summaryrefslogtreecommitdiff
path: root/mysql-test/suite/roles
diff options
context:
space:
mode:
authorVicentiu Ciorbaru <cvicentiu@gmail.com>2014-07-13 23:57:10 +0000
committerSergei Golubchik <serg@mariadb.org>2014-07-23 14:48:12 +0200
commit64b27c734eed91e2b79701c9c53283d9411f702f (patch)
tree6f7e49f44ad916637fb214fc93df1a59bcf76553 /mysql-test/suite/roles
parent43351faf2b229fb2e87331227efb2daf554647a7 (diff)
downloadmariadb-git-64b27c734eed91e2b79701c9c53283d9411f702f.tar.gz
Added default role implementation
Diffstat (limited to 'mysql-test/suite/roles')
-rw-r--r--mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result4
-rw-r--r--mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test7
-rw-r--r--mysql-test/suite/roles/set_default_role_clear.result35
-rw-r--r--mysql-test/suite/roles/set_default_role_clear.test52
-rw-r--r--mysql-test/suite/roles/set_default_role_for.result65
-rw-r--r--mysql-test/suite/roles/set_default_role_for.test84
-rw-r--r--mysql-test/suite/roles/set_default_role_invalid.result40
-rw-r--r--mysql-test/suite/roles/set_default_role_invalid.test62
-rw-r--r--mysql-test/suite/roles/set_default_role_new_connection.result48
-rw-r--r--mysql-test/suite/roles/set_default_role_new_connection.test47
-rw-r--r--mysql-test/suite/roles/set_role-recursive.result8
-rw-r--r--mysql-test/suite/roles/set_role-simple.result4
12 files changed, 447 insertions, 9 deletions
diff --git a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result
index 2d5891f996e..e7765c37667 100644
--- a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result
+++ b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result
@@ -1,5 +1,6 @@
use mysql;
alter table user drop column is_role;
+alter table user drop column default_role;
flush privileges;
create role test_role;
ERROR HY000: Column count of mysql.user is wrong. Expected 44, found 43. Created with MariaDB MYSQL_VERSION_ID, now running MYSQL_VERSION_ID. Please use mysql_upgrade to fix this error.
@@ -8,6 +9,9 @@ ERROR HY000: Operation DROP ROLE failed for 'test_role'
alter table user add column is_role enum('N', 'Y') default 'N' not null
COLLATE utf8_general_ci
after password_expired;
+alter table user add column default_role char(80) binary default '' not null
+COLLATE utf8_general_ci
+after is_role;
update user set is_role='N';
flush privileges;
create role test_role;
diff --git a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test
index fddab717245..9ffac07d241 100644
--- a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test
+++ b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.test
@@ -4,6 +4,7 @@ connect (mysql, localhost, root,,);
use mysql;
alter table user drop column is_role;
+alter table user drop column default_role;
flush privileges;
@@ -15,12 +16,12 @@ drop role test_role;
alter table user add column is_role enum('N', 'Y') default 'N' not null
COLLATE utf8_general_ci
after password_expired;
+alter table user add column default_role char(80) binary default '' not null
+ COLLATE utf8_general_ci
+after is_role;
update user set is_role='N';
flush privileges;
create role test_role;
drop role test_role;
-
-
-
diff --git a/mysql-test/suite/roles/set_default_role_clear.result b/mysql-test/suite/roles/set_default_role_clear.result
new file mode 100644
index 00000000000..382d3d27c70
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_clear.result
@@ -0,0 +1,35 @@
+create user test_user@localhost;
+create role test_role;
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+set default role test_role;
+select user, host, default_role from mysql.user;
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost test_role
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+GRANT SELECT ON *.* TO 'test_role'
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost test_role
+set default role NONE;
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost
+set default role invalid_role;
+ERROR OP000: Invalid role specification `invalid_role`.
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost
+select user, host, default_role from mysql.user;
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+drop role test_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_clear.test b/mysql-test/suite/roles/set_default_role_clear.test
new file mode 100644
index 00000000000..32c9661c573
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_clear.test
@@ -0,0 +1,52 @@
+source include/not_embedded.inc;
+
+# This test checks clearing a default role from a user.
+
+# Create a user with no privileges
+create user test_user@localhost;
+
+create role test_role;
+
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+
+change_user 'test_user';
+show grants;
+set default role test_role;
+
+# Even though a user has the default role set, without reconnecting, we should
+# not already have the roles privileges.
