Merge pull request #2797 from dolthub/fulghum/persist_root_superuser

Persist and load superusers

Author: fulghum

eventscheduler/event_scheduler.go

@@ -20,6 +20,7 @@ import (
 
 	"github.com/dolthub/go-mysql-server/sql"
 	"github.com/dolthub/go-mysql-server/sql/analyzer"
+	"github.com/dolthub/go-mysql-server/sql/mysql_db"
 )
 
 // ErrEventSchedulerDisabled is returned when user tries to set `event_scheduler_notifier` global system variable to ON or OFF
@@ -41,6 +42,10 @@ const (
 	SchedulerDisabled SchedulerStatus = "DISABLED"
 )
 
+// eventSchedulerSuperUserName is the name of the locked superuser that the event scheduler
+// creates and uses to ensure it has access to read events from all databases.
+const eventSchedulerSuperUserName = "event_scheduler"
+
 var _ sql.EventScheduler = (*EventScheduler)(nil)
 
 // EventScheduler is responsible for SQL events execution.
@@ -69,10 +74,20 @@ func InitEventScheduler(
 		ctxGetterFunc: getSqlCtxFunc,
 	}
 
+	// Ensure the event_scheduler superuser exists so that the event scheduler can read
+	// events from all databases.
+	initializeEventSchedulerSuperUser(a.Catalog.MySQLDb)
+
 	// If the EventSchedulerStatus is ON, then load enabled
 	// events and start executing events on schedule.
 	if es.status == SchedulerOn {
 		ctx, commit, err := getSqlCtxFunc()
+		ctx.Session.SetClient(sql.Client{
+			User:         eventSchedulerSuperUserName,
+			Address:      "localhost",
+			Capabilities: 0,
+		})
+
 		if err != nil {
 			return nil, err
 		}
@@ -89,6 +104,25 @@ func InitEventScheduler(
 	return es, nil
 }
 
+// initializeEventSchedulerSuperUser ensures the event_scheduler superuser exists (as a locked
+// account that cannot be directly used to log in) so that the event scheduler can read events
+// from all databases.
+func initializeEventSchedulerSuperUser(mySQLDb *mysql_db.MySQLDb) {
+	// TODO: Creating a superuser for the event_scheduler causes the mysqldb to be marked as
+	//       enabled, which enables privileges checking for all resources. We want privileges
+	//       enabled only when running in a sql-server context, but currently creating any
+	//       engine starts up the event system, so we reset the mysqldb enabled status after
+	//       we create the event scheduler super user. To clean this up, we can look into
+	//       moving the event system initialization, or possibly just switch to enabling the
+	//       privilege system as part of server startup.
+	wasEnabled := mySQLDb.Enabled()
+	defer mySQLDb.SetEnabled(wasEnabled)
+
+	ed := mySQLDb.Editor()
+	defer ed.Close()
+	mySQLDb.AddLockedSuperUser(ed, eventSchedulerSuperUserName, "localhost", "")
+}
+
 // Close closes the EventScheduler.
 func (es *EventScheduler) Close() {
 	if es == nil {

sql/mysql_db/mysql_db.go

@@ -413,6 +413,15 @@ func (db *MySQLDb) LoadData(ctx *sql.Context, buf []byte) (err error) {
 		ed.PutReplicaSourceInfo(replicaSourceInfo)
 	}
 
+	// Load superusers
+	for i := 0; i < serialMySQLDb.SuperUserLength(); i++ {
+		serialUser := new(serial.User)
+		if !serialMySQLDb.SuperUser(serialUser, i) {
+			continue
+		}
+		ed.PutUser(LoadUser(serialUser))
+	}
+
 	// TODO: fill in other tables when they exist
 	return
 }
@@ -508,11 +517,36 @@ func (db *MySQLDb) AddRootAccount() {
 	db.AddSuperUser(ed, "root", "localhost", "")
 }
 
