Commit bc834b7b authored by Alexander Nozdrin's avatar Alexander Nozdrin

Polish check_grant(): name TABLE_LIST instance "tl", not "table".

This allows to avoid mixing it up with pointer to TABLE object
which will be introduced to this function in one of upcoming
patches.
parent b4badf80
...@@ -4035,7 +4035,8 @@ end: ...@@ -4035,7 +4035,8 @@ end:
bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
bool any_combination_will_do, uint number, bool no_errors) bool any_combination_will_do, uint number, bool no_errors)
{ {
TABLE_LIST *table, *first_not_own_table= thd->lex->first_not_own_table(); TABLE_LIST *tl;
TABLE_LIST *first_not_own_table= thd->lex->first_not_own_table();
Security_context *sctx= thd->security_ctx; Security_context *sctx= thd->security_ctx;
uint i; uint i;
ulong orig_want_access= want_access; ulong orig_want_access= want_access;
...@@ -4052,34 +4053,32 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, ...@@ -4052,34 +4053,32 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
the given table list refers to the list for prelocking (contains tables the given table list refers to the list for prelocking (contains tables
of other queries). For simple queries first_not_own_table is 0. of other queries). For simple queries first_not_own_table is 0.
*/ */
for (i= 0, table= tables; for (i= 0, tl= tables;
i < number && table != first_not_own_table; i < number && tl != first_not_own_table;
table= table->next_global, i++) tl= tl->next_global, i++)
{ {
/* /*
Save a copy of the privileges without the SHOW_VIEW_ACL attribute. Save a copy of the privileges without the SHOW_VIEW_ACL attribute.
It will be checked during making view. It will be checked during making view.
*/ */
table->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL); tl->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL);
} }
mysql_rwlock_rdlock(&LOCK_grant); mysql_rwlock_rdlock(&LOCK_grant);
for (table= tables; for (tl= tables;
table && number-- && table != first_not_own_table; tl && number-- && tl != first_not_own_table;
table= table->next_global) tl= tl->next_global)
{ {
GRANT_TABLE *grant_table; sctx = test(tl->security_ctx) ? tl->security_ctx : thd->security_ctx;
sctx = test(table->security_ctx) ?
table->security_ctx : thd->security_ctx;
const ACL_internal_table_access *access; const ACL_internal_table_access *access=
access= get_cached_table_access(&table->grant.m_internal, get_cached_table_access(&tl->grant.m_internal,
table->get_db_name(), tl->get_db_name(),
table->get_table_name()); tl->get_table_name());
if (access) if (access)
{ {
switch(access->check(orig_want_access, &table->grant.privilege)) switch(access->check(orig_want_access, &tl->grant.privilege))
{ {
case ACL_INTERNAL_ACCESS_GRANTED: case ACL_INTERNAL_ACCESS_GRANTED:
/* /*
...@@ -4103,29 +4102,33 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, ...@@ -4103,29 +4102,33 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
if (!want_access) if (!want_access)
continue; // ok continue; // ok
if (!(~table->grant.privilege & want_access) || if (!(~tl->grant.privilege & want_access) ||
table->is_anonymous_derived_table() || table->schema_table) tl->is_anonymous_derived_table() || tl->schema_table)
{ {
/* /*
It is subquery in the FROM clause. VIEW set table->derived after It is subquery in the FROM clause. VIEW set tl->derived after
table opening, but this function always called before table opening. table opening, but this function always called before table opening.
*/ */
if (!table->referencing_view) if (!tl->referencing_view)
{ {
/* /*
If it's a temporary table created for a subquery in the FROM If it's a temporary table created for a subquery in the FROM
clause, or an INFORMATION_SCHEMA table, drop the request for clause, or an INFORMATION_SCHEMA table, drop the request for
a privilege. a privilege.
*/ */
table->grant.want_privilege= 0; tl->grant.want_privilege= 0;
} }
continue; continue;
} }
if (!(grant_table= table_hash_search(sctx->host, sctx->ip, GRANT_TABLE *grant_table= table_hash_search(sctx->host, sctx->ip,
table->get_db_name(), sctx->priv_user, tl->get_db_name(),
table->get_table_name(), FALSE))) sctx->priv_user,
tl->get_table_name(),
FALSE);
if (!grant_table)
{ {
want_access &= ~table->grant.privilege; want_access &= ~tl->grant.privilege;
goto err; // No grants goto err; // No grants
} }
...@@ -4136,18 +4139,17 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, ...@@ -4136,18 +4139,17 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
if (any_combination_will_do) if (any_combination_will_do)
continue; continue;
table->grant.grant_table=grant_table; // Remember for column test tl->grant.grant_table= grant_table; // Remember for column test
table->grant.version=grant_version; tl->grant.version= grant_version;
table->grant.privilege|= grant_table->privs; tl->grant.privilege|= grant_table->privs;
table->grant.want_privilege= ((want_access & COL_ACLS) tl->grant.want_privilege= ((want_access & COL_ACLS) & ~tl->grant.privilege);
& ~table->grant.privilege);
if (!(~table->grant.privilege & want_access)) if (!(~tl->grant.privilege & want_access))
continue; continue;
if (want_access & ~(grant_table->cols | table->grant.privilege)) if (want_access & ~(grant_table->cols | tl->grant.privilege))
{ {
want_access &= ~(grant_table->cols | table->grant.privilege); want_access &= ~(grant_table->cols | tl->grant.privilege);
goto err; // impossible goto err; // impossible
} }
} }
...@@ -4164,7 +4166,7 @@ err: ...@@ -4164,7 +4166,7 @@ err:
command, command,
sctx->priv_user, sctx->priv_user,
sctx->host_or_ip, sctx->host_or_ip,
table ? table->get_table_name() : "unknown"); tl ? tl->get_table_name() : "unknown");
} }
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment