config root man

# The numbers represent test cases of the test plan.

--source include/have_plugin_auth.inc
--source include/not_embedded.inc
CALL mtr.add_suppression("Plugin test_plugin_server reported: 'Wrong password supplied for plug_dest'");
CALL mtr.add_suppression("The plugin 'new_plugin_server' used to authenticate user 'new_user'@'%' is not loaded. Nobody can currently login using this account.");

CREATE DATABASE test_user_db;

--source include/plugin_auth_check_non_default_users.inc

--echo ========== test 1.1.3.2 ====================================

# CREATE...WITH/CREATE...BY/GRANT
CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
REVOKE PROXY ON plug_dest FROM plug_user;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
DROP USER plug_user,plug_dest;
#
# GRANT...WITH
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;

--source include/plugin_auth_check_non_default_users.inc
--echo 1)
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
--error ER_PARSE_ERROR
REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
--echo 2)
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
REVOKE PROXY ON plug_dest FROM plug_user;
--echo 3)
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
DROP USER plug_user,plug_dest;
#
# GRANT...WITH/CREATE...BY
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
--echo 1)
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
GRANT PROXY ON plug_dest TO plug_user;
--echo 2)
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1
--error ER_PARSE_ERROR
REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_user'
                         IDENTIFIED WITH test_plugin_server AS 'plug_dest';
#REVOKE ALL PRIVILEGES ON test_user_db.* FROM 'plug_dest'
#                         IDENTIFIED BY 'plug_dest_passwd';
DROP USER plug_user,plug_dest;

--echo ========== test 1.2 ========================================

# GRANT...WITH/CREATE...BY
GRANT ALL PRIVILEGES ON test_user_db.* TO plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
RENAME USER plug_dest TO new_dest;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
GRANT PROXY ON new_dest TO plug_user;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
--source include/plugin_auth_check_non_default_users.inc
DROP USER plug_user,new_dest;

# CREATE...WITH/CREATE...BY
CREATE USER plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
GRANT PROXY ON plug_dest TO plug_user;
--replace_result $MASTER_MYSOCK MASTER_MYSOCK $PLUGIN_AUTH_OPT PLUGIN_AUTH_OPT
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
RENAME USER plug_dest TO new_dest;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=plug_dest -e "SELECT current_user();SELECT user();" 2>&1
GRANT PROXY ON new_dest TO plug_user;
--error 1
--exec $MYSQL -S $MASTER_MYSOCK -u plug_user $PLUGIN_AUTH_OPT --password=new_dest -e "SELECT current_user();SELECT user();" 2>&1
--source include/plugin_auth_check_non_default_users.inc
DROP USER plug_user,new_dest;
# CREATE...WITH
CREATE USER plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--echo connect(plug_user,localhost,plug_user,plug_dest);
connect(plug_user,localhost,plug_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
RENAME USER plug_user TO new_user;
--echo connect(plug_user,localhost,new_user,plug_dest);
connect(plug_user,localhost,new_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--source include/plugin_auth_check_non_default_users.inc
--echo disconnect plug_user;
disconnect plug_user;
UPDATE mysql.user SET user='plug_user' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
DROP USER plug_dest,plug_user;
--echo ========== test 1.3 ========================================

#
CREATE USER plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
--echo connect(plug_user,localhost,plug_user,plug_dest);
connect(plug_user,localhost,plug_user,plug_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET user='new_user' WHERE user='plug_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET authentication_string='new_dest' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
UPDATE mysql.user SET plugin='new_plugin_server' WHERE user='new_user';
FLUSH PRIVILEGES;
--source include/plugin_auth_check_non_default_users.inc
--echo connect(plug_user,localhost,new_user,new_dest);
--disable_query_log
--error ER_PLUGIN_IS_NOT_LOADED
connect(plug_user,localhost,new_user,new_dest);
--enable_query_log
UPDATE mysql.user SET plugin='test_plugin_server' WHERE user='new_user';
UPDATE mysql.user SET USER='new_dest' WHERE user='plug_dest';
FLUSH PRIVILEGES;
GRANT PROXY ON new_dest TO new_user;
--source include/plugin_auth_check_non_default_users.inc
--echo connect(plug_user,localhost,new_user,new_dest);
connect(plug_user,localhost,new_user,new_dest);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
UPDATE mysql.user SET USER='plug_dest' WHERE user='new_dest';
FLUSH PRIVILEGES;
CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd';
--source include/plugin_auth_check_non_default_users.inc
GRANT ALL PRIVILEGES ON test.* TO new_user;
--echo connect(plug_user,localhost,new_dest,new_dest_passwd);
connect(plug_user,localhost,new_dest,new_dest_passwd);
select USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect plug_user;
disconnect plug_user;
DROP USER new_user,new_dest,plug_dest;

