diff options
author | Sergey Vojtovich <svoj@mariadb.org> | 2016-03-25 20:51:22 +0400 |
---|---|---|
committer | Sergey Vojtovich <svoj@mariadb.org> | 2016-03-31 10:11:16 +0400 |
commit | 282497dd6d1049b4fb963641504c2733752845a7 (patch) | |
tree | 7288d17c29fbbe9ac47ec51f6988fb954f59a361 /mysql-test/suite/roles | |
parent | 5052e2479e873461bebfcedbc674bbaf57d3c968 (diff) | |
download | mariadb-git-282497dd6d1049b4fb963641504c2733752845a7.tar.gz |
MDEV-6720 - enable connection log in mysqltest by default
Diffstat (limited to 'mysql-test/suite/roles')
22 files changed, 130 insertions, 7 deletions
diff --git a/mysql-test/suite/roles/admin.result b/mysql-test/suite/roles/admin.result index 838f2ea165d..87d2888b47c 100644 --- a/mysql-test/suite/roles/admin.result +++ b/mysql-test/suite/roles/admin.result @@ -6,11 +6,13 @@ create role role3 with admin current_role; ERROR 0L000: Invalid definer create role role3 with admin role1; create role role4 with admin root@localhost; +connect c1, localhost, foo,,; create role role5 with admin root@localhost; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation create role role5 with admin role3; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation create role role5 with admin foo@localhost; +connection default; call mtr.add_suppression("Invalid roles_mapping table entry user:'foo@bar', rolename:'role6'"); create role role6 with admin foo@bar; Warnings: diff --git a/mysql-test/suite/roles/create_and_drop_role.result b/mysql-test/suite/roles/create_and_drop_role.result index d565b888c5f..66c5551ef43 100644 --- a/mysql-test/suite/roles/create_and_drop_role.result +++ b/mysql-test/suite/roles/create_and_drop_role.result @@ -1,3 +1,4 @@ +connect mysql, localhost, root,,; use mysql; create role test_role1@host1; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '@host1' at line 1 @@ -34,6 +35,8 @@ ERROR HY000: Operation DROP ROLE failed for 'dummy' drop user dummy@''; select user, host, is_role from user where user like 'test%'; user host is_role +disconnect mysql; +connection default; create role ''; ERROR OP000: Invalid role specification ``. create role ' '; diff --git a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result index 27149c4bf17..e18149975ad 100644 --- a/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result +++ b/mysql-test/suite/roles/create_and_drop_role_invalid_user_table.result @@ -1,3 +1,4 @@ +connect mysql, localhost, root,,; use mysql; alter table user drop column is_role; alter table user drop column default_role; diff --git a/mysql-test/suite/roles/default_create_user_not_role.result b/mysql-test/suite/roles/default_create_user_not_role.result index 1ddb054c092..171015f6e82 100644 --- a/mysql-test/suite/roles/default_create_user_not_role.result +++ b/mysql-test/suite/roles/default_create_user_not_role.result @@ -1,6 +1,8 @@ +connect mysql, localhost, root,,; use mysql; create user 'test'@'localhost'; select user, host, is_role from user where user='test' and host='localhost'; user host is_role test localhost N drop user 'test'@'localhost'; +disconnect mysql; diff --git a/mysql-test/suite/roles/definer.result b/mysql-test/suite/roles/definer.result index 7ced6255629..293e5e539bc 100644 --- a/mysql-test/suite/roles/definer.result +++ b/mysql-test/suite/roles/definer.result @@ -34,6 +34,8 @@ View Create View character_set_client collation_connection v3 CREATE ALGORITHM=UNDEFINED DEFINER=`role3`@`%` SQL SECURITY DEFINER VIEW `test`.`v3` AS select (`mysqltest1`.`t1`.`a` + `mysqltest1`.`t1`.`b`) AS `a+b`,`mysqltest1`.`t1`.`c` AS `c` from `mysqltest1`.