diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2022-06-13 14:37:59 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2022-11-01 16:33:00 +0100 |
| commit | 594bed9b427704001fc4beca9943006a605305f4 (patch) | |
| tree | 62fe26dcdaded3b8b05ccf1ad9afaee2f1bdf035 /mysql-test | |
| parent | 749c12782298dce721656cd357e339643a7d8af4 (diff) | |
| download | mariadb-git-594bed9b427704001fc4beca9943006a605305f4.tar.gz | |
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
Diffstat (limited to 'mysql-test')
195 files changed, 778 insertions, 556 deletions
diff --git a/mysql-test/include/concurrent.inc b/mysql-test/include/concurrent.inc index 0a49ae13d4b..1d65549f8f4 100644 --- a/mysql-test/include/concurrent.inc +++ b/mysql-test/include/concurrent.inc @@ -49,7 +49,7 @@ let $keep_locks= `SELECT @@global.tx_isolation IN ('REPEATABLE-READ','SERIALIZAB # # Set up privileges and remove user level locks, if exist. # -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; --echo --echo ** diff --git a/mysql-test/include/grant_cache.inc b/mysql-test/include/grant_cache.inc index 467c1170563..b3e96d160fa 100644 --- a/mysql-test/include/grant_cache.inc +++ b/mysql-test/include/grant_cache.inc @@ -84,9 +84,11 @@ show status like "Qcache_hits%"; # Create the test users grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; # The following queries should be fetched from cache connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK); @@ -115,7 +117,7 @@ show status like "Qcache_not_cached"; # Don't use '' as user because it will pick Unix login -connect (unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); connection unkuser; show grants for current_user(); diff --git a/mysql-test/main/brackets.result b/mysql-test/main/brackets.result index 3fd19ef968a..f87afdc0f47 100644 --- a/mysql-test/main/brackets.result +++ b/mysql-test/main/brackets.result @@ -489,8 +489,6 @@ drop table t1; # select * from ( mysql.db ); Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv Event_priv Trigger_priv Delete_history_priv -% test Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y -% test\_% Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y create table t1 (a int); insert into t1 values (7), (2), (7); select * from (t1); diff --git a/mysql-test/main/concurrent_innodb_safelog.result b/mysql-test/main/concurrent_innodb_safelog.result index 7d120547570..40f89c7c65b 100644 --- a/mysql-test/main/concurrent_innodb_safelog.result +++ b/mysql-test/main/concurrent_innodb_safelog.result @@ -7,7 +7,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation REPEATABLE-READ # keep_locks == 1 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/concurrent_innodb_unsafelog.result b/mysql-test/main/concurrent_innodb_unsafelog.result index 9ae80328c0b..3771438bc66 100644 --- a/mysql-test/main/concurrent_innodb_unsafelog.result +++ b/mysql-test/main/concurrent_innodb_unsafelog.result @@ -8,7 +8,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation READ-COMMITTED # keep_locks == 0 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/create_drop_role.result b/mysql-test/main/create_drop_role.result index b7ec45daeae..7f43751c007 100644 --- a/mysql-test/main/create_drop_role.result +++ b/mysql-test/main/create_drop_role.result @@ -51,7 +51,6 @@ u1@localhost SHOW DATABASES; Database information_schema -test SELECT CURRENT_ROLE; CURRENT_ROLE NULL diff --git a/mysql-test/main/cte_grant.result b/mysql-test/main/cte_grant.result index 96588d26b6c..7a982fcee9a 100644 --- a/mysql-test/main/cte_grant.result +++ b/mysql-test/main/cte_grant.result @@ -2,7 +2,7 @@ connect root,localhost,root,,test; connection root; create database mysqltest; create user mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; connection root; create table mysqltest.t1 (a int, b int); @@ -77,8 +77,7 @@ values (3,10), (7,11), (1,17), (4,15), (2,11), (3,10), (1,15); create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; -connect con1,localhost,foo,,; -use db; +connect con1,localhost,foo,,db; with cte as (select * from t1 where i < 4) select * from cte; i diff --git a/mysql-test/main/cte_grant.test b/mysql-test/main/cte_grant.test index c6627c05829..3e6d5009569 100644 --- a/mysql-test/main/cte_grant.test +++ b/mysql-test/main/cte_grant.test @@ -12,7 +12,7 @@ create database mysqltest; --enable_warnings create user mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; connection root; @@ -96,8 +96,7 @@ create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; ---connect (con1,localhost,foo,,) -use db; +--connect (con1,localhost,foo,,db) with cte as (select * from t1 where i < 4) select * from cte; with cte as (select * from t1 where i < 4 group by i) diff --git a/mysql-test/main/delete_returning_grant.result b/mysql-test/main/delete_returning_grant.result index b41d48a7112..30fdf41cf67 100644 --- a/mysql-test/main/delete_returning_grant.result +++ b/mysql-test/main/delete_returning_grant.result @@ -10,6 +10,7 @@ CREATE DATABASE mysqltest; CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect user1,localhost,mysqltest_1,,test; connection user1; DELETE FROM mysqltest.t1 WHERE a=2 RETURNING b; diff --git a/mysql-test/main/delete_returning_grant.test b/mysql-test/main/delete_returning_grant.test index 67613603a72..d21af392261 100644 --- a/mysql-test/main/delete_returning_grant.test +++ b/mysql-test/main/delete_returning_grant.test @@ -23,6 +23,7 @@ CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect (user1,localhost,mysqltest_1,,test); diff --git a/mysql-test/main/derived.result b/mysql-test/main/derived.result index b6310f1a09f..0d38dd2f966 100644 --- a/mysql-test/main/derived.result +++ b/mysql-test/main/derived.result @@ -205,6 +205,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; x 1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK; connection con1; diff --git a/mysql-test/main/derived.test b/mysql-test/main/derived.test index 904114e33b9..c839ba93a86 100644 --- a/mysql-test/main/derived.test +++ b/mysql-test/main/derived.test @@ -109,6 +109,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; # # Connect without a database as user mysqltest_1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect (con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK); connection con1; diff --git a/mysql-test/main/events_grant.result b/mysql-test/main/events_grant.result index 5bdbbf0f8f1..5952097a8d2 100644 --- a/mysql-test/main/events_grant.result +++ b/mysql-test/main/events_grant.result @@ -13,6 +13,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; connect ev_con1,localhost,ev_test,,events_test2; select "NEW CONNECTION"; @@ -24,6 +25,7 @@ ev_test@localhost events_test2 SHOW GRANTS; Grants for ev_test@localhost GRANT USAGE ON *.* TO `ev_test`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `ev_test`@`localhost` GRANT ALL PRIVILEGES ON `events_test`.* TO `ev_test`@`localhost` GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER, DELETE HISTORY ON `events_test2`.* TO `ev_test`@`localhost` "Here comes an error:"; diff --git a/mysql-test/main/events_grant.test b/mysql-test/main/events_grant.test index cd5b6911542..2fe39a6cf2d 100644 --- a/mysql-test/main/events_grant.test +++ b/mysql-test/main/events_grant.test @@ -16,6 +16,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; #now we are on con1 connect (ev_con1,localhost,ev_test,,events_test2); diff --git a/mysql-test/main/flush_notembedded.result b/mysql-test/main/flush_notembedded.result index 25ddeba17d3..b0fa8a6dfbc 100644 --- a/mysql-test/main/flush_notembedded.result +++ b/mysql-test/main/flush_notembedded.result @@ -9,6 +9,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; flush tables mysqltest1.t1 for export; ERROR 42000: Access denied for user 'u1'@'localhost' to database 'mysqltest1' diff --git a/mysql-test/main/flush_notembedded.test b/mysql-test/main/flush_notembedded.test index af3b8a00c55..193ac026cb4 100644 --- a/mysql-test/main/flush_notembedded.test +++ b/mysql-test/main/flush_notembedded.test @@ -13,6 +13,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; error ER_DBACCESS_DENIED_ERROR; flush tables mysqltest1.t1 for export; diff --git a/mysql-test/main/grant.result b/mysql-test/main/grant.result index 5e86ea3d810..9e0ec851a85 100644 --- a/mysql-test/main/grant.result +++ b/mysql-test/main/grant.result @@ -517,7 +517,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect conn1,localhost,mysqltest_3,,; +connect conn1,localhost,mysqltest_3,,"*NO-ONE*",; connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -859,24 +859,29 @@ mysqltest_8 '%' mysqltest_8 'host8' Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8; show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE 'mysqltest_8'@'%' def mysqltest SELECT NO +'mysqltest_8'@'%' def test SELECT NO connect conn3,localhost,mysqltest_8,,; select * from t1; a @@ -886,25 +891,31 @@ revoke select on mysqltest.* from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE +'mysqltest_8'@'%' def test SELECT NO flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@''; flush privileges; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` revoke select on mysqltest.* from mysqltest_8@''; flush privileges; Column privileges @@ -913,19 +924,23 @@ grant update (a) on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -939,37 +954,45 @@ revoke update (a) on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` Table privileges grant update on t1 to mysqltest_8@''; grant update on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -985,9 +1008,11 @@ revoke update on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE 'mariadb.sys'@'localhost' def mysql global_priv SELECT NO @@ -996,9 +1021,11 @@ flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` "DROP USER" should clear privileges grant all privileges on mysqltest.* to mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@''; @@ -1008,11 +1035,13 @@ grant all privileges on mysqltest.* to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.user_privileges @@ -1030,11 +1059,13 @@ show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` drop user mysqltest_8@''; show grants for mysqltest_8@''; @@ -1066,7 +1097,7 @@ GRANT SHOW VIEW ON mysqltest2.v_ny TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,; +connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"; SHOW CREATE VIEW mysqltest2.v_nn; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest2`.`v_nn` SHOW CREATE TABLE mysqltest2.v_nn; @@ -1550,7 +1581,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv mysqltest1 f1 FUNCTION Execute mysqltest1 p1 PROCEDURE Execute -connect bug36544_con1,localhost,mysqluser1,,; +connect bug36544_con1,localhost,mysqluser1,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1579,7 +1610,7 @@ Grants for mysqluser1@localhost GRANT USAGE ON *.* TO `mysqluser1`@`localhost` select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; db routine_name routine_type proc_priv -connect bug36544_con2,localhost,mysqluser1,,; +connect bug36544_con2,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access any of the routines. call mysqltest1.p1(); ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1' @@ -1661,7 +1692,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; db table_name table_priv -connect bug36544_con3,localhost,mysqluser1,,; +connect bug36544_con3,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access to any of the # stored routines or tables. call mysqltest1.p1(); @@ -1693,7 +1724,7 @@ select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10 db table_name table_priv mysqltest1 t11 Select mysqltest1 t22 Select -connect bug36544_con4,localhost,mysqluser10,,; +connect bug36544_con4,localhost,mysqluser10,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1826,7 +1857,7 @@ SHOW GRANTS FOR 'user1'@'localhost'; Grants for user1@localhost GRANT USAGE ON *.* TO `user1`@`localhost` GRANT CREATE, CREATE ROUTINE ON `db1`.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; ** Connect as user1 and create a procedure. ** The creation will imply implicitly assigned ** EXECUTE and ALTER ROUTINE privileges to @@ -1843,7 +1874,7 @@ BEGIN SET @x = 0; REPEAT SET @x = @x + 1; UNTIL @x > p1 END REPEAT; END ;|| -connect con2,localhost,user2,,; +connect con2,localhost,user2,,"*NO-ONE*"; ** Connect as user2 and create a procedure. ** Implicitly assignment of privileges will ** fail because the user2@localhost is an @@ -2676,13 +2707,13 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` disconnect con1; connection default; rename table mysql.procs_priv to mysql.procs_priv1; @@ -2701,9 +2732,9 @@ show grants for foo@localhost; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; # # Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS @@ -2713,14 +2744,13 @@ DROP DATABASE IF EXISTS secret; DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect con1, localhost, untrusted; +connect con1, localhost, untrusted,,"*NO-ONE*"; SHOW GRANTS; Grants for untrusted@localhost GRANT USAGE ON *.* TO `untrusted`@`localhost` SHOW DATABASES; Database information_schema -test # Both statements below should fail with the same error. # They used to give different errors, thereby # hinting that the secret database exists. @@ -2780,7 +2810,7 @@ DROP USER dummy@localhost; CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); -connect con1,localhost,foo,,; +connect con1,localhost,foo,,"*NO-ONE*"; GRANT ALL ON db.t TO foo; ERROR 42000: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW ... command denied to user 'foo'@'localhost' for table `db`.`t` GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT OPTION, REFERENCES, @@ -2834,12 +2864,14 @@ DROP USER bar3@localhost; # # MDEV-17946 : Unsorted acl_dbs after RENAME USER # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; # # End of 10.4 tests # diff --git a/mysql-test/main/grant.test b/mysql-test/main/grant.test index a243967a9c7..69bb050778d 100644 --- a/mysql-test/main/grant.test +++ b/mysql-test/main/grant.test @@ -327,7 +327,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect (conn1,localhost,mysqltest_3,,); +connect (conn1,localhost,mysqltest_3,,"*NO-ONE*",); connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -596,6 +596,7 @@ select user, QUOTE(host) from mysql.user where user="mysqltest_8"; --echo Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; @@ -723,7 +724,7 @@ GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,); +connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"); # fail because of missing SHOW VIEW (have generic SELECT) --error ER_TABLEACCESS_DENIED_ERROR @@ -1369,7 +1370,7 @@ grant execute on procedure mysqltest1.p1 to mysqluser1@localhost; --echo # in privilege tables and in in-memory structures. show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con1,localhost,mysqluser1,,) +--connect (bug36544_con1,localhost,mysqluser1,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); @@ -1396,7 +1397,7 @@ select mysqltest1.f1(); create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con2,localhost,mysqluser1,,) +--connect (bug36544_con2,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access any of the routines. --error ER_PROCACCESS_DENIED_ERROR call mysqltest1.p1(); @@ -1463,7 +1464,7 @@ create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con3,localhost,mysqluser1,,) +--connect (bug36544_con3,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access to any of the --echo # stored routines or tables. --error ER_PROCACCESS_DENIED_ERROR @@ -1484,7 +1485,7 @@ select * from mysqltest1.t22; show grants for mysqluser10@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser10' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10' and host='localhost'; ---connect (bug36544_con4,localhost,mysqluser10,,) +--connect (bug36544_con4,localhost,mysqluser10,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); select * from mysqltest1.t11; @@ -1677,7 +1678,7 @@ GRANT CREATE ON db1.* TO 'user2'@'%'; GRANT CREATE ROUTINE ON db1.* TO 'user2'@'%'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'user1'@'localhost'; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); --echo ** Connect as user1 and create a procedure. --echo ** The creation will imply implicitly assigned --echo ** EXECUTE and ALTER ROUTINE privileges to @@ -1693,7 +1694,7 @@ CREATE PROCEDURE db1.proc1(p1 INT) END ;|| DELIMITER ;|| -connect (con2,localhost,user2,,); +connect (con2,localhost,user2,,"*NO-ONE*"); --echo ** Connect as user2 and create a procedure. --echo ** Implicitly assignment of privileges will --echo ** fail because the user2@localhost is an @@ -2170,7 +2171,7 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; disconnect con1; @@ -2183,7 +2184,7 @@ show grants for foo@localhost; flush privileges; show grants for foo@localhost; drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; @@ -2200,7 +2201,7 @@ DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect (con1, localhost, untrusted); +connect (con1, localhost, untrusted,,"*NO-ONE*"); SHOW GRANTS; SHOW DATABASES; @@ -2265,7 +2266,7 @@ CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,"*NO-ONE*") --error ER_TABLEACCESS_DENIED_ERROR GRANT ALL ON db.t TO foo; @@ -2336,12 +2337,14 @@ DROP USER bar3@localhost; --echo # --echo # MDEV-17946 : Unsorted acl_dbs after RENAME USER --echo # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; --echo # --echo # End of 10.4 tests diff --git a/mysql-test/main/grant2.result b/mysql-test/main/grant2.result index 9d9b4c80292..0192c83296a 100644 --- a/mysql-test/main/grant2.result +++ b/mysql-test/main/grant2.result @@ -12,7 +12,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect user_a,localhost,mysqltest_1,,; +connect user_a,localhost,mysqltest_1,,"*NO-ONE*"; connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; @@ -20,14 +20,14 @@ ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect user_b,localhost,mysqltest_1,,; +connect user_b,localhost,mysqltest_1,,"*NO-ONE*"; connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect user_c,localhost,mysqltest_1,,; +connect user_c,localhost,mysqltest_1,,"*NO-ONE*"; connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -40,7 +40,7 @@ delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select current_user(); current_user() @@ -73,7 +73,7 @@ delete from mysql.db where user like 'mysqltest\_%'; flush privileges; create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect user2,localhost,mysqltest_1,,; +connect user2,localhost,mysqltest_1,,"*NO-ONE*"; connection user2; select current_user(); current_user() @@ -82,7 +82,6 @@ show databases; Database information_schema mysqltest_1 -test grant all privileges on `mysqltest_1`.* to mysqltest_1@localhost with grant option; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest_1' disconnect user2; @@ -157,7 +156,7 @@ disconnect con9; connection default; create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect con10,localhost,mysqltest_1,,; +connect con10,localhost,mysqltest_1,,"*NO-ONE*"; connection con10; set sql_log_off = 1; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation @@ -309,7 +308,7 @@ GRANT SELECT ON "mysql".* TO "%@a"@"a" drop user '%@a'@'a'; create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect user3,localhost,mysqltest_2,,; +connect user3,localhost,mysqltest_2,,"*NO-ONE*"; connection user3; select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table `mysql`.`user` @@ -321,7 +320,7 @@ connection default; drop user mysqltest_2@localhost; create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect user4,localhost,mysqltest_3,,; +connect user4,localhost,mysqltest_3,,"*NO-ONE*"; connection user4; show grants; Grants for mysqltest_3@localhost @@ -390,7 +389,7 @@ revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0'; delete from mysql.user where user like 'mysqltest\_1'; flush privileges; drop database mysqltest_1; -connect n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection n5; set password = password("changed"); ERROR 42000: You are using MariaDB as an anonymous user and anonymous users are not allowed to modify user settings @@ -496,13 +495,13 @@ drop database mysqltest_2; drop user mysqltest_u1@localhost; grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect con18600_1,localhost,mysqltest_1,,; +connect con18600_1,localhost,mysqltest_1,,"*NO-ONE*"; create database mysqltest_1; use mysqltest_1; create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect con3,localhost,mysqltest_2,,; +connect con3,localhost,mysqltest_2,,"*NO-ONE*"; connection con3; create database mysqltest_3; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest_3' @@ -527,7 +526,7 @@ CREATE TABLE t2 (b INT, c INT); INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect conn1,localhost,mysqltest1,,; +connect conn1,localhost,mysqltest1,,"*NO-ONE*"; connection conn1; USE db1; SELECT c FROM t2; diff --git a/mysql-test/main/grant2.test b/mysql-test/main/grant2.test index b8098488709..2866aeb348a 100644 --- a/mysql-test/main/grant2.test +++ b/mysql-test/main/grant2.test @@ -30,7 +30,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect (user_a,localhost,mysqltest_1,,); +connect (user_a,localhost,mysqltest_1,,"*NO-ONE*"); connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; --error ER_DBACCESS_DENIED_ERROR @@ -38,14 +38,14 @@ grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect (user_b,localhost,mysqltest_1,,); +connect (user_b,localhost,mysqltest_1,,"*NO-ONE*"); connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect (user_c,localhost,mysqltest_1,,); +connect (user_c,localhost,mysqltest_1,,"*NO-ONE*"); connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -63,7 +63,7 @@ flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select current_user(); grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option; @@ -97,7 +97,7 @@ flush privileges; # create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect (user2,localhost,mysqltest_1,,); +connect (user2,localhost,mysqltest_1,,"*NO-ONE*"); connection user2; select current_user(); show databases; @@ -198,7 +198,7 @@ connection default; # create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect (con10,localhost,mysqltest_1,,); +connect (con10,localhost,mysqltest_1,,"*NO-ONE*"); connection con10; --error ER_SPECIFIC_ACCESS_DENIED_ERROR set sql_log_off = 1; @@ -342,7 +342,7 @@ drop user '%@a'@'a'; # create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect (user3,localhost,mysqltest_2,,); +connect (user3,localhost,mysqltest_2,,"*NO-ONE*"); connection user3; --error ER_TABLEACCESS_DENIED_ERROR select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; @@ -356,7 +356,7 @@ drop user mysqltest_2@localhost; # INSERT/UPDATE/DELETE is ok too create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect (user4,localhost,mysqltest_3,,); +connect (user4,localhost,mysqltest_3,,"*NO-ONE*"); connection user4; show grants; --error ER_TABLEACCESS_DENIED_ERROR @@ -420,7 +420,7 @@ drop database mysqltest_1; --source include/add_anonymous_users.inc # But anonymous users can't change their password -connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); connection n5; --error ER_PASSWORD_ANONYMOUS_USER set password = password("changed"); @@ -589,7 +589,7 @@ drop user mysqltest_u1@localhost; # grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect (con18600_1,localhost,mysqltest_1,,); +connect (con18600_1,localhost,mysqltest_1,,"*NO-ONE*"); create database mysqltest_1; use mysqltest_1; @@ -597,7 +597,7 @@ create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect (con3,localhost,mysqltest_2,,); +connect (con3,localhost,mysqltest_2,,"*NO-ONE*"); connection con3; --error ER_DBACCESS_DENIED_ERROR create database mysqltest_3; @@ -631,7 +631,7 @@ INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect (conn1,localhost,mysqltest1,,); +connect (conn1,localhost,mysqltest1,,"*NO-ONE*"); connection conn1; USE db1; --error ER_COLUMNACCESS_DENIED_ERROR diff --git a/mysql-test/main/grant3.result b/mysql-test/main/grant3.result index 160153b1674..a2869da4268 100644 --- a/mysql-test/main/grant3.result +++ b/mysql-test/main/grant3.result @@ -201,6 +201,7 @@ set global sql_mode=default; create database db1; create user foo@localhost; grant create on db1.* to foo@localhost; +grant all privileges on test.* to foo@localhost; connect foo,localhost,foo; create temporary table t as values (1),(2),(3); use db1; diff --git a/mysql-test/main/grant3.test b/mysql-test/main/grant3.test index 5337d59efd8..7842233d9bd 100644 --- a/mysql-test/main/grant3.test +++ b/mysql-test/main/grant3.test @@ -214,6 +214,7 @@ set global sql_mode=default; create database db1; create user foo@localhost; grant create on db1.* to foo@localhost; +grant all privileges on test.* to foo@localhost; connect foo,localhost,foo; create temporary table t as values (1),(2),(3); use db1; diff --git a/mysql-test/main/grant_cache_no_prot.result b/mysql-test/main/grant_cache_no_prot.result index 1ecfc308422..daf382d65d3 100644 --- a/mysql-test/main/grant_cache_no_prot.result +++ b/mysql-test/main/grant_cache_no_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_cache_ps_prot.result b/mysql-test/main/grant_cache_ps_prot.result index d6f343d6459..0fde04ac0f3 100644 --- a/mysql-test/main/grant_cache_ps_prot.result +++ b/mysql-test/main/grant_cache_ps_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_read_only.result b/mysql-test/main/grant_read_only.result index e7855dc9411..18d97cc412f 100644 --- a/mysql-test/main/grant_read_only.result +++ b/mysql-test/main/grant_read_only.result @@ -27,10 +27,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; @@ -50,10 +50,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; diff --git a/mysql-test/main/grant_read_only.test b/mysql-test/main/grant_read_only.test index a951987fa7f..f42bb24fe83 100644 --- a/mysql-test/main/grant_read_only.test +++ b/mysql-test/main/grant_read_only.test @@ -36,7 +36,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; @@ -61,7 +61,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; diff --git a/mysql-test/main/information_schema.result b/mysql-test/main/information_schema.result index 88026081e89..5b815d3f433 100644 --- a/mysql-test/main/information_schema.result +++ b/mysql-test/main/information_schema.result @@ -842,7 +842,7 @@ Database Table In_use Name_locked mysql user 0 0 show status where variable_name like "%database%"; Variable_name Value -Acl_database_grants 2 +Acl_database_grants 0 Com_show_databases 3 show variables where variable_name like "skip_show_databas"; Variable_name Value diff --git a/mysql-test/main/information_schema_db.result b/mysql-test/main/information_schema_db.result index 6a6e5c49851..725b1a125ad 100644 --- a/mysql-test/main/information_schema_db.result +++ b/mysql-test/main/information_schema_db.result @@ -40,7 +40,7 @@ create table t1 (f1 int(10) unsigned not null, f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select * from information_schema.tables; call mbase.p1(); @@ -93,8 +93,7 @@ create user testdb_1@localhost; grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect testdb_1,localhost,testdb_1,,test; -use testdb_1; +connect testdb_1,localhost,testdb_1,,testdb_1; create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -221,7 +220,7 @@ create table testdb_1.t1 (a int); create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/information_schema_db.test b/mysql-test/main/information_schema_db.test index e60557a9526..fabc42e38b8 100644 --- a/mysql-test/main/information_schema_db.test +++ b/mysql-test/main/information_schema_db.test @@ -62,7 +62,7 @@ create table t1 f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; --disable_result_log select * from information_schema.tables; @@ -122,8 +122,7 @@ grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect (testdb_1,localhost,testdb_1,,test); -use testdb_1; +connect (testdb_1,localhost,testdb_1,,testdb_1); create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -234,7 +233,7 @@ create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/init_connect.result b/mysql-test/main/init_connect.result index 1476d846078..876a6a14b4e 100644 --- a/mysql-test/main/init_connect.result +++ b/mysql-test/main/init_connect.result @@ -1,23 +1,23 @@ -connect con0,localhost,root,,test; +connect con0,localhost,root,,; connection con0; select hex(@a); hex(@a) NULL -connect con1,localhost,user_1,,test; +connect con1,localhost,user_1,,"*NO-ONE*"; connection con1; select hex(@a); hex(@a) 610063 connection con0; set global init_connect="set @a=2;set @b=3"; -connect con2,localhost,user_1,,test; +connect con2,localhost,user_1,,"*NO-ONE*"; connection con2; select @a, @b; @a @b 2 3 connection con0; set GLOBAL init_connect=DEFAULT; -connect con3,localhost,user_1,,test; +connect con3,localhost,user_1,,"*NO-ONE*"; connection con3; select @a; @a @@ -25,6 +25,8 @@ NULL connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect con4,localhost,user_1,,test; connection con4; select hex(a) from t1; @@ -46,6 +48,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; End of 4.1 tests create table t1 (x int); insert into t1 values (3), (5), (7); diff --git a/mysql-test/main/init_connect.test b/mysql-test/main/init_connect.test index 60549c3458e..c210ea10850 100644 --- a/mysql-test/main/init_connect.test +++ b/mysql-test/main/init_connect.test @@ -10,25 +10,27 @@ --source include/add_anonymous_users.inc -connect (con0,localhost,root,,test); +connect (con0,localhost,root,,); connection con0; select hex(@a); -connect (con1,localhost,user_1,,test); +connect (con1,localhost,user_1,,"*NO-ONE*"); connection con1; select hex(@a); connection con0; set global init_connect="set @a=2;set @b=3"; -connect (con2,localhost,user_1,,test); +connect (con2,localhost,user_1,,"*NO-ONE*"); connection con2; select @a, @b; connection con0; set GLOBAL init_connect=DEFAULT; -connect (con3,localhost,user_1,,test); +connect (con3,localhost,user_1,,"*NO-ONE*"); connection con3; select @a; connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect (con4,localhost,user_1,,test); connection con4; select hex(a) from t1; @@ -54,6 +56,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; --source include/delete_anonymous_users.inc diff --git a/mysql-test/main/invisible_field_grant_completely.result b/mysql-test/main/invisible_field_grant_completely.result index b1b313072b2..f0992baf7b1 100644 --- a/mysql-test/main/invisible_field_grant_completely.result +++ b/mysql-test/main/invisible_field_grant_completely.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_completely.test b/mysql-test/main/invisible_field_grant_completely.test index aeca66b97d2..b27071ada56 100644 --- a/mysql-test/main/invisible_field_grant_completely.test +++ b/mysql-test/main/invisible_field_grant_completely.test @@ -21,10 +21,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/invisible_field_grant_system.result b/mysql-test/main/invisible_field_grant_system.result index d2e40c391c4..86e40736f11 100644 --- a/mysql-test/main/invisible_field_grant_system.result +++ b/mysql-test/main/invisible_field_grant_system.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_system.test b/mysql-test/main/invisible_field_grant_system.test index fd54ea72a5a..04ea5f14be1 100644 --- a/mysql-test/main/invisible_field_grant_system.test +++ b/mysql-test/main/invisible_field_grant_system.test @@ -18,10 +18,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/join_cache.result b/mysql-test/main/join_cache.result index b32a278d3a1..938167035a2 100644 --- a/mysql-test/main/join_cache.result +++ b/mysql-test/main/join_cache.result @@ -6056,8 +6056,7 @@ SET join_cache_level = 3; explain SELECT * FROM INFORMATION_SCHEMA.PROFILING, mysql.db WHERE Select_priv = PAGE_FAULTS_MINOR; id select_type table type possible_keys key key_len ref rows Extra -1 SIMPLE PROFILING ALL NULL NULL NULL NULL NULL Using where -1 SIMPLE db hash_ALL NULL #hash#$hj 1 information_schema.PROFILING.PAGE_FAULTS_MINOR 2 Using where; Using join buffer (flat, BNLH join) +1 SIMPLE NULL NULL NULL NULL NULL NULL NULL Impossible WHERE noticed after reading const tables set join_cache_level=@save_join_cache_level; create table t1 (c1 date not null, key (c1)) engine=innodb; insert t1 values ('2017-12-27'); diff --git a/mysql-test/main/lock_multi.result b/mysql-test/main/lock_multi.result index 30cd63e60ed..52196d835ec 100644 --- a/mysql-test/main/lock_multi.result +++ b/mysql-test/main/lock_multi.result @@ -128,7 +128,6 @@ mysql.global_priv optimize status OK UNLOCK TABLES; connection reader; host -localhost USE test; connection locker; use test; diff --git a/mysql-test/main/lock_view.result b/mysql-test/main/lock_view.result index 47a7e58ea0d..8137300f3e3 100644 --- a/mysql-test/main/lock_view.result +++ b/mysql-test/main/lock_view.result @@ -181,7 +181,6 @@ information_schema mysqltest1 mysqltest2 performance_schema -test lock table mysqltest3.v3ps write; select * from mysqltest3.v3ps; user diff --git a/mysql-test/main/long_host.result b/mysql-test/main/long_host.result index 57b637de587..52b479b66f7 100644 --- a/mysql-test/main/long_host.result +++ b/mysql-test/main/long_host.result @@ -20,7 +20,7 @@ create table mariadbtestdb.t3 (a int); SET @saved_dbug = @@GLOBAL.debug_dbug; set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,getaddrinfo_fake_good_ipv4"; # check connect -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select current_user(); current_user() @@ -43,7 +43,7 @@ a connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1` @@ -53,7 +53,7 @@ ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_3456 connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -66,7 +66,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -79,7 +79,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1` @@ -96,6 +96,7 @@ CREATE ROLE role5678901_345678902_345678903_345678904_345678905_345678906_345678 ERROR HY000: String 'role5678901_345678902_345678903_345678904_345678905_345678906_34567...' is too long for user name (should be no longer than 128) grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; diff --git a/mysql-test/main/long_host.test b/mysql-test/main/long_host.test index 0c082bf6fb4..301744a1f11 100644 --- a/mysql-test/main/long_host.test +++ b/mysql-test/main/long_host.test @@ -36,7 +36,7 @@ set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,ge --echo # check connect -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select current_user(); @@ -61,7 +61,7 @@ select * from mariadbtestdb2.t2; connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -74,7 +74,7 @@ select * from mariadbtestdb2.t2; connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -87,7 +87,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -101,7 +101,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -126,6 +126,8 @@ grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_34567890 REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; + grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; diff --git a/mysql-test/main/mysql_upgrade_to_100502.result b/mysql-test/main/mysql_upgrade_to_100502.result index 15095809092..7235b16aa5a 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.result +++ b/mysql-test/main/mysql_upgrade_to_100502.result @@ -84,15 +84,15 @@ GRANT BINLOG MONITOR, SLAVE MONITOR ON *.* TO `user_replclient`@`localhost` SHOW GRANTS FOR user_replslave@localhost; Grants for user_replslave@localhost GRANT REPLICATION SLAVE, SLAVE MONITOR ON *.* TO `user_replslave`@`localhost` -connect con1,localhost,user_super_replslave,,test; +connect con1,localhost,user_super_replslave,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replclient,,test; +connect con1,localhost,user_replclient,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replslave,,test; +connect con1,localhost,user_replslave,,"*NO-ONE*"; connection con1; SHOW RELAYLOG EVENTS; disconnect con1; diff --git a/mysql-test/main/mysql_upgrade_to_100502.test b/mysql-test/main/mysql_upgrade_to_100502.test index b5a44080f17..fc47f0c94aa 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.test +++ b/mysql-test/main/mysql_upgrade_to_100502.test @@ -87,21 +87,21 @@ SHOW GRANTS FOR user_replclient@localhost; --echo # SHOW GRANTS FOR user_replslave@localhost; ---connect (con1,localhost,user_super_replslave,,test) +--connect (con1,localhost,user_super_replslave,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replclient,,test) +--connect (con1,localhost,user_replclient,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replslave,,test) +--connect (con1,localhost,user_replslave,,"*NO-ONE*") --connection con1 --disable_ps_protocol --disable_result_log diff --git a/mysql-test/main/mysqldump.result b/mysql-test/main/mysqldump.result index 0191238ce71..1e827ac6e59 100644 --- a/mysql-test/main/mysqldump.result +++ b/mysql-test/main/mysqldump.result @@ -3727,6 +3727,7 @@ use test; # Bug#21215 mysqldump creating incomplete backups without warning # create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); reset master; mysqldump: Couldn't execute 'FLUSH /*!40101 LOCAL */ TABLES': Access denied; you need (at least one of) the RELOAD privilege(s) for this operation (1227) @@ -5784,6 +5785,8 @@ drop tables t2, t1; # MDEV-22037: Add ability to skip content of some tables # (work around for MDEV-20939) # +create user a; +grant SELECT on test.* to a; use mysql; # check that all tables we need are not empty select count(*) >= 1 from mysql.proc; @@ -5797,6 +5800,7 @@ FOUND 1 /INSERT INTO `proc`/ in MDEV-20939.sql NOT FOUND /INSERT INTO `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `proc`/ in MDEV-20939.sql +drop user a; use test; # End of 10.1 tests # diff --git a/mysql-test/main/mysqldump.test b/mysql-test/main/mysqldump.test index c03ae71b539..d9020791289 100644 --- a/mysql-test/main/mysqldump.test +++ b/mysql-test/main/mysqldump.test @@ -1381,6 +1381,7 @@ use test; # Create user without sufficient privs to perform the requested operation create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); # To get consistent output, reset the master, starts over from first log @@ -2696,6 +2697,8 @@ drop tables t2, t1; --echo # (work around for MDEV-20939) --echo # +create user a; +grant SELECT on test.* to a; use mysql; --echo # check that all tables we need are not empty @@ -2721,6 +2724,7 @@ let SEARCH_PATTERN=CREATE TABLE `proc`; source include/search_pattern_in_file.inc; --remove_file $MYSQLTEST_VARDIR/tmp/MDEV-20939.sql +drop user a; use test; --echo # End of 10.1 tests diff --git a/mysql-test/main/not_embedded_server.result b/mysql-test/main/not_embedded_server.result index 0b952f93ad8..19e862e07a5 100644 --- a/mysql-test/main/not_embedded_server.result +++ b/mysql-test/main/not_embedded_server.result @@ -31,6 +31,7 @@ CREATE TABLE t2 (key2 INT); INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; connect con1,localhost,nopriv_user,,; connection con1; diff --git a/mysql-test/main/not_embedded_server.test b/mysql-test/main/not_embedded_server.test index 20f75db25d5..079c0c85bcd 100644 --- a/mysql-test/main/not_embedded_server.test +++ b/mysql-test/main/not_embedded_server.test @@ -59,6 +59,7 @@ INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; diff --git a/mysql-test/main/partition_symlink.result b/mysql-test/main/partition_symlink.result index 17ddecbe19d..06aef8ea4c6 100644 --- a/mysql-test/main/partition_symlink.result +++ b/mysql-test/main/partition_symlink.result @@ -47,6 +47,7 @@ DROP TABLE t1, t2; # test.t1 have partitions in mysqltest2-directory! # user root: CREATE USER mysqltest_1@localhost; +GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/partition_symlink.test b/mysql-test/main/partition_symlink.test index 07d653ee4d6..5eba9658b1c 100644 --- a/mysql-test/main/partition_symlink.test +++ b/mysql-test/main/partition_symlink.test @@ -77,6 +77,7 @@ DROP TABLE t1, t2; -- echo # user root: --disable_service_connection CREATE USER mysqltest_1@localhost; + GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/plugin_auth.result b/mysql-test/main/plugin_auth.result index ac10bd06707..12a5156eeb1 100644 --- a/mysql-test/main/plugin_auth.result +++ b/mysql-test/main/plugin_auth.result @@ -11,8 +11,8 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string test_plugin_server plug_dest ## test plugin auth -connect(localhost,plug,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); -connect plug_con,localhost,plug,plug_dest; +connect(localhost,plug,plug_dest,,MYSQL_PORT,MYSQL_SOCK); +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug; test proxies_priv columns @@ -33,7 +33,7 @@ proxies_priv CREATE TABLE `proxies_priv` ( PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='User proxy privileges' -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -46,14 +46,14 @@ connect(localhost,plug,bad_credentials,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con,localhost,plug,bad_credentials; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name; +connect plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% connection default; disconnect plug_con_wrongp; ## test correct default plugin -connect plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin; +connect plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -67,7 +67,7 @@ DROP USER grant_user; ## test utf-8 user name CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect non_ascii,localhost,Ÿ,plug_dest; +connect non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() Ÿ@localhost plug_dest@% @@ -80,7 +80,8 @@ CREATE DATABASE test_grant_db; GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; -connect plug_con_grant,localhost,new_grant_user,plug_dest; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; +connect plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost plug_dest@% @@ -96,11 +97,10 @@ IDENTIFIED BY 'new_password'; connect(localhost,new_grant_user,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con_grant_deny,localhost,new_grant_user,plug_dest; ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES) -connect plug_con_grant,localhost,new_grant_user,new_password; +connect plug_con_grant,localhost,new_grant_user,new_password,test_grant_db; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost new_grant_user@% -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -137,7 +137,7 @@ ERROR 42000: You have an error in your SQL syntax; check the manual that corresp # this should fail : no such grant REVOKE PROXY ON grant_plug_dest FROM grant_plug; ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%' -connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd; +connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"; ## testing what an ordinary user can grant this should fail : no rights to grant all GRANT PROXY ON ''@'%%' TO grant_plug; @@ -219,7 +219,7 @@ ERROR HY000: Variable 'proxy_user' is a read only variable SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user 'plug'@'%' @@ -248,7 +248,7 @@ ERROR HY000: Variable 'external_user' is a read only variable SELECT @@LOCAL.external_user; @@LOCAL.external_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.external_user; @@LOCAL.external_user plug_dest @@ -347,7 +347,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'cleartext_test'; ## test plugin auth ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES) -connect cleartext_con,localhost,uplain,cleartext_test; +connect cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() uplain@localhost uplain@localhost @@ -453,7 +453,7 @@ ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password CREATE USER bug12610784@localhost; SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); ERROR 28000: Access denied for user 'bug12610784'@'localhost' (using password: NO) -connect b12610784,localhost,bug12610784,secret,test; +connect b12610784,localhost,bug12610784,secret,"*NO-ONE*"; connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -466,14 +466,14 @@ IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest'; CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect bug12818542_con,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect bug12818542_con2,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost diff --git a/mysql-test/main/plugin_auth.test b/mysql-test/main/plugin_auth.test index 48f35ac65e2..1c471cab9b5 100644 --- a/mysql-test/main/plugin_auth.test +++ b/mysql-test/main/plugin_auth.test @@ -21,7 +21,7 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; --echo ## test plugin auth --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCESS_DENIED_ERROR : this should fail : no grant -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); GRANT PROXY ON plug_dest TO plug; --echo test proxies_priv columns @@ -30,7 +30,7 @@ SELECT * FROM mysql.proxies_priv WHERE user !='root'; --echo test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); --echo ## test SET PASSWORD @@ -46,13 +46,13 @@ disconnect plug_con; connect(plug_con,localhost,plug,bad_credentials); --echo ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect(plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name); +connect(plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name); select USER(),CURRENT_USER(); connection default; disconnect plug_con_wrongp; --echo ## test correct default plugin -connect(plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin); +connect(plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin); select USER(),CURRENT_USER(); connection default; disconnect plug_con_rightp; @@ -68,7 +68,7 @@ CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect(non_ascii,localhost,Ÿ,plug_dest); +connect(non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -84,8 +84,9 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; -connect(plug_con_grant,localhost,new_grant_user,plug_dest); +connect(plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); USE test_grant_db; CREATE TABLE t1 (a INT); @@ -102,9 +103,8 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user --error ER_ACCESS_DENIED_ERROR connect(plug_con_grant_deny,localhost,new_grant_user,plug_dest); -connect(plug_con_grant,localhost,new_grant_user,new_password); +connect(plug_con_grant,localhost,new_grant_user,new_password,test_grant_db); select USER(),CURRENT_USER(); -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -159,7 +159,7 @@ GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; --error ER_NONEXISTING_GRANT REVOKE PROXY ON grant_plug_dest FROM grant_plug; -connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd); +connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"); --echo ## testing what an ordinary user can grant --echo this should fail : no rights to grant all @@ -262,7 +262,7 @@ SET GLOBAL proxy_user = 'test'; SET LOCAL proxy_user = 'test'; SELECT @@LOCAL.proxy_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.proxy_user; connection default; disconnect plug_con; @@ -288,7 +288,7 @@ SET GLOBAL external_user = 'test'; SET LOCAL external_user = 'test'; SELECT @@LOCAL.external_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.external_user; connection default; disconnect plug_con; @@ -418,7 +418,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' connect(cleartext_fail_con,localhost,uplain,cleartext_test2); --enable_query_log -connect(cleartext_con,localhost,uplain,cleartext_test); +connect(cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -533,7 +533,7 @@ SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); --error ER_ACCESS_DENIED_ERROR connect(b12610784,localhost,bug12610784,,test); --enable_query_log -connect(b12610784,localhost,bug12610784,secret,test); +connect(b12610784,localhost,bug12610784,secret,"*NO-ONE*"); connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -550,7 +550,7 @@ CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect(bug12818542_con,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SET PASSWORD = PASSWORD('bruhaha'); @@ -558,7 +558,7 @@ SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; diff --git a/mysql-test/main/plugin_auth_qa_1.result b/mysql-test/main/plugin_auth_qa_1.result index 24c86f1e2a8..d33662ab618 100644 --- a/mysql-test/main/plugin_auth_qa_1.result +++ b/mysql-test/main/plugin_auth_qa_1.result @@ -6,9 +6,11 @@ mariadb.sys mysql_native_password CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; current_user() plug_dest@% user() @@ -52,6 +54,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; 1) ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; 2) current_user() plug_dest@% @@ -103,14 +106,14 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect plug_user,localhost,new_user,plug_dest; +connect plug_user,localhost,new_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost plug_dest@% @@ -134,7 +137,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% @@ -176,7 +179,7 @@ User plugin authentication_string mariadb.sys mysql_native_password new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 new_user test_plugin_server new_dest -connect plug_user,localhost,new_user,new_dest; +connect plug_user,localhost,new_user,new_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost new_dest@% @@ -192,7 +195,7 @@ new_dest mysql_native_password *01422E86A6FFF84618914AF149F9AEF64B84170A new_user test_plugin_server new_dest plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 GRANT ALL PRIVILEGES ON test.* TO new_user; -connect plug_user,localhost,new_dest,new_dest_passwd; +connect plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_dest@localhost new_dest@% @@ -207,7 +210,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -219,13 +222,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -244,7 +247,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -255,13 +258,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -291,11 +294,11 @@ proxied_user_2 mysql_native_password *3D948F77C6A988AFDCA9755AB2A6724362557220 proxied_user_3 mysql_native_password *41A18925D237DEE738C76581153990B037F462E3 proxied_user_4 mysql_native_password *F990073A9B96FF535C2D0721406042B8751E593F proxied_user_5 mysql_native_password *5AA915C5D0B5B1336336FD2BF7768BC09FD1F5B2 -connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'; -connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd; -connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd; -connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd; -connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd; +connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"; +connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"; +connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"; +connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"; +connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"; connection proxy_con_1; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() diff --git a/mysql-test/main/plugin_auth_qa_1.test b/mysql-test/main/plugin_auth_qa_1.test index 1c53da59844..100670dc8e7 100644 --- a/mysql-test/main/plugin_auth_qa_1.test +++ b/mysql-test/main/plugin_auth_qa_1.test @@ -16,10 +16,12 @@ SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON plug_dest FROM plug_user; @@ -56,6 +58,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --echo 2) --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 @@ -105,12 +108,12 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect(plug_user,localhost,new_user,plug_dest); +connect(plug_user,localhost,new_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; --sorted_result @@ -128,7 +131,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -156,7 +159,7 @@ FLUSH PRIVILEGES; GRANT PROXY ON new_dest TO new_user; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(plug_user,localhost,new_user,new_dest); +connect(plug_user,localhost,new_user,new_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -166,7 +169,7 @@ CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; GRANT ALL PRIVILEGES ON test.* TO new_user; -connect(plug_user,localhost,new_dest,new_dest_passwd); +connect(plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -178,7 +181,7 @@ CREATE USER ''@'%%' IDENTIFIED WITH test_plugin_server AS 'proxied_user'; CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -189,11 +192,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -206,7 +209,7 @@ GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'%%' CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -216,11 +219,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -240,11 +243,11 @@ GRANT PROXY ON proxied_user_4 TO ''@'%%'; GRANT PROXY ON proxied_user_5 TO ''@'%%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'); -connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd); -connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd); -connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd); -connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd); +connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"); +connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"); +connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"); +connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"); +connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"); connection proxy_con_1; SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; diff --git a/mysql-test/main/plugin_auth_qa_2.result b/mysql-test/main/plugin_auth_qa_2.result index de3023a3e42..c4ec8c0a364 100644 --- a/mysql-test/main/plugin_auth_qa_2.result +++ b/mysql-test/main/plugin_auth_qa_2.result @@ -5,6 +5,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string mariadb.sys mysql_native_password @@ -33,6 +34,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string authenticated_as mysql_native_password *DFCACE76914AD7BD801FC1A1ECF6562272621A22 diff --git a/mysql-test/main/plugin_auth_qa_2.test b/mysql-test/main/plugin_auth_qa_2.test index 17e627ab773..bed5eec59e9 100644 --- a/mysql-test/main/plugin_auth_qa_2.test +++ b/mysql-test/main/plugin_auth_qa_2.test @@ -17,6 +17,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; @@ -39,6 +40,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; diff --git a/mysql-test/main/ps_show_log.result b/mysql-test/main/ps_show_log.result index 63cd7789de4..dbe078e7d1b 100644 --- a/mysql-test/main/ps_show_log.result +++ b/mysql-test/main/ps_show_log.result @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; # and check that attempt to execute the statements SHOW BINLOG EVENTS/ # SHOW RELAYLOG EVENTS as a prepred statements by a user without required # privileges results in error. -connect con2,localhost,u1,,test; +connect con2,localhost,u1,,"*NO-ONE*"; PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; EXECUTE stmt_1; ERROR 42000: Access denied; you need (at least one of) the BINLOG MONITOR privilege(s) for this operation diff --git a/mysql-test/main/ps_show_log.test b/mysql-test/main/ps_show_log.test index 95000d2d7e0..411b15600e1 100644 --- a/mysql-test/main/ps_show_log.test +++ b/mysql-test/main/ps_show_log.test @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; --echo # SHOW RELAYLOG EVENTS as a prepred statements by a user without required --echo # privileges results in error. ---connect (con2,localhost,u1,,test) +--connect (con2,localhost,u1,,"*NO-ONE*") PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; --error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/main/read_only.result b/mysql-test/main/read_only.result index 83dfada5f29..65cc12ffce9 100644 --- a/mysql-test/main/read_only.result +++ b/mysql-test/main/read_only.result @@ -2,6 +2,7 @@ set @start_read_only= @@global.read_only; DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -151,6 +152,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,; connection con_bug27440; @@ -191,6 +193,7 @@ USE test; CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect con1, localhost, user1; connection default; SET GLOBAL read_only= 1; diff --git a/mysql-test/main/read_only.test b/mysql-test/main/read_only.test index 5314b11154f..107a67c31fa 100644 --- a/mysql-test/main/read_only.test +++ b/mysql-test/main/read_only.test @@ -17,6 +17,7 @@ DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect (con1,localhost,test,,test); @@ -265,6 +266,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect (con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,); connection con_bug27440; @@ -312,6 +314,7 @@ CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect (con1, localhost, user1); connection default; diff --git a/mysql-test/main/read_only_innodb.result b/mysql-test/main/read_only_innodb.result index abfc5322ed0..cfc8f2ecb17 100644 --- a/mysql-test/main/read_only_innodb.result +++ b/mysql-test/main/read_only_innodb.result @@ -1,6 +1,6 @@ DROP TABLE IF EXISTS table_11733 ; create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -25,7 +25,7 @@ drop table table_11733 ; drop user test@localhost; disconnect con1; create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect con1, localhost, test, , test; connection default; CREATE TABLE t1(a INT) ENGINE=INNODB; diff --git a/mysql-test/main/read_only_innodb.test b/mysql-test/main/read_only_innodb.test index 4b00c32b185..e2c2979c393 100644 --- a/mysql-test/main/read_only_innodb.test +++ b/mysql-test/main/read_only_innodb.test @@ -15,7 +15,7 @@ DROP TABLE IF EXISTS table_11733 ; # so we use a non-SUPER one: create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect (con1,localhost,test,,test); @@ -50,7 +50,7 @@ disconnect con1; # # Test 1: read only mode create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect(con1, localhost, test, , test); connection default; diff --git a/mysql-test/main/show_check.result b/mysql-test/main/show_check.result index 35428b34599..5058f6d6db0 100644 --- a/mysql-test/main/show_check.result +++ b/mysql-test/main/show_check.result @@ -545,7 +545,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table `my drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest' disconnect con1; -connect con2,localhost,mysqltest_2,,test; +connect con2,localhost,mysqltest_2,,"*NO-ONE*"; connection con2; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table `mysqltest`.