File: gr_clone_integration_no_privileges.test

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (145 lines) | stat: -rw-r--r-- 6,457 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
 
################################################################################
# Validate that when a member joins a group, if the recovery user does not have
# clone privileges, recovery by binary logs will be used subsequently.
#
# Test:
# 0. The test requires two servers: M1 and M2.
# 1. Install clone plugin on server1.
#    Create a recovery user without clone privileges.
#    Bootstrap a group on server1.
# 2. Install clone plugin on server2.
#    Restart server with a monitoring process (mysqld_safe) if needed
# 3. Start group replication using the created user credentials
#    GR will attempt to clone a donor but due to the lack of
#    privileges, recovery by binary logs will be used subsequently.
# 4. Cleanup
#

--source include/have_mysqld_monitoring_process.inc
--source include/have_clone_plugin.inc
--source include/force_restart.inc
--let $rpl_privilege_checks_user_grant_option = 1
--source include/set_privilege_checks_user_as_system_user.inc
--source include/have_group_replication_plugin.inc
--let $rpl_skip_group_replication_start= 1
--source include/group_replication.inc

# Validate plugins
--let plugins = CLONE_PLUGIN,GROUP_REPLICATION
--source include/check_plugin_dir.inc

--echo
--echo ############################################################
--echo # 1. Install clone plugin on server1.
--echo #    Create a recovery user without clone privileges.
--echo #    Bootstrap a group on server1.
--let $rpl_connection_name= server1
--source include/rpl_connection.inc

# Install the clone plugin
--replace_result $CLONE_PLUGIN CLONE_PLUGIN
--eval INSTALL PLUGIN clone SONAME '$CLONE_PLUGIN'

# Create a recovery user without clone privileges.
SET SESSION sql_log_bin= 0;
--let $recovery_user= recovery_user
--let $recovery_password= recovery_password
--eval CREATE USER "$recovery_user" IDENTIFIED BY "$recovery_password"
--eval GRANT REPLICATION SLAVE ON *.* TO "$recovery_user"
--eval GRANT GROUP_REPLICATION_STREAM ON *.* TO "$recovery_user"@'%';
FLUSH PRIVILEGES;
SET SESSION sql_log_bin= 1;

# Add some data for recovery
CREATE TABLE t1 (c1 INT NOT NULL PRIMARY KEY) ENGINE=InnoDB;
INSERT INTO t1 VALUES (1);
INSERT INTO t1 VALUES (2);

--source include/start_and_bootstrap_group_replication.inc

--echo
--echo #####################################################################
--echo # 2. Install clone plugin on server2.
--echo #    Restart server with a monitoring process (mysqld_safe) if needed

# Install the clone plugin
--let $rpl_connection_name= server2
--source include/rpl_connection.inc

SET SESSION sql_log_bin= 0;
--eval CREATE USER "$recovery_user" IDENTIFIED BY "$recovery_password"
--eval GRANT GROUP_REPLICATION_STREAM ON *.* TO "$recovery_user"@'%';
FLUSH PRIVILEGES;
SET SESSION sql_log_bin= 1;

--replace_result $CLONE_PLUGIN CLONE_PLUGIN
--eval INSTALL PLUGIN clone SONAME '$CLONE_PLUGIN'

# Deal with server 2 that needs mysql safe
--let $_group_replication_local_address= `SELECT @@GLOBAL.group_replication_local_address`
--let $_group_replication_group_seeds= `SELECT @@GLOBAL.group_replication_group_seeds`
--let $_group_replication_comm_stack= `SELECT @@GLOBAL.group_replication_communication_stack`
--let $plugin_list= $GROUP_REPLICATION
--source include/spawn_monitoring_process.inc

# Configure GR for starting now and after restart
--disable_query_log
--eval SET PERSIST  group_replication_group_name= "$group_replication_group_name"
--eval SET PERSIST  group_replication_local_address= "$_group_replication_local_address"
--eval SET PERSIST  group_replication_group_seeds= "$_group_replication_group_seeds"
--eval SET PERSIST  group_replication_communication_stack= "$_group_replication_comm_stack"
SET PERSIST group_replication_start_on_boot= ON;
--enable_query_log

--echo
--echo #####################################################################
--echo # 3. Start group replication using the created user credentials
--echo #    GR will attempt to clone a donor but due to the lack of
--echo #    privileges, recovery by binary logs will be used subsequently.

--disable_warnings
--eval CHANGE REPLICATION SOURCE TO SOURCE_USER='$recovery_user', SOURCE_PASSWORD='$recovery_password' FOR CHANNEL 'group_replication_recovery'
--enable_warnings

SET GLOBAL group_replication_clone_threshold= 1;
--source include/start_group_replication.inc

--let $assert_text= Clone status must be Failed
--let $assert_cond= [SELECT state="Failed" FROM performance_schema.clone_status] = 1;
--source include/assert.inc

--let $assert_text= Clone error message must be access denied
--let $assert_cond= [SELECT error_message="Clone Donor Error: 1227 : Access denied; you need (at least one of) the BACKUP_ADMIN privilege(s) for this operation." FROM performance_schema.clone_status] = 1;
--source include/assert.inc

--let $diff_tables= server1:test.t1, server2:test.t1
--source include/diff_tables.inc

--echo
--echo ############################################################
--echo # 4. Cleanup.
--let $rpl_connection_name= server2
--source include/rpl_connection.inc

RESET PERSIST IF EXISTS group_replication_group_name;
RESET PERSIST IF EXISTS group_replication_local_address;
RESET PERSIST IF EXISTS group_replication_group_seeds;
RESET PERSIST IF EXISTS group_replication_start_on_boot;
RESET PERSIST IF EXISTS group_replication_communication_stack;

DROP TABLE t1;
--eval DROP USER "$recovery_user"
--source include/rpl_sync.inc

SET SESSION sql_log_bin=0;
call mtr.add_suppression("This member will start distributed recovery using clone. It is due to the number of missing transactions being higher than the configured threshold of 1.");
call mtr.add_suppression("Internal query: CLONE INSTANCE FROM \'recovery_user\'@\'127.0.0.1\':[0-9]+ IDENTIFIED BY \'\\*\\*\\*\\*\\*\' REQUIRE NO SSL; result in error. Error number:*");
call mtr.add_suppression("There was an issue when cloning from another server: Error number: 3862 Error message: Clone Donor Error: 1227 : Access denied; you need \\(at least one of\\) the BACKUP_ADMIN privilege\\(s\\) for this operation.");
call mtr.add_suppression("Due to some issue on the previous step distributed recovery is now executing: Incremental Recovery");
call mtr.add_suppression("Clone removing all user data for provisioning: Started");
call mtr.add_suppression("Clone removing all user data for provisioning: Finished");
SET SESSION sql_log_bin=1;

--source include/clean_monitoring_process.inc

--source include/group_replication_end.inc