Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
defddfd2
Commit
defddfd2
authored
Apr 13, 2007
by
jani@a88-113-38-195.elisa-laajakaista.fi
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Merged from 5.0
parent
52196018
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
69 additions
and
85 deletions
+69
-85
mysql-test/r/grant.result
mysql-test/r/grant.result
+10
-10
sql/sql_parse.cc
sql/sql_parse.cc
+59
-75
No files found.
mysql-test/r/grant.result
View file @
defddfd2
...
...
@@ -1106,16 +1106,6 @@ DROP DATABASE mysqltest2;
DROP DATABASE mysqltest3;
DROP DATABASE mysqltest4;
DROP USER mysqltest_1@localhost;
End of 5.0 tests
set names utf8;
grant select on test.* to юзер_юзер@localhost;
user()
юзер_юзер@localhost
revoke all on test.* from юзер_юзер@localhost;
drop user юзер_юзер@localhost;
grant select on test.* to очень_длинный_юзер@localhost;
ERROR HY000: String 'очень_длинный_юзер' is too long for user name (should be no longer than 16)
set names default;
DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest2;
CREATE DATABASE mysqltest1;
...
...
@@ -1191,3 +1181,13 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table '
DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2;
DROP USER mysqltest_1@localhost;
End of 5.0 tests
set names utf8;
grant select on test.* to юзер_юзер@localhost;
user()
юзер_юзер@localhost
revoke all on test.* from юзер_юзер@localhost;
drop user юзер_юзер@localhost;
grant select on test.* to очень_длинный_юзер@localhost;
ERROR HY000: String 'очень_длинный_юзер' is too long for user name (should be no longer than 16)
set names default;
sql/sql_parse.cc
View file @
defddfd2
...
...
@@ -1358,8 +1358,8 @@ void log_slow_statement(THD *thd)
int
prepare_schema_table
(
THD
*
thd
,
LEX
*
lex
,
Table_ident
*
table_ident
,
enum
enum_schema_tables
schema_table_idx
)
{
DBUG_ENTER
(
"prepare_schema_table"
);
SELECT_LEX
*
schema_select_lex
=
NULL
;
DBUG_ENTER
(
"prepare_schema_table"
);
switch
(
schema_table_idx
)
{
case
SCH_SCHEMATA
:
...
...
@@ -1393,6 +1393,7 @@ int prepare_schema_table(THD *thd, LEX *lex, Table_ident *table_ident,
db
.
str
=
schema_select_lex
->
db
=
lex
->
select_lex
.
db
;
schema_select_lex
->
table_list
.
first
=
NULL
;
db
.
length
=
strlen
(
db
.
str
);
if
(
check_db_name
(
&
db
))
{
my_error
(
ER_WRONG_DB_NAME
,
MYF
(
0
),
db
.
str
);
...
...
@@ -1403,32 +1404,23 @@ int prepare_schema_table(THD *thd, LEX *lex, Table_ident *table_ident,
#endif
case
SCH_COLUMNS
:
case
SCH_STATISTICS
:
{
#ifdef DONT_ALLOW_SHOW_COMMANDS
my_message
(
ER_NOT_ALLOWED_COMMAND
,
ER
(
ER_NOT_ALLOWED_COMMAND
),
MYF
(
0
));
/* purecov: inspected */
DBUG_RETURN
(
1
);
#else
if
(
table_ident
)
{
TABLE_LIST
**
query_tables_last
=
lex
->
query_tables_last
;
sel
=
new
SELECT_LEX
();
/* 'parent_lex' is used in init_query() so it must be before it. */
sel
->
parent_lex
=
lex
;
sel
->
init_query
();
if
(
!
sel
->
add_table_to_list
(
thd
,
table_ident
,
0
,
0
,
TL_READ
))
DBUG_RETURN
(
1
);
lex
->
query_tables_last
=
query_tables_last
;
TABLE_LIST
*
table_list
=
(
TABLE_LIST
*
)
sel
->
table_list
.
first
;
char
*
db
=
table_list
->
db
;
if
(
check_access
(
thd
,
SELECT_ACL
|
EXTRA_ACL
,
db
,
&
table_list
->
grant
.
privilege
,
0
,
0
,
test
(
table_list
->
schema_table
)))
DBUG_RETURN
(
1
);
/* purecov: inspected */
if
(
grant_option
&&
check_grant
(
thd
,
SELECT_ACL
,
table_list
,
2
,
UINT_MAX
,
0
))
DBUG_RETURN
(
1
);
break
;
}
DBUG_ASSERT
(
table_ident
);
TABLE_LIST
**
query_tables_last
=
lex
->
query_tables_last
;
schema_select_lex
=
new
SELECT_LEX
();
/* 'parent_lex' is used in init_query() so it must be before it. */
schema_select_lex
->
parent_lex
=
lex
;
schema_select_lex
->
init_query
();
if
(
!
schema_select_lex
->
add_table_to_list
(
thd
,
table_ident
,
0
,
0
,
TL_READ
))
DBUG_RETURN
(
1
);
lex
->
query_tables_last
=
query_tables_last
;
break
;
}
#endif
case
SCH_OPEN_TABLES
:
case
SCH_VARIABLES
:
...
...