`t1` @@ -556,7 +556,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_2'@'localhost' for table `my drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest' disconnect con2; -connect con3,localhost,mysqltest_3,,test; +connect con3,localhost,mysqltest_3,,"*NO-ONE*"; connection con3; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table `mysqltest`.`t1` @@ -1471,7 +1471,7 @@ DROP EVENT ev1; SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect conn1, localhost, test_u,,; +connect conn1, localhost, test_u,,"*NO-ONE*"; SHOW ENGINE MYISAM MUTEX; SHOW ENGINE MYISAM STATUS; disconnect conn1; diff --git a/mysql-test/main/show_check.test b/mysql-test/main/show_check.test index 15beaaf0401..2a001866186 100644 --- a/mysql-test/main/show_check.test +++ b/mysql-test/main/show_check.test @@ -349,7 +349,7 @@ drop database mysqltest; disconnect con1; --source include/wait_until_disconnected.inc -connect (con2,localhost,mysqltest_2,,test); +connect (con2,localhost,mysqltest_2,,"*NO-ONE*"); connection con2; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -362,7 +362,7 @@ drop database mysqltest; disconnect con2; --source include/wait_until_disconnected.inc -connect (con3,localhost,mysqltest_3,,test); +connect (con3,localhost,mysqltest_3,,"*NO-ONE*"); connection con3; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -1255,7 +1255,7 @@ SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect (conn1, localhost, test_u,,); +connect (conn1, localhost, test_u,,"*NO-ONE*"); --disable_result_log SHOW ENGINE MYISAM MUTEX; diff --git a/mysql-test/main/sp-security.result b/mysql-test/main/sp-security.result index 8a1f46c7c35..cb158e979d2 100644 --- a/mysql-test/main/sp-security.result +++ b/mysql-test/main/sp-security.result @@ -42,8 +42,8 @@ set sql_mode=''; grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect con2user1,localhost,user1,,; -connect con3anon,localhost,anon,,; +connect con2user1,localhost,user1,,"*NO-ONE*"; +connect con3anon,localhost,anon,,"*NO-ONE*"; connection con2user1; call db1_secret.stamp(2); select db1_secret.db(); @@ -128,7 +128,7 @@ use db2; create procedure p () insert into t2 values (1); call p(); ERROR 42000: INSERT command denied to user 'user1'@'localhost' for table `db2`.`t2` -connect con4user2,localhost,user2,,; +connect con4user2,localhost,user2,,"*NO-ONE*"; connection con4user2; use db2; call p(); @@ -203,9 +203,9 @@ show grants for userc@localhost; Grants for userc@localhost GRANT USAGE ON *.* TO `userc`@`localhost` GRANT EXECUTE ON PROCEDURE `sptest`.`p1` TO `userc`@`localhost` WITH GRANT OPTION -connect con2usera,localhost,usera,,; -connect con3userb,localhost,userb,,; -connect con4userc,localhost,userc,,; +connect con2usera,localhost,usera,,"*NO-ONE*"; +connect con3userb,localhost,userb,,"*NO-ONE*"; +connect con4userc,localhost,userc,,"*NO-ONE*"; connection con2usera; call sptest.p1(1); grant execute on procedure sptest.p1 to userb@localhost; @@ -270,6 +270,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// connect user1,localhost,user1,,test; @@ -349,6 +350,7 @@ return 'ok'; end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| connect test_user_12812,localhost,user_bug12812,ABC,test; SELECT test.bug12812()| ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812' @@ -398,6 +400,7 @@ sql security definer select * from db_bug14533.t1; grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect user_bug14533,localhost,user_bug14533,,test; call db_bug14533.bug14533_1(); Field Type Null Key Default Extra @@ -670,7 +673,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect conn1, localhost, bug57061_user,,; +connect conn1, localhost, bug57061_user,,"*NO-ONE*"; # Attempt to drop routine on which user doesn't have privileges # should result in the same 'access denied' type of error whether # routine exists or not. @@ -695,7 +698,7 @@ CREATE DATABASE db1; CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect con2, localhost, user2; +connect con2, localhost, user2,,"*NO-ONE*"; # The statement below before disclosed info from body_utf8 column. SHOW CREATE PROCEDURE db1.p1; ERROR 42000: PROCEDURE p1 does not exist @@ -714,6 +717,7 @@ DROP USER user2@localhost; DROP DATABASE db1; create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -723,11 +727,13 @@ foo@localhost foo@local_ost show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`local_ost` disconnect con1; @@ -747,6 +753,7 @@ create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect conn1, localhost, bug12602983_user,,; # Attempt to execute routine on which user doesn't have privileges # should result in the same 'access denied' error whether @@ -794,8 +801,7 @@ CREATE USER u1@localhost; GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect u1, localhost, u1,,; -USE u1; +connect u1, localhost, u1,,u1; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ disconnect u1; diff --git a/mysql-test/main/sp-security.test b/mysql-test/main/sp-security.test index e11e8911b60..a0bf1334fa7 100644 --- a/mysql-test/main/sp-security.test +++ b/mysql-test/main/sp-security.test @@ -67,8 +67,8 @@ grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect (con2user1,localhost,user1,,); -connect (con3anon,localhost,anon,,); +connect (con2user1,localhost,user1,,"*NO-ONE*"); +connect (con3anon,localhost,anon,,"*NO-ONE*"); # @@ -195,7 +195,7 @@ create procedure p () insert into t2 values (1); --error ER_TABLEACCESS_DENIED_ERROR call p(); -connect (con4user2,localhost,user2,,); +connect (con4user2,localhost,user2,,"*NO-ONE*"); connection con4user2; use db2; @@ -284,9 +284,9 @@ show grants for usera@localhost; grant execute on procedure sptest.p1 to userc@localhost with grant option; show grants for userc@localhost; -connect (con2usera,localhost,usera,,); -connect (con3userb,localhost,userb,,); -connect (con4userc,localhost,userc,,); +connect (con2usera,localhost,usera,,"*NO-ONE*"); +connect (con3userb,localhost,userb,,"*NO-ONE*"); +connect (con4userc,localhost,userc,,"*NO-ONE*"); connection con2usera; call sptest.p1(1); @@ -357,6 +357,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// delimiter ;// @@ -467,6 +468,7 @@ begin end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (test_user_12812,localhost,user_bug12812,ABC,test)| --error ER_PROCACCESS_DENIED_ERROR @@ -543,6 +545,7 @@ create procedure bug14533_2() grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect (user_bug14533,localhost,user_bug14533,,test); @@ -926,7 +929,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect (conn1, localhost, bug57061_user,,); +connect (conn1, localhost, bug57061_user,,"*NO-ONE*"); --echo # Attempt to drop routine on which user doesn't have privileges --echo # should result in the same 'access denied' type of error whether --echo # routine exists or not. @@ -958,7 +961,7 @@ CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect (con2, localhost, user2); +connect (con2, localhost, user2,,"*NO-ONE*"); --echo # The statement below before disclosed info from body_utf8 column. --error ER_SP_DOES_NOT_EXIST SHOW CREATE PROCEDURE db1.p1; @@ -981,6 +984,7 @@ DROP DATABASE db1; # create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -1009,6 +1013,7 @@ create procedure mysqltest_db.p1() begin end; --echo # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect (conn1, localhost, bug12602983_user,,); @@ -1066,8 +1071,7 @@ GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect (u1, localhost, u1,,); -USE u1; +connect (u1, localhost, u1,,u1); DELIMITER $$; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ diff --git a/mysql-test/main/sql_mode.result b/mysql-test/main/sql_mode.result index 6ac65302d47..31308cd6a2f 100644 --- a/mysql-test/main/sql_mode.result +++ b/mysql-test/main/sql_mode.result @@ -505,7 +505,7 @@ connection default; set @OLD_SQL_MODE=@@SESSION.SQL_MODE; set session sql_mode='PAD_CHAR_TO_FULL_LENGTH'; flush privileges; -connect user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; select current_user(); current_user() mysqltest_32753@localhost diff --git a/mysql-test/main/sql_mode.test b/mysql-test/main/sql_mode.test index b1c5f05e618..bfcaff39253 100644 --- a/mysql-test/main/sql_mode.test +++ b/mysql-test/main/sql_mode.test @@ -302,7 +302,7 @@ flush privileges; # if user-table is affected by PAD_CHAR_TO_FULL_LENGTH, our connect will fail # --error 1045 -connect (user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); select current_user(); # clean up diff --git a/mysql-test/main/system_mysql_db_fix40123.result b/mysql-test/main/system_mysql_db_fix40123.result index 31a334878ec..2ed1e8ae618 100644 --- a/mysql-test/main/system_mysql_db_fix40123.result +++ b/mysql-test/main/system_mysql_db_fix40123.result @@ -100,7 +100,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50030.result b/mysql-test/main/system_mysql_db_fix50030.result index 8055211e5b2..b99b8678b1a 100644 --- a/mysql-test/main/system_mysql_db_fix50030.result +++ b/mysql-test/main/system_mysql_db_fix50030.result @@ -104,7 +104,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50117.result b/mysql-test/main/system_mysql_db_fix50117.result index 214b7ee572d..8e48c2accb7 100644 --- a/mysql-test/main/system_mysql_db_fix50117.result +++ b/mysql-test/main/system_mysql_db_fix50117.result @@ -84,7 +84,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/user_limits.result b/mysql-test/main/user_limits.result index acb34754caa..1cb4f9c03e8 100644 --- a/mysql-test/main/user_limits.result +++ b/mysql-test/main/user_limits.result @@ -7,7 +7,7 @@ delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; flush user_resources; connect mqph, localhost, mysqltest_1,,; connection mqph; @@ -26,7 +26,7 @@ drop user mysqltest_1@localhost; disconnect mqph; disconnect mqph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect muph, localhost, mysqltest_1,,; connection muph; @@ -53,7 +53,7 @@ drop user mysqltest_1@localhost; disconnect muph; disconnect muph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect mcph1, localhost, mysqltest_1,,; connection mcph1; @@ -77,7 +77,7 @@ connection default; drop user mysqltest_1@localhost; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect muc1, localhost, mysqltest_1,,; connection muc1; @@ -109,10 +109,12 @@ grant usage on *.* to mysqltest_1@localhost with max_user_connections -1; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` flush user_resources; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` connect(localhost,mysqltest_1,,test,MYSQL_PORT,MYSQL_SOCK); connect muc5, localhost, mysqltest_1,,; ERROR 42000: User 'mysqltest_1' has exceeded the 'max_user_connections' resource (current value: -1) @@ -130,7 +132,7 @@ select @@session.max_user_connections, @@global.max_user_connections; @@session.max_user_connections @@global.max_user_connections 2 2 create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect muca1, localhost, mysqltest_1,,; connection muca1; @@ -193,7 +195,7 @@ set global max_user_connections= @my_max_user_connections; # MDEV-17852 Altered connection limits for user have no effect # create user foo@'%' with max_user_connections 1; -connect con1,localhost,foo; +connect con1,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% @@ -202,7 +204,7 @@ connect con2,localhost,foo; ERROR 42000: User 'foo' has exceeded the 'max_user_connections' resource (current value: 1) connection default; alter user foo with max_user_connections 2; -connect con3,localhost,foo; +connect con3,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% diff --git a/mysql-test/main/user_limits.test b/mysql-test/main/user_limits.test index 36524febd8d..10e15ca3c9c 100644 --- a/mysql-test/main/user_limits.test +++ b/mysql-test/main/user_limits.test @@ -27,7 +27,7 @@ flush privileges; # Test of MAX_QUERIES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; # This ensures that counters are reset and makes test scheduling independent flush user_resources; connect (mqph, localhost, mysqltest_1,,); @@ -48,7 +48,7 @@ disconnect mqph2; # Test of MAX_UPDATES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect (muph, localhost, mysqltest_1,,); connection muph; @@ -73,7 +73,7 @@ disconnect muph2; # Test of MAX_CONNECTIONS_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect (mcph1, localhost, mysqltest_1,,); connection mcph1; @@ -101,7 +101,7 @@ drop user mysqltest_1@localhost; # We need this to reset internal mqh_used variable flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect (muc1, localhost, mysqltest_1,,); connection muc1; @@ -155,7 +155,7 @@ set global max_user_connections= 2; select @@session.max_user_connections, @@global.max_user_connections; # Let us check that global limit works create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect (muca1, localhost, mysqltest_1,,); connection muca1; @@ -225,14 +225,14 @@ set global max_user_connections= @my_max_user_connections; --echo # MDEV-17852 Altered connection limits for user have no effect --echo # create user foo@'%' with max_user_connections 1; ---connect con1,localhost,foo +--connect con1,localhost,foo,,"*NO-ONE*" select