Dolt does not support an "anonymous user" #4090
Description
According to the MySQL docs, if there is a user with an empty string it will match any user.
https://dev.mysql.com/doc/refman/8.0/en/account-names.html
The user name part of an account name is either a nonblank value that literally matches the user name for incoming connection attempts, or a blank value (the empty string) that matches any user name. An account with a blank user name is an anonymous user. To specify an anonymous user in SQL statements, use a quoted empty user name part, such as ''@'localhost'.
In Dolt, this does not work:
test $ mysql -h 127.0.0.1 --database test -upwned
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 5.7.9-Vitess
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [test]> grant all on *.* to ''@'%';
Query OK, 0 rows affected (0.001 sec)
MySQL [test]> select user,host from mysql.user;
+-------+------+
| User | Host |
+-------+------+
| pwned | % |
| | % |
+-------+------+
2 rows in set (0.001 sec)
MySQL [test]> drop user 'pwned'@'%';
Query OK, 0 rows affected (0.001 sec)
MySQL [test]> exit
Then try logging in...
test $ mysql -h 127.0.0.1 --database test
ERROR 1045 (28000): User not found 'timsehn'
test $ mysql -h 127.0.0.1 --database test -u
mysql: option '-u' requires an argument
test $ mysql -h 127.0.0.1 --database test -u''
mysql: option '-u' requires an argument
test $ mysql -h 127.0.0.1 --database test -user=''
ERROR 1045 (28000): User not found 'ser='
test $ mysql -h 127.0.0.1 --database test --user=''
ERROR 1045 (28000): User not found 'timsehn'
test $ mysql -h 127.0.0.1 --database test --user=''@'localhost'
ERROR 1045 (28000): User not found '@localhost'
test $ mysql -h 127.0.0.1 --database test --user="''@'localhost'"
ERROR 1045 (28000): User not found '''@'localhost''
I'm locked out. This could potentially render servers inaccessible since the user expects to have defined no permissions but instead has completely locked everyone out.