Trove 'user-show-access' CLI's result includes deleted databases
Bug #1724755 reported by
liuqing
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack DBaaS (Trove) |
Invalid
|
Undecided
|
Fan Zhang |
Bug Description
For example:
1.Create a user 'foo' and two databases 'db1' 'db2' for a mysql instance, then grant the user 'foo' access to 'db1' and 'db2';
2.Delete the database 'db1';
3.Execute 'trove user-show-access ...' CLI, the result still includes 'db1'.
Changed in trove: | |
assignee: | nobody → Fan Zhang (fanzhang) |
Changed in trove: | |
assignee: | Fan Zhang (fanzhang) → nobody |
Changed in trove: | |
assignee: | nobody → Fan Zhang (fanzhang) |
To post a comment you must log in.
I don't think it's a bug.
First, command 'trove user-show-access' corresponds to 'select * from information_ schema. SCHEMA_ PRIVILEGES' , you can find out in the codes https:/ /github. com/openstack/ trove/blob/ efd2ad9ee922c80 0e959c09c106155 2d9307e61f/ trove/guestagen t/datastore/ mysql_common/ service. py#L231.
What user-show-access shows is only relevant to mysql command 'GRANT', it means that if you grant select privilege on db1 and db2 to user foo, you can find something like this: schema. SCHEMA_ PRIVILEGES; ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+ ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+ ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+
mysql> select * from information_
+------
| GRANTEE | TABLE_CATALOG | TABLE_SCHEMA | PRIVILEGE_TYPE | IS_GRANTABLE |
+------
| 'foo'@'%' | NULL | db1 | SELECT | NO |
| 'foo'@'%' | NULL | db2 | SELECT | NO |
+------
What if you grant select privilege on a database that's not exist to user foo?
The answer is that you can see something new from information_ schema. SCHEMA_ PRIVILEGES like this: schema. SCHEMA_ PRIVILEGES; ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+ ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+ ------- ---+--- ------- -----+- ------- ------+ ------- ------- ------- ----+-- ------- -----+
mysql> select * from information_
+------
| GRANTEE | TABLE_CATALOG | TABLE_SCHEMA | PRIVILEGE_TYPE | IS_GRANTABLE |
+------
| 'foo'@'%' | NULL | db1 | SELECT | NO |
| 'foo'@'%' | NULL | db2 | SELECT | NO |
| 'foo'@'%' | NULL | db3 | SELECT | NO |
+------
You can find out more here https:/ /dev.mysql. com/doc/ refman/ 5.7/en/ schema- privileges- table.html.