current_user(); --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_USER_LIMIT_REACHED --connect con2,localhost,foo --connection default alter user foo with max_user_connections 2; ---connect con3,localhost,foo +--connect con3,localhost,foo,,"*NO-ONE*" select current_user(); --disconnect con3 --disconnect con1 diff --git a/mysql-test/main/userstat-badlogin-4824.result b/mysql-test/main/userstat-badlogin-4824.result index b32b05e649d..2d34f78e006 100644 --- a/mysql-test/main/userstat-badlogin-4824.result +++ b/mysql-test/main/userstat-badlogin-4824.result @@ -2,7 +2,7 @@ set @save_userstat=@@global.userstat; create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect foo, localhost, foo, foo, test; +connect foo, localhost, foo, foo, "*NO-ONE*"; select 1; 1 1 diff --git a/mysql-test/main/userstat-badlogin-4824.test b/mysql-test/main/userstat-badlogin-4824.test index 3db3e10da15..8ee5d189f77 100644 --- a/mysql-test/main/userstat-badlogin-4824.test +++ b/mysql-test/main/userstat-badlogin-4824.test @@ -12,7 +12,7 @@ create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect(foo, localhost, foo, foo, test); +connect(foo, localhost, foo, foo, "*NO-ONE*"); select 1; disconnect foo; connection default; diff --git a/mysql-test/main/view_grant.result b/mysql-test/main/view_grant.result index 370035147a1..3754a55eea8 100644 --- a/mysql-test/main/view_grant.result +++ b/mysql-test/main/view_grant.result @@ -46,11 +46,12 @@ revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; create database mysqltest; create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select d from mysqltest.v1; @@ -70,6 +71,7 @@ c select d from mysqltest.v1; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1' connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -88,7 +90,7 @@ grant select on mysqltest.v2 to mysqltest_1@localhost; grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select c from mysqltest.v2; @@ -132,7 +134,7 @@ grant select on mysqltest.v5 to mysqltest_1@localhost; connection user1; show create view mysqltest.v5; View Create View character_set_client collation_connection -v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v5` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v5` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v1; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v1; @@ -141,13 +143,14 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v2; @@ -164,34 +167,36 @@ explain select c from mysqltest.v5; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5` connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; id select_type table type possible_keys key key_len ref rows Extra 1 PRIMARY <derived2> system NULL NULL NULL NULL 0 Const row not found 2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table show create view mysqltest.v2; View Create View character_set_client collation_connection -v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v3; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v3; View Create View character_set_client collation_connection -v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci explain select c from mysqltest.v4; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v4; View Create View character_set_client collation_connection -v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v4` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -208,8 +213,7 @@ grant update (a) on mysqltest.v2 to mysqltest_1@localhost; grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; a b @@ -251,11 +255,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3` update v3 set a=a+c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3` -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -267,7 +271,7 @@ create view mysqltest.v2 (a,c) as select a, b+1 from mysqltest.t1; create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; delete from v1 where c < 4; select * from t1; @@ -284,8 +288,8 @@ delete v2 from t2,v2 where t2.x=v2.c; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` delete from v2 where c < 4; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -300,7 +304,7 @@ create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1; create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; insert into v1 values (5,6); select * from t1; @@ -319,11 +323,11 @@ insert into v2 values (5,6); ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` insert into v2 select x,y from t2; ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); @@ -332,7 +336,7 @@ create user mysqltest_1@localhost; grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; create view mysqltest.v1 as select * from mysqltest.t1; @@ -366,26 +370,26 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; connection root; show create view v1; @@ -401,6 +405,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -423,8 +428,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; f2() NULL @@ -437,7 +441,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop function f2; @@ -446,6 +449,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -461,13 +465,11 @@ create user mysqltest_1@localhost; grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; revoke execute on function f2 from mysqltest_1@localhost; @@ -490,6 +492,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -501,14 +504,12 @@ grant select on t1 to mysqltest_1@localhost; grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; select * from v1; @@ -528,6 +529,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -544,8 +546,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; a b 1 1 @@ -558,7 +559,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop table t1; @@ -566,6 +566,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; create user 'test14256'@'%'; grant all on test.* to 'test14256'@'%'; connect test14256,localhost,test14256,,test; @@ -601,13 +602,11 @@ View Create View character_set_client collation_connection v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1` latin1 latin1_swedish_ci create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; LOCK TABLES v1 READ; SHOW CREATE TABLE v1; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1` UNLOCK TABLES; -use test; connection root; use test; drop user mysqltest_1@localhost; @@ -647,7 +646,7 @@ GRANT UPDATE ON mysqltest1.v_tu TO readonly@localhost; GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect n1,localhost,readonly,,; +connect n1,localhost,readonly,,mysqltest1; connection n1; SELECT * FROM mysqltest1.v_t1; ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them @@ -720,7 +719,7 @@ DROP TABLE t1; USE test; CREATE USER mysqltest_db1@localhost identified by 'PWD'; GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; -connect session1,localhost,mysqltest_db1,PWD,test; +connect session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"; CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; CREATE TABLE t1 (f1 INTEGER); @@ -1085,9 +1084,7 @@ CREATE VIEW v1 AS SELECT f1, f2 FROM t1; CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect addconfoo, localhost, foo,,; -connection addconfoo; -USE db1; +connect addconfoo, localhost, foo,,db1; SELECT f1 FROM t1; f1 SELECT f2 FROM t1; @@ -1431,11 +1428,11 @@ CREATE TABLE t2 ( a INT, b INT ); CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; -connect connection1, localhost, mysqluser1, , test; +connect connection1, localhost, mysqluser1, ,mysqltest1; SELECT * FROM mysqltest1.v1; ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1` CREATE VIEW v1 AS SELECT * FROM mysqltest1.t2; -ERROR 42000: ANY command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`t2` +ERROR 42000: CREATE VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1` disconnect connection1; connection default; DROP TABLE t1, t2; @@ -1858,7 +1855,7 @@ where t2.id = v1.id; create sql security invoker view v42 as select v2.id as id, v2.val as val from mysqltest2.t2 as t2, mysqltest2.v2_merge as v2 where t2.id = v2.id; -connect conn_11766767, localhost, user_11766767,,; +connect conn_11766767, localhost, user_11766767,,mysqltest2; # # A) Check how we handle privilege checking in multi-update for # directly used views. @@ -1959,6 +1956,7 @@ drop database mysqltest2; CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect con1,localhost,foo,,; SELECT * FROM foo.v; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table `foo`.`v` diff --git a/mysql-test/main/view_grant.test b/mysql-test/main/view_grant.test index 83bbeb3be77..9094c616a1f 100644 --- a/mysql-test/main/view_grant.test +++ b/mysql-test/main/view_grant.test @@ -71,6 +71,7 @@ revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; # # grants per columns @@ -84,7 +85,7 @@ create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); select c from mysqltest.v1; # there are no privileges on column 'd' --error ER_COLUMNACCESS_DENIED_ERROR @@ -112,6 +113,7 @@ select c from mysqltest.v1; select d from mysqltest.v1; connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -139,7 +141,7 @@ grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # all SELECTs works, except v5 which lacks SELECT privs select c from mysqltest.v1; select c from mysqltest.v2; @@ -188,7 +190,8 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # EXPLAIN works explain select c from mysqltest.v1; show create view mysqltest.v1; @@ -213,7 +216,8 @@ explain select c from mysqltest.v5; # allow to see any view in mysqltest database connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); explain select c from mysqltest.v1; show create view mysqltest.v1; explain select c from mysqltest.v2; @@ -231,6 +235,7 @@ connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # UPDATE privileges on VIEW columns and whole VIEW @@ -256,8 +261,7 @@ grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); # update with rights on VIEW column update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; @@ -281,11 +285,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; --error ER_TABLEACCESS_DENIED_ERROR update v3 set a=a+c; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # DELETE privileges on VIEW @@ -306,7 +310,7 @@ create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column delete from v1 where c < 4; @@ -319,8 +323,8 @@ delete v2 from t2,v2 where t2.x=v2.c; --error ER_TABLEACCESS_DENIED_ERROR delete from v2 where c < 4; -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -344,7 +348,7 @@ create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column insert into v1 values (5,6); @@ -357,11 +361,11 @@ insert into v2 values (5,6); --error ER_TABLEACCESS_DENIED_ERROR insert into v2 select x,y from t2; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # test of CREATE VIEW privileges if we have limited privileges @@ -379,7 +383,7 @@ grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; @@ -426,6 +430,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; # # user with global DB privileges @@ -438,15 +443,14 @@ create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # view definer grants revoking @@ -462,7 +466,7 @@ create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; @@ -478,6 +482,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; # # rights on execution of view underlying functiond (Bug#9505) @@ -512,8 +517,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -522,7 +526,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -532,6 +535,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # revertion of previous test, definer of view lost his/her rights to execute @@ -561,13 +565,11 @@ grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; @@ -588,6 +590,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # definer/invoker rights for columns @@ -607,14 +610,12 @@ grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; @@ -633,6 +634,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; @@ -655,8 +657,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -665,7 +666,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -674,6 +674,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # Bug#14256 definer in view definition is not fully qualified @@ -723,14 +724,12 @@ SHOW CREATE VIEW v1; create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); -use mysqltest; LOCK TABLES v1 READ; --error ER_TABLEACCESS_DENIED_ERROR SHOW CREATE TABLE v1; UNLOCK TABLES; -use test; connection root; use test; @@ -776,7 +775,7 @@ GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect (n1,localhost,readonly,,); +connect (n1,localhost,readonly,,mysqltest1); connection n1; --error ER_VIEW_INVALID @@ -858,7 +857,7 @@ eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; # The session with the non root user is needed. --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (session1,localhost,mysqltest_db1,PWD,test); +connect (session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"); CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; @@ -1270,9 +1269,7 @@ CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect (addconfoo, localhost, foo,,); -connection addconfoo; -USE db1; +connect (addconfoo, localhost, foo,,db1); SELECT f1 FROM t1; --error ER_COLUMNACCESS_DENIED_ERROR @@ -1714,7 +1711,7 @@ CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; ---connect (connection1, localhost, mysqluser1, , test) +--connect (connection1, localhost, mysqluser1, ,mysqltest1) --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM mysqltest1.v1; @@ -2106,7 +2103,7 @@ create sql security invoker view v42 as where t2.id = v2.id; -connect (conn_11766767, localhost, user_11766767,,); +connect (conn_11766767, localhost, user_11766767,,mysqltest2); --echo # --echo # A) Check how we handle privilege checking in multi-update for @@ -2215,6 +2212,7 @@ CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect (con1,localhost,foo,,); --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM foo.v; diff --git a/mysql-test/suite/binlog/r/binlog_dmls_on_tmp_tables_readonly.result b/mysql-test/suite/binlog/r/binlog_dmls_on_tmp_tables_readonly.result index b366bde4daf..1b60e50c09d 100644 --- a/mysql-test/suite/binlog/r/binlog_dmls_on_tmp_tables_readonly.result +++ b/mysql-test/suite/binlog/r/binlog_dmls_on_tmp_tables_readonly.result @@ -2,7 +2,7 @@ DROP TABLE IF EXISTS t1 ; # READ_ONLY does nothing to SUPER users # so we use a non-SUPER one: CREATE USER test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE TEMPORARY TABLES, SELECT, DROP ON *.