Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

executor, sessionctx: add checks for system variable validate_password_xxxx #8227

Merged
merged 9 commits into from
Nov 26, 2018
Merged

executor, sessionctx: add checks for system variable validate_password_xxxx #8227

merged 9 commits into from
Nov 26, 2018

Conversation

alapha23
Copy link
Contributor

@alapha23 alapha23 commented Nov 7, 2018
edited by c4pt0r
Loading

What problem does this PR solve?

Corresponding to Issue #7195, I added correctness check for system variables: validate_password_number_count, validate_password_special_char_count, validate_password_length, validate_password_mixed_case_count, validate_password_policy.

What is changed and how it works?

Executor and sessionctx are modified according to the framework mentioned in #7117

Tests

  • Unit test

This change is Reviewable

@sre-bot
Copy link
Contributor

sre-bot commented Nov 7, 2018

Hi contributor, thanks for your PR.

This patch needs to be approved by someone of admins. They should reply with "/ok-to-test" to accept this PR for running test automatically.

@shenli shenli added the contribution This PR is from a community contributor. label Nov 7, 2018
@shenli
Copy link
Member

shenli commented Nov 7, 2018

@alapha23 Thanks for your contribution!
Please fix the CI.

@alapha23 alapha23 mentioned this pull request Nov 8, 2018
Merged
@shenli
Copy link
Member

shenli commented Nov 20, 2018

@alapha23 A friendly ping. Any update?

@lysu lysu self-requested a review November 21, 2018 14:29
@lysu
Copy link
Contributor

lysu commented Nov 21, 2018

/run-all-tests

lysu
lysu reviewed Nov 21, 2018
View reviewed changes
go.mod Outdated Show resolved Hide resolved
@lysu
Copy link
Contributor

lysu commented Nov 22, 2018

@alapha23 please fix CI caused by new testcase, thanks

set_test.go:529:
    tk.MustExec("set @@global.validate_password_policy=-1")
/go/src/github.com/pingcap/tidb/util/testkit/testkit.go:167:
    tk.c.Assert(err, check.IsNil, check.Commentf("sql:%s, %v, error stack %v", sql, args, errors.ErrorStack(err)))
... value *errors.withStack = [variable:1231]Variable 'validate_password_policy' can't be set to the value of '-1' ("[variable:1231]Variable 'validate_password_policy' can't be set to the value of '-1'")
... sql:set @@global.validate_password_policy=-1, [], error stack [variable:1231]Variable 'validate_password_policy' can't be set to the value of '-1'

https://dev.mysql.com/doc/refman/8.0/en/validate-password-options-variables.html#sysvar_validate_password_policy

@lysu
Copy link
Contributor

lysu commented Nov 22, 2018

/run-all-tests

@XuHuaiyu XuHuaiyu changed the title Add checks for system variable validate_password_xxxx executor, sessionctx: add checks for system variable validate_password_xxxx Nov 22, 2018
XuHuaiyu
XuHuaiyu reviewed Nov 22, 2018
View reviewed changes
sessionctx/variable/sysvar.go
@@ -269,7 +270,6 @@ var defaultSysVars = []*SysVar{
{ScopeNone, "performance_schema_max_file_classes", "50"},
{ScopeGlobal, "expire_logs_days", "0"},
{ScopeGlobal | ScopeSession, "binlog_rows_query_log_events", "OFF"},
{ScopeGlobal, "validate_password_policy", "1"},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why do we remove this?

Copy link
Contributor Author

@alapha23 alapha23 Nov 22, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to mysql reference, This validate_password plugin system variable is deprecated and will be removed in a future version of MySQL.
So I presume we will not need it in the future. What do you think?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alapha23 I think we can discuss whether to remove these unused variables in another PR. For this PR, let's focused on the validation of validate_password_number_count and validate_password_length.

lysu
lysu reviewed Nov 26, 2018
View reviewed changes
Copy link
Contributor

@lysu lysu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zz-jason
Copy link
Member

@alapha23 pingcap/parser#25 has been merged, could you update go.mod to point to the latest pingcap/parser?

zz-jason
zz-jason reviewed Nov 26, 2018
View reviewed changes
executor/set_test.go
tk.MustQuery("show warnings").Check(testutil.RowsWithSep("|", "Warning|1292|Truncated incorrect validate_password_number_count value: '-1'"))

tk.MustExec("set @@global.validate_password_length=-1")
tk.MustQuery("show warnings").Check(testutil.RowsWithSep("|", "Warning|1292|Truncated incorrect validate_password_length value: '-1'"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's better to add some positive test cases. For example: set @@global.validate_password_number_count=8

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you. I'll do that

Copy link
Contributor Author

@alapha23 alapha23 Nov 26, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am quite confused since reference doesn't set an upper bound on validate_password_number_count, are you suggesting that it is an error when validate_password_number_count=8?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, I mean you can add some following tests:

tk.MustExec("set @@global.validate_password_length=8")
tk.MustQuery("show warnings").Check(testutil.Rows())

@zz-jason zz-jason added the status/LGT1 Indicates that a PR has LGTM 1. label Nov 26, 2018
zz-jason
zz-jason previously approved these changes Nov 26, 2018
View reviewed changes
executor/set_test.go
tk.MustQuery("show warnings").Check(testutil.RowsWithSep("|", "Warning|1292|Truncated incorrect validate_password_number_count value: '-1'"))

tk.MustExec("set @@global.validate_password_length=-1")
tk.MustQuery("show warnings").Check(testutil.RowsWithSep("|", "Warning|1292|Truncated incorrect validate_password_length value: '-1'"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, I mean you can add some following tests:

tk.MustExec("set @@global.validate_password_length=8")
tk.MustQuery("show warnings").Check(testutil.Rows())

@zz-jason zz-jason dismissed their stale review November 26, 2018 11:29

it's a mistake ..

zz-jason
zz-jason reviewed Nov 26, 2018
View reviewed changes
go.mod Outdated
@@ -52,3 +52,5 @@ require (
sourcegraph.com/sourcegraph/appdash v0.0.0-20180531100431-4c381bd170b4
sourcegraph.com/sourcegraph/appdash-data v0.0.0-20151005221446-73f23eafcf67
)

replace github.com/pingcap/parser => github.com/alapha23/parser v0.0.0-20181126070418-f5119577d517
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pingcap/parser#25 is merged, this line should be removed. We should use the latest github.com/pingcap/parser.

zz-jason
zz-jason approved these changes Nov 26, 2018
View reviewed changes
Copy link
Member

@zz-jason zz-jason left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zz-jason zz-jason added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels Nov 26, 2018
@zz-jason zz-jason merged commit 5035e48 into pingcap:master Nov 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@XuHuaiyu XuHuaiyu XuHuaiyu left review comments

@lysu lysu lysu left review comments

@zz-jason zz-jason zz-jason approved these changes

Assignees
No one assigned
Labels
component/server contribution This PR is from a community contributor. status/LGT2 Indicates that a PR has LGTM 2.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@alapha23 @sre-bot @shenli @lysu @zz-jason @XuHuaiyu