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user;
+
+change_user 'root';
+select user, host, default_role from mysql.user where user='test_user';
+
+change_user 'test_user';
+# This should show that the new test_user has the role's grants enabled.
+show grants;
+select user, host, default_role from mysql.user where user='test_user';
+
+set default role NONE;
+
+# We should still have the role set right now.
+select user, host, default_role from mysql.user where user='test_user';
+
+# Make sure we do not somehow get privileges to set an invalid role
+--error ER_INVALID_ROLE
+set default role invalid_role;
+
+change_user 'root';
+select user, host, default_role from mysql.user where user='test_user';
+
+change_user 'test_user';
+# The user does not have a default role set anymore. Make sure we don't still
+# get the privileges.
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user;
+
+change_user 'root';
+
+# Cleanup
+drop role test_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_for.result b/mysql-test/suite/roles/set_default_role_for.result
new file mode 100644
index 00000000000..2949584f049
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_for.result
@@ -0,0 +1,65 @@
+create user user_a@localhost;
+create user user_b@localhost;
+create role role_a;
+create role role_b;
+grant role_a to user_a@localhost;
+grant role_b to user_b@localhost;
+grant role_a to user_a@localhost;
+grant select on *.* to role_a;
+grant role_b to user_b@localhost;
+grant insert, update on *.* to role_b;
+set default role role_a for user_b@localhost;
+ERROR 42000: Access denied for user 'user_a'@'localhost' to database 'mysql'
+set default role role_a for user_a@localhost;
+set default role invalid_role for user_a@localhost;
+ERROR OP000: Invalid role specification `invalid_role`.
+set default role role_b for user_a@localhost;
+ERROR OP000: Invalid role specification `role_b`.
+set default role role_b for user_b@localhost;
+show grants;
+Grants for user_a@localhost
+GRANT role_a TO 'user_a'@'localhost'
+GRANT USAGE ON *.* TO 'user_a'@'localhost'
+GRANT SELECT ON *.* TO 'role_a'
+select user, host, default_role from mysql.user where user like 'user_%';
+user host default_role
+user_a localhost role_a
+user_b localhost role_b
+set default role NONE for current_user;
+select user, host, default_role from mysql.user where user like 'user_%';
+user host default_role
+user_a localhost
+user_b localhost role_b
+set default role current_role for current_user;
+select user, host, default_role from mysql.user where user like 'user_%';
+user host default_role
+user_a localhost role_a
+user_b localhost role_b
+set default role role_b for current_user;
+ERROR OP000: Invalid role specification `role_b`.
+show grants;
+Grants for user_b@localhost
+GRANT role_b TO 'user_b'@'localhost'
+GRANT USAGE ON *.* TO 'user_b'@'localhost'
+GRANT INSERT, UPDATE ON *.* TO 'role_b'
+select user, host, default_role from mysql.user where user like 'user_%';
+ERROR 42000: SELECT command denied to user 'user_b'@'localhost' for table 'user'
+insert into mysql.user (user, host) values ('someuser', 'somehost');
+Warnings:
+Warning 1364 Field 'ssl_cipher' doesn't have a default value
+Warning 1364 Field 'x509_issuer' doesn't have a default value
+Warning 1364 Field 'x509_subject' doesn't have a default value
+Warning 1364 Field 'authentication_string' doesn't have a default value
+set default role NONE for user_a@localhost;
+show grants;
+Grants for user_a@localhost
+GRANT role_a TO 'user_a'@'localhost'
+GRANT USAGE ON *.* TO 'user_a'@'localhost'
+GRANT INSERT, UPDATE ON *.* TO 'role_b'
+select user, host, default_role from mysql.user where user like 'user_%';
+ERROR 42000: SELECT command denied to user 'user_a'@'localhost' for table 'user'
+drop role role_a;
+drop role role_b;
+drop user someuser@somehost;
+drop user user_a@localhost;
+drop user user_b@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_for.test b/mysql-test/suite/roles/set_default_role_for.test
new file mode 100644
index 00000000000..d51c13bcec9
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_for.test
@@ -0,0 +1,84 @@
+source include/not_embedded.inc;
+
+# This test checks setting a default role to a different user;
+
+
+create user user_a@localhost;
+create user user_b@localhost;
+
+create role role_a;
+create role role_b;
+
+grant role_a to user_a@localhost;
+grant role_b to user_b@localhost;
+
+grant role_a to user_a@localhost;
+grant select on *.* to role_a;
+
+grant role_b to user_b@localhost;
+grant insert, update on *.* to role_b;
+
+change_user 'user_a';
+
+# A user should not be a able to set a default role for someone else,
+# if he hasn't got write access to the database.
