BY PASSWORD 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'"}, // For issue 4865
-		{"/* rds internal mark */ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, RELOAD, PROCESS, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES,      EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT,      TRIGGER on *.* to 'root2'@'%' identified by password '*sdsadsdsadssadsadsadsadsada' with grant option", true, "GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES /* UNSUPPORTED TYPE */, PROCESS, INDEX, ALTER /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */, EXECUTE /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */, CREATE VIEW, SHOW VIEW /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */, CREATE USER /* UNSUPPORTED TYPE */, TRIGGER ON *.* TO `root2`@`%` IDENTIFIED BY PASSWORD '*sdsadsdsadssadsadsadsadsada' WITH GRANT OPTION"},
+		{"/* rds internal mark */ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, RELOAD, PROCESS, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES,      EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT,      TRIGGER on *.* to 'root2'@'%' identified by password '*sdsadsdsadssadsadsadsadsada' with grant option", true, "GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES /* UNSUPPORTED TYPE */, PROCESS, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE /* UNSUPPORTED TYPE */ /* UNSUPPORTED TYPE */, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO `root2`@`%` IDENTIFIED BY PASSWORD '*sdsadsdsadssadsadsadsadsada' WITH GRANT OPTION"},
 		{"GRANT 'role1', 'role2' TO 'user1'@'localhost', 'user2'@'localhost';", true, "GRANT `role1`@`%`, `role2`@`%` TO `user1`@`localhost`, `user2`@`localhost`"},
 		{"GRANT 'u1' TO 'u1';", true, "GRANT `u1`@`%` TO `u1`@`%`"},
 		{"GRANT 'app_developer' TO 'dev1'@'localhost';", true, "GRANT `app_developer`@`%` TO `dev1`@`localhost`"},