Bug #30468: column level privileges not respected when joining tables

When expanding a * in a USING/NATURAL join the check for table access
for both tables in the join was done using the grant information of the
first one.
Fixed by getting the grant information for the current table while 
iterating through the columns of the join.


mysql-test/r/grant2.result:
  Bug #30468: test case
mysql-test/t/grant2.test:
  Bug #30468: test case
sql/sql_acl.cc:
  Bug #30468: correctly check column grants
sql/sql_acl.h:
  Bug #30468: correctly check column grants
sql/sql_base.cc:
  Bug #30468: correctly check column grants
sql/sql_insert.cc:
  Bug #30468: correctly check column grants

1 files changed, 18 insertions, 0 deletions

diff --git a/mysql-test/r/grant2.result b/mysql-test/r/grant2.result
index 6de9a83aeed..e3c92ecc7c8 100644
--- a/mysql-test/r/grant2.result
+++ b/mysql-test/r/grant2.result
@@ -421,4 +421,22 @@ revoke all privileges, grant option from mysqltest_1@localhost;
 revoke all privileges, grant option from mysqltest_2@localhost;
 drop user mysqltest_1@localhost;
 drop user mysqltest_2@localhost;
+CREATE DATABASE db1;
+USE db1;
+CREATE TABLE t1 (a INT, b INT);
+INSERT INTO t1 VALUES (1,1),(2,2);
+CREATE TABLE t2 (b INT, c INT);
+INSERT INTO t2 VALUES (1,100),(2,200);
+GRANT SELECT ON t1 TO mysqltest1@localhost;
+GRANT SELECT (b) ON t2 TO mysqltest1@localhost;
+USE db1;
+SELECT c FROM t2;
+ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'
+SELECT * FROM t2;
+ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'
+SELECT * FROM t1 JOIN t2 USING (b);
+ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'
+DROP TABLE db1.t1, db1.t2;
+DROP USER mysqltest1@localhost;
+DROP DATABASE db1;
 End of 5.0 tests