Commit 66036157 authored by unknown's avatar unknown

Bug#25482 GRANT statements are not replicated if you use "replicate-ignore-table"

 - GRANT and REVOKE statments didn't have the "updating" flag set and
   thus statements with a table specified would not replicate if
   slave filtering rules where turned on.
   For example "GRANT ... ON test.t1 TO ..." would not replicate.


mysql-test/r/rpl_ignore_table.result:
  Add test results
mysql-test/t/rpl_ignore_table.test:
  Add tests
sql/sql_yacc.yy:
  Pass option TL_OPTION_UPDATING to 'add_table_to_list' when parsing a
  GRANT or REVOKE and a table specifier is found. This will set the
  property "updating" on the table and thus the slave filtering rules will 
  be applied.
  
  Without setting updating the statement will be not
  replicated - since "it's not updating anything" - an optimization
  to quickly skip SELECT's and similar.
parent 9d5a4734
...@@ -14,3 +14,106 @@ SELECT * FROM t4; ...@@ -14,3 +14,106 @@ SELECT * FROM t4;
a a
DROP TABLE t1; DROP TABLE t1;
DROP TABLE t4; DROP TABLE t4;
**** Test case for BUG#25482 ****
**** Adding GRANTS on master ****
create table test.t1(a int);
create table test.t4(a int);
GRANT SELECT ON test.t1 TO mysqltest1@localhost;
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
GRANT select, update, insert, references on t1
to mysqltest2@localhost;
GRANT SELECT ON test.* TO mysqltest3@localhost;
GRANT INSERT ON test.t4 TO mysqltest3@localhost;
GRANT select(a), update(a), insert(a), references(a) on t4
to mysqltest3@localhost;
create database mysqltest2;
create table mysqltest2.t2 (id int);
GRANT SELECT ON mysqltest2.t2 TO mysqltest4@localhost IDENTIFIED BY 'pass';
insert into mysql.user (user, host) values ("mysqltest5", "somehost");
GRANT SELECT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON test.* TO mysqltest6@localhost;
GRANT INSERT ON test.t1 TO mysqltest6@localhost;
show grants for mysqltest1@localhost;
Grants for mysqltest1@localhost
GRANT USAGE ON *.* TO 'mysqltest1'@'localhost'
GRANT SELECT ON `test`.`t1` TO 'mysqltest1'@'localhost'
show grants for mysqltest2@localhost;
Grants for mysqltest2@localhost
GRANT USAGE ON *.* TO 'mysqltest2'@'localhost'
GRANT SELECT, INSERT, UPDATE, REFERENCES ON `test`.`t1` TO 'mysqltest2'@'localhost'
GRANT INSERT ON `test`.`t4` TO 'mysqltest2'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT SELECT (a), INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
GRANT SELECT ON `mysqltest2`.`t2` TO 'mysqltest4'@'localhost'
show grants for mysqltest6@localhost;
Grants for mysqltest6@localhost
GRANT SELECT, INSERT ON *.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.`t1` TO 'mysqltest6'@'localhost'
flush privileges;
show grants for mysqltest5@somehost;
Grants for mysqltest5@somehost
GRANT USAGE ON *.* TO 'mysqltest5'@'somehost'
**** Checking grants on slave ****
show grants for mysqltest2@localhost;
Grants for mysqltest2@localhost
GRANT USAGE ON *.* TO 'mysqltest2'@'localhost'
GRANT INSERT ON `test`.`t4` TO 'mysqltest2'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT SELECT (a), INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
GRANT SELECT ON `mysqltest2`.`t2` TO 'mysqltest4'@'localhost'
show grants for mysqltest5@somehost;
Grants for mysqltest5@somehost
GRANT USAGE ON *.* TO 'mysqltest5'@'somehost'
show grants for mysqltest6@localhost;
Grants for mysqltest6@localhost
GRANT SELECT, INSERT ON *.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.* TO 'mysqltest6'@'localhost'
show grants for mysqltest1@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest1' on host 'localhost'
**** Revoking grants on master ****
REVOKE SELECT ON test.t1 FROM mysqltest1@localhost;
REVOKE SELECT ON mysqltest2.t2 FROM mysqltest4@localhost;
REVOKE select(a) on t4
from mysqltest3@localhost;
show grants for mysqltest1@localhost;
