Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
ecc3a174
Commit
ecc3a174
authored
Mar 18, 2005
by
heikki@hundin.mysql.fi
Browse files
Options
Browse Files
Download
Plain Diff
Merge heikki@bk-internal.mysql.com:/home/bk/mysql-5.0
into hundin.mysql.fi:/home/heikki/mysql-5.0
parents
544fb398
4ef20658
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
86 additions
and
17 deletions
+86
-17
mysql-test/r/grant2.result
mysql-test/r/grant2.result
+22
-6
mysql-test/t/grant2.test
mysql-test/t/grant2.test
+36
-3
sql/sql_acl.h
sql/sql_acl.h
+2
-0
sql/sql_parse.cc
sql/sql_parse.cc
+26
-8
No files found.
mysql-test/r/grant2.result
View file @
ecc3a174
...
...
@@ -5,6 +5,23 @@ delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option;
create user mysqltest_2@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
ERROR 42000: You must have privileges to update tables in the mysql database to be able to change passwords for others
grant update on mysql.* to mysqltest_1@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
grant select on `my\_1`.* to mysqltest_3@localhost;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant insert on mysql.* to mysqltest_1@localhost;
grant select on `my\_1`.* to mysqltest_3@localhost;
grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass';
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
select current_user();
current_user()
...
...
@@ -13,6 +30,7 @@ select current_user;
current_user
mysqltest_1@localhost
grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
set @@sql_mode='NO_AUTO_CREATE_USER';
...
...
@@ -23,15 +41,13 @@ grant select on `my\_1`.* to mysqltest_4@localhost with grant option;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass'
with grant option;
ERROR 42000:
Access denied for user 'mysqltest_1'@'localhost' to database 'mysql'
ERROR 42000:
'mysqltest_1'@'localhost' is not allowed to create new users
show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
show grants for mysqltest_2@localhost;
Grants for mysqltest_2@localhost
GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
ERROR 42000: There is no such grant defined for user 'mysqltest_2' on host 'localhost'
show grants for mysqltest_3@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
delete from mysql.user where user like 'mysqltest\_%';
...
...
@@ -61,9 +77,9 @@ flush privileges;
create table t1 (a int, b int);
grant select (a) on t1 to mysqltest_1@localhost with grant option;
grant select (a,b) on t1 to mysqltest_2@localhost;
ERROR 42000:
SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'
ERROR 42000:
'mysqltest_1'@'localhost' is not allowed to create new users
grant select on t1 to mysqltest_3@localhost;
ERROR 42000:
SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'
ERROR 42000:
'mysqltest_1'@'localhost' is not allowed to create new users
drop table t1;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
...
...
mysql-test/t/grant2.test
View file @
ecc3a174
...
...
@@ -17,6 +17,36 @@ delete from mysql.columns_priv where user like 'mysqltest\_%';
flush
privileges
;
grant
all
privileges
on
`my\_1`
.*
to
mysqltest_1
@
localhost
with
grant
option
;
create
user
mysqltest_2
@
localhost
;
connect
(
user_a
,
localhost
,
mysqltest_1
,,);
connection
user_a
;
grant
select
on
`my\_1`
.*
to
mysqltest_2
@
localhost
;
--
error
1132
grant
select
on
`my\_1`
.*
to
mysqltest_2
@
localhost
identified
by
'pass'
;
disconnect
user_a
;
connection
default
;
grant
update
on
mysql
.*
to
mysqltest_1
@
localhost
;
connect
(
user_b
,
localhost
,
mysqltest_1
,,);
connection
user_b
;
grant
select
on
`my\_1`
.*
to
mysqltest_2
@
localhost
identified
by
'pass'
;
--
error
1211
grant
select
on
`my\_1`
.*
to
mysqltest_3
@
localhost
;
disconnect
user_b
;
connection
default
;
grant
insert
on
mysql
.*
to
mysqltest_1
@
localhost
;
connect
(
user_c
,
localhost
,
mysqltest_1
,,);
connection
user_c
;
grant
select
on
`my\_1`
.*
to
mysqltest_3
@
localhost
;
grant
select
on
`my\_1`
.*
to
mysqltest_4
@
localhost
identified
by
'pass'
;
disconnect
user_c
;
connection
default
;
delete
from
mysql
.
user
where
user
like
'mysqltest\_%'
;
delete
from
mysql
.
db
where
user
like
'mysqltest\_%'
;
delete
from
mysql
.
tables_priv
where
user
like
'mysqltest\_%'
;
delete
from
mysql
.
columns_priv
where
user
like
'mysqltest\_%'
;
flush
privileges
;
#
# wild_compare fun
#
...