* TO test@localhost; connect con1,localhost,test,,test; connection default; SET GLOBAL READ_ONLY=1; diff --git a/mysql-test/suite/binlog/r/binlog_grant.result b/mysql-test/suite/binlog/r/binlog_grant.result index af4c02411d5..edf705614eb 100644 --- a/mysql-test/suite/binlog/r/binlog_grant.result +++ b/mysql-test/suite/binlog/r/binlog_grant.result @@ -2,9 +2,11 @@ connection default; reset master; set @saved_binlog_format = @@global.binlog_format; create user mysqltest_1@localhost; +GRANT SELECT on test.* to mysqltest_1@localhost; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.* TO `mysqltest_1`@`localhost` connect plain,localhost,mysqltest_1,,test; connect root,localhost,root,,test; **** Variable SQL_LOG_BIN **** @@ -34,7 +36,7 @@ set global binlog_format = @saved_binlog_format; drop user mysqltest_1@localhost; CREATE USER 'mysqltest_1'@'localhost'; GRANT REPLICATION CLIENT ON *.* TO 'mysqltest_1'@'localhost'; -connect rpl,localhost,mysqltest_1,,; +connect rpl,localhost,mysqltest_1,,"*NO-ONE*"; connection rpl; SHOW MASTER LOGS; SHOW BINARY LOGS; @@ -88,7 +90,7 @@ DROP USER user1@localhost; # Test if PURGE BINLOG is allowed with BINLOG ADMIN CREATE USER user1@localhost; GRANT BINLOG ADMIN ON *.* TO user1@localhost; -connect user1,localhost,user1,,; +connect user1,localhost,user1,,"*NO-ONE*"; connection user1; PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; disconnect user1; @@ -97,7 +99,7 @@ DROP USER user1@localhost; # Test if PURGE BINLOG is allowed with SUPER CREATE USER user1@localhost; GRANT SUPER ON *.* TO user1@localhost; -connect user1,localhost,user1,,; +connect user1,localhost,user1,,"*NO-ONE*"; connection user1; PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; disconnect user1; @@ -117,7 +119,7 @@ DROP USER user1@localhost; # Test if SHOW BINLOG EVENTS is allowed with BINLOG MONITOR CREATE USER user1@localhost; GRANT BINLOG MONITOR ON *.* TO user1@localhost; -connect user1,localhost,user1,,; +connect user1,localhost,user1,,"*NO-ONE*"; connection user1; SHOW BINLOG EVENTS; disconnect user1; @@ -132,6 +134,7 @@ DROP USER user1@localhost; # CREATE USER user1@localhost; GRANT BINLOG REPLAY ON *.* TO user1@localhost; +GRANT ALL ON test.* TO user1@localhost; RESET MASTER; CREATE TABLE t1 (a INT); INSERT INTO t1 VALUES (1),(2),(3); diff --git a/mysql-test/suite/binlog/r/read_only.result b/mysql-test/suite/binlog/r/read_only.result index 9a173d9a96e..1084970d11a 100644 --- a/mysql-test/suite/binlog/r/read_only.result +++ b/mysql-test/suite/binlog/r/read_only.result @@ -5,7 +5,7 @@ # gtid_strict_mode enabled # create user test@localhost; -grant CREATE, DROP, INSERT, SELECT on *.* to test@localhost; +grant CREATE TEMPORARY TABLES, DROP, INSERT, SELECT on *.* to test@localhost; create table t1 (a int) engine=myisam; insert into t1 values (1),(2); reset master; diff --git a/mysql-test/suite/binlog/r/read_only_statement.result b/mysql-test/suite/binlog/r/read_only_statement.result index 9a173d9a96e..1084970d11a 100644 --- a/mysql-test/suite/binlog/r/read_only_statement.result +++ b/mysql-test/suite/binlog/r/read_only_statement.result @@ -5,7 +5,7 @@ # gtid_strict_mode enabled # create user test@localhost; -grant CREATE, DROP, INSERT, SELECT on *.* to test@localhost; +grant CREATE TEMPORARY TABLES, DROP, INSERT, SELECT on *.* to test@localhost; create table t1 (a int) engine=myisam; insert into t1 values (1),(2); reset master; diff --git a/mysql-test/suite/binlog/t/binlog_dmls_on_tmp_tables_readonly.test b/mysql-test/suite/binlog/t/binlog_dmls_on_tmp_tables_readonly.test index 0fa35d57745..dd0cdd0f82e 100644 --- a/mysql-test/suite/binlog/t/binlog_dmls_on_tmp_tables_readonly.test +++ b/mysql-test/suite/binlog/t/binlog_dmls_on_tmp_tables_readonly.test @@ -26,7 +26,7 @@ DROP TABLE IF EXISTS t1 ; --echo # READ_ONLY does nothing to SUPER users --echo # so we use a non-SUPER one: CREATE USER test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE TEMPORARY TABLES, SELECT, DROP ON *.* TO test@localhost; connect (con1,localhost,test,,test); diff --git a/mysql-test/suite/binlog/t/binlog_grant.test b/mysql-test/suite/binlog/t/binlog_grant.test index ec8d2aeccd2..d573281f691 100644 --- a/mysql-test/suite/binlog/t/binlog_grant.test +++ b/mysql-test/suite/binlog/t/binlog_grant.test @@ -10,6 +10,7 @@ reset master; set @saved_binlog_format = @@global.binlog_format; create user mysqltest_1@localhost; +GRANT SELECT on test.* to mysqltest_1@localhost; show grants for mysqltest_1@localhost; connect (plain,localhost,mysqltest_1,,test); @@ -60,7 +61,7 @@ drop user mysqltest_1@localhost; # SHOW MASTER LOGS and SHOW BINARY. CREATE USER 'mysqltest_1'@'localhost'; GRANT REPLICATION CLIENT ON *.* TO 'mysqltest_1'@'localhost'; ---connect(rpl,localhost,mysqltest_1,,) +--connect(rpl,localhost,mysqltest_1,,"*NO-ONE*") --connection rpl # We are only interested if the following commands succeed and not on @@ -128,7 +129,7 @@ DROP USER user1@localhost; --echo # Test if PURGE BINLOG is allowed with BINLOG ADMIN CREATE USER user1@localhost; GRANT BINLOG ADMIN ON *.* TO user1@localhost; ---connect(user1,localhost,user1,,) +--connect(user1,localhost,user1,,"*NO-ONE*") --connection user1 PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; --disconnect user1 @@ -139,7 +140,7 @@ DROP USER user1@localhost; --echo # Test if PURGE BINLOG is allowed with SUPER CREATE USER user1@localhost; GRANT SUPER ON *.* TO user1@localhost; ---connect(user1,localhost,user1,,) +--connect(user1,localhost,user1,,"*NO-ONE*") --connection user1 PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; --disconnect user1 @@ -163,7 +164,7 @@ DROP USER user1@localhost; --echo # Test if SHOW BINLOG EVENTS is allowed with BINLOG MONITOR CREATE USER user1@localhost; GRANT BINLOG MONITOR ON *.* TO user1@localhost; ---connect(user1,localhost,user1,,) +--connect(user1,localhost,user1,,"*NO-ONE*") --connection user1 --disable_result_log SHOW BINLOG EVENTS; @@ -182,6 +183,7 @@ DROP USER user1@localhost; CREATE USER user1@localhost; GRANT BINLOG REPLAY ON *.* TO user1@localhost; +GRANT ALL ON test.* TO user1@localhost; RESET MASTER; CREATE TABLE t1 (a INT); INSERT INTO t1 VALUES (1),(2),(3); diff --git a/mysql-test/suite/binlog/t/read_only.inc b/mysql-test/suite/binlog/t/read_only.inc index 37f1cb3b2b8..78136b90d0e 100644 --- a/mysql-test/suite/binlog/t/read_only.inc +++ b/mysql-test/suite/binlog/t/read_only.inc @@ -6,7 +6,7 @@ --echo # create user test@localhost; -grant CREATE, DROP, INSERT, SELECT on *.* to test@localhost; +grant CREATE TEMPORARY TABLES, DROP, INSERT, SELECT on *.* to test@localhost; create table t1 (a int) engine=myisam; insert into t1 values (1),(2); reset master; diff --git a/mysql-test/suite/engines/funcs/r/rpl_temporary.result b/mysql-test/suite/engines/funcs/r/rpl_temporary.result index 650fe1db9e0..492e9ac3ac3 100644 --- a/mysql-test/suite/engines/funcs/r/rpl_temporary.result +++ b/mysql-test/suite/engines/funcs/r/rpl_temporary.result @@ -34,6 +34,8 @@ connection master; DROP TABLE t1; connection slave; connection master; +create user zedjzlcsjhd@localhost; +GRANT ALL on test.* to zedjzlcsjhd@localhost; connect con1,localhost,root,,; connect con2,localhost,root,,; connect con3,localhost,zedjzlcsjhd,,; @@ -83,6 +85,7 @@ f 5 7 drop table t1, t2; +drop user zedjzlcsjhd@localhost; use test; SET TIMESTAMP=1040323920; create table t1(f int); @@ -174,7 +177,7 @@ FLUSH PRIVILEGES; GRANT USAGE ON *.* TO user43748@127.0.0.1 IDENTIFIED BY 'meow'; GRANT PROCESS ON *.* TO user43748@127.0.0.1; -- try to KILL system-thread as that non-privileged user (on slave). -connect cont43748,127.0.0.1,user43748,meow,test,$SLAVE_MYPORT,; +connect cont43748,127.0.0.1,user43748,meow,"*NO-ONE*",$SLAVE_MYPORT,; connection cont43748; SELECT id INTO @id FROM information_schema.processlist WHERE user='system user' LIMIT 1; KILL @id; diff --git a/mysql-test/suite/funcs_1/datadict/is_routines.inc b/mysql-test/suite/funcs_1/datadict/is_routines.inc index 3bbd26a948d..37e77e81a28 100644 --- a/mysql-test/suite/funcs_1/datadict/is_routines.inc +++ b/mysql-test/suite/funcs_1/datadict/is_routines.inc @@ -193,7 +193,7 @@ connect (testuser2, localhost, testuser2, , db_datadict); SELECT * FROM information_schema.routines where routine_schema <> 'sys'; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser3, localhost, testuser3, , test); +connect (testuser3, localhost, testuser3, , "*NO-ONE*"); --replace_column 24 "YYYY-MM-DD hh:mm:ss" 25 "YYYY-MM-DD hh:mm:ss" SELECT * FROM information_schema.routines where routine_schema <> 'sys'; diff --git a/mysql-test/suite/funcs_1/datadict/is_schemata.inc b/mysql-test/suite/funcs_1/datadict/is_schemata.inc index 267d3c272b9..6ddd966d7a9 100644 --- a/mysql-test/suite/funcs_1/datadict/is_schemata.inc +++ b/mysql-test/suite/funcs_1/datadict/is_schemata.inc @@ -120,7 +120,7 @@ eval $my_select; eval $my_show; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser3, localhost, testuser3, , test); +connect (testuser3, localhost, testuser3, ,"*NO-ONE*"); # Shows neither db_datadict_1 nor db_datadict_2 eval $my_select; --sorted_result diff --git a/mysql-test/suite/funcs_1/datadict/is_views.inc b/mysql-test/suite/funcs_1/datadict/is_views.inc index 367b1b1ede4..acf12ce5d39 100644 --- a/mysql-test/suite/funcs_1/datadict/is_views.inc +++ b/mysql-test/suite/funcs_1/datadict/is_views.inc @@ -109,15 +109,15 @@ WHERE table_schema = 'db_datadict' ORDER BY table_name; eval $select; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser1, localhost, testuser1, , test); +connect (testuser1, localhost, testuser1, ,"*NO-ONE*"); eval $select; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser2, localhost, testuser2, , test); +connect (testuser2, localhost, testuser2, ,"*NO-ONE*"); eval $select; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (test_no_views, localhost, test_no_views, , test); +connect (test_no_views, localhost, test_no_views, ,"*NO-ONE*"); eval $select; # Cleanup diff --git a/mysql-test/suite/funcs_1/datadict/processlist_priv.inc b/mysql-test/suite/funcs_1/datadict/processlist_priv.inc index 99a4340c571..90bc19f2784 100644 --- a/mysql-test/suite/funcs_1/datadict/processlist_priv.inc +++ b/mysql-test/suite/funcs_1/datadict/processlist_priv.inc @@ -132,6 +132,8 @@ DROP USER ddicttestuser1@'localhost'; DROP USER ddicttestuser2@'localhost'; CREATE USER ddicttestuser1@'localhost'; CREATE USER ddicttestuser2@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser1@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser2@'localhost'; SET PASSWORD FOR ddicttestuser1@'localhost' = PASSWORD('ddictpass'); SET PASSWORD FOR ddicttestuser2@'localhost' = PASSWORD('ddictpass'); diff --git a/mysql-test/suite/funcs_1/r/innodb_trig_03.result b/mysql-test/suite/funcs_1/r/innodb_trig_03.result index 051e0d1e125..f4bac5752a7 100644 --- a/mysql-test/suite/funcs_1/r/innodb_trig_03.result +++ b/mysql-test/suite/funcs_1/r/innodb_trig_03.result @@ -241,7 +241,7 @@ show grants for test_yesprivs@localhost; Grants for test_yesprivs@localhost GRANT TRIGGER ON *.* TO `test_yesprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT UPDATE ON `priv_db`.* TO `test_yesprivs`@`localhost` -connect no_privs_424b,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs_424b,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; connect yes_privs_424b,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; connection default; connection no_privs_424b; diff --git a/mysql-test/suite/funcs_1/r/innodb_trig_03e.result b/mysql-test/suite/funcs_1/r/innodb_trig_03e.result index 6ec5240792c..8a5717a7576 100644 --- a/mysql-test/suite/funcs_1/r/innodb_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/innodb_trig_03e.result @@ -24,7 +24,8 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; no trigger privilege on db level for create: -------------------------------------------- @@ -32,8 +33,8 @@ use priv_db; create trigger trg1_1 before INSERT on t1 for each row set new.f1 = 'trig 1_1-no'; ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table `priv_db`.`t1` -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv_db; +connect no_privs,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; insert into t1 (f1) values ('insert-yes'); select f1 from t1 order by f1; f1 @@ -271,8 +272,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; create User test_noprivs@localhost; set password for test_noprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; no trigger privilege on table level for create: ----------------------------------------------- @@ -824,10 +827,8 @@ Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT, UPDATE ON `priv1_db`.* TO `test_noprivs`@`localhost` GRANT SELECT, INSERT ON `priv2_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; +connect yes_privs,localhost,test_yesprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs,localhost,test_noprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; trigger privilege on one db1 db level, not on db2 ------------------------------------------------- @@ -1055,7 +1056,8 @@ create User test_useprivs@localhost; set password for test_useprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1085,11 +1087,11 @@ select f1 from t1 order by f1; f1 trig 1_1-yes prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')'; -connect use_privs,localhost,test_useprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect use_privs,localhost,test_useprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection use_privs; select current_user; current_user test_useprivs@localhost -use priv_db; prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')'; execute ins1; select f1 from t1 order by f1; @@ -1301,7 +1303,8 @@ create table t1 (f1 char(20)) engine= innodb; create User test_yesprivs@localhost; set password for test_yesprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1407,7 +1410,6 @@ create table t1 (f1 char(20)) engine= innodb; create User test_yesprivs@localhost; set password for test_yesprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; connection default; select current_user; current_user @@ -1418,11 +1420,11 @@ show grants for test_yesprivs@localhost; Grants for test_yesprivs@localhost GRANT USAGE ON *.