`t1` latin1 latin1_swedish_ci Warnings: Note 1449 The user specified as a definer ('role3'@'%') does not exist +connect c1, localhost, foo,,mysqltest1; +connection c1; show grants; Grants for foo@localhost GRANT role4 TO 'foo'@'localhost' @@ -71,6 +73,7 @@ select * from test.v5; a+b c 11 100 22 200 +connection default; drop role role4; show create view test.v5; View Create View character_set_client collation_connection diff --git a/mysql-test/suite/roles/drop_current_user-5176.result b/mysql-test/suite/roles/drop_current_user-5176.result index ea9f4fa4f92..9c4041a0d1e 100644 --- a/mysql-test/suite/roles/drop_current_user-5176.result +++ b/mysql-test/suite/roles/drop_current_user-5176.result @@ -1,5 +1,6 @@ create user foo@localhost; grant create user on *.* to foo@localhost; +connect foo,localhost,foo,,; drop user foo@localhost; select * from information_schema.applicable_roles; GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT diff --git a/mysql-test/suite/roles/drop_routines.result b/mysql-test/suite/roles/drop_routines.result index ad2a82c37c5..11eda3a290f 100644 --- a/mysql-test/suite/roles/drop_routines.result +++ b/mysql-test/suite/roles/drop_routines.result @@ -69,11 +69,13 @@ GRANT UPDATE ON `mysql`.`user` TO 'r3' GRANT USAGE ON *.* TO 'r2' GRANT USAGE ON *.* TO 'r3' GRANT r3 TO 'r2' +connect u1,localhost,u1,,; select mysql.test_func("none"); ERROR 42000: execute command denied to user 'u1'@'%' for routine 'mysql.test_func' set role r1; select mysql.test_func("r1"); ERROR 42000: execute command denied to user 'u1'@'%' for routine 'mysql.test_func' +connection default; drop function mysql.test_func; drop role r1, r2, r3; drop user u1; diff --git a/mysql-test/suite/roles/grant-5771.result b/mysql-test/suite/roles/grant-5771.result index 5d79820e7a0..87797d8b9a4 100644 --- a/mysql-test/suite/roles/grant-5771.result +++ b/mysql-test/suite/roles/grant-5771.result @@ -6,6 +6,7 @@ grant all on mysqltest1.* to r1; grant all on mysqltest2.* to r2; grant r1 to r2; grant r2 to foo@localhost; +connect foo,localhost,foo,,; select current_user; current_user foo@localhost @@ -27,6 +28,7 @@ GRANT USAGE ON *.* TO 'r2' GRANT ALL PRIVILEGES ON `mysqltest2`.* TO 'r2' GRANT USAGE ON *.* TO 'r1' GRANT ALL PRIVILEGES ON `mysqltest1`.* TO 'r1' +connection default; drop user foo@localhost; drop role r1; drop role r2; diff --git a/mysql-test/suite/roles/grant_empty.result b/mysql-test/suite/roles/grant_empty.result index dfc0f513396..cfe74fa7aa3 100644 --- a/mysql-test/suite/roles/grant_empty.result +++ b/mysql-test/suite/roles/grant_empty.result @@ -3,6 +3,7 @@ ERROR OP000: Invalid role specification ``. create user ''@localhost; create role r1; grant r1 to ''@localhost; +connect con1,localhost,nonexisting_user,,; select current_user; current_user @localhost @@ -10,5 +11,6 @@ show grants; Grants for @localhost GRANT r1 TO ''@'localhost' GRANT USAGE ON *.* TO ''@'localhost' +connection default; drop role r1; drop user ''@localhost; diff --git a/mysql-test/suite/roles/grant_role_auto_create_user.result b/mysql-test/suite/roles/grant_role_auto_create_user.result index dee07aa6b3c..3f6139e84d0 100644 --- a/mysql-test/suite/roles/grant_role_auto_create_user.result +++ b/mysql-test/suite/roles/grant_role_auto_create_user.result @@ -6,12 +6,17 @@ create user foo@localhost; grant auto_create to foo@localhost; create user bar@localhost identified by 'baz'; grant auto_create to bar@localhost; +connect con1,localhost,foo,,; set role 'auto_create'; use db; create table t1 (i int); +disconnect con1; +connect con1,localhost,bar,baz,; set role auto_create; use db; insert into t1 values (1); +disconnect con1; +connection default; drop user foo@localhost, bar@localhost; set sql_mode = 'no_auto_create_user'; grant auto_create to foo@localhost; @@ -21,10 +26,14 @@ select user, host from mysql.user where user = 'bar'; user host bar localhost set sql_mode = ''; +connect con1,localhost,bar,baz,; set role auto_create; use db; drop table t1; +disconnect con1; +connection default; create user foo@localhost; +connect con1, localhost, foo,,; set sql_mode = ''; grant auto_create to bar2@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' @@ -35,7 +44,10 @@ grant auto_create to bar2@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' grant auto_create to foo2@localhost identified by 'pass'; ERROR 28000: Access denied for user 'foo'@'localhost' +disconnect con1; +connection default; grant auto_create to foo@localhost; +connect con1, localhost, foo,,; set sql_mode = ''; grant auto_create to bar@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' @@ -48,7 +60,10 @@ grant auto_create to bar2@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' grant auto_create to foo2@localhost identified by 'pass'; ERROR 28000: Access denied for user 'foo'@'localhost' +connection default; grant auto_create to foo@localhost with admin option; +disconnect con1; +connect con1, localhost, foo,,; set sql_mode = ''; grant auto_create to bar@localhost; grant auto_create to bar2@localhost; @@ -60,6 +75,7 @@ grant auto_create to bar2@localhost; ERROR 28000: Can't find any matching row in the user table grant auto_create to foo2@localhost identified by 'pass'; ERROR 42000: You are not allowed to create a user with GRANT +connection default; drop user foo@localhost; drop user bar@localhost; drop role auto_create; diff --git a/mysql-test/suite/roles/i_s_applicable_roles_is_default.test b/mysql-test/suite/roles/i_s_applicable_roles_is_default.test index 4a844e39b87..59ba1f8bf75 100644 --- a/mysql-test/suite/roles/i_s_applicable_roles_is_default.test +++ b/mysql-test/suite/roles/i_s_applicable_roles_is_default.test @@ -1,5 +1,4 @@ --source include/not_embedded.inc ---enable_connect_log create user foo; create role role1; create role role2; diff --git a/mysql-test/suite/roles/ip-6401.result b/mysql-test/suite/roles/ip-6401.result index a9876eb8273..1afd649636e 100644 --- a/mysql-test/suite/roles/ip-6401.result +++ b/mysql-test/suite/roles/ip-6401.result @@ -1,6 +1,7 @@ create role r1; create user foo@'127.0.0.1'; grant r1 to foo@'127.0.0.1'; +connect con1,127.0.0.1,foo,,; show grants; Grants for foo@127.0.0.1 GRANT r1 TO 'foo'@'127.0.0.1' @@ -9,5 +10,6 @@ set role r1; select * from information_schema.enabled_roles; ROLE_NAME r1 +connection default; drop user foo@'127.0.0.1'; drop role r1; diff --git a/mysql-test/suite/roles/rebuild_role_grants.result b/mysql-test/suite/roles/rebuild_role_grants.result index bc68d8ddc9f..1dd6f683340 100644 --- a/mysql-test/suite/roles/rebuild_role_grants.result +++ b/mysql-test/suite/roles/rebuild_role_grants.result @@ -58,7 +58,10 @@ drop role r1; drop user u2; create user foo@localhost; grant create user on *.* to foo@localhost; +connect con1, localhost, foo,,; create role look, isp, xxx, ppp; rename user current_user to nnnn@'%'; drop role look, isp, xxx, ppp; +connection default; +disconnect con1; drop user nnnn@'%'; diff --git a/mysql-test/suite/roles/recursive.result b/mysql-test/suite/roles/recursive.result index 7abbd01240e..ece3114747e 100644 --- a/mysql-test/suite/roles/recursive.result +++ b/mysql-test/suite/roles/recursive.result @@ -23,6 +23,7 @@ grant role9 to role10; grant role10 to foo@localhost; grant role10 to role2; ERROR HY000: Cannot grant role 'role10' to: 'role2'. +connect foo, localhost, foo; show grants; Grants for foo@localhost GRANT USAGE ON *.* TO 'foo'@'localhost' @@ -42,9 +43,11 @@ role9 role6 NO NULL role9 role7 NO NULL show status like 'debug%'; Variable_name Value +connection default; grant select on *.* to role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -85,9 +88,11 @@ role5 role6 role7 role9 +connection default; revoke select on *.* from role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; count(*) 22 @@ -96,9 +101,11 @@ set role role10; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select on mysql.* to role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -129,15 +136,19 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select on mysql.* from role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select on mysql.roles_mapping to role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -168,15 +179,19 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select on mysql.roles_mapping from role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select(User) on mysql.roles_mapping to role1; show status like 'debug%'; Variable_name Value +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -209,9 +224,11 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; grant select(Host) on mysql.roles_mapping to role3; show status like 'debug%'; Variable_name Value +connection foo; select count(concat(User,Host,Role)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'Role' in table 'roles_mapping' select count(concat(User,Host)) from mysql.roles_mapping; @@ -242,25 +259,31 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select(User) on mysql.roles_mapping from role1; show status like 'debug%'; Variable_name Value +connection foo; select count(concat(User,Host)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'User' in table 'roles_mapping' select count(concat(Host)) from mysql.roles_mapping; count(concat(Host)) 22 +connection default; revoke select(Host) on mysql.roles_mapping from role3; show status like 'debug%'; Variable_name Value +connection foo; select count(concat(Host)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; create procedure pr1() select "pr1"; create function fn1() returns char(10) return "fn1"; grant execute on procedure test.pr1 to role1; show status like 'debug%'; Variable_name Value +connection foo; call pr1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.pr1' set role role10; @@ -269,26 +292,33 @@ pr1 pr1 select fn1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.fn1' +connection default; grant execute on function test.fn1 to role5; show status like 'debug%'; Variable_name Value +connection foo; select fn1(); fn1() fn1 +connection default; revoke execute on procedure test.pr1 from role1; show status like 'debug%'; Variable_name Value +connection foo; call pr1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.pr1' select fn1(); fn1() fn1 +connection default; revoke execute on function test.fn1 from role5; show status like 'debug%'; Variable_name Value +connection foo; select fn1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.fn1' set role none; +connection default; drop procedure pr1; drop function fn1; grant select on mysql.roles_mapping to role3; @@ -315,6 +345,7 @@ Variable_name Value revoke select on test.* from role1; show status like 'debug%'; Variable_name Value +connection default; drop user foo@localhost; drop role role1; drop role role2; diff --git a/mysql-test/suite/roles/recursive_dbug.result b/mysql-test/suite/roles/recursive_dbug.result index ea65a842eb0..64c0f3660e7 100644 --- a/mysql-test/suite/roles/recursive_dbug.result +++ b/mysql-test/suite/roles/recursive_dbug.result @@ -27,6 +27,7 @@ grant role9 to role10; grant role10 to foo@localhost; grant role10 to role2; ERROR HY000: Cannot grant role 'role10' to: 'role2'. +connect foo, localhost, foo; show grants; Grants for foo@localhost GRANT USAGE ON *.* TO 'foo'@'localhost' @@ -51,6 +52,7 @@ Debug_role_merges_db 0 Debug_role_merges_table 0 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection default; grant select on *.* to role1; show status like 'debug%'; Variable_name Value @@ -59,6 +61,7 @@ Debug_role_merges_db 0 Debug_role_merges_table 0 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -99,6 +102,7 @@ role5 role6 role7 role9 +connection default; revoke select on *.* from role1; show status like 'debug%'; Variable_name Value @@ -107,6 +111,7 @@ Debug_role_merges_db 0 Debug_role_merges_table 0 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; count(*) 22 @@ -115,6 +120,7 @@ set role role10; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select on mysql.* to role1; show status like 'debug%'; Variable_name Value @@ -123,6 +129,7 @@ Debug_role_merges_db 8 Debug_role_merges_table 0 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -153,6 +160,7 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select on mysql.* from role1; show status like 'debug%'; Variable_name Value @@ -161,9 +169,11 @@ Debug_role_merges_db 16 Debug_role_merges_table 0 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select on mysql.roles_mapping to role1; show status like 'debug%'; Variable_name Value @@ -172,6 +182,7 @@ Debug_role_merges_db 16 Debug_role_merges_table 8 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -202,6 +213,7 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select on mysql.roles_mapping from role1; show status like 'debug%'; Variable_name Value @@ -210,9 +222,11 @@ Debug_role_merges_db 16 Debug_role_merges_table 16 Debug_role_merges_column 0 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; grant select(User) on mysql.roles_mapping to role1; show status like 'debug%'; Variable_name Value @@ -221,6 +235,7 @@ Debug_role_merges_db 16 Debug_role_merges_table 24 Debug_role_merges_column 8 Debug_role_merges_routine 0 +connection foo; select count(*) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role role10; @@ -253,6 +268,7 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; grant select(Host) on mysql.roles_mapping to role3; show status like 'debug%'; Variable_name Value @@ -261,6 +277,7 @@ Debug_role_merges_db 16 Debug_role_merges_table 30 Debug_role_merges_column 14 Debug_role_merges_routine 0 +connection foo; select count(concat(User,Host,Role)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'Role' in table 'roles_mapping' select count(concat(User,Host)) from mysql.roles_mapping; @@ -291,6 +308,7 @@ GRANT role5 TO 'role7' GRANT role6 TO 'role9' GRANT role7 TO 'role9' GRANT role9 TO 'role10' +connection default; revoke select(User) on mysql.roles_mapping from role1; show status like 'debug%'; Variable_name Value @@ -299,11 +317,13 @@ Debug_role_merges_db 16 Debug_role_merges_table 38 Debug_role_merges_column 22 Debug_role_merges_routine 0 +connection foo; select count(concat(User,Host)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'User' in table 'roles_mapping' select count(concat(Host)) from mysql.roles_mapping; count(concat(Host)) 22 +connection default; revoke select(Host) on mysql.roles_mapping from role3; show status like 'debug%'; Variable_name Value @@ -312,9 +332,11 @@ Debug_role_merges_db 16 Debug_role_merges_table 44 Debug_role_merges_column 28 Debug_role_merges_routine 0 +connection foo; select count(concat(Host)) from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' set role none; +connection default; create procedure pr1() select "pr1"; create function fn1() returns char(10) return "fn1"; grant execute on procedure test.pr1 to role1; @@ -325,6 +347,7 @@ Debug_role_merges_db 16 Debug_role_merges_table 44 Debug_role_merges_column 28 Debug_role_merges_routine 8 +connection foo; call pr1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.pr1' set role role10; @@ -333,6 +356,7 @@ pr1 pr1 select fn1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.fn1' +connection default; grant execute on function test.fn1 to role5; show status like 'debug%'; Variable_name Value @@ -341,9 +365,11 @@ Debug_role_merges_db 16 Debug_role_merges_table 44 Debug_role_merges_column 28 Debug_role_merges_routine 13 +connection foo; select fn1(); fn1() fn1 +connection default; revoke execute on procedure test.pr1 from role1; show status like 'debug%'; Variable_name Value @@ -352,11 +378,13 @@ Debug_role_merges_db 16 Debug_role_merges_table 44 Debug_role_merges_column 28 Debug_role_merges_routine 21 +connection foo; call pr1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.pr1' select fn1(); fn1() fn1 +connection default; revoke execute on function test.fn1 from role5; show status like 'debug%'; Variable_name Value @@ -365,9 +393,11 @@ Debug_role_merges_db 16 Debug_role_merges_table 44 Debug_role_merges_column 28 Debug_role_merges_routine 26 +connection foo; select fn1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'test.fn1' set role none; +connection default; drop procedure pr1; drop function fn1; grant select on mysql.roles_mapping to role3; @@ -434,6 +464,7 @@ Debug_role_merges_db 48 Debug_role_merges_table 62 Debug_role_merges_column 28 Debug_role_merges_routine 26 +connection default; drop user foo@localhost; drop role role1; drop role role2; diff --git a/mysql-test/suite/roles/rpl_definer.result b/mysql-test/suite/roles/rpl_definer.result index c9e4f66a267..f4cc5dad39e 100644 --- a/mysql-test/suite/roles/rpl_definer.result +++ b/mysql-test/suite/roles/rpl_definer.result @@ -35,7 +35,7 @@ show create procedure pr; Procedure sql_mode Create Procedure character_set_client collation_connection Database Collation pr NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION CREATE DEFINER=`role1` PROCEDURE `pr`() select "role1" latin1 latin1_swedish_ci latin1_swedish_ci -[connection slave] +connection slave; set role role1; show grants; Grants for root@localhost @@ -63,6 +63,7 @@ show create procedure pr; Procedure sql_mode Create Procedure character_set_client collation_connection Database Collation pr NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION CREATE DEFINER=`role1` PROCEDURE `pr`() select "role1" latin1 latin1_swedish_ci latin1_swedish_ci +connection master; drop procedure pcu; drop procedure pu; drop procedure pcr; diff --git a/mysql-test/suite/roles/rpl_definer.test b/mysql-test/suite/roles/rpl_definer.test index 86d69de86aa..8e19bd16705 100644 --- a/mysql-test/suite/roles/rpl_definer.test +++ b/mysql-test/suite/roles/rpl_definer.test @@ -23,8 +23,6 @@ show create procedure pcr; show create procedure pr; sync_slave_with_master; -connection slave; -echo [connection slave]; set role role1; --sorted_result diff --git a/mysql-test/suite/roles/set_and_drop.result b/mysql-test/suite/roles/set_and_drop.result index 1814c19cc97..2d3e675ebd0 100644 --- a/mysql-test/suite/roles/set_and_drop.result +++ b/mysql-test/suite/roles/set_and_drop.result @@ -14,6 +14,7 @@ grant select on mysql.* to role2; grant execute on procedure mysqltest1.pr1 to role2; grant select on mysqltest1.t1 to role2; grant select (a) on mysqltest1.t2 to role2; +connect foo,localhost,foo; flush tables; ERROR 42000: Access denied; you need (at least one of) the RELOAD privilege(s) for this operation select * from mysql.roles_mapping; @@ -45,10 +46,14 @@ a call mysqltest1.pr1(); pr1 pr1 +connection default; revoke execute on procedure mysqltest1.pr1 from role2; +connection foo; call mysqltest1.pr1(); ERROR 42000: execute command denied to user 'foo'@'localhost' for routine 'mysqltest1.pr1' +connection default; drop role role2; +connection foo; show grants; Grants for foo@localhost GRANT role1 TO 'foo'@'localhost' @@ -65,11 +70,13 @@ ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 't1' select a from mysqltest1.t2; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 't2' set role none; +connection default; grant reload on *.* to role1; grant select on mysql.* to role1; grant execute on procedure mysqltest1.pr1 to role1; grant select on mysqltest1.t1 to role1; grant select (a) on mysqltest1.t2 to role1; +connection foo; set role role1; flush tables; select * from mysql.roles_mapping; @@ -93,7 +100,9 @@ a call mysqltest1.pr1(); pr1 pr1 +connection default; drop role role1; +connection foo; flush tables; select * from mysql.roles_mapping; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'roles_mapping' @@ -113,5 +122,7 @@ NULL select current_role(); current_role() role1 +disconnect foo; +connection default; drop user foo@localhost; drop database mysqltest1; diff --git a/mysql-test/suite/roles/set_default_role_new_connection.result b/mysql-test/suite/roles/set_default_role_new_connection.result index d88ead70038..a59ecbd75f7 100644 --- a/mysql-test/suite/roles/set_default_role_new_connection.result +++ b/mysql-test/suite/roles/set_default_role_new_connection.result @@ -2,6 +2,7 @@ create user test_user@localhost; create role test_role; grant select on *.* to test_role; grant test_role to test_user@localhost; +connect c1, localhost, test_user,,; show grants; Grants for test_user@localhost GRANT test_role TO 'test_user'@'localhost' @@ -11,9 +12,12 @@ ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'us set default role test_role; select user, host, default_role from mysql.user where user = 'test_user'; ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user' +disconnect c1; +connection default; select user, host, default_role from mysql.user where user = 'test_user'; user host default_role test_user localhost test_role +connect c1, localhost, test_user,,; show grants; Grants for test_user@localhost GRANT test_role TO 'test_user'@'localhost' @@ -23,19 +27,25 @@ select user, host, default_role from mysql.user where user = 'test_user'; user host default_role test_user localhost test_role set default role NONE; +disconnect c1; +connection default; select user, host, default_role from mysql.user where user = 'test_user'; user host default_role test_user localhost +connect c1, localhost, test_user,,; show grants; Grants for test_user@localhost GRANT test_role TO 'test_user'@'localhost' GRANT USAGE ON *.* TO 'test_user'@'localhost' select user, host, default_role from mysql.user where user = 'test_user'; ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user' +disconnect c1; +connection default; select user, host, default_role from mysql.user where user = 'test_user'; user host default_role test_user localhost set default role test_role for test_user@localhost; +connect c1, localhost, test_user,,; show grants; Grants for test_user@localhost GRANT test_role TO 'test_user'@'localhost' @@ -44,5 +54,7 @@ GRANT SELECT ON *.* TO 'test_role' select user, host, default_role from mysql.user where user = 'test_user'; user host default_role test_user localhost test_role +disconnect c1; +connection default; drop role test_role; drop user test_user@localhost; diff --git a/mysql-test/suite/roles/set_role-5232.result b/mysql-test/suite/roles/set_role-5232.result index 888a5f10c3d..898e4b05304 100644 --- a/mysql-test/suite/roles/set_role-5232.result +++ b/mysql-test/suite/roles/set_role-5232.result @@ -3,6 +3,7 @@ create user c; grant select on mysql.* to c; create role r1; grant r1 to c; +connect c,localhost,c,,,,,; select user(), current_user(); user() current_user() c@localhost @localhost @@ -10,6 +11,8 @@ select user from mysql.user group by user; ERROR 42000: SELECT command denied to user ''@'localhost' for table 'user' set role r1; ERROR OP000: Invalid role specification `r1`. +disconnect c; +connection default; drop role r1; drop user c; drop user ''@localhost; diff --git a/mysql-test/suite/roles/show_grants_replicated.result b/mysql-test/suite/roles/show_grants_replicated.result index 0b2e38d3630..cb9df65dbbd 100644 --- a/mysql-test/suite/roles/show_grants_replicated.result +++ b/mysql-test/suite/roles/show_grants_replicated.result @@ -54,4 +54,5 @@ GRANT USAGE ON *.* TO 'r1' connection master; drop role r1; drop user u1; +connection slave; include/rpl_end.inc diff --git a/mysql-test/suite/roles/show_grants_replicated.test b/mysql-test/suite/roles/show_grants_replicated.test index 1d4572bb297..91129c431cc 100644 --- a/mysql-test/suite/roles/show_grants_replicated.test +++ b/mysql-test/suite/roles/show_grants_replicated.test @@ -1,7 +1,5 @@ --source include/master-slave.inc ---enable_connect_log - create user u1; create role r1; --echo # @@ -36,6 +34,5 @@ show grants for r1; connection master; drop role r1; drop user u1; ---disable_connect_log --sync_slave_with_master --source include/rpl_end.inc |