merge

configure.in:
  Auto merged

Docs/manual.texi

@@ -35217,6 +35217,9 @@ In other words, you can't access the values of the old row from a
 @code{REPLACE} statement.  In some old MySQL versions it appeared that
 you could do this, but that was a bug that has been corrected.
 
+To be able to use @code{REPLACE} you must have @code{INSERT} and
+@code{DELETE} privileges for the table.
+
 When you use a @code{REPLACE} command, @code{mysql_affected_rows()}
 will return 2 if the new row replaced an old row.  This is because
 one row was inserted and then the duplicate was deleted.
@@ -50830,6 +50833,8 @@ Fixed some @code{ORDER BY ... DESC} problems with InnoDB.
 Fixed an inadvertently changed option (@code{--ignore-space}) back to the
 original @code{--ignore-spaces} in @code{mysqlclient}. (Both syntaxes will
 work).
+@item
+Don't require @code{UPDATE} privilege when using @code{REPLACE}.
 @end itemize
 
 @node News-4.0.4, News-4.0.3, News-4.0.5, News-4.0.x

sql/sql_parse.cc

@@ -1878,10 +1878,10 @@ mysql_execute_command(void)
 		       lex->lock_option);
     break;
   case SQLCOM_REPLACE:
-    if (check_access(thd,INSERT_ACL | UPDATE_ACL | DELETE_ACL,
+    if (check_access(thd,INSERT_ACL | DELETE_ACL,
 		     tables->db,&tables->grant.privilege))
       goto error; /* purecov: inspected */
-    if (grant_option && check_grant(thd,INSERT_ACL | UPDATE_ACL | DELETE_ACL,
+    if (grant_option && check_grant(thd,INSERT_ACL | DELETE_ACL,
 				    tables))
 
       goto error;
@@ -1899,7 +1899,7 @@ mysql_execute_command(void)
     */
     {
       ulong privilege= (lex->sql_command == SQLCOM_INSERT_SELECT ?
-			INSERT_ACL : INSERT_ACL | UPDATE_ACL | DELETE_ACL);
+			INSERT_ACL : INSERT_ACL | DELETE_ACL);
       TABLE_LIST *save_next=tables->next;
       tables->next=0;
       if (check_access(thd, privilege,