MDEV-9940 CREATE ROLE blocked by password validation plugin

4db2ebb1 · Sergei Golubchik · 357f4d83 · 4db2ebb1 · 4db2ebb1 · 4db2ebb1
Commit 4db2ebb1 authored Apr 30, 2016 by Sergei Golubchik
3 changed files
--- a/mysql-test/suite/plugins/r/simple_password_check.result
+++ b/mysql-test/suite/plugins/r/simple_password_check.result
@@ -147,6 +147,8 @@ grant select on *.* to foo2 identified with mysql_old_password using '2222222222
 drop user foo2;
 set global strict_password_validation=1;
 drop user foo1;
+create role r1;
+drop role r1;
 uninstall plugin simple_password_check;
 create user foo1 identified by 'pwd';
 drop user foo1;
--- a/mysql-test/suite/plugins/t/simple_password_check.test
+++ b/mysql-test/suite/plugins/t/simple_password_check.test
@@ -103,6 +103,12 @@ drop user foo2;
 set global strict_password_validation=1;
 drop user foo1;

+#
+# MDEV-9940 CREATE ROLE blocked by password validation plugin
+#
+create role r1;
+drop role r1;
+
 uninstall plugin simple_password_check;

 create user foo1 identified by 'pwd';

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3458,7 +3458,7 @@ static int replace_user_table(THD *thd, TABLE *table, LEX_USER &combo,
  }

  if (!old_row_exists || combo.pwtext.length || combo.pwhash.length)
-    if (validate_password(&combo))
+    if (!handle_as_role && validate_password(&combo))
      goto end;

  /* Update table columns with new privileges */