@@ -1454,7 +1446,7 @@ int prepare_schema_table(THD *thd, LEX *lex, Table_ident *table_ident,
DBUG_RETURN
(
1
);
}
TABLE_LIST
*
table_list
=
(
TABLE_LIST
*
)
select_lex
->
table_list
.
first
;
table_list
->
schema_select_lex
=
s
el
;
table_list
->
schema_select_lex
=
s
chema_select_lex
;
table_list
->
schema_table_reformed
=
1
;
DBUG_RETURN
(
0
);
}
...
...
@@ -4691,74 +4683,57 @@ bool check_global_access(THD *thd, ulong want_access)
static
bool
check_show_access
(
THD
*
thd
,
TABLE_LIST
*
table
)
{
switch
(
get_schema_table_idx
(
table
->
schema_table
))
{
switch
(
get_schema_table_idx
(
table
->
schema_table
))
{
case
SCH_SCHEMATA
:
return
(
specialflag
&
SPECIAL_SKIP_SHOW_DB
)
&&
check_global_access
(
thd
,
SHOW_DB_ACL
);
check_global_access
(
thd
,
SHOW_DB_ACL
);
case
SCH_TABLE_NAMES
:
case
SCH_TABLES
:
case
SCH_VIEWS
:
case
SCH_TRIGGERS
:
{
const
char
*
dst_db_name
=
table
->
schema_select_lex
->
db
;
DBUG_ASSERT
(
dst_db_name
);
case
SCH_EVENTS
:
{
const
char
*
dst_db_name
=
table
->
schema_select_lex
->
db
;
if
(
check_access
(
thd
,
SELECT_ACL
,
dst_db_name
,
&
thd
->
col_access
,
FALSE
,
FALSE
,
is_schema_db
(
dst_db_name
)))
{
return
TRUE
;
}
DBUG_ASSERT
(
dst_db_name
);
if
(
!
thd
->
col_access
&&
check_grant_db
(
thd
,
dst_db_name
))
{
my_error
(
ER_DBACCESS_DENIED_ERROR
,
MYF
(
0
),
thd
->
security_ctx
->
priv_user
,
thd
->
security_ctx
->
priv_host
,
dst_db_name
);
return
TRUE
;
}
if
(
check_access
(
thd
,
SELECT_ACL
,
dst_db_name
,
&
thd
->
col_access
,
FALSE
,
FALSE
,
is_schema_db
(
dst_db_name
)))
return
TRUE
;
return
FALSE
;
if
(
!
thd
->
col_access
&&
check_grant_db
(
thd
,
dst_db_name
))
{
my_error
(
ER_DBACCESS_DENIED_ERROR
,
MYF
(
0
),
thd
->
security_ctx
->
priv_user
,
thd
->
security_ctx
->
priv_host
,
dst_db_name
);
return
TRUE
;
}
return
FALSE
;
}
case
SCH_COLUMNS
:
case
SCH_STATISTICS
:
{
TABLE_LIST
*
dst_table
=
(
TABLE_LIST
*
)
table
->
schema_select_lex
->
table_list
.
first
;
{
TABLE_LIST
*
dst_table
;
dst_table
=
(
TABLE_LIST
*
)
table
->
schema_select_lex
->
table_list
.
first
;
DBUG_ASSERT
(
dst_table
);
DBUG_ASSERT
(
dst_table
);
if
(
check_access
(
thd
,
SELECT_ACL
|
EXTRA_ACL
,
dst_table
->
db
,
&
dst_table
->
grant
.
privilege
,
FALSE
,
FALSE
,
test
(
dst_table
->
schema_table
)))
{
return
FALSE
;
}
return
grant_option
&&
check_grant
(
thd
,
SELECT_ACL
,
dst_table
,
2
,
UINT_MAX
,
FALSE
);
}
if
(
check_access
(
thd
,
SELECT_ACL
|
EXTRA_ACL
,
dst_table
->
db
,
&
dst_table
->
grant
.
privilege
,
FALSE
,
FALSE
,
test
(
dst_table
->
schema_table
)))
return
FALSE
;
case
SCH_OPEN_TABLES
:
case
SCH_VARIABLES
:
case
SCH_STATUS
:
case
SCH_PROCEDURES
:
case
SCH_CHARSETS
:
case
SCH_COLLATIONS
:
case
SCH_COLLATION_CHARACTER_SET_APPLICABILITY
:
case
SCH_USER_PRIVILEGES
:
case
SCH_SCHEMA_PRIVILEGES
:
case
SCH_TABLE_PRIVILEGES
:
case
SCH_COLUMN_PRIVILEGES
:
case
SCH_TABLE_CONSTRAINTS
:
case
SCH_KEY_COLUMN_USAGE
:
return
(
grant_option
&&
check_grant
(
thd
,
SELECT_ACL
,
dst_table
,
2
,
UINT_MAX
,
FALSE
));
}
default:
break
;
}
...
...
@@ -4826,7 +4801,16 @@ check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
Remove SHOW_VIEW_ACL, because it will be checked during making view
*/
tables
->
grant
.
orig_want_privilege
=
(
want_access
&
~
SHOW_VIEW_ACL
);
if
(
tables
->
derived
||
tables
->
schema_table
||
if
(
tables
->
schema_table_reformed
)
{
if
(
check_show_access
(
thd
,
tables
))
goto
deny
;
continue
;
}
if
(
tables
->
derived
||
(
tables
->
table
&&
(
int
)
tables
->
table
->
s
->
tmp_table
))
continue
;
thd
->
security_ctx
=
sctx
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment