Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
5dc804c3
Commit
5dc804c3
authored
Nov 01, 2022
by
Sergei Golubchik
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
MDEV-29752 SHOW GRANTS for PUBLIC should work for all users
parent
00c56e1c
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
52 additions
and
2 deletions
+52
-2
mysql-test/main/public_privileges.result
mysql-test/main/public_privileges.result
+23
-0
mysql-test/main/public_privileges.test
mysql-test/main/public_privileges.test
+27
-0
sql/sql_acl.cc
sql/sql_acl.cc
+2
-2
No files found.
mysql-test/main/public_privileges.result
View file @
5dc804c3
...
@@ -319,3 +319,26 @@ drop database testdb1;
...
@@ -319,3 +319,26 @@ drop database testdb1;
# clean up
# clean up
delete from mysql.global_priv where user="PUBLIC";
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
flush privileges;
#
# MDEV-29752 SHOW GRANTS FOR PUBLIC should work for all users
#
create database dbtest;
create user `testuser`@`%`;
GRANT USAGE ON *.* TO `testuser`@`%`;
GRANT ALL PRIVILEGES ON `dbtest`.* TO `PUBLIC`;
connect testuser,localhost,testuser,,;
show grants for public;
Grants for PUBLIC
GRANT ALL PRIVILEGES ON `dbtest`.* TO PUBLIC
show grants for testuser;
Grants for testuser@%
GRANT USAGE ON *.* TO `testuser`@`%`
connection default;
disconnect testuser;
REVOKE ALL PRIVILEGES ON `dbtest`.* FROM `PUBLIC`;
REVOKE USAGE ON *.* FROM `testuser`@`%`;
drop user `testuser`@`%`;
drop database dbtest;
# clean up
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
mysql-test/main/public_privileges.test
View file @
5dc804c3
...
@@ -380,3 +380,30 @@ drop database testdb1;
...
@@ -380,3 +380,30 @@ drop database testdb1;
--
echo
# clean up
--
echo
# clean up
delete
from
mysql
.
global_priv
where
user
=
"PUBLIC"
;
delete
from
mysql
.
global_priv
where
user
=
"PUBLIC"
;
flush
privileges
;
flush
privileges
;
--
echo
#
--
echo
# MDEV-29752 SHOW GRANTS FOR PUBLIC should work for all users
--
echo
#
create
database
dbtest
;
create
user
`testuser`
@
`%`
;
GRANT
USAGE
ON
*.*
TO
`testuser`
@
`%`
;
GRANT
ALL
PRIVILEGES
ON
`dbtest`
.*
TO
`PUBLIC`
;
connect
(
testuser
,
localhost
,
testuser
,,);
show
grants
for
public
;
show
grants
for
testuser
;
connection
default
;
disconnect
testuser
;
REVOKE
ALL
PRIVILEGES
ON
`dbtest`
.*
FROM
`PUBLIC`
;
REVOKE
USAGE
ON
*.*
FROM
`testuser`
@
`%`
;
drop
user
`testuser`
@
`%`
;
drop
database
dbtest
;
--
echo
# clean up
delete
from
mysql
.
global_priv
where
user
=
"PUBLIC"
;
flush
privileges
;
sql/sql_acl.cc
View file @
5dc804c3
...
@@ -7726,7 +7726,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke)
...
@@ -7726,7 +7726,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke)
if
(
has_auth
(
user
,
thd
->
lex
))
if
(
has_auth
(
user
,
thd
->
lex
))
DBUG_ASSERT
(
!
grantee
);
DBUG_ASSERT
(
!
grantee
);
else
if
(
!
grantee
)
else
if
(
!
grantee
&&
!
user
->
is_public
)
grantee
=
find_user_exact
(
hostname
.
str
,
username
.
str
);
grantee
=
find_user_exact
(
hostname
.
str
,
username
.
str
);
if
(
!
grantee
&&
!
revoke
)
if
(
!
grantee
&&
!
revoke
)
...
@@ -9464,7 +9464,7 @@ bool get_show_user(THD *thd, LEX_USER *lex_user, const char **username,
...
@@ -9464,7 +9464,7 @@ bool get_show_user(THD *thd, LEX_USER *lex_user, const char **username,
if
(
lex_user
->
is_role
())
if
(
lex_user
->
is_role
())
{
{
*
rolename
=
lex_user
->
user
.
str
;
*
rolename
=
lex_user
->
user
.
str
;
do_check_access
=
strcmp
(
*
rolename
,
sctx
->
priv_role
);
do_check_access
=
!
lex_user
->
is_public
&&
strcmp
(
*
rolename
,
sctx
->
priv_role
);
}
}
else
else
{
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment