#======================================================================
#
# Trigger Tests
# test cases for TRIGGER privilege on db, table and column level
#======================================================================

--disable_abort_on_error

############################################
################ Section 3.5.3 #############
# basic tests for the db level of Triggers #
############################################

# General setup to be used in all testcases
let $message= Testcase for db level:;
--source include/show_msg.inc

        --disable_warnings
	drop database if exists priv_db;
	drop database if exists no_priv_db;
	--enable_warnings
	create database priv_db;
        create database no_priv_db;
	use priv_db;
	eval create table t1 (f1 char(20)) engine= $engine_type;

	create User test_yesprivs@localhost;
	set password for test_yesprivs@localhost = password('PWD');
	revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
	grant select on priv_db.* to test_yesprivs@localhost;
	show grants for test_yesprivs@localhost;

        create User test_noprivs@localhost;
        set password for test_noprivs@localhost = password('PWD');
        revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
        grant select,insert on priv_db.* to test_noprivs@localhost;
        show grants for test_noprivs@localhost;

# no trigger privilege->create trigger must fail:
	--replace_result $MASTER_MYPORT MASTER_MYPORT $MASTER_MYSOCK MASTER_MYSOCK
	connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK);
let $message= no trigger privilege on db level for create:;
--source include/show_msg.inc
	use priv_db;
	--error ER_TABLEACCESS_DENIED_ERROR
	create trigger trg1_1 before INSERT on t1 for each row
		set new.f1 = 'trig 1_1-no';

# user with minimum privs on t1->no trigger executed;
	--replace_result $MASTER_MYPORT MASTER_MYPORT $MASTER_MYSOCK MASTER_MYSOCK
	connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK);
	use priv_db;
	insert into t1 (f1) values ('insert-yes');
	select f1 from t1 order by f1;
	
	connection default;
        select current_user;
        grant TRIGGER on priv_db.* to test_yesprivs@localhost;
        show grants for test_yesprivs@localhost;

# user got trigger privilege->create successful:
let $message= trigger privilege on db level for create:;
--source include/show_msg.inc
	connection yes_privs;
        select current_user;
	use priv_db;
	create trigger trg1_2 before INSERT  on t1 for each row
		set new.f1 = 'trig 1_2-yes';

# user with minimum privs on t1->fail,as trigger definer no update priv:;
        connection no_privs;
	select current_user;
        use priv_db;
        insert into t1 (f1) values ('insert-yes');
        select f1 from t1 order by f1;

	connection default;
        select current_user;
        grant UPDATE on priv_db.* to test_yesprivs@localhost;
# succeed,as trigger definer has update privilege:
# new privilege take effect after 'use db':
        use priv_db;
        insert into t1 (f1) values ('insert-no');
        select f1 from t1 order by f1;

# succeed:
        connection no_privs;
	select current_user;
        use priv_db;
        insert into t1 (f1) values ('insert-yes');
        select f1 from t1 order by f1;

        connection default;
        select current_user;
        revoke TRIGGER on priv_db.* from test_yesprivs@localhost;
        show grants for test_yesprivs@localhost;

# drop must fail, as no trigger privilege:
let $message= no trigger privilege on db level for drop:;
--source include/show_msg.inc
	connection yes_privs;
        select current_user;
	use priv_db;
	--error ER_TABLEACCESS_DENIED_ERROR
	drop trigger trg1_2;

	connection no_privs;
        select current_user;
        use priv_db;
# no trigger privilege at activation time:
let $message= no trigger privilege at activation time:;
--source include/show_msg.inc
        --error ER_TABLEACCESS_DENIED_ERROR
        insert into t1 (f1) values ('insert-yes');
        select f1 from t1 order by f1;

let $message= trigger privilege at activation time:;
--source include/show_msg.inc
	connection default;
	select current_user;
        grant TRIGGER on priv_db.* to test_yesprivs@localhost;

# succeed, as trigger privilege at activation time:
	connection no_privs;
	select current_user;
	use priv_db;
	insert into t1 (f1) values ('insert-no');
	select f1 from t1 order by f1;
# drop must fail, as no 'use db' executed:
let $message= trigger privilege on db level for drop:;
--source include/show_msg.inc
	connection yes_privs;
        select current_user;
        show grants for test_yesprivs@localhost;
        --error ER_TABLEACCESS_DENIED_ERROR
 	drop trigger trg1_2;

# succeed
let $message= takes effect after use priv_db:;
--source include/show_msg.inc
        use priv_db;
        drop trigger trg1_2;

	connection default;
        select current_user;
	use priv_db;
	insert into t1 (f1) values ('insert-yes');
	select f1 from t1 order by f1;

let $message= switch to db without having trigger priv for it:;
--source include/show_msg.inc
        use no_priv_db;
	eval create table t1 (f1 char(20)) engine= $engine_type;
# Adding the minimal priv to be able to set to the db
        grant SELECT,UPDATE on no_priv_db.* to test_yesprivs@localhost;
        show grants for test_yesprivs@localhost;

# trigger privilege is hold over changes between priv and no priv db:
let $message= use db with trigger privilege on db level and without...:;
--source include/show_msg.inc
        connection yes_privs;
        select current_user;
        use no_priv_db;
	--error ER_TABLEACCESS_DENIED_ERROR
        create trigger trg1_3 before INSERT  on t1 for each row
                set new.f1 = 'trig 1_3-no';
        use priv_db;
        create trigger trg1_3 before INSERT  on t1 for each row
                set new.f1 = 'trig 1_3-yes';
        use no_priv_db;
        --error ER_TABLEACCESS_DENIED_ERROR
        create trigger trg1_4 before UPDATE  on t1 for each row
                set new.f1 = 'trig 1_4-no';
        use priv_db;
        create trigger trg1_4 before UPDATE  on t1 for each row
                set new.f1 = 'trig 1_4-yes';

        connection no_privs;
        select current_user;
        use no_priv_db;
        insert into t1 (f1) values ('insert-yes');
        select f1 from t1 order by f1;
        use priv_db;
        insert into t1 (f1) values ('insert-no');
        select f1 from t1 order by f1;
	--disable_warnings
	disconnect no_privs;
	--enable_warnings

        connection yes_privs;
        select current_user;
        use no_priv_db;
	--error ER_TRG_DOES_NOT_EXIST
        drop trigger trg1_3;
        use priv_db;
        drop trigger trg1_3;
        use no_priv_db;
        --error ER_TRG_DOES_NOT_EXIST
        drop trigger trg1_4;
        use priv_db;
        drop trigger trg1_4;


# Cleanup db level
	--disable_warnings
	disconnect yes_privs;

	connection default;
        select current_user;
	drop table priv_db.t1;
	drop table no_priv_db.t1;
	--enable_warnings

# general Cleanup
	--disable_warnings
	drop database if exists priv_db;
        drop database if exists no_priv_db;
	drop user test_yesprivs@localhost;
	drop user test_noprivs@localhost;
	--enable_warnings