feat(mysqldump): warn when foreign keys are missing due to insufficient privileges#1047
Merged
Merged
Conversation
…nt privileges When the dumping user has SELECT on the target database but no privileges on the referenced (parent) tables, MariaDB/MySQL silently filters INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS to zero rows while KEY_COLUMN_USAGE still shows all foreign key columns. The existing fetch joins the two views, so every FK is dropped from the dump without any indication to the user. Compare both counts before the join and emit a warning that names the exact discrepancy and the likely fix (grant SELECT/REFERENCES on the parent tables), so the missing constraints stop being invisible.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The bug
shopware-cli project dumpwas silently omitting all foreign-key constraints from the schema when the connecting user had read-only privileges scoped only to the target database (e.g.GRANT SELECT ON shopware.*). The dump completed successfully withKEYindex entries but noCONSTRAINT … FOREIGN KEY …clauses, producing a schema that imports without referential integrity.Root cause
internal/mysqldump/schema.go::fetchAllForeignKeysbuilds foreign-key metadata by joining twoINFORMATION_SCHEMAviews:These two views apply different privilege filters:
KEY_COLUMN_USAGErows are visible if the user has any privilege on the child table.REFERENTIAL_CONSTRAINTSrows additionally require a privilege on the referenced (parent) table.A user with
SELECTonly on the target schema can see every FK column inKEY_COLUMN_USAGEbut receives zero rows fromREFERENTIAL_CONSTRAINTS. TheJOINtherefore returns nothing, every FK silently disappears from the dump, and the user has no way to know it happened.Reproduced locally against MariaDB 11.8.6 / 12.2.2 with a Shopware schema that has 643 FKs:
rootGRANT SELECT ON db.*onlyThe fix
Before running the FK fetch query, count both sides independently and log a warning if they diverge. The warning quotes both numbers and points at the most likely cause:
Behaviour change:
root): silent, dump unchanged.This is option B from the discussion: surface the issue without restructuring the query. A future change can switch to a
LEFT JOINthat emits FKs withoutON DELETE/ON UPDATErules whenrcrows are inaccessible.Test plan
go test ./internal/mysqldump/...— all green; sqlmock expectations updated to cover the two new count queries.go vet ./internal/mysqldump/— clean.rootagainst MariaDB 11.8.6 → no warning, 643 FKs in output.GRANT SELECT ON db.*user → warning fires with the correct numbers, dump still completes.