Commit db850c52 authored by Vicențiu Ciorbaru's avatar Vicențiu Ciorbaru Committed by Sergei Golubchik

Added CREATE ROLE support as well as DROP ROLE support.

parent 81b2856e
use mysql;
create role test_role1;
create role test_role2, test_role3;
select user, host, is_role from user where user like 'test';
user host is_role
drop role test_role1;
drop role test_role2, test_role3;
create role test_role1;
create role test_role1;
ERROR HY000: Operation CREATE ROLE failed for 'test_role1'
create role test_role1, test_role2;
ERROR HY000: Operation CREATE ROLE failed for 'test_role1'
select user, host, is_role from user where user like 'test';
user host is_role
drop role test_role1;
drop role test_role1;
ERROR HY000: Operation DROP ROLE failed for 'test_role1'
drop role test_role1, test_role2;
ERROR HY000: Operation DROP ROLE failed for 'test_role1'
select user, host, is_role from user where user like 'test';
user host is_role
connect (mysql, localhost, root,,);
use mysql;
create role test_role1;
create role test_role2, test_role3;
--sorted_result
select user, host, is_role from user where user like 'test';
drop role test_role1;
drop role test_role2, test_role3;
create role test_role1;
--error ER_CANNOT_USER
create role test_role1;
--error ER_CANNOT_USER
create role test_role1, test_role2;
--sorted_result
select user, host, is_role from user where user like 'test';
drop role test_role1;
--error ER_CANNOT_USER
drop role test_role1;
--error ER_CANNOT_USER
drop role test_role1, test_role2;
--sorted_result
select user, host, is_role from user where user like 'test';
disconnect mysql;
......@@ -6569,3 +6569,8 @@ ER_INVALID_ROLE
ER_INVALID_CURRENT_USER
eng "The current user is invalid."
rum "Utilizatorul curent este invalid."
ER_INVALID_ROLE_COMMAND
eng "Unable to execute role related command. The user table is in invalid format."
rum "Comanda asupra rolurilor nu poate fi executate. Tabelul "user" este in format invalid."
ER_ROLE_AS_USER
eng "The role '%s' is marked as a user '%s'@''
This diff is collapsed.
......@@ -234,6 +234,8 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list);
bool mysql_drop_user(THD *thd, List <LEX_USER> &list);
bool mysql_rename_user(THD *thd, List <LEX_USER> &list);
bool mysql_revoke_all(THD *thd, List <LEX_USER> &list);
bool mysql_create_role(THD *thd, List <LEX_USER> &list);
bool mysql_drop_role(THD *thd, List <LEX_USER> &list);
void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
const char *db, const char *table);
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name,
......
......@@ -3759,13 +3759,21 @@ case SQLCOM_PREPARE:
}
case SQLCOM_CREATE_ROLE:
{
/* TODO */
if (check_access(thd, INSERT_ACL, "mysql", NULL, NULL, 1, 1) &&
check_global_access(thd,CREATE_USER_ACL))
break;
/* Conditionally writes to binlog */
if (!(res= mysql_create_role(thd, lex->users_list)))
my_ok(thd);
break;
}
case SQLCOM_DROP_ROLE:
{
/* TODO */
if (check_access(thd, DELETE_ACL, "mysql", NULL, NULL, 1, 1) &&
check_global_access(thd,CREATE_USER_ACL))
break;
/* Conditionally writes to binlog */
if (!(res= mysql_drop_role(thd, lex->users_list)))
my_ok(thd);
break;
}
......
......@@ -1459,7 +1459,6 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
NCHAR_STRING opt_component key_cache_name
sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty
opt_constraint constraint opt_ident opt_if_not_exists_ident
grant_role
%type <lex_str_ptr>
opt_table_alias
......@@ -1570,7 +1569,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
%type <symbol> keyword keyword_sp
%type <lex_user> user grant_user
%type <lex_user> user grant_user grant_role
%type <charset>
opt_collate
......@@ -14251,7 +14250,6 @@ revoke_command:
LEX *lex= Lex;
lex->sql_command= SQLCOM_REVOKE_ROLE;
lex->type= 0;
printf("The rolename to be revoked is: %s\n", $1.str);
}
;
......@@ -14305,20 +14303,40 @@ grant_command:
LEX *lex= Lex;
lex->sql_command= SQLCOM_GRANT_ROLE;
lex->type= 0;
printf("The rolename to be granted is: %s\n", $1.str);
}
;
role_list:
grant_role
{}
{
if (Lex->users_list.push_back($1))
MYSQL_YYABORT;
}
| role_list ',' grant_role
{}
{
if (Lex->users_list.push_back($3))
MYSQL_YYABORT;
}
;
grant_role:
IDENT_sys {$$=$1;}
| TEXT_STRING_sys {$$=$1;}
ident_or_text
{
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT;
$$->user = $1;
$$->host.str= (char *)HOST_NOT_SPECIFIED;
$$->host.length= 1;
$$->password= null_lex_str;
$$->plugin= empty_lex_str;
$$->auth= empty_lex_str;
if (check_string_char_length(&$$->user, ER(ER_USERNAME),
username_char_length,
system_charset_info, 0))
MYSQL_YYABORT;
}
;
opt_table:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment