diff options
author | Sergei Golubchik <serg@mariadb.org> | 2020-07-29 12:05:12 +0200 |
---|---|---|
committer | Sergei Golubchik <serg@mariadb.org> | 2020-07-29 14:56:24 +0200 |
commit | 2ba70f69fd6cb3508de2744191c200c11d2fcd5f (patch) | |
tree | b681a6620b1b91995907d911e76f677dbd2d2fca | |
parent | 0b5b2f864153bf236a844e225ed6f04d79c757d8 (diff) | |
download | mariadb-git-2ba70f69fd6cb3508de2744191c200c11d2fcd5f.tar.gz |
cleanup: reduce code duplication
-rw-r--r-- | sql/sql_acl.cc | 51 | ||||
-rw-r--r-- | sql/sql_base.cc | 12 | ||||
-rw-r--r-- | sql/sql_update.cc | 3 |
3 files changed, 21 insertions, 45 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 8d594e887b7..b2703dba76f 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -7130,6 +7130,17 @@ err: } +static void check_grant_column_int(GRANT_TABLE *grant_table, const char *name, + uint length, ulong *want_access) +{ + if (grant_table) + { + GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length); + if (grant_column) + *want_access&= ~grant_column->rights; + } +} + /* Check column rights in given security context @@ -7152,9 +7163,6 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *name, uint length, Security_context *sctx) { - GRANT_TABLE *grant_table; - GRANT_TABLE *grant_table_role; - GRANT_COLUMN *grant_column; ulong want_access= grant->want_privilege & ~grant->privilege; DBUG_ENTER("check_grant_column"); DBUG_PRINT("enter", ("table: %s want_access: %lu", table_name, want_access)); @@ -7179,45 +7187,18 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant, grant->version= grant_version; /* purecov: inspected */ } - grant_table= grant->grant_table_user; - grant_table_role= grant->grant_table_role; - - if (!grant_table && !grant_table_role) - goto err; + check_grant_column_int(grant->grant_table_user, name, length, &want_access); + check_grant_column_int(grant->grant_table_role, name, length, &want_access); - if (grant_table) - { - grant_column= column_hash_search(grant_table, name, length); - if (grant_column) - { - want_access&= ~grant_column->rights; - } - } - if (grant_table_role) - { - grant_column= column_hash_search(grant_table_role, name, length); - if (grant_column) - { - want_access&= ~grant_column->rights; - } - } + mysql_rwlock_unlock(&LOCK_grant); if (!want_access) - { - mysql_rwlock_unlock(&LOCK_grant); DBUG_RETURN(0); - } -err: - mysql_rwlock_unlock(&LOCK_grant); char command[128]; get_privilege_desc(command, sizeof(command), want_access); /* TODO perhaps error should print current rolename aswell */ - my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), - command, - sctx->priv_user, - sctx->host_or_ip, - name, - table_name); + my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), command, sctx->priv_user, + sctx->host_or_ip, name, table_name); DBUG_RETURN(1); } diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 76aab377985..1031a384d71 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -8306,15 +8306,11 @@ bool setup_tables(THD *thd, Name_resolution_context *context, FALSE ok; In this case *map will include the chosen index TRUE error */ -bool setup_tables_and_check_access(THD *thd, - Name_resolution_context *context, +bool setup_tables_and_check_access(THD *thd, Name_resolution_context *context, List<TABLE_LIST> *from_clause, - TABLE_LIST *tables, - List<TABLE_LIST> &leaves, - bool select_insert, - ulong want_access_first, - ulong want_access, - bool full_table_list) + TABLE_LIST *tables, List<TABLE_LIST> &leaves, + bool select_insert, ulong want_access_first, + ulong want_access, bool full_table_list) { DBUG_ENTER("setup_tables_and_check_access"); diff --git a/sql/sql_update.cc b/sql/sql_update.cc index 1360bf9fb74..9b2d24c3ba3 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -1119,8 +1119,7 @@ bool mysql_prepare_update(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(TRUE); if (setup_tables_and_check_access(thd, &select_lex->context, - &select_lex->top_join_list, - table_list, + &select_lex->top_join_list, table_list, select_lex->leaf_tables, FALSE, UPDATE_ACL, SELECT_ACL, TRUE) || setup_conds(thd, table_list, select_lex->leaf_tables, conds) || |