Commit 80130f26 authored by Alexander Barkov's avatar Alexander Barkov

Adding secutiry tests for TABLE_TYPE=MySQL

modified:
  mysql-test/suite/connect/r/mysql.result
  mysql-test/suite/connect/t/mysql.test
parent eedea4dd
#
# Testing FILE privilege
#
GRANT ALL PRIVILEGES ON *.* TO user@localhost;
REVOKE FILE ON *.* FROM user@localhost;
SELECT user();
user()
user@localhost
CREATE TABLE t1 (a INT NOT NULL) ENGINE=CONNECT TABLE_TYPE=MySQL OPTION_LIST='host=localhost,user=root1,port=$PORT';
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
SELECT user();
user()
root@localhost
CREATE TABLE t1remote (a INT NOT NULL);
INSERT INTO t1remote VALUES (10),(20),(30);
CREATE TABLE t1 (a INT NOT NULL) ENGINE=CONNECT TABLE_TYPE=MySQL TABNAME=t1remote OPTION_LIST='host=localhost,user=root,port=$PORT';
SELECT * FROM t1;
a
10
20
30
SELECT user();
user()
user@localhost
SELECT * FROM t1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
INSERT INTO t1 VALUES ('xxx');
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
DELETE FROM t1 WHERE a='xxx';
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
UPDATE t1 SET a='yyy' WHERE a='xxx';
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
TRUNCATE TABLE t1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
ALTER TABLE t1 READONLY=1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
CREATE VIEW v1 AS SELECT * FROM t1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
# Testing a VIEW created with FILE privileges but accessed with no FILE
SELECT user();
user()
root@localhost
CREATE VIEW v1 AS SELECT * FROM t1;
SELECT user();
user()
user@localhost
SELECT * FROM v1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
INSERT INTO v1 VALUES (2);
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
UPDATE v1 SET a=123;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
DELETE FROM v1;
ERROR 28000: Access denied for user 'user'@'localhost' (using password: NO)
SELECT user();
user()
root@localhost
DROP VIEW v1;
DROP TABLE t1, t1remote;
DROP USER user@localhost;
#
# Testing FILE privileges done
#
CREATE TABLE t1 (a int, b char(10)); CREATE TABLE t1 (a int, b char(10));
INSERT INTO t1 VALUES (NULL,NULL),(0,'test00'),(1,'test01'),(2,'test02'),(3,'test03'); INSERT INTO t1 VALUES (NULL,NULL),(0,'test00'),(1,'test01'),(2,'test02'),(3,'test03');
SELECT * FROM t1; SELECT * FROM t1;
......
...@@ -14,6 +14,63 @@ if (!`SELECT count(*) FROM INFORMATION_SCHEMA.TABLES ...@@ -14,6 +14,63 @@ if (!`SELECT count(*) FROM INFORMATION_SCHEMA.TABLES
DROP TABLE t1; DROP TABLE t1;
--enable_query_log --enable_query_log
--echo #
--echo # Testing FILE privilege
--echo #
GRANT ALL PRIVILEGES ON *.* TO user@localhost;
REVOKE FILE ON *.* FROM user@localhost;
--connect(user,localhost,user,,)
--connection user
SELECT user();
--error ER_ACCESS_DENIED_ERROR
CREATE TABLE t1 (a INT NOT NULL) ENGINE=CONNECT TABLE_TYPE=MySQL OPTION_LIST='host=localhost,user=root1,port=$PORT';
--connection default
SELECT user();
CREATE TABLE t1remote (a INT NOT NULL);
INSERT INTO t1remote VALUES (10),(20),(30);
CREATE TABLE t1 (a INT NOT NULL) ENGINE=CONNECT TABLE_TYPE=MySQL TABNAME=t1remote OPTION_LIST='host=localhost,user=root,port=$PORT';
SELECT * FROM t1;
--connection user
SELECT user();
--error ER_ACCESS_DENIED_ERROR
SELECT * FROM t1;
--error ER_ACCESS_DENIED_ERROR
INSERT INTO t1 VALUES ('xxx');
--error ER_ACCESS_DENIED_ERROR
DELETE FROM t1 WHERE a='xxx';
--error ER_ACCESS_DENIED_ERROR
UPDATE t1 SET a='yyy' WHERE a='xxx';
--error ER_ACCESS_DENIED_ERROR
TRUNCATE TABLE t1;
--error ER_ACCESS_DENIED_ERROR
ALTER TABLE t1 READONLY=1;
--error ER_ACCESS_DENIED_ERROR
CREATE VIEW v1 AS SELECT * FROM t1;
--echo # Testing a VIEW created with FILE privileges but accessed with no FILE
--connection default
SELECT user();
CREATE VIEW v1 AS SELECT * FROM t1;
--connection user
SELECT user();
--error ER_ACCESS_DENIED_ERROR
SELECT * FROM v1;
--error ER_ACCESS_DENIED_ERROR
INSERT INTO v1 VALUES (2);
--error ER_ACCESS_DENIED_ERROR
UPDATE v1 SET a=123;
--error ER_ACCESS_DENIED_ERROR
DELETE FROM v1;
--disconnect user
--connection default
SELECT user();
DROP VIEW v1;
DROP TABLE t1, t1remote;
DROP USER user@localhost;
--echo #
--echo # Testing FILE privileges done
--echo #
# TODO: remote VARCHAR is displayed as CHAR # TODO: remote VARCHAR is displayed as CHAR
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment