MDEV-33554 Upgrade from 11.2 to 11.3 changes root's privileges

let ALL PRIVILEGES to always mean ALL PRIVILEGES over all upgrades, no matter what new privileges were added in later versions.

MDEV-33554 Upgrade from 11.2 to 11.3 changes root's privileges
let ALL PRIVILEGES to always mean ALL PRIVILEGES over all upgrades, no matter what new privileges were added in later versions.
53a359cf · Sergei Golubchik · ec3d9daf · 53a359cf · 53a359cf · 53a359cf
Commit 53a359cf authored Feb 29, 2024 by Sergei Golubchik
8 changed files
--- a/mysql-test/main/grant_slave_monitor.result
+++ b/mysql-test/main/grant_slave_monitor.result
@@ -46,7 +46,7 @@ insert mysql.global_priv values ('bar', 'foo7', '{"access":274877906943,"version
 flush privileges;
 show grants for foo7@bar;
 Grants for foo7@bar
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `foo7`@`bar` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `foo7`@`bar` WITH GRANT OPTION
 show grants for foo8@bar;
 Grants for foo8@bar
 GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `foo8`@`bar` WITH GRANT OPTION

--- a/mysql-test/main/mysql_upgrade.result
+++ b/mysql-test/main/mysql_upgrade.result
@@ -1906,7 +1906,7 @@ SET DEFAULT ROLE aRole;
 SHOW GRANTS;
 Grants for root@localhost
 GRANT `aRole` TO `root`@`localhost` WITH ADMIN OPTION
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `root`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO `aRole`
 SET DEFAULT ROLE `aRole` FOR `root`@`localhost`
@@ -1914,7 +1914,7 @@ SET DEFAULT ROLE NONE;
 SHOW GRANTS;
 Grants for root@localhost
 GRANT `aRole` TO `root`@`localhost` WITH ADMIN OPTION
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `root`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO `aRole`
 DROP ROLE `aRole`;
@@ -2135,7 +2135,7 @@ SET GLOBAL alter_algorithm=DEFAULT;
 SHOW GLOBAL VARIABLES LIKE 'alter_algorithm';
 Variable_name	Value
 alter_algorithm	DEFAULT
-End of 10.3 tests
+# End of 10.3 tests
 # switching from mysql.global_priv to mysql.user
 drop view mysql.user_bak;
 create user 'user3'@'localhost' identified with mysql_native_password as password('a_password');
@@ -2588,3 +2588,29 @@ mysql.user has data
 SELECT COUNT(*) > 0 AS `mysql.user has data` FROM mysql.user;
 mysql.user has data
 1
+# End of 10.5 tests
+#
+# MDEV-33554 Upgrade from 11.2 to 11.3 changes root's privileges
+#
+alter table mysql.db drop column show_create_routine_priv;
+flush privileges;
+create user foo@bar;
+grant all privileges on mysql.* to foo@bar;
+show grants for foo@bar;
+Grants for foo@bar
+GRANT USAGE ON *.* TO `foo`@`bar`
+GRANT ALL PRIVILEGES ON `mysql`.* TO `foo`@`bar`
+flush privileges;
+show grants for foo@bar;
+Grants for foo@bar
+GRANT USAGE ON *.* TO `foo`@`bar`
+GRANT ALL PRIVILEGES ON `mysql`.* TO `foo`@`bar`
+select show_create_routine_priv from mysql.db where user='foo';
+show_create_routine_priv
+Y
+show grants for foo@bar;
+Grants for foo@bar
+GRANT USAGE ON *.* TO `foo`@`bar`
+GRANT ALL PRIVILEGES ON `mysql`.* TO `foo`@`bar`
+drop user foo@bar;
+# End of 11.3 tests
--- a/mysql-test/main/mysql_upgrade.test
+++ b/mysql-test/main/mysql_upgrade.test
@@ -418,7 +418,7 @@ SET GLOBAL alter_algorithm=DEFAULT;
 SHOW GLOBAL VARIABLES LIKE 'alter_algorithm';
 --remove_file $MYSQLD_DATADIR/mariadb_upgrade_info

--echo End of 10.3 tests
+--echo # End of 10.3 tests

 --source include/switch_to_mysql_user.inc
 drop view mysql.user_bak;
@@ -561,3 +561,25 @@ call mtr.add_suppression("Column count of mysql.proc is wrong. Expected 21, foun

