diff options
| author | unknown <bell@sanja.is.com.ua> | 2005-07-16 00:01:44 +0300 |
|---|---|---|
| committer | unknown <bell@sanja.is.com.ua> | 2005-07-16 00:01:44 +0300 |
| commit | e84229b010b279802efca085d689de105fdcf0ad (patch) | |
| tree | de6fdc4eef81f0fdbebcb593058845bff65263d0 /mysql-test/t/sp-security.test | |
| parent | 5ae3967c878ac7cfb8475eeeb50c2ebd81f39cf6 (diff) | |
| download | mariadb-git-e84229b010b279802efca085d689de105fdcf0ad.tar.gz | |
stop evaluation constant functions in WHERE (BUG#4663)
correct value of CURRENT_USER() in SP with "security definer" (BUG#7291)
BitKeeper/etc/config:
switch off open logging
mysql-test/r/sp-security.result:
correct value from current_user() in function run from "security definer"
mysql-test/r/view.result:
evaluation constant functions in WHERE (BUG#4663)
mysql-test/t/sp-security.test:
correct value from current_user() in function run from "security definer"
mysql-test/t/view.test:
evaluation constant functions in WHERE (BUG#4663)
sql/item.cc:
Item_static_string_func creation if it is need
sql/item.h:
support of Item_static_string_func creation
sql/item_cmpfunc.cc:
do not evaluate items during view creation
sql/item_create.cc:
create Item_func_user
sql/item_strfunc.cc:
Item_func_sysconst in case of converting value still have to correctly print itself
=> use Item_static_string_func instead of Item_string
Item_func_user return USER() or CURRENT_USER()
sql/item_strfunc.h:
support of correct charset conversion procedure in Item_func_sysconst
sql/sql_class.h:
new method
sql/sql_yacc.yy:
Item_func_user now support both USER() and CURRENT_USER(), so we have to pass parametr what it is
Diffstat (limited to 'mysql-test/t/sp-security.test')
| -rw-r--r-- | mysql-test/t/sp-security.test | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/mysql-test/t/sp-security.test b/mysql-test/t/sp-security.test index e1d8043ccda..204ef68ad7e 100644 --- a/mysql-test/t/sp-security.test +++ b/mysql-test/t/sp-security.test @@ -304,3 +304,32 @@ drop database sptest; delete from mysql.user where user='usera' or user='userb' or user='userc'; delete from mysql.procs_priv where user='usera' or user='userb' or user='userc'; +# +# correct value from current_user() in function run from "security definer" +# (BUG#7291) +# +connection con1root; +use test; + +select current_user(); +select user(); +create procedure bug7291_0 () sql security invoker select current_user(), user(); +create procedure bug7291_1 () sql security definer call bug7291_0(); +create procedure bug7291_2 () sql security invoker call bug7291_0(); +grant execute on procedure bug7291_0 to user1@localhost; +grant execute on procedure bug7291_1 to user1@localhost; +grant execute on procedure bug7291_2 to user1@localhost; + +connect (user1,localhost,user1,,); +connection user1; + +call bug7291_2(); +call bug7291_1(); + +connection con1root; +drop procedure bug7291_1; +drop procedure bug7291_2; +drop procedure bug7291_0; +disconnect user1; +REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost; +drop user user1@localhost; |