summaryrefslogtreecommitdiff
path: root/mysql-test
diff options
context:
space:
mode:
authorDmitry Lenev <Dmitry.Lenev@oracle.com>2011-02-07 15:06:22 +0300
committerDmitry Lenev <Dmitry.Lenev@oracle.com>2011-02-07 15:06:22 +0300
commitf74fd118cff0d1d0f45600ef6f25271484b69259 (patch)
tree3b79267544dc53e2eb6d0b412ec829d0d141bbeb /mysql-test
parentbcd988b2d38657ed6119011d4a22bdde3fbec551 (diff)
parentb169b8d8530208f7655782841fdbe92a1b61f56d (diff)
downloadmariadb-git-f74fd118cff0d1d0f45600ef6f25271484b69259.tar.gz
Merged fix for bug #36544 "DROP USER does not remove stored
function privileges" into 5.5 tree. Did after-merge fixes.
Diffstat (limited to 'mysql-test')
-rw-r--r--mysql-test/r/grant.result197
-rw-r--r--mysql-test/suite/funcs_1/r/innodb_storedproc_06.result2
-rw-r--r--mysql-test/suite/funcs_1/r/memory_storedproc_06.result2
-rw-r--r--mysql-test/suite/funcs_1/r/myisam_storedproc_06.result2
-rw-r--r--mysql-test/suite/funcs_1/storedproc/storedproc_06.inc4
-rw-r--r--mysql-test/t/grant.test177
6 files changed, 370 insertions, 14 deletions
diff --git a/mysql-test/r/grant.result b/mysql-test/r/grant.result
index aade98d49b6..3462dccd073 100644
--- a/mysql-test/r/grant.result
+++ b/mysql-test/r/grant.result
@@ -1326,6 +1326,199 @@ DROP DATABASE mysqltest2;
DROP USER testuser@localhost;
use test;
+#
+# Test for bug #36544 "DROP USER does not remove stored function
+# privileges".
+#
+create database mysqltest1;
+create function mysqltest1.f1() returns int return 0;
+create procedure mysqltest1.p1() begin end;
+#
+# 1) Check that DROP USER properly removes privileges on both
+# stored procedures and functions.
+#
+create user mysqluser1@localhost;
+grant execute on function mysqltest1.f1 to mysqluser1@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser1@localhost;
+# Quick test that granted privileges are properly reflected
+# in privilege tables and in in-memory structures.
+show grants for mysqluser1@localhost;
+Grants for mysqluser1@localhost
+GRANT USAGE ON *.* TO 'mysqluser1'@'localhost'
+GRANT EXECUTE ON PROCEDURE `mysqltest1`.`p1` TO 'mysqluser1'@'localhost'
+GRANT EXECUTE ON FUNCTION `mysqltest1`.`f1` TO 'mysqluser1'@'localhost'
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+db routine_name routine_type proc_priv
+mysqltest1 f1 FUNCTION Execute
+mysqltest1 p1 PROCEDURE Execute
+#
+# Create connection 'bug_36544_con1' as 'mysqluser1@localhost'.
+call mysqltest1.p1();
+select mysqltest1.f1();
+mysqltest1.f1()
+0
+#
+# Switch to connection 'default'.
+drop user mysqluser1@localhost;
+#
+# Test that dropping of user is properly reflected in
+# both privilege tables and in in-memory structures.
+#
+# Switch to connection 'bug36544_con1'.
+# The connection cold be alive but should not be able to
+# access to any of the stored routines.
+call mysqltest1.p1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1'
+select mysqltest1.f1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.f1'
+#
+# Switch to connection 'default'.
+#
+# Now create user with the same name and check that he
+# has not inherited privileges.
+create user mysqluser1@localhost;
+show grants for mysqluser1@localhost;
+Grants for mysqluser1@localhost
+GRANT USAGE ON *.* TO 'mysqluser1'@'localhost'
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+db routine_name routine_type proc_priv
+#
+# Create connection 'bug_36544_con2' as 'mysqluser1@localhost'.
+# Newly created user should not be able to access any of the routines.
+call mysqltest1.p1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1'
+select mysqltest1.f1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.f1'
+#
+# Switch to connection 'default'.
+#
+# 2) Check that RENAME USER properly updates privileges on both
+# stored procedures and functions.
+#
+grant execute on function mysqltest1.f1 to mysqluser1@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser1@localhost;
+#
+# Create one more user to make in-memory hashes non-trivial.
+# User names 'mysqluser11' and 'mysqluser10' were selected
+# to trigger bug discovered during code inspection.
+create user mysqluser11@localhost;
+grant execute on function mysqltest1.f1 to mysqluser11@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser11@localhost;
+# Also create a couple of tables to test for another bug
+# discovered during code inspection (again table names were
+# chosen especially to trigger the bug).
+create table mysqltest1.t11 (i int);
+create table mysqltest1.t22 (i int);
+grant select on mysqltest1.t22 to mysqluser1@localhost;
+grant select on mysqltest1.t11 to mysqluser1@localhost;
+# Quick test that granted privileges are properly reflected
+# in privilege tables and in in-memory structures.
+show grants for mysqluser1@localhost;
+Grants for mysqluser1@localhost
+GRANT USAGE ON *.* TO 'mysqluser1'@'localhost'
+GRANT SELECT ON `mysqltest1`.`t11` TO 'mysqluser1'@'localhost'
+GRANT SELECT ON `mysqltest1`.`t22` TO 'mysqluser1'@'localhost'
+GRANT EXECUTE ON PROCEDURE `mysqltest1`.`p1` TO 'mysqluser1'@'localhost'
+GRANT EXECUTE ON FUNCTION `mysqltest1`.`f1` TO 'mysqluser1'@'localhost'
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+db routine_name routine_type proc_priv
+mysqltest1 f1 FUNCTION Execute
+mysqltest1 p1 PROCEDURE Execute
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost';
+db table_name table_priv
+mysqltest1 t11 Select
+mysqltest1 t22 Select
+#
+# Switch to connection 'bug36544_con2'.
+call mysqltest1.p1();
+select mysqltest1.f1();
+mysqltest1.f1()
+0
+select * from mysqltest1.t11;
+i
+select * from mysqltest1.t22;
+i
+#
+# Switch to connection 'default'.
+rename user mysqluser1@localhost to mysqluser10@localhost;
+#
+# Test that there are no privileges left for mysqluser1.
+#
+# Switch to connection 'bug36544_con2'.
+# The connection cold be alive but should not be able to
+# access to any of the stored routines or tables.
+call mysqltest1.p1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1'
+select mysqltest1.f1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.f1'
+select * from mysqltest1.t11;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 't11'
+select * from mysqltest1.t22;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 't22'
+#
+# Switch to connection 'default'.
+#
+# Now create user with the old name and check that he
+# has not inherited privileges.
+create user mysqluser1@localhost;
+show grants for mysqluser1@localhost;
+Grants for mysqluser1@localhost
+GRANT USAGE ON *.* TO 'mysqluser1'@'localhost'
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+db routine_name routine_type proc_priv
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost';
+db table_name table_priv
+#
+# Create connection 'bug_36544_con3' as 'mysqluser1@localhost'.
+# Newly created user should not be able to access to any of the
+# stored routines or tables.
+call mysqltest1.p1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1'
+select mysqltest1.f1();
+ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.f1'
+select * from mysqltest1.t11;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 't11'
+select * from mysqltest1.t22;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 't22'
+#
+# Switch to connection 'default'.
+#
+# Now check that privileges became associated with a new user
+# name - mysqluser10.
+#
+show grants for mysqluser10@localhost;
+Grants for mysqluser10@localhost
+GRANT USAGE ON *.* TO 'mysqluser10'@'localhost'
+GRANT SELECT ON `mysqltest1`.`t22` TO 'mysqluser10'@'localhost'
+GRANT SELECT ON `mysqltest1`.`t11` TO 'mysqluser10'@'localhost'
+GRANT EXECUTE ON PROCEDURE `mysqltest1`.`p1` TO 'mysqluser10'@'localhost'
+GRANT EXECUTE ON FUNCTION `mysqltest1`.`f1` TO 'mysqluser10'@'localhost'
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser10' and host='localhost';
+db routine_name routine_type proc_priv
+mysqltest1 f1 FUNCTION Execute
+mysqltest1 p1 PROCEDURE Execute
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10' and host='localhost';
+db table_name table_priv
+mysqltest1 t11 Select
+mysqltest1 t22 Select
+#
+# Create connection 'bug_36544_con4' as 'mysqluser10@localhost'.
+call mysqltest1.p1();
+select mysqltest1.f1();
+mysqltest1.f1()
+0
+select * from mysqltest1.t11;
+i
+select * from mysqltest1.t22;
+i
+#
+# Switch to connection 'default'.
+#
+# Clean-up.
+drop user mysqluser1@localhost;
+drop user mysqluser10@localhost;
+drop user mysqluser11@localhost;
+drop database mysqltest1;
End of 5.0 tests
set names utf8;
grant select on test.* to юзер_юзер@localhost;
@@ -1422,11 +1615,7 @@ fn2()
2
DROP USER 'userbug33464'@'localhost';
DROP FUNCTION fn1;
-Warnings:
-Warning 1403 There is no such grant defined for user 'userbug33464' on host 'localhost' on routine 'fn1'
DROP FUNCTION fn2;
-Warnings:
-Warning 1403 There is no such grant defined for user 'userbug33464' on host 'localhost' on routine 'fn2'
DROP PROCEDURE sp3;
DROP USER 'userbug33464'@'localhost';
USE test;
diff --git a/mysql-test/suite/funcs_1/r/innodb_storedproc_06.result b/mysql-test/suite/funcs_1/r/innodb_storedproc_06.result
index ee1548fe012..5219f057593 100644
--- a/mysql-test/suite/funcs_1/r/innodb_storedproc_06.result
+++ b/mysql-test/suite/funcs_1/r/innodb_storedproc_06.result
@@ -128,8 +128,6 @@ root@localhost db_storedproc_1
drop user 'user_1'@'localhost';
DROP PROCEDURE sp3;
DROP FUNCTION fn1;
-Warnings:
-Warning 1403 There is no such grant defined for user 'user_1' on host 'localhost' on routine 'fn1'
Testcase 3.1.6.4:
-----------------
diff --git a/mysql-test/suite/funcs_1/r/memory_storedproc_06.result b/mysql-test/suite/funcs_1/r/memory_storedproc_06.result
index 096cbd1261e..ac66f0bb230 100644
--- a/mysql-test/suite/funcs_1/r/memory_storedproc_06.result
+++ b/mysql-test/suite/funcs_1/r/memory_storedproc_06.result
@@ -129,8 +129,6 @@ root@localhost db_storedproc_1
drop user 'user_1'@'localhost';
DROP PROCEDURE sp3;
DROP FUNCTION fn1;
-Warnings:
-Warning 1403 There is no such grant defined for user 'user_1' on host 'localhost' on routine 'fn1'
Testcase 3.1.6.4:
-----------------
diff --git a/mysql-test/suite/funcs_1/r/myisam_storedproc_06.result b/mysql-test/suite/funcs_1/r/myisam_storedproc_06.result
index 096cbd1261e..ac66f0bb230 100644
--- a/mysql-test/suite/funcs_1/r/myisam_storedproc_06.result
+++ b/mysql-test/suite/funcs_1/r/myisam_storedproc_06.result
@@ -129,8 +129,6 @@ root@localhost db_storedproc_1
drop user 'user_1'@'localhost';
DROP PROCEDURE sp3;
DROP FUNCTION fn1;
-Warnings:
-Warning 1403 There is no such grant defined for user 'user_1' on host 'localhost' on routine 'fn1'
Testcase 3.1.6.4:
-----------------
diff --git a/mysql-test/suite/funcs_1/storedproc/storedproc_06.inc b/mysql-test/suite/funcs_1/storedproc/storedproc_06.inc
index 4ecca63351d..656b9a52e85 100644
--- a/mysql-test/suite/funcs_1/storedproc/storedproc_06.inc
+++ b/mysql-test/suite/funcs_1/storedproc/storedproc_06.inc
@@ -149,10 +149,6 @@ USE db_storedproc_1;
drop user 'user_1'@'localhost';
DROP PROCEDURE sp3;
-# This drop function shouldn't generated a warning as the
-# privileges should have been removed when the user was
-# dropped. Reported as Bug#36544 DROP USER does not remove
-# stored function privileges
DROP FUNCTION fn1;
diff --git a/mysql-test/t/grant.test b/mysql-test/t/grant.test
index 0762ceda0ac..03a6ceafb36 100644
--- a/mysql-test/t/grant.test
+++ b/mysql-test/t/grant.test
@@ -1396,6 +1396,183 @@ DROP USER testuser@localhost;
use test;
--echo
+
+--echo #
+--echo # Test for bug #36544 "DROP USER does not remove stored function
+--echo # privileges".
+--echo #
+create database mysqltest1;
+create function mysqltest1.f1() returns int return 0;
+create procedure mysqltest1.p1() begin end;
+--echo #
+--echo # 1) Check that DROP USER properly removes privileges on both
+--echo # stored procedures and functions.
+--echo #
+create user mysqluser1@localhost;
+grant execute on function mysqltest1.f1 to mysqluser1@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser1@localhost;
+
+--echo # Quick test that granted privileges are properly reflected
+--echo # in privilege tables and in in-memory structures.
+show grants for mysqluser1@localhost;
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+--echo #
+--echo # Create connection 'bug_36544_con1' as 'mysqluser1@localhost'.
+--connect (bug36544_con1,localhost,mysqluser1,,)
+call mysqltest1.p1();
+select mysqltest1.f1();
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+drop user mysqluser1@localhost;
+
+--echo #
+--echo # Test that dropping of user is properly reflected in
+--echo # both privilege tables and in in-memory structures.
+--echo #
+--echo # Switch to connection 'bug36544_con1'.
+--connection bug36544_con1
+--echo # The connection cold be alive but should not be able to
+--echo # access to any of the stored routines.
+--error ER_PROCACCESS_DENIED_ERROR
+call mysqltest1.p1();
+--error ER_PROCACCESS_DENIED_ERROR
+select mysqltest1.f1();
+--disconnect bug36544_con1
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+--echo #
+--echo # Now create user with the same name and check that he
+--echo # has not inherited privileges.
+create user mysqluser1@localhost;
+show grants for mysqluser1@localhost;
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+--echo #
+--echo # Create connection 'bug_36544_con2' as 'mysqluser1@localhost'.
+--connect (bug36544_con2,localhost,mysqluser1,,)
+--echo # Newly created user should not be able to access any of the routines.
+--error ER_PROCACCESS_DENIED_ERROR
+call mysqltest1.p1();
+--error ER_PROCACCESS_DENIED_ERROR
+select mysqltest1.f1();
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+
+--echo #
+--echo # 2) Check that RENAME USER properly updates privileges on both
+--echo # stored procedures and functions.
+--echo #
+grant execute on function mysqltest1.f1 to mysqluser1@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser1@localhost;
+--echo #
+--echo # Create one more user to make in-memory hashes non-trivial.
+--echo # User names 'mysqluser11' and 'mysqluser10' were selected
+--echo # to trigger bug discovered during code inspection.
+create user mysqluser11@localhost;
+grant execute on function mysqltest1.f1 to mysqluser11@localhost;
+grant execute on procedure mysqltest1.p1 to mysqluser11@localhost;
+--echo # Also create a couple of tables to test for another bug
+--echo # discovered during code inspection (again table names were
+--echo # chosen especially to trigger the bug).
+create table mysqltest1.t11 (i int);
+create table mysqltest1.t22 (i int);
+grant select on mysqltest1.t22 to mysqluser1@localhost;
+grant select on mysqltest1.t11 to mysqluser1@localhost;
+
+--echo # Quick test that granted privileges are properly reflected
+--echo # in privilege tables and in in-memory structures.
+show grants for mysqluser1@localhost;
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost';
+--echo #
+--echo # Switch to connection 'bug36544_con2'.
+--connection bug36544_con2
+call mysqltest1.p1();
+select mysqltest1.f1();
+select * from mysqltest1.t11;
+select * from mysqltest1.t22;
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+rename user mysqluser1@localhost to mysqluser10@localhost;
+
+--echo #
+--echo # Test that there are no privileges left for mysqluser1.
+--echo #
+--echo # Switch to connection 'bug36544_con2'.
+--connection bug36544_con2
+--echo # The connection cold be alive but should not be able to
+--echo # access to any of the stored routines or tables.
+--error ER_PROCACCESS_DENIED_ERROR
+call mysqltest1.p1();
+--error ER_PROCACCESS_DENIED_ERROR
+select mysqltest1.f1();
+--error ER_TABLEACCESS_DENIED_ERROR
+select * from mysqltest1.t11;
+--error ER_TABLEACCESS_DENIED_ERROR
+select * from mysqltest1.t22;
+--disconnect bug36544_con2
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+--echo #
+--echo # Now create user with the old name and check that he
+--echo # has not inherited privileges.
+create user mysqluser1@localhost;
+show grants for mysqluser1@localhost;
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost';
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost';
+--echo #
+--echo # Create connection 'bug_36544_con3' as 'mysqluser1@localhost'.
+--connect (bug36544_con3,localhost,mysqluser1,,)
+--echo # Newly created user should not be able to access to any of the
+--echo # stored routines or tables.
+--error ER_PROCACCESS_DENIED_ERROR
+call mysqltest1.p1();
+--error ER_PROCACCESS_DENIED_ERROR
+select mysqltest1.f1();
+--error ER_TABLEACCESS_DENIED_ERROR
+select * from mysqltest1.t11;
+--error ER_TABLEACCESS_DENIED_ERROR
+select * from mysqltest1.t22;
+--disconnect bug36544_con3
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+--echo #
+--echo # Now check that privileges became associated with a new user
+--echo # name - mysqluser10.
+--echo #
+show grants for mysqluser10@localhost;
+select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser10' and host='localhost';
+select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10' and host='localhost';
+--echo #
+--echo # Create connection 'bug_36544_con4' as 'mysqluser10@localhost'.
+--connect (bug36544_con4,localhost,mysqluser10,,)
+call mysqltest1.p1();
+select mysqltest1.f1();
+select * from mysqltest1.t11;
+select * from mysqltest1.t22;
+--disconnect bug36544_con4
+
+--echo #
+--echo # Switch to connection 'default'.
+--connection default
+--echo #
+--echo # Clean-up.
+drop user mysqluser1@localhost;
+drop user mysqluser10@localhost;
+drop user mysqluser11@localhost;
+drop database mysqltest1;
+
+
--echo End of 5.0 tests
#