CREATE ... VALUES ... didn't require INSERT privilege

3fe55fa8 · Sergei Golubchik · 1d35ec1a · 3fe55fa8 · 3fe55fa8 · 3fe55fa8
Commit 3fe55fa8 authored Oct 06, 2022 by Sergei Golubchik
Hide whitespace changes
Inline Side-by-side

Showing with 42 additions and 5 deletions

mysql-test/main/grant3.result mysql-test/main/grant3.result +18 -1

mysql-test/main/grant3.test mysql-test/main/grant3.test +19 -1

sql/sql_parse.cc sql/sql_parse.cc +5 -3

No files found.
--- a/mysql-test/main/grant3.result
+++ b/mysql-test/main/grant3.result
@@ -195,4 +195,21 @@ connection default;
 DROP USER 'user2'@'%';
 DROP DATABASE temp;
 set global sql_mode=default;
-End of 5.0 tests
+#
+# End of 5.0 tests
+#
+create database db1;
+create user foo@localhost;
+grant create on db1.* to foo@localhost;
+connect foo,localhost,foo;
+create temporary table t as values (1),(2),(3);
+use db1;
+create table t1 as select * from test.t;
+ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `db1`.`t1`
+create table t1 as values (1),(2),(3);
+ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `db1`.`t1`
+create table t1 (a int);
+disconnect foo;
+connection default;
+drop user foo@localhost;
+drop database db1;
--- a/mysql-test/main/grant3.test
+++ b/mysql-test/main/grant3.test
@@ -207,7 +207,25 @@ DROP USER 'user2'@'%';
 DROP DATABASE temp;
 set global sql_mode=default;
--echo End of 5.0 tests
+--echo #
+--echo # End of 5.0 tests
+--echo #
+create database db1;
+create user foo@localhost;
+grant create on db1.* to foo@localhost;
+connect foo,localhost,foo;
+create temporary table t as values (1),(2),(3);
+use db1;
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t1 as select * from test.t;
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t1 as values (1),(2),(3);
+create table t1 (a int);
+disconnect foo;
+connection default;
+drop user foo@localhost;
+drop database db1;
 # Wait till we reached the initial number of concurrent sessions
 --source include/wait_until_count_sessions.inc
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -9857,7 +9857,7 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
 {
  LEX *lex= thd->lex;
  SELECT_LEX *select_lex= lex->first_select_lex();
-  ulong want_priv;
+  ulong want_priv= CREATE_ACL;
  bool error= TRUE;                                 // Error message is given
  DBUG_ENTER("create_table_precheck");
@@ -9866,8 +9866,10 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
    CREATE TABLE ... SELECT, also require INSERT.
  */
-  want_priv= lex->tmp_table() ?  CREATE_TMP_ACL :
+  if (lex->tmp_table())
-             (CREATE_ACL | (select_lex->item_list.elements ? INSERT_ACL : 0));
+    want_priv= CREATE_TMP_ACL;
+  else if (select_lex->item_list.elements || select_lex->tvc)
+    want_priv= INSERT_ACL;
  /* CREATE OR REPLACE on not temporary tables require DROP_ACL */
  if (lex->create_info.or_replace() && !lex->tmp_table())