 --let $old_version= 10.4
 --source include/load_dump_and_upgrade.inc
+
+--echo # End of 10.5 tests
+
+--echo #
+--echo # MDEV-33554 Upgrade from 11.2 to 11.3 changes root's privileges
+--echo #
+alter table mysql.db drop column show_create_routine_priv;
+flush privileges;
+create user foo@bar;
+grant all privileges on mysql.* to foo@bar;
+show grants for foo@bar;
+flush privileges;
+show grants for foo@bar;
+
+--exec $MYSQL_UPGRADE --force --silent 2>&1
+--remove_file $MYSQLD_DATADIR/mariadb_upgrade_info
+
+select show_create_routine_priv from mysql.db where user='foo';
+show grants for foo@bar;
+drop user foo@bar;
+
+--echo # End of 11.3 tests
--- a/mysql-test/main/mysql_upgrade_to_100502.result
+++ b/mysql-test/main/mysql_upgrade_to_100502.result
@@ -8,7 +8,7 @@ CREATE USER user_all@localhost;
 GRANT ALL PRIVILEGES ON *.* TO user_all@localhost WITH GRANT OPTION;
 SHOW GRANTS FOR user_all@localhost;
 Grants for user_all@localhost
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `user_all`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `user_all`@`localhost` WITH GRANT OPTION
 CREATE USER user_super@localhost;
 GRANT SUPER ON *.* TO user_super@localhost;
 SHOW GRANTS FOR user_super@localhost;
@@ -56,7 +56,7 @@ FLUSH PRIVILEGES;
 #
 SHOW GRANTS FOR user_all@localhost;
 Grants for user_all@localhost
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `user_all`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `user_all`@`localhost` WITH GRANT OPTION
 #
 # Should automatically get all new 10.5.2 priveleges that were splitted from SUPER
 #

--- a/mysql-test/main/system_mysql_db_error_log.result
+++ b/mysql-test/main/system_mysql_db_error_log.result
@@ -90,11 +90,11 @@ host='localhost' and user='good_version_id_100400';
 FLUSH PRIVILEGES;
 SHOW GRANTS FOR good_version_id_100400@localhost;
 Grants for good_version_id_100400@localhost
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `good_version_id_100400`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `good_version_id_100400`@`localhost` WITH GRANT OPTION
 GRANT REPLICATION MASTER ADMIN ON *.* TO good_version_id_100400@localhost;
 SHOW GRANTS FOR good_version_id_100400@localhost;
 Grants for good_version_id_100400@localhost
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, BINLOG MONITOR, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, DELETE HISTORY, SET USER, FEDERATED ADMIN, CONNECTION ADMIN, READ_ONLY ADMIN, REPLICATION SLAVE ADMIN, REPLICATION MASTER ADMIN, BINLOG ADMIN, BINLOG REPLAY, SLAVE MONITOR ON *.* TO `good_version_id_100400`@`localhost` WITH GRANT OPTION
+GRANT ALL PRIVILEGES ON *.* TO `good_version_id_100400`@`localhost` WITH GRANT OPTION
 DROP USER good_version_id_100400@localhost;
 CREATE USER good_version_id_100500@localhost;
 GRANT SUPER  ON *.* to good_version_id_100500@localhost;

--- a/scripts/mariadb_system_tables_fix.sql
+++ b/scripts/mariadb_system_tables_fix.sql
@@ -705,6 +705,9 @@ ALTER TABLE db change Truncate_versioning_priv Delete_history_priv enum('N','Y')
 SET @had_user_delete_history_priv := 0;
 SELECT @had_user_delete_history_priv :=1 FROM user WHERE Delete_history_priv IS NOT NULL;

