Commit 419ae6cb authored by unknown's avatar unknown

Bug #14875: Bad view DEFINER makes SHOW CREATE VIEW fail

When reading a view definition from a .frm file it was
throwing a SQL error if the DEFINER user is not defined.
Changed it to a warning to match the (documented) case
when a view with undefined DEFINER user is created.


mysql-test/r/view_grant.result:
  test case for the bug
mysql-test/t/view_grant.test:
  test case for the bug
sql/sql_acl.cc:
  Initialized the members to no privileges so even if
  the subsequent checks fail it will still initialize
  the security context.
sql/table.cc:
  Turned the error of undefined DEFINER user in reading 
  a view definition to a warning.
parent 48fe5a2d
......@@ -533,3 +533,18 @@ View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`some_user`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select 1 AS `1`
drop view v1;
drop view v2;
CREATE TABLE t1 (a INT PRIMARY KEY);
INSERT INTO t1 VALUES (1), (2), (3);
CREATE DEFINER = 'no-such-user'@localhost VIEW v AS SELECT a from t1;
Warnings:
Note 1449 There is no 'no-such-user'@'localhost' registered
SHOW CREATE VIEW v;
View Create View
v CREATE ALGORITHM=UNDEFINED DEFINER=`no-such-user`@`localhost` SQL SECURITY DEFINER VIEW `v` AS select `t1`.`a` AS `a` from `t1`
Warnings:
Note 1449 There is no 'no-such-user'@'localhost' registered
SELECT * FROM v;
ERROR HY000: There is no 'no-such-user'@'localhost' registered
DROP VIEW v;
DROP TABLE t1;
USE test;
......@@ -712,3 +712,17 @@ show create view v1;
show create view v2;
drop view v1;
drop view v2;
#
# BUG#14875: Bad view DEFINER makes SHOW CREATE VIEW fail
#
CREATE TABLE t1 (a INT PRIMARY KEY);
INSERT INTO t1 VALUES (1), (2), (3);
CREATE DEFINER = 'no-such-user'@localhost VIEW v AS SELECT a from t1;
--warning 1448
SHOW CREATE VIEW v;
--error 1449
SELECT * FROM v;
DROP VIEW v;
DROP TABLE t1;
USE test;
......@@ -959,6 +959,8 @@ bool acl_getroot_no_password(Security_context *sctx, char *user, char *host,
sctx->master_access= 0;
sctx->db_access= 0;
sctx->priv_user= (char *) "";
*sctx->priv_host= 0;
/*
Find acl entry in user database.
......
......@@ -2427,11 +2427,21 @@ bool st_table_list::prepare_view_securety_context(THD *thd)
definer.host.str,
definer.host.str,
thd->db))
{
if (thd->lex->sql_command == SQLCOM_SHOW_CREATE)
{
push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_NOTE,
ER_NO_SUCH_USER,
ER(ER_NO_SUCH_USER),
definer.user.str, definer.host.str);
}
else
{
my_error(ER_NO_SUCH_USER, MYF(0), definer.user.str, definer.host.str);
DBUG_RETURN(TRUE);
}
}
}
DBUG_RETURN(FALSE);
}
#endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment