Permissions / branch control incorrect for branch-qualified database names

[zachmu]

After granting a user all permissions on a DB, they cannot create a commit on a branch when using a branch-qualified db name.

Repro against a fresh dolt sql-server:

% mysql -h 127.0.0.1 -P3306 --ssl-mode=disabled -uroot
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 8.0.33 Dolt

Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database db1;
Query OK, 1 row affected (0.03 sec)

mysql> create user 'testuser' identified by 'password';
Query OK, 0 rows affected (0.01 sec)

mysql> grant all on db1.* to 'testuser'@'%';
Query OK, 0 rows affected (0.01 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)

mysql> exit
Bye
zachmu@zachmu-thinkpad:/c/Users/zachmu% mysql -h 127.0.0.1 -P3306 --ssl-mode=disabled -utestuser -ppassword
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 8.0.33 Dolt

Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use db1;
Database changed
mysql> call dolt_branch('newbranch');
+--------+
| status |
+--------+
|      0 |
+--------+
1 row in set (0.01 sec)

mysql> use db1/newbranch;
Database changed
mysql> create table t1 (a int);
Query OK, 0 rows affected (0.01 sec)

mysql> call dolt_commit('-Am', 'new table');
ERROR 1105 (HY000): command denied to user 'testuser'@'%'
mysql> exit
Bye

Commit works fine with dolt_checkout workflow, which makes me think this is a db name issue with permissions.

zachmu@zachmu-thinkpad:/c/Users/zachmu% mysql -h 127.0.0.1 -P3306 --ssl-mode=disabled -utestuser -ppassword
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 8.0.33 Dolt

Copyright (c) 2000, 2023, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use db1;
Database changed
mysql> call dolt_checkout('newbranch');
+--------+--------------------------------+
| status | message                        |
+--------+--------------------------------+
|      0 | Switched to branch 'newbranch' |
+--------+--------------------------------+
1 row in set (0.00 sec)

mysql> call dolt_commit('-Am', 'new table');
+----------------------------------+
| hash                             |
+----------------------------------+
| vfv5il56vc9jiilrf3o70sg9g27n9amh |
+----------------------------------+
1 row in set (0.01 sec)

mysql> select * from dolt_branch_control;
+----------+-----------+----------+------+-------------+
| database | branch    | user     | host | permissions |
+----------+-----------+----------+------+-------------+
| %        | %         | %        | %    | write       |
| db1      | newbranch | testuser | %    | admin       |
+----------+-----------+----------+------+-------------+

Workaround: GRANT ALL ON *.* instead of ON db1.*, or use dolt_checkout