Grants for mysqltest1@localhost
GRANT USAGE ON *.* TO 'mysqltest1'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
**** Checking grants on slave ****
show grants for mysqltest1@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest1' on host 'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
drop table t1, t4, mysqltest2.t2;
drop database mysqltest2;
delete from mysql.user where user like "mysqltest%";
delete from mysql.db where user like "mysqltest%";
delete from mysql.tables_priv where user like "mysqltest%";
delete from mysql.columns_priv where user like "mysqltest%";
...@@ -26,3 +26,101 @@ SELECT * FROM t4; ...@@ -26,3 +26,101 @@ SELECT * FROM t4;
connection master; connection master;
DROP TABLE t1; DROP TABLE t1;
DROP TABLE t4; DROP TABLE t4;
#
# Bug#25482 GRANT statements are not replicated if
# you use "replicate-ignore-table"
#
--echo **** Test case for BUG#25482 ****
--echo **** Adding GRANTS on master ****
connection master;
create table test.t1(a int);
create table test.t4(a int);
# Simple user that should not replicate
GRANT SELECT ON test.t1 TO mysqltest1@localhost;
# Partial replicate
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
GRANT select, update, insert, references on t1
to mysqltest2@localhost;
# Partial replicate 2
GRANT SELECT ON test.* TO mysqltest3@localhost;
GRANT INSERT ON test.t4 TO mysqltest3@localhost;
GRANT select(a), update(a), insert(a), references(a) on t4
to mysqltest3@localhost;
# Create another database and table
create database mysqltest2;
create table mysqltest2.t2 (id int);
# Create a grant that should replicate
GRANT SELECT ON mysqltest2.t2 TO mysqltest4@localhost IDENTIFIED BY 'pass';
# Create a grant manually
insert into mysql.user (user, host) values ("mysqltest5", "somehost");
# Partial replicate 3 with *.*
GRANT SELECT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON test.* TO mysqltest6@localhost;
GRANT INSERT ON test.t1 TO mysqltest6@localhost;
show grants for mysqltest1@localhost;
show grants for mysqltest2@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
show grants for mysqltest6@localhost;
flush privileges;
show grants for mysqltest5@somehost;
sync_slave_with_master;
--echo **** Checking grants on slave ****
# Check that grants are replicated to slave
show grants for mysqltest2@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
show grants for mysqltest5@somehost;
show grants for mysqltest6@localhost;
# mysqltest1 should not be on slave
--error 1141
show grants for mysqltest1@localhost;
--echo **** Revoking grants on master ****
connection master;
REVOKE SELECT ON test.t1 FROM mysqltest1@localhost;
REVOKE SELECT ON mysqltest2.t2 FROM mysqltest4@localhost;
REVOKE select(a) on t4
from mysqltest3@localhost;
show grants for mysqltest1@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
sync_slave_with_master;
--echo **** Checking grants on slave ****
# mysqltest1 should not be on slave
--error 1141
show grants for mysqltest1@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
# Cleanup
connection master;
drop table t1, t4, mysqltest2.t2;
drop database mysqltest2;
delete from mysql.user where user like "mysqltest%";
delete from mysql.db where user like "mysqltest%";
delete from mysql.tables_priv where user like "mysqltest%";
delete from mysql.columns_priv where user like "mysqltest%";
sync_slave_with_master;
...@@ -5926,7 +5926,8 @@ opt_table: ...@@ -5926,7 +5926,8 @@ opt_table:
| table_ident | table_ident
{ {
LEX *lex=Lex; LEX *lex=Lex;
if (!lex->current_select->add_table_to_list(lex->thd, $1,NULL,0)) if (!lex->current_select->add_table_to_list(lex->thd, $1,NULL,
TL_OPTION_UPDATING))
YYABORT; YYABORT;
if (lex->grant == GLOBAL_ACLS) if (lex->grant == GLOBAL_ACLS)
lex->grant = TABLE_ACLS & ~GRANT_ACL; lex->grant = TABLE_ACLS & ~GRANT_ACL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment