diff options
| author | Sachin <sachin.setiya@mariadb.com> | 2018-09-17 12:46:24 +0530 |
|---|---|---|
| committer | Sachin <sachin.setiya@mariadb.com> | 2018-09-17 12:46:24 +0530 |
| commit | 4968cbd512d81570a65ed5261d579994505ec806 (patch) | |
| tree | f10e8dab0f9dae07babf6f57f7228319ced968e8 | |
| parent | f6694b62447454028dd087802cd3b326ed721dd7 (diff) | |
| download | mariadb-git-bb-10.4-multiple-user-binlog.tar.gz | |
multiple_user_binlogbb-10.4-multiple-user-binlog
| -rw-r--r-- | mysql-test/main/create_user.test | 6 | ||||
| -rw-r--r-- | mysql-test/main/grant.test | 4 | ||||
| -rw-r--r-- | mysql-test/main/uu.test | 7 | ||||
| -rw-r--r-- | mysql-test/suite/rpl/t/rename_tmp_tbl.test | 16 | ||||
| -rw-r--r-- | mysql-test/suite/rpl/t/rpl_drop_split.test | 7 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 67 | ||||
| -rw-r--r-- | sql/sql_class.cc | 78 | ||||
| -rw-r--r-- | sql/structs.h | 2 |
8 files changed, 173 insertions, 14 deletions
diff --git a/mysql-test/main/create_user.test b/mysql-test/main/create_user.test index f04cb3e302a..686e2faf2c2 100644 --- a/mysql-test/main/create_user.test +++ b/mysql-test/main/create_user.test @@ -50,9 +50,9 @@ create user if not exists foo, foo2 identified by 'password2' select * from mysql.user where user like 'foo'; drop user foo, foo2; -create user foo with MAX_QUERIES_PER_HOUR 10 +create user foo ,foo2 with MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 MAX_USER_CONNECTIONS 40; -select * from mysql.user where user like 'foo'; -drop user foo; +select * from mysql.user where user like 'foo%'; +drop user foo, foo2; diff --git a/mysql-test/main/grant.test b/mysql-test/main/grant.test index c3bb987acc8..5d7c85630f3 100644 --- a/mysql-test/main/grant.test +++ b/mysql-test/main/grant.test @@ -160,12 +160,12 @@ create table t1 (a int); grant ALL PRIVILEGES on *.* to drop_user2@localhost with GRANT OPTION; show grants for drop_user2@localhost; revoke all privileges, grant option from drop_user2@localhost; -drop user drop_user2@localhost; -grant ALL PRIVILEGES on *.* to drop_user@localhost with GRANT OPTION; +grant ALL PRIVILEGES on *.* to drop_user@localhost , drop_user2@localhost with GRANT OPTION, ; grant ALL PRIVILEGES on test.* to drop_user@localhost with GRANT OPTION; grant select(a) on test.t1 to drop_user@localhost; show grants for drop_user@localhost; +drop user drop_user2@localhost; # # Bug#3086 SHOW GRANTS doesn't follow ANSI_QUOTES diff --git a/mysql-test/main/uu.test b/mysql-test/main/uu.test new file mode 100644 index 00000000000..72be61ec8ed --- /dev/null +++ b/mysql-test/main/uu.test @@ -0,0 +1,7 @@ +--source include/have_binlog_format_row.inc +create user foo identified by password "2470C0C06DEE42FD1618BB99005ADCA2EC9D1E919", foo2 identified by 'password' require CIPHER 'cipher' + AND SUBJECT 'subject' + AND ISSUER 'issuer' + with MAX_UPDATES_PER_HOUR 20; +select * from mysql.user where user like 'foo%'; +drop user foo, foo2; diff --git a/mysql-test/suite/rpl/t/rename_tmp_tbl.test b/mysql-test/suite/rpl/t/rename_tmp_tbl.test new file mode 100644 index 00000000000..43a4376afa2 --- /dev/null +++ b/mysql-test/suite/rpl/t/rename_tmp_tbl.test @@ -0,0 +1,16 @@ +--source include/have_binlog_format_row.inc +--source include/master-slave.inc + +CREATE TEMPORARY TABLE t1 (a INT); +CREATE TEMPORARY TABLE t2 (a INT); +CREATE TABLE t4 (a INT); +drop table t4; + +drop temporary table if exists t2; +drop temporary table if exists t1; +#--error 0,1146 +#RENAME TABLE t1 TO tmp; + +--sync_slave_with_master +--connection master +--source include/rpl_end.inc diff --git a/mysql-test/suite/rpl/t/rpl_drop_split.test b/mysql-test/suite/rpl/t/rpl_drop_split.test new file mode 100644 index 00000000000..05c4fe8dbd3 --- /dev/null +++ b/mysql-test/suite/rpl/t/rpl_drop_split.test @@ -0,0 +1,7 @@ +--source include/master-slave.inc +--source include/have_binlog_format_statement.inc +create table t1(a int); +create temporary table t2(b int); + +drop table t1,t2; +--source include/rpl_end.inc diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 88d1630d94b..9d243e95fbb 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -3880,6 +3880,41 @@ static bool test_if_create_new_users(THD *thd) return create_new_users; } +void user_require_to_str(LEX *lex, String &str) +{ + int ssl_type= lex->ssl_type; + if (ssl_type != SSL_TYPE_NOT_SPECIFIED) + { + str.append(" REQUIRE "); + if (ssl_type == SSL_TYPE_ANY) + str.append(" SSL "); + else if (ssl_type == SSL_TYPE_X509) + str.append(" X509 "); + else if (ssl_type == SSL_TYPE_NONE) + str.append(" NONE "); + else if (ssl_type == SSL_TYPE_SPECIFIED) + { + if (strlen(lex->x509_subject)) + { + str.append(" SUBJECT '"); + str.append(lex->x509_subject); + str.append("' "); + } + if (strlen(lex->x509_issuer)) + { + str.append(" ISSUER '"); + str.append(lex->x509_issuer); + str.append("' "); + } + if (strlen(lex->ssl_cipher)) + { + str.append(" CIPHER '"); + str.append(lex->ssl_cipher); + str.append("' "); + } + } + } +} /**************************************************************************** Handle GRANT commands @@ -10137,10 +10172,10 @@ end: bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) { int result; - String wrong_users; + String wrong_users, binlog_query; LEX_USER *user_name; List_iterator <LEX_USER> user_list(list); - bool binlog= false; + bool if_not_exists= thd->lex->create_info.if_not_exists(); DBUG_ENTER("mysql_create_user"); DBUG_PRINT("entry", ("Handle as %s", handle_as_role ? "role" : "user")); @@ -10209,9 +10244,8 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) } // Proceed with the creation } - else if (thd->lex->create_info.if_not_exists()) + else if (if_not_exists) { - binlog= true; if (handle_as_role) push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE, ER_ROLE_CREATE_EXISTS, @@ -10222,7 +10256,7 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) ER_USER_CREATE_EXISTS, ER_THD(thd, ER_USER_CREATE_EXISTS), user_name->user.str, user_name->host.str); - continue; + goto log; } else { @@ -10239,7 +10273,6 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) result= TRUE; continue; } - binlog= true; // every created role is automatically granted to its creator-admin if (handle_as_role) @@ -10273,6 +10306,25 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) &thd->lex->definer->host, &user_name->user, true, NULL, false); } + +log: + if (mysql_bin_log.is_open()) + { + binlog_query.append("CREATE USER "); + if (thd->lex->create_info.if_not_exists()) + binlog_query.append(" IF NOT EXISTS "); + user_name->to_str(binlog_query); + user_require_to_str(thd->lex, binlog_query); + thd->lex->mqh.to_str(binlog_query); + binlog_query.append("/* Generated by server */"); + // Log individual user into binlog + thd->binlog_query(THD::STMT_QUERY_TYPE, + binlog_query.ptr(), + binlog_query.length(), + FALSE, FALSE, if_not_exists, + result ? ER_CANNOT_USER : 0); + binlog_query.release(); + } } mysql_mutex_unlock(&acl_cache->lock); @@ -10282,9 +10334,6 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) (handle_as_role) ? "CREATE ROLE" : "CREATE USER", wrong_users.c_ptr_safe()); - if (binlog) - result |= write_bin_log(thd, FALSE, thd->query(), thd->query_length()); - mysql_rwlock_unlock(&LOCK_grant); DBUG_RETURN(result); } diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 0bbfdba88c7..c9ed61b175e 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -7651,6 +7651,84 @@ void AUTHID::parse(const char *str, size_t length) host.length= HOSTNAME_LENGTH; } +void LEX_USER::to_str(String &str) +{ + str.append("'"); + str.append(user.str, user.length); + str.append("'"); + if (host.length) + { + str.append("@"); + str.append("'"); + str.append(host.str, host.length); + str.append("'"); + } + str.append(" IDENTIFIED "); + if (pwtext.length) + { + str.append(" BY '"); + str.append(pwtext.str, pwtext.length); + str.append("' "); + } + else if (pwhash.length) + { + str.append(" BY PASSWORD '"); + str.append(pwhash.str, pwhash.length); + str.append("' "); + } + if (plugin.length) + { + str.append(" WITH "); + str.append(plugin.str, pwhash.length); + str.append("' "); + if (auth.length) + { + str.append(" USING '"); + str.append(auth.str, auth.length); + str.append("' "); + } + } +} + +void USER_RESOURCES::to_str(String &str) +{ + str.append(" WITH "); + if (specified_limits & USER_RESOURCES::QUERIES_PER_HOUR) + { + char num[10]; + sprintf(num, "%d", questions); + str.append(" MAX_QUERIES_PER_HOUR "); + str.append((const char *)&num); + } + if (specified_limits & USER_RESOURCES::UPDATES_PER_HOUR) + { + char num[10]; + sprintf(num, "%d", updates); + str.append(" MAX_UPDATES_PER_HOUR "); + str.append((const char *)&num); + } + if (specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR) + { + char num[10]; + sprintf(num, "%d", conn_per_hour); + str.append(" MAX_CONNECTIONS_PER_HOUR "); + str.append((const char *)&num); + } + if (specified_limits & USER_RESOURCES::USER_CONNECTIONS) + { + char num[10]; + sprintf(num, "%d", user_conn); + str.append(" MAX_USER_CONNECTIONS "); + str.append((const char *)&num); + } + if (specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME) + { + char num[20]; + sprintf(num, "%f", max_statement_time); + str.append(" MAX_QUERY_PER_HOUR "); + str.append((const char *)&num); + } +} void Database_qualified_name::copy(MEM_ROOT *mem_root, const LEX_CSTRING &db, diff --git a/sql/structs.h b/sql/structs.h index 355d6e75e48..5efd658878b 100644 --- a/sql/structs.h +++ b/sql/structs.h @@ -235,6 +235,7 @@ struct LEX_USER: public AUTHID pwtext.str= pwhash.str= 0; plugin.str= auth.str= ""; } + void to_str(class String &str); }; /* @@ -267,6 +268,7 @@ typedef struct user_resources { enum {QUERIES_PER_HOUR= 1, UPDATES_PER_HOUR= 2, CONNECTIONS_PER_HOUR= 4, USER_CONNECTIONS= 8, MAX_STATEMENT_TIME= 16}; uint specified_limits; + void to_str(class String &str); } USER_RESOURCES; |