...
@@ -26,9 +56,11 @@ connect (user1,localhost,mysqltest_1,,);
connection
user1
;
select
current_user
();
select
current_user
;
--
error
1211
grant
all
privileges
on
`my\_1`
.*
to
mysqltest_2
@
localhost
with
grant
option
;
--
error
1044
grant
all
privileges
on
`my_%`
.*
to
mysqltest_3
@
localhost
with
grant
option
;
#
# NO_AUTO_CREATE_USER mode
#
...
...
@@ -36,12 +68,13 @@ set @@sql_mode='NO_AUTO_CREATE_USER';
select
@@
sql_mode
;
--
error
1211
grant
select
on
`my\_1`
.*
to
mysqltest_4
@
localhost
with
grant
option
;
--
error
1
044
--
error
1
211
grant
select
on
`my\_1`
.*
to
mysqltest_4
@
localhost
identified
by
'mypass'
with
grant
option
;
disconnect
user1
;
connection
default
;
show
grants
for
mysqltest_1
@
localhost
;
--
error
1141
show
grants
for
mysqltest_2
@
localhost
;
--
error
1141
show
grants
for
mysqltest_3
@
localhost
;
...
...
@@ -83,9 +116,9 @@ create table t1 (a int, b int);
grant
select
(
a
)
on
t1
to
mysqltest_1
@
localhost
with
grant
option
;
connect
(
mrugly
,
localhost
,
mysqltest_1
,,
mysqltest
);
connection
mrugly
;
--
error
1
143
--
error
1
211
grant
select
(
a
,
b
)
on
t1
to
mysqltest_2
@
localhost
;
--
error
1
142
--
error
1
211
grant
select
on
t1
to
mysqltest_3
@
localhost
;
disconnect
mrugly
;
...
...
sql/sql_acl.h
View file @
ecc3a174
...
...
@@ -190,6 +190,8 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table, List <LEX_USER> &user_list,
bool
mysql_procedure_grant
(
THD
*
thd
,
TABLE_LIST
*
table
,
List
<
LEX_USER
>
&
user_list
,
ulong
rights
,
bool
revoke
,
bool
no_error
);
ACL_USER
*
check_acl_user
(
LEX_USER
*
user_name
,
uint
*
acl_acl_userdx
);
my_bool
grant_init
(
THD
*
thd
);
void
grant_free
(
void
);
void
grant_reload
(
THD
*
thd
);
...
...
sql/sql_parse.cc
View file @
ecc3a174
...
...
@@ -3631,18 +3631,36 @@ unsent_create_error:
if
(
thd
->
user
)
// If not replication
{
LEX_USER
*
user
;
uint
counter
;
List_iterator
<
LEX_USER
>
user_list
(
lex
->
users_list
);
while
((
user
=
user_list
++
))
{
if
(
user
->
password
.
str
&&
(
strcmp
(
thd
->
user
,
user
->
user
.
str
)
||
user
->
host
.
str
&&
my_strcasecmp
(
system_charset_info
,
user
->
host
.
str
,
thd
->
host_or_ip
)))
if
(
strcmp
(
thd
->
user
,
user
->
user
.
str
)
||
user
->
host
.
str
&&
my_strcasecmp
(
system_charset_info
,
user
->
host
.
str
,
thd
->
host_or_ip
))
{
if
(
check_access
(
thd
,
UPDATE_ACL
,
"mysql"
,
0
,
1
,
0
))
goto
error
;
break
;
// We are allowed to do changes
// We are trying to update another user, or create a new user
if
(
!
check_access
(
thd
,
GRANT_ACL
,
"mysql"
,
0
,
1
,
1
))
break
;
// We can update any existing, or add new users
if
(
!
check_acl_user
(
user
,
&
counter
)
&&
check_access
(
thd
,
INSERT_ACL
,
"mysql"
,
0
,
1
,
1
))
{
my_error
(
ER_NO_PERMISSION_TO_CREATE_USER
,
MYF
(
0
),
thd
->
user
,
thd
->
host_or_ip
);
goto
error
;
// Can't create new user, user does not exists
}
if
(
check_acl_user
(
user
,
&
counter
)
&&
user
->
password
.
str
&&
check_access
(
thd
,
UPDATE_ACL
,
"mysql"
,
0
,
1
,
1
))
{
my_message
(
ER_PASSWORD_NOT_ALLOWED
,
ER
(
ER_PASSWORD_NOT_ALLOWED
),
MYF
(
0
));
goto
error
;
// Can't update password, user already exists
}
}
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment