SHOW CREATE VIEW (TABLE) privilege now reqiere show create privilege

(BUG#4777) mysql-test/r/view.result: fixed SHOW CREATE VIEW privileges requrements mysql-test/t/view.test: fixed SHOW CREATE VIEW privileges requrements sql/sql_acl.cc: fixed command name

SHOW CREATE VIEW (TABLE) privilege now reqiere show create privilege
(BUG#4777) mysql-test/r/view.result: fixed SHOW CREATE VIEW privileges requrements mysql-test/t/view.test: fixed SHOW CREATE VIEW privileges requrements sql/sql_acl.cc: fixed command name
d700f3bc · unknown · 5c422671 · d700f3bc · d700f3bc · d700f3bc
Commit d700f3bc authored Sep 17, 2004 by unknown
Showing with 24 additions and 20 deletions

mysql-test/r/view.result mysql-test/r/view.result +8 -10

mysql-test/t/view.test mysql-test/t/view.test +8 -6

sql/sql_acl.cc sql/sql_acl.cc +1 -1

sql/sql_view.cc sql/sql_view.cc +7 -3

No files found.
--- a/mysql-test/r/view.result
+++ b/mysql-test/r/view.result
@@ -287,41 +287,39 @@ d	bigint(20)	YES		NULL
 explain select c from mysqltest.v1;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v1;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1'
 explain select c from mysqltest.v2;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v2;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2'
 explain select c from mysqltest.v3;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v3;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3'
 explain select c from mysqltest.v4;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v4;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4'
 grant select on mysqltest.t1 to mysqltest_1@localhost;
 explain select c from mysqltest.v1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	t1	system	NULL	NULL	NULL	NULL	0	const row not found
 show create table mysqltest.v1;
-Table	Create Table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1'
-v1	CREATE VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
 explain select c from mysqltest.v2;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	const row not found
 2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
 show create table mysqltest.v2;
-Table	Create Table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2'
-v2	CREATE ALGORITHM=TEMPTABLE VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
 explain select c from mysqltest.v3;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v3;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3'
 explain select c from mysqltest.v4;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v4;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4'
 grant show view on mysqltest.* to mysqltest_1@localhost;
 explain select c from mysqltest.v1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra

--- a/mysql-test/t/view.test
+++ b/mysql-test/t/view.test
@@ -267,19 +267,19 @@ show columns from mysqltest.v2;
 # but explain/show do not
 -- error 1345
 explain select c from mysqltest.v1;
-- error 1345
+-- error 1142
 show create table mysqltest.v1;
 -- error 1345
 explain select c from mysqltest.v2;
-- error 1345
+-- error 1142
 show create table mysqltest.v2;
 -- error 1345
 explain select c from mysqltest.v3;
-- error 1345
+-- error 1142
 show create table mysqltest.v3;
 -- error 1345
 explain select c from mysqltest.v4;
-- error 1345
+-- error 1142
 show create table mysqltest.v4;
 # allow to see one of underlaing table
@@ -288,17 +288,19 @@ grant select on mysqltest.t1 to mysqltest_1@localhost;
 connection user1;
 # EXPLAIN of view on above table works
 explain select c from mysqltest.v1;
+-- error 1142
 show create table mysqltest.v1;
 explain select c from mysqltest.v2;
+-- error 1142
 show create table mysqltest.v2;
 # but other EXPLAINs do not
 -- error 1345
 explain select c from mysqltest.v3;
-- error 1345
+-- error 1142
 show create table mysqltest.v3;
 -- error 1345
 explain select c from mysqltest.v4;
-- error 1345
+-- error 1142
 show create table mysqltest.v4;
 # allow to see any view in mysqltest database

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -2873,7 +2873,7 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
    else if (want_access & CREATE_VIEW_ACL)
      command= "create view";
    else if (want_access & SHOW_VIEW_ACL)
-      command= "show view";
+      command= "show create view";
    net_printf(thd,ER_TABLEACCESS_DENIED_ERROR,
 	       command,
 	       thd->priv_user,

--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -624,16 +624,20 @@ mysql_make_view(File_parser *parser, TABLE_LIST *table)
      check rights to run commands (EXPLAIN SELECT & SHOW CREATE) which show
      underlaying tables
    */
-    if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe) ||
+    if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe))
-        old_lex->sql_command == SQLCOM_SHOW_CREATE)
    {
      if (check_table_access(thd, SELECT_ACL, view_tables, 1) &&
-          check_table_access(thd, SHOW_VIEW_ACL, view_tables, 1))
+          check_table_access(thd, SHOW_VIEW_ACL, table, 1))
      {
        my_error(ER_VIEW_NO_EXPLAIN, MYF(0));
        goto err;
      }
    }
+    else if (old_lex->sql_command == SQLCOM_SHOW_CREATE)
+    {
+      if (check_table_access(thd, SHOW_VIEW_ACL, table, 0))
+        goto err;
+    }
    /* move SQL_NO_CACHE & Co to whole query */
    old_lex->safe_to_cache_query= (old_lex->safe_to_cache_query &&