Merge pull request #10146 from dolthub/elian/7628b

dolthub/dolt#7628: Amend `dolt_backup` DoltgresSQL privilege check for server only

go/libraries/doltcore/sqle/dprocedures/dolt_backup.go

@@ -65,20 +65,21 @@ func doltBackup(ctx *sql.Context, args ...string) (sql.RowIter, error) {
 		return nil, err
 	}
 
-	// TODO(elianddb): DoltgreSQL needs an auth handler for stored procedures, i.e. AuthType_CALL, but for now we use
-	//  this. dolt_backup already requires admin privilege on GMS due to its potentially destructive nature.
-	privileges, counter := ctx.GetPrivilegeSet()
-	if counter == 0 || !privileges.Has(sql.PrivilegeType_Super) {
-		return nil, sql.ErrPrivilegeCheckFailed.New(ctx.Session.Client().User)
-	}
-
 	apr, err := cli.CreateBackupArgParser().Parse(args)
 	if err != nil {
 		return nil, err
 	}
 
-	if sqlserver.RunningInServerMode() && apr.ContainsAny(cli.AwsParams...) {
-		return nil, fmt.Errorf("AWS parameters are unavailable when running in server mode")
+	if sqlserver.RunningInServerMode() {
+		// TODO(elianddb): DoltgreSQL needs an auth handler for stored procedures, i.e. AuthType_CALL, but for now we use
+		//  this. dolt_backup already requires admin privilege on GMS due to its potentially destructive nature.
+		privileges, counter := ctx.GetPrivilegeSet()
+		if counter == 0 || !privileges.Has(sql.PrivilegeType_Super) {
+			return nil, sql.ErrPrivilegeCheckFailed.New(ctx.Session.Client().User)
+		}
+		if apr.ContainsAny(cli.AwsParams...) {
+			return nil, fmt.Errorf("AWS parameters are unavailable when running in server mode")
+		}
 	}
 
 	if apr.NArg() == 0 || (apr.NArg() == 1 && apr.Contains(cli.VerboseFlag)) {

go/libraries/doltcore/sqle/enginetest/dolt_engine_test.go

@@ -2201,3 +2201,36 @@ func TestBranchActivity(t *testing.T) {
 	defer h.Close()
 	RunBranchActivityTests(t, h)
 }
+
+// TestDriverExecution verifies that queries work in dolt driver, where the MySQLDb is not initialized.
+func TestDriverExecution(t *testing.T) {
+	h := newDoltHarness(t)
+	h.UseLocalFileSystem()
+	defer h.Close()
+
+	engine, err := h.NewEngine(t)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer engine.Close()
+
+	// Simulate driver environment. The MySQLDb is initialized but with no users (not even root). The context user is
+	// "root" still though. This mimics the dolthub/driver initialization of the engine (no PrivFilePath provided).
+	engine.EngineAnalyzer().Catalog.MySQLDb = mysql_db.CreateEmptyMySQLDb()
+	ctx := enginetest.NewContextWithClient(h, sql.Client{
+		User:    "root",
+		Address: "localhost",
+	})
+
+	q := "call dolt_backup('add', 'backup1', 'file:///tmp/backup1');"
+	enginetest.TestQueryWithContext(t, ctx, engine, h, q, []sql.Row{{0}}, nil, nil, nil)
+
+	q = "select name from dolt_backups where name = 'backup1'"
+	enginetest.TestQueryWithContext(t, ctx, engine, h, q, []sql.Row{{"backup1"}}, nil, nil, nil)
+
+	q = "call dolt_backup('sync-url', 'file:///tmp/backup_sync_url');"
+	enginetest.TestQueryWithContext(t, ctx, engine, h, q, []sql.Row{{0}}, nil, nil, nil)
+
+	q = "call dolt_backup('remove', 'backup1');"
+	enginetest.TestQueryWithContext(t, ctx, engine, h, q, []sql.Row{{0}}, nil, nil, nil)
+}

integration-tests/mysql-client-tests/Dockerfile

@@ -80,7 +80,7 @@ RUN pyinstaller --onefile --collect-all mysql.connector sqlalchemy-test.py
 RUN pyinstaller --onefile --collect-all mysql.connector mysql-connector-test.py
 RUN pyinstaller --onefile mariadb-connector-test.py
 
-FROM elixir:1.18-slim AS elixir_clients_build
+FROM elixir:1.18.3-slim AS elixir_clients_build
 RUN apt-get update && apt-get install -y ca-certificates xz-utils curl && rm -rf /var/lib/apt/lists/*
 RUN curl -sSL https://ziglang.org/download/0.14.1/zig-x86_64-linux-0.14.1.tar.xz | tar -xJ
 ENV PATH="/zig-x86_64-linux-0.14.1:${PATH}"