+// AddEphemeralSuperUser adds a new temporary superuser account for the specified username, host,
+// and password. The superuser account will only exist for the lifetime of the server process; once
+// the server is restarted, this superuser account will not be present.
+func (db *MySQLDb) AddEphemeralSuperUser(ed *Editor, username string, host string, password string) {
+	db.SetEnabled(true)
+
+	if len(password) > 0 {
+		hash := sha1.New()
+		hash.Write([]byte(password))
+		s1 := hash.Sum(nil)
+		hash.Reset()
+		hash.Write(s1)
+		s2 := hash.Sum(nil)
+		password = "*" + strings.ToUpper(hex.EncodeToString(s2))
+	}
+
+	if _, ok := ed.GetUser(UserPrimaryKey{
+		Host: host,
+		User: username,
+	}); !ok {
+		addSuperUser(ed, username, host, password, true)
+	}
+}
+
 // AddSuperUser adds the given username and password to the list of accounts. This is a temporary function, which is
 // meant to replace the "auth.New..." functions while the remaining functions are added.
 func (db *MySQLDb) AddSuperUser(ed *Editor, username string, host string, password string) {
 	//TODO: remove this function and the called function
 	db.SetEnabled(true)
+
 	if len(password) > 0 {
 		hash := sha1.New()
 		hash.Write([]byte(password))
@@ -527,7 +561,33 @@ func (db *MySQLDb) AddSuperUser(ed *Editor, username string, host string, passwo
 		Host: host,
 		User: username,
 	}); !ok {
-		addSuperUser(ed, username, host, password)
+		addSuperUser(ed, username, host, password, false)
+	}
+}
+
+// AddLockedSuperUser adds a new superuser with the specified |username|, |host|, and |password|
+// and sets the account to be locked so that it cannot be used to log in.
+func (db *MySQLDb) AddLockedSuperUser(ed *Editor, username string, host string, password string) {
+	user := db.GetUser(ed, username, host, false)
+
+	// If the user doesn't exist yet, create it and lock it
+	if user == nil {
+		db.AddSuperUser(ed, username, host, password)
+		user = db.GetUser(ed, username, host, false)
+		if user == nil {
+			panic("unable to load newly created superuser: " + username)
+		}
+
+		// Lock the account to prevent it being used to log in
+		user.Locked = true
+		ed.PutUser(user)
+	}
+
+	// If the user exists, but isn't a superuser or locked, fix it
+	if user.IsSuperUser == false || user.Locked == false {
+		user.IsSuperUser = true
+		user.Locked = true
+		ed.PutUser(user)
 	}
 }
 
@@ -803,10 +863,12 @@ func (db *MySQLDb) Persist(ctx *sql.Context, ed *Editor) error {
 	var users []*User
 	var superUsers []*User
 	ed.VisitUsers(func(u *User) {
-		if !u.IsSuperUser {
-			users = append(users, u)
-		} else {
-			superUsers = append(superUsers, u)
+		if !u.IsEphemeral {
+			if !u.IsSuperUser {
+				users = append(users, u)
+			} else {
+				superUsers = append(superUsers, u)
+			}
 		}
 	})
 	sort.Slice(users, func(i, j int) bool {

sql/mysql_db/user.go

@@ -36,6 +36,9 @@ type User struct {
 	Attributes          *string
 	Identity            string
 	IsSuperUser         bool
+	// IsEphemeral is true if this user is ephemeral, meaning it will only exist
+	// for the lifetime of the server process and will not be persisted to disk.
+	IsEphemeral bool
 	//TODO: add the remaining fields
 
 	// IsRole is an additional field that states whether the User represents a role or user. In MySQL this must be a

sql/mysql_db/user_table.go

@@ -215,7 +215,7 @@ func init() {
 	}
 }
 
-func addSuperUser(ed *Editor, username string, host string, authString string) {
+func addSuperUser(ed *Editor, username string, host string, authString string, ephemeral bool) {
 	ed.PutUser(&User{
 		User:                username,
 		Host:                host,
@@ -227,6 +227,7 @@ func addSuperUser(ed *Editor, username string, host string, authString string) {
 		Attributes:          nil,
 		IsRole:              false,
 		IsSuperUser:         true,
+		IsEphemeral:         ephemeral,
 	})
 }