+SET @had_show_create_routine := 0;
+SELECT @had_show_create_routine:=1 FROM db WHERE Show_create_routine_priv IS NOT NULL;
+
 ALTER TABLE user add Delete_history_priv enum('N','Y') COLLATE utf8mb3_general_ci NOT NULL DEFAULT 'N' after Create_tablespace_priv;
 ALTER TABLE user modify Delete_history_priv enum('N','Y') COLLATE utf8mb3_general_ci NOT NULL DEFAULT 'N';
 ALTER TABLE db add Delete_history_priv enum('N','Y') COLLATE utf8mb3_general_ci NOT NULL DEFAULT 'N' after Trigger_priv;
@@ -715,6 +718,15 @@ UPDATE user SET Delete_history_priv = Super_priv WHERE @had_user_delete_history_
 ALTER TABLE db ADD    Show_create_routine_priv enum('N','Y') COLLATE utf8mb3_general_ci NOT NULL DEFAULT 'N' AFTER Delete_history_priv;
 ALTER TABLE db MODIFY Show_create_routine_priv enum('N','Y') COLLATE utf8mb3_general_ci NOT NULL DEFAULT 'N';

+UPDATE db SET Show_create_routine_priv='Y' WHERE @had_show_create_routine=0
+  AND Drop_priv='Y' AND Index_priv='Y' AND Alter_priv='Y'
+  AND Event_priv='Y' AND Select_priv='Y' AND Insert_priv='Y'
+  AND Update_priv='Y' AND Delete_priv='Y' AND Create_priv='Y'
+  AND Execute_priv='Y' AND Trigger_priv='Y' AND Show_view_priv='Y'
+  AND References_priv='Y' AND Lock_tables_priv='Y' AND Create_view_priv='Y'
+  AND Alter_routine_priv='Y' AND Create_routine_priv='Y'
+  AND Delete_history_priv='Y' AND Create_tmp_table_priv='Y';
+
 ALTER TABLE user ADD plugin char(64) CHARACTER SET latin1 DEFAULT '' NOT NULL AFTER max_user_connections,
                 ADD authentication_string TEXT NOT NULL AFTER plugin;
 ALTER TABLE user CHANGE auth_string authentication_string TEXT NOT NULL;

--- a/sql/privilege.h
+++ b/sql/privilege.h
@@ -128,7 +128,7 @@ constexpr privilege_t ALL_KNOWN_ACL_100508= ALL_KNOWN_BITS(LAST_100508_ACL);
 constexpr privilege_t ALL_KNOWN_ACL_100509= ALL_KNOWN_ACL_100508;

 // A combination of all bits defined in 11.3.0
-constexpr privilege_t ALL_KNOWN_ACL_110300= ALL_KNOWN_BITS(LAST_110300_ACL);;
+constexpr privilege_t ALL_KNOWN_ACL_110300= ALL_KNOWN_BITS(LAST_110300_ACL);

 // A combination of all bits defined as of the current version
 constexpr privilege_t ALL_KNOWN_ACL= ALL_KNOWN_BITS(LAST_CURRENT_ACL);

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -1071,6 +1071,9 @@ class User_table_tabular: public User_table
    if (access & REPL_SLAVE_ACL)
      access|= SLAVE_MONITOR_ACL;

+    if ((access & ALL_KNOWN_ACL_100304) == ALL_KNOWN_ACL_100304)
+      access|= SHOW_CREATE_ROUTINE_ACL;
+
    return access & GLOBAL_ACLS;
  }

@@ -1584,6 +1587,11 @@ class User_table_json: public User_table
      print_warning_bad_access(version_id, mask, orig_access);
      return NO_ACL;
    }
+
+    // ALL PRIVILEGES always means ALL PRIVILEGES
+    if ((orig_access & mask) == mask)
+      access= ALL_KNOWN_ACL;
+
    return access & ALL_KNOWN_ACL;
  }

@@ -2785,6 +2793,9 @@ static bool acl_load(THD *thd, const Grant_tables& tables)
 	db.access|=REFERENCES_ACL | INDEX_ACL | ALTER_ACL;
    }
 #endif
+    if (db_table.num_fields() <= 23)
+      if ((db.access | SHOW_CREATE_ROUTINE_ACL | GRANT_ACL) == DB_ACLS)
+        db.access|= SHOW_CREATE_ROUTINE_ACL;
    acl_dbs.push(db);
  }
  end_read_record(&read_record_info);
@@ -5039,6 +5050,9 @@ static int replace_db_table(TABLE *table, const char *db,
  }
  rights=get_access(table,3);
  rights=fix_rights_for_db(rights);
+  if (table->s->fields <= 23)
+    if ((rights | SHOW_CREATE_ROUTINE_ACL | GRANT_ACL) == DB_ACLS)
+      rights|= SHOW_CREATE_ROUTINE_ACL;

  if (old_row_exists)
  {