+--error ER_DBACCESS_DENIED_ERROR
+set default role role_a for user_b@localhost;
+
+# Should have the same effect as set default role role_a.
+set default role role_a for user_a@localhost;
+
+change_user 'root';
+
+# Not even a 'root' user should be able to set an invalid role for a user.
+--error ER_INVALID_ROLE
+set default role invalid_role for user_a@localhost;
+
+--error ER_INVALID_ROLE
+set default role role_b for user_a@localhost;
+
+# Make sure we can set a default role for a different user than the one that
+# is actually running the command.
+set default role role_b for user_b@localhost;
+
+change_user 'user_a';
+
+show grants;
+select user, host, default_role from mysql.user where user like 'user_%';
+
+set default role NONE for current_user;
+select user, host, default_role from mysql.user where user like 'user_%';
+
+set default role current_role for current_user;
+select user, host, default_role from mysql.user where user like 'user_%';
+
+# Make sure we can't set a default role not granted to us, using current_user
+--error ER_INVALID_ROLE
+set default role role_b for current_user;
+
+change_user 'user_b';
+
+show grants;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user like 'user_%';
+
+# Make sure the default role setting worked from root.
+insert into mysql.user (user, host) values ('someuser', 'somehost');
+# Since we have update privileges on the mysql.user table, we should
+# be able to set a default role for a different user.
+set default role NONE for user_a@localhost;
+
+change_user 'user_a';
+
+# There is no default role set any more.
+show grants;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user like 'user_%';
+
+change_user 'root';
+
+drop role role_a;
+drop role role_b;
+drop user someuser@somehost;
+drop user user_a@localhost;
+drop user user_b@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_invalid.result b/mysql-test/suite/roles/set_default_role_invalid.result
new file mode 100644
index 00000000000..3916bacfd4c
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_invalid.result
@@ -0,0 +1,40 @@
+create user test_user@localhost;
+create role test_role;
+create role not_granted_role;
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+select user, host, default_role from mysql.user;
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+set default role invalid_role;
+ERROR OP000: Invalid role specification `invalid_role`.
+set default role not_granted_role;
+ERROR OP000: Invalid role specification `not_granted_role`.
+set default role test_role;
+select user, host, default_role from mysql.user;
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost test_role
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+GRANT SELECT ON *.* TO 'test_role'
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost test_role
+set default role invalid_role;
+ERROR OP000: Invalid role specification `invalid_role`.
+select user, host, default_role from mysql.user where user='test_user';
+user host default_role
+test_user localhost test_role
+revoke test_role from test_user@localhost;
+select user, host, default_role from mysql.user where user='test_user';
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+drop role test_role;
+drop role not_granted_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_invalid.test b/mysql-test/suite/roles/set_default_role_invalid.test
new file mode 100644
index 00000000000..8e72e316d4b
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_invalid.test
@@ -0,0 +1,62 @@
+source include/not_embedded.inc;
+
+# This test checks the error paths possible during set default role.
+
+# Create a user with no privileges
+create user test_user@localhost;
+
+create role test_role;
+create role not_granted_role;
+
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+
+change_user 'test_user';
+show grants;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user;
+
+# A user can not set a default role that does not exist in the database.
+--error ER_INVALID_ROLE
+set default role invalid_role;
+
+# A user can not set a default role if he can not call set role <role>.
+--error ER_INVALID_ROLE
+set default role not_granted_role;
+
+set default role test_role;
+
+# Even though a user has the default role set, without reconnecting, we should
+# not already have the roles privileges.
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user;
+
+change_user 'root';
+select user, host, default_role from mysql.user where user='test_user';
+
+change_user 'test_user';
+# This should show that the new test_user has the role's grants enabled.
+show grants;
+select user, host, default_role from mysql.user where user='test_user';
+
+# If we have a failed set default role attempt, don't change the already set
+# default role.
+--error ER_INVALID_ROLE
+set default role invalid_role;
+select user, host, default_role from mysql.user where user='test_user';
+
+change_user 'root';
+# Now, even though a default role is still set for test_user, make sure the
+# user does not get the rights, if he can not set the role.
+revoke test_role from test_user@localhost;
+
+change_user 'test_user';
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user='test_user';
+
+change_user 'root';
+
+# Cleanup
+drop role test_role;
+drop role not_granted_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_new_connection.result b/mysql-test/suite/roles/set_default_role_new_connection.result
new file mode 100644
index 00000000000..d88ead70038
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_new_connection.result
@@ -0,0 +1,48 @@
+create user test_user@localhost;
+create role test_role;
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+select user, host, default_role from mysql.user where user = 'test_user';
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+set default role test_role;
+select user, host, default_role from mysql.user where user = 'test_user';
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+select user, host, default_role from mysql.user where user = 'test_user';
+user host default_role
+test_user localhost test_role
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+GRANT SELECT ON *.* TO 'test_role'
+select user, host, default_role from mysql.user where user = 'test_user';
+user host default_role
+test_user localhost test_role
+set default role NONE;
+select user, host, default_role from mysql.user where user = 'test_user';
+user host default_role
+test_user localhost
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+select user, host, default_role from mysql.user where user = 'test_user';
+ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
+select user, host, default_role from mysql.user where user = 'test_user';
+user host default_role
+test_user localhost
+set default role test_role for test_user@localhost;
+show grants;
+Grants for test_user@localhost
+GRANT test_role TO 'test_user'@'localhost'
+GRANT USAGE ON *.* TO 'test_user'@'localhost'
+GRANT SELECT ON *.* TO 'test_role'
+select user, host, default_role from mysql.user where user = 'test_user';
+user host default_role
+test_user localhost test_role
+drop role test_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_default_role_new_connection.test b/mysql-test/suite/roles/set_default_role_new_connection.test
new file mode 100644
index 00000000000..81f7f2ffb58
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_new_connection.test
@@ -0,0 +1,47 @@
+source include/not_embedded.inc;
+
+create user test_user@localhost;
+create role test_role;
+grant select on *.* to test_role;
+grant test_role to test_user@localhost;
+
+--connect (c1, localhost, test_user,,)
+show grants;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user = 'test_user';
+set default role test_role;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user = 'test_user';
+disconnect c1;
+
+connection default;
+select user, host, default_role from mysql.user where user = 'test_user';
+
+
+--connect (c1, localhost, test_user,,)
+show grants;
+select user, host, default_role from mysql.user where user = 'test_user';
+set default role NONE;
+disconnect c1;
+
+connection default;
+select user, host, default_role from mysql.user where user = 'test_user';
+
+--connect (c1, localhost, test_user,,)
+show grants;
+--error ER_TABLEACCESS_DENIED_ERROR
+select user, host, default_role from mysql.user where user = 'test_user';
+disconnect c1;
+
+connection default;
+select user, host, default_role from mysql.user where user = 'test_user';
+set default role test_role for test_user@localhost;
+
+--connect (c1, localhost, test_user,,)
+show grants;
+select user, host, default_role from mysql.user where user = 'test_user';
+disconnect c1;
+
+connection default;
+drop role test_role;
+drop user test_user@localhost;
diff --git a/mysql-test/suite/roles/set_role-recursive.result b/mysql-test/suite/roles/set_role-recursive.result
index 0bec8026ab5..008de2c3265 100644
--- a/mysql-test/suite/roles/set_role-recursive.result
+++ b/mysql-test/suite/roles/set_role-recursive.result
@@ -16,11 +16,11 @@ Host User Role Admin_option
test_role1 test_role2 N
grant select on *.* to test_role2;
select * from mysql.user where user like 'test_role1';
-Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role
- test_role1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role
+ test_role1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
select * from mysql.user where user like 'test_role2';
-Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role
- test_role2 Y N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role
+ test_role2 Y N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
show grants;
diff --git a/mysql-test/suite/roles/set_role-simple.result b/mysql-test/suite/roles/set_role-simple.result
index ea416835017..f870bf8eb30 100644
--- a/mysql-test/suite/roles/set_role-simple.result
+++ b/mysql-test/suite/roles/set_role-simple.result
@@ -11,8 +11,8 @@ localhost root test_role1 Y
localhost test_user test_role1 N
grant select on *.* to test_role1;
select * from mysql.user where user='test_role1';
-Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role
- test_role1 Y N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role
+ test_role1 Y N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N Y
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
show grants;
View Lorry Controller Status