--echo ========== test 2, 2.1, 2.2 ================================

CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo ========== test 2.2.1 ======================================
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
--disable_query_log
--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
connect(proxy_con,localhost,proxy_user,proxied_user);
--enable_query_log
GRANT PROXY ON proxied_user TO ''@'';
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
connect(proxy_con,localhost,proxy_user,proxied_user);
SELECT USER(),CURRENT_USER();
--echo ========== test 2.2.1 ======================================
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
DROP USER ''@'',proxied_user;
#
GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'' 
                     IDENTIFIED WITH test_plugin_server AS 'proxied_user';
CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
--disable_query_log
--error ER_ACCESS_DENIED_ERROR : this should fail : no grant
connect(proxy_con,localhost,proxy_user,proxied_user);
--enable_query_log
GRANT PROXY ON proxied_user TO ''@'';
--echo connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
connect(proxy_con,localhost,proxied_user,proxied_user_passwd);
SELECT USER(),CURRENT_USER();
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
--echo connect(proxy_con,localhost,proxy_user,proxied_user);
connect(proxy_con,localhost,proxy_user,proxied_user);
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con;
disconnect proxy_con;
DROP USER ''@'',proxied_user;
#
CREATE USER ''@'' IDENTIFIED WITH test_plugin_server AS 'proxied_user';
CREATE USER proxied_user_1 IDENTIFIED BY 'proxied_user_1_pwd';
CREATE USER proxied_user_2 IDENTIFIED BY 'proxied_user_2_pwd';
CREATE USER proxied_user_3 IDENTIFIED BY 'proxied_user_3_pwd';
CREATE USER proxied_user_4 IDENTIFIED BY 'proxied_user_4_pwd';
CREATE USER proxied_user_5 IDENTIFIED BY 'proxied_user_5_pwd';
GRANT PROXY ON proxied_user_1 TO ''@'';
GRANT PROXY ON proxied_user_2 TO ''@'';
GRANT PROXY ON proxied_user_3 TO ''@'';
GRANT PROXY ON proxied_user_4 TO ''@'';
GRANT PROXY ON proxied_user_5 TO ''@'';
--source include/plugin_auth_check_non_default_users.inc
--echo connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd');
--echo connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd);
--echo connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd);
--echo connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd);
--echo connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd);
--echo connection proxy_con_1;
connection proxy_con_1;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_2;
connection proxy_con_2;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_3;
connection proxy_con_3;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_4;
connection proxy_con_4;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection proxy_con_5;
connection proxy_con_5;
SELECT USER(),CURRENT_USER();
SELECT @@proxy_user;
--echo connection default;
connection default;
--echo disconnect proxy_con_1;
disconnect proxy_con_1;
--echo disconnect proxy_con_2;
disconnect proxy_con_2;
--echo disconnect proxy_con_3;
disconnect proxy_con_3;
--echo disconnect proxy_con_4;
disconnect proxy_con_4;
--echo disconnect proxy_con_5;
disconnect proxy_con_5;
DROP USER ''@'',proxied_user_1,proxied_user_2,proxied_user_3,proxied_user_4,proxied_user_5;

--echo ========== test 3 ==========================================

GRANT ALL PRIVILEGES ON *.* TO plug_user
  IDENTIFIED WITH test_plugin_server AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug_user;
FLUSH PRIVILEGES;

# Not working with the patch.

#--replace_result $MYSQLADMIN MYSQLADMIN $MASTER_MYPORT MYPORT $MASTER_MYSOCK MYSOCK
#--exec $MYSQLADMIN $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT -S $MASTER_MYSOCK -u plug_user --password=plug_dest ping 2>&1
#--replace_result $MYSQL_CHECK MYSQL_CHECK $MASTER_MYPORT MYPORT
#--exec $MYSQL_CHECK $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT  -u plug_user --password=plug_dest test
#--replace_result $MYSQL_DUMP MYSQL_DUMP $MASTER_MYPORT MYPORT
#--exec $MYSQL_DUMP -h localhost -P $MASTER_MYPORT $PLUGIN_AUTH_OPT -u plug_user --password=plug_dest test
#--replace_result $MYSQL_SHOW MYSQL_SHOW $MASTER_MYPORT MYPORT
#--exec $MYSQL_SHOW $PLUGIN_AUTH_OPT -h localhost -P $MASTER_MYPORT --plugin_dir=../plugin/auth -u plug_user --password=plug_dest 2>&1
DROP USER plug_user, plug_dest;
DROP DATABASE test_user_db;
--exit