* TO `test_yesprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO `test_yesprivs`@`localhost` +connect yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; connection yes_privs; select current_user; current_user test_yesprivs@localhost -use priv_db; set autocommit=0; create definer=current_user trigger trg1_1 before INSERT on t1 for each row @@ -1484,8 +1486,10 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, UPDATE ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; update only on column: ---------------------- diff --git a/mysql-test/suite/funcs_1/r/innodb_trig_0407.result b/mysql-test/suite/funcs_1/r/innodb_trig_0407.result index d551575960e..281e4e8d0f6 100644 --- a/mysql-test/suite/funcs_1/r/innodb_trig_0407.result +++ b/mysql-test/suite/funcs_1/r/innodb_trig_0407.result @@ -69,8 +69,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; -connect con1_general,localhost,test_general,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect con1_super,localhost,test_super,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect con1_general,localhost,test_general,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_general; +connect con1_super,localhost,test_super,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_super; connection default; Testcase 3.5.4: diff --git a/mysql-test/suite/funcs_1/r/innodb_trig_08.result b/mysql-test/suite/funcs_1/r/innodb_trig_08.result index 2a57496800e..52820d6b0cd 100644 --- a/mysql-test/suite/funcs_1/r/innodb_trig_08.result +++ b/mysql-test/suite/funcs_1/r/innodb_trig_08.result @@ -66,6 +66,7 @@ Testcase: 3.5: create User test_general@localhost; set password for test_general@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; +grant SELECT,UPDATE,DELETE,INSERT on test.* to test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; diff --git a/mysql-test/suite/funcs_1/r/is_basics_mixed.result b/mysql-test/suite/funcs_1/r/is_basics_mixed.result index 95fc5ae59c3..267bb56331c 100644 --- a/mysql-test/suite/funcs_1/r/is_basics_mixed.result +++ b/mysql-test/suite/funcs_1/r/is_basics_mixed.result @@ -15,6 +15,7 @@ DATABASE() information_schema DROP USER 'testuser1'@'localhost'; CREATE USER 'testuser1'@'localhost'; +GRANT SELECT ON test.* TO 'testuser1'@'localhost'; connect testuser1, localhost, testuser1, , test; SELECT DATABASE(); DATABASE() diff --git a/mysql-test/suite/funcs_1/r/is_check_constraints.result b/mysql-test/suite/funcs_1/r/is_check_constraints.result index ae9820b2c70..34e5535dba0 100644 --- a/mysql-test/suite/funcs_1/r/is_check_constraints.result +++ b/mysql-test/suite/funcs_1/r/is_check_constraints.result @@ -108,7 +108,7 @@ def foo t3 b Column `b` > 0 def foo t3 b Table `b` > 10 def foo t3 b1 Table `b` < 123456789012345678901234567890123456789012345678901234567890123456789 disconnect con1; -CONNECT con2, localhost, boo2,, test; +CONNECT con2, localhost, boo2,,"*NO-ONE*"; SELECT * from information_schema.check_constraints; CONSTRAINT_CATALOG CONSTRAINT_SCHEMA TABLE_NAME CONSTRAINT_NAME LEVEL CHECK_CLAUSE disconnect con2; diff --git a/mysql-test/suite/funcs_1/r/is_column_privileges_is_mysql_test.result b/mysql-test/suite/funcs_1/r/is_column_privileges_is_mysql_test.result index 1492bd26b5d..e30bd86833f 100644 --- a/mysql-test/suite/funcs_1/r/is_column_privileges_is_mysql_test.result +++ b/mysql-test/suite/funcs_1/r/is_column_privileges_is_mysql_test.result @@ -31,7 +31,6 @@ SHOW DATABASES LIKE 'mysql'; Database (mysql) SHOW DATABASES LIKE 'test'; Database (test) -test connection default; DROP USER 'testuser1'@'localhost'; DROP DATABASE db_datadict; diff --git a/mysql-test/suite/funcs_1/r/is_routines.result b/mysql-test/suite/funcs_1/r/is_routines.result index 1b293444b27..51477e441ad 100644 --- a/mysql-test/suite/funcs_1/r/is_routines.result +++ b/mysql-test/suite/funcs_1/r/is_routines.result @@ -196,7 +196,7 @@ connect testuser2, localhost, testuser2, , db_datadict; SELECT * FROM information_schema.routines where routine_schema <> 'sys'; SPECIFIC_NAME ROUTINE_CATALOG ROUTINE_SCHEMA ROUTINE_NAME ROUTINE_TYPE DATA_TYPE CHARACTER_MAXIMUM_LENGTH CHARACTER_OCTET_LENGTH NUMERIC_PRECISION NUMERIC_SCALE DATETIME_PRECISION CHARACTER_SET_NAME COLLATION_NAME DTD_IDENTIFIER ROUTINE_BODY ROUTINE_DEFINITION EXTERNAL_NAME EXTERNAL_LANGUAGE PARAMETER_STYLE IS_DETERMINISTIC SQL_DATA_ACCESS SQL_PATH SECURITY_TYPE CREATED LAST_ALTERED SQL_MODE ROUTINE_COMMENT DEFINER CHARACTER_SET_CLIENT COLLATION_CONNECTION DATABASE_COLLATION sp_6_408002_2 def db_datadict_2 sp_6_408002_2 PROCEDURE NULL NULL NULL NULL NULL NULL NULL NULL SQL NULL NULL NULL SQL NO CONTAINS SQL NULL DEFINER YYYY-MM-DD hh:mm:ss YYYY-MM-DD hh:mm:ss root@localhost latin1 latin1_swedish_ci latin1_swedish_ci -connect testuser3, localhost, testuser3, , test; +connect testuser3, localhost, testuser3, , "*NO-ONE*"; SELECT * FROM information_schema.routines where routine_schema <> 'sys'; SPECIFIC_NAME ROUTINE_CATALOG ROUTINE_SCHEMA ROUTINE_NAME ROUTINE_TYPE DATA_TYPE CHARACTER_MAXIMUM_LENGTH CHARACTER_OCTET_LENGTH NUMERIC_PRECISION NUMERIC_SCALE DATETIME_PRECISION CHARACTER_SET_NAME COLLATION_NAME DTD_IDENTIFIER ROUTINE_BODY ROUTINE_DEFINITION EXTERNAL_NAME EXTERNAL_LANGUAGE PARAMETER_STYLE IS_DETERMINISTIC SQL_DATA_ACCESS SQL_PATH SECURITY_TYPE CREATED LAST_ALTERED SQL_MODE ROUTINE_COMMENT DEFINER CHARACTER_SET_CLIENT COLLATION_CONNECTION DATABASE_COLLATION connection default; diff --git a/mysql-test/suite/funcs_1/r/is_routines_embedded.result b/mysql-test/suite/funcs_1/r/is_routines_embedded.result index dfd663a6a96..be2a3d45432 100644 --- a/mysql-test/suite/funcs_1/r/is_routines_embedded.result +++ b/mysql-test/suite/funcs_1/r/is_routines_embedded.result @@ -219,7 +219,7 @@ AddGeometryColumn def mysql AddGeometryColumn PROCEDURE NULL NULL NULL NULL NUL set @qwe= concat('ALTER TABLE ', t_schema, '.', t_name, ' ADD ', geometry_column,' GEOMETRY REF_SYSTEM_ID=', t_srid); PREPARE ls from @qwe; execute ls; deallocate prepare ls; end NULL NULL SQL NO CONTAINS SQL NULL INVOKER YYYY-MM-DD hh:mm:ss YYYY-MM-DD hh:mm:ss mariadb.sys@localhost latin1 latin1_swedish_ci latin1_swedish_ci DropGeometryColumn def mysql DropGeometryColumn PROCEDURE NULL NULL NULL NULL NULL NULL NULL NULL SQL begin set @qwe= concat('ALTER TABLE ', t_schema, '.', t_name, ' DROP ', geometry_column); PREPARE ls from @qwe; execute ls; deallocate prepare ls; end NULL NULL SQL NO CONTAINS SQL NULL INVOKER YYYY-MM-DD hh:mm:ss YYYY-MM-DD hh:mm:ss mariadb.sys@localhost latin1 latin1_swedish_ci latin1_swedish_ci -connect testuser3, localhost, testuser3, , test; +connect testuser3, localhost, testuser3, , "*NO-ONE*"; SELECT * FROM information_schema.routines where routine_schema <> 'sys'; SPECIFIC_NAME ROUTINE_CATALOG ROUTINE_SCHEMA ROUTINE_NAME ROUTINE_TYPE DATA_TYPE CHARACTER_MAXIMUM_LENGTH CHARACTER_OCTET_LENGTH NUMERIC_PRECISION NUMERIC_SCALE DATETIME_PRECISION CHARACTER_SET_NAME COLLATION_NAME DTD_IDENTIFIER ROUTINE_BODY ROUTINE_DEFINITION EXTERNAL_NAME EXTERNAL_LANGUAGE PARAMETER_STYLE IS_DETERMINISTIC SQL_DATA_ACCESS SQL_PATH SECURITY_TYPE CREATED LAST_ALTERED SQL_MODE ROUTINE_COMMENT DEFINER CHARACTER_SET_CLIENT COLLATION_CONNECTION DATABASE_COLLATION sp_6_408002_1 def db_datadict sp_6_408002_1 PROCEDURE NULL NULL NULL NULL NULL NULL NULL NULL SQL BEGIN diff --git a/mysql-test/suite/funcs_1/r/is_schema_privileges.result b/mysql-test/suite/funcs_1/r/is_schema_privileges.result index 1c8f50df7ce..69f78a98711 100644 --- a/mysql-test/suite/funcs_1/r/is_schema_privileges.result +++ b/mysql-test/suite/funcs_1/r/is_schema_privileges.result @@ -52,40 +52,6 @@ IS_GRANTABLE varchar(3) NO NULL SELECT GRANTEE, TABLE_CATALOG, TABLE_SCHEMA, PRIVILEGE_TYPE FROM information_schema.schema_privileges WHERE table_catalog IS NOT NULL; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE -''@'%' def test SELECT -''@'%' def test INSERT -''@'%' def test UPDATE -''@'%' def test DELETE -''@'%' def test CREATE -''@'%' def test DROP -''@'%' def test REFERENCES -''@'%' def test INDEX -''@'%' def test ALTER -''@'%' def test CREATE TEMPORARY TABLES -''@'%' def test LOCK TABLES -''@'%' def test CREATE VIEW -''@'%' def test SHOW VIEW -''@'%' def test CREATE ROUTINE -''@'%' def test EVENT -''@'%' def test TRIGGER -''@'%' def test DELETE HISTORY -''@'%' def test\_% SELECT -''@'%' def test\_% INSERT -''@'%' def test\_% UPDATE -''@'%' def test\_% DELETE -''@'%' def test\_% CREATE -''@'%' def test\_% DROP -''@'%' def test\_% REFERENCES -''@'%' def test\_% INDEX -''@'%' def test\_% ALTER -''@'%' def test\_% CREATE TEMPORARY TABLES -''@'%' def test\_% LOCK TABLES -''@'%' def test\_% CREATE VIEW -''@'%' def test\_% SHOW VIEW -''@'%' def test\_% CREATE ROUTINE -''@'%' def test\_% EVENT -''@'%' def test\_% TRIGGER -''@'%' def test\_% DELETE HISTORY ############################################################################### # Testcase 3.2.15.2-3.2.15.4 INFORMATION_SCHEMA.SCHEMA_PRIVILEGES accessibility ############################################################################### @@ -106,7 +72,7 @@ GRANT INSERT ON db_datadict_2.t1 TO 'testuser1'@'localhost'; GRANT SELECT ON db_datadict_4.* TO 'testuser1'@'localhost' WITH GRANT OPTION; GRANT SELECT ON db_datadict_3.* TO 'testuser2'@'localhost'; GRANT SELECT ON db_datadict_1.* TO 'testuser2'@'localhost'; -connect testuser1, localhost, testuser1, , test; +connect testuser1, localhost, testuser1, ,"*NO-ONE*"; GRANT SELECT ON db_datadict_4.* TO 'testuser2'@'localhost'; # Root granted INSERT db_datadict_1 to me -> visible # Root granted SELECT db_datadict_1 to testuser2 -> invisible @@ -130,7 +96,7 @@ GRANT SELECT ON `db_datadict_4`.* TO `testuser1`@`localhost` WITH GRANT OPTION GRANT INSERT ON `db_datadict_2`.`t1` TO `testuser1`@`localhost` SHOW GRANTS FOR 'testuser2'@'localhost'; ERROR 42000: Access denied for user 'testuser1'@'localhost' to database 'mysql' -connect testuser2, localhost, testuser2, , test; +connect testuser2, localhost, testuser2, ,"*NO-ONE*"; # Root granted SELECT db_datadict_1 to me -> visible # Root granted INSERT db_datadict_1 to testuser1 -> invisible # Root granted INSERT db_datadict_2.t1 but not db_datadict_1 to testuser1 -> invisible diff --git a/mysql-test/suite/funcs_1/r/is_schema_privileges_is_mysql_test.result b/mysql-test/suite/funcs_1/r/is_schema_privileges_is_mysql_test.result index 2b285395cff..774b65b03bc 100644 --- a/mysql-test/suite/funcs_1/r/is_schema_privileges_is_mysql_test.result +++ b/mysql-test/suite/funcs_1/r/is_schema_privileges_is_mysql_test.result @@ -10,23 +10,6 @@ SELECT * FROM information_schema.schema_privileges WHERE table_schema IN ('information_schema','mysql','test') ORDER BY grantee, table_schema, privilege_type; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE -''@'%' def test ALTER NO -''@'%' def test CREATE NO -''@'%' def test CREATE ROUTINE NO -''@'%' def test CREATE TEMPORARY TABLES NO -''@'%' def test CREATE VIEW NO -''@'%' def test DELETE NO -''@'%' def test DELETE HISTORY NO -''@'%' def test DROP NO -''@'%' def test EVENT NO -''@'%' def test INDEX NO -''@'%' def test INSERT NO -''@'%' def test LOCK TABLES NO -''@'%' def test REFERENCES NO -''@'%' def test SELECT NO -''@'%' def test SHOW VIEW NO -''@'%' def test TRIGGER NO -''@'%' def test UPDATE NO SHOW DATABASES LIKE 'information_schema'; Database (information_schema) information_schema @@ -48,7 +31,6 @@ SHOW DATABASES LIKE 'mysql'; Database (mysql) SHOW DATABASES LIKE 'test'; Database (test) -test connection default; DROP USER 'testuser1'@'localhost'; DROP DATABASE db_datadict; diff --git a/mysql-test/suite/funcs_1/r/is_schemata.result b/mysql-test/suite/funcs_1/r/is_schemata.result index ff33306b8f9..1851c089b04 100644 --- a/mysql-test/suite/funcs_1/r/is_schemata.result +++ b/mysql-test/suite/funcs_1/r/is_schemata.result @@ -106,7 +106,7 @@ SHOW DATABASES LIKE 'db_datadict_%'; Database (db_datadict_%) db_datadict_1 db_datadict_2 -connect testuser3, localhost, testuser3, , test; +connect testuser3, localhost, testuser3, ,"*NO-ONE*"; SELECT * FROM information_schema.schemata WHERE schema_name LIKE 'db_datadict_%' ORDER BY schema_name; CATALOG_NAME SCHEMA_NAME DEFAULT_CHARACTER_SET_NAME DEFAULT_COLLATION_NAME SQL_PATH SCHEMA_COMMENT diff --git a/mysql-test/suite/funcs_1/r/is_schemata_embedded.result b/mysql-test/suite/funcs_1/r/is_schemata_embedded.result index 9f129caa5bf..fd7a86d4a42 100644 --- a/mysql-test/suite/funcs_1/r/is_schemata_embedded.result +++ b/mysql-test/suite/funcs_1/r/is_schemata_embedded.result @@ -108,7 +108,7 @@ SHOW DATABASES LIKE 'db_datadict_%'; Database (db_datadict_%) db_datadict_1 db_datadict_2 -connect testuser3, localhost, testuser3, , test; +connect testuser3, localhost, testuser3, ,"*NO-ONE*"; SELECT * FROM information_schema.schemata WHERE schema_name LIKE 'db_datadict_%' ORDER BY schema_name; CATALOG_NAME SCHEMA_NAME DEFAULT_CHARACTER_SET_NAME DEFAULT_COLLATION_NAME SQL_PATH SCHEMA_COMMENT diff --git a/mysql-test/suite/funcs_1/r/is_schemata_is_mysql_test.result b/mysql-test/suite/funcs_1/r/is_schemata_is_mysql_test.result index 516d1cc04dd..4a18f7a0aba 100644 --- a/mysql-test/suite/funcs_1/r/is_schemata_is_mysql_test.result +++ b/mysql-test/suite/funcs_1/r/is_schemata_is_mysql_test.result @@ -28,7 +28,6 @@ WHERE schema_name IN ('information_schema','mysql','test') ORDER BY schema_name; CATALOG_NAME SCHEMA_NAME DEFAULT_CHARACTER_SET_NAME DEFAULT_COLLATION_NAME SQL_PATH SCHEMA_COMMENT def information_schema utf8mb3 utf8mb3_general_ci NULL -def test latin1 latin1_swedish_ci NULL SHOW DATABASES LIKE 'information_schema'; Database (information_schema) information_schema @@ -36,7 +35,6 @@ SHOW DATABASES LIKE 'mysql'; Database (mysql) SHOW DATABASES LIKE 'test'; Database (test) -test connection default; DROP USER 'testuser1'@'localhost'; DROP DATABASE db_datadict; diff --git a/mysql-test/suite/funcs_1/r/is_statistics.result b/mysql-test/suite/funcs_1/r/is_statistics.result index c9f8f494ed6..cf9eda679ab 100644 --- a/mysql-test/suite/funcs_1/r/is_statistics.result +++ b/mysql-test/suite/funcs_1/r/is_statistics.result @@ -170,6 +170,8 @@ DROP USER 'testuser1'@'localhost'; CREATE USER 'testuser1'@'localhost'; DROP USER 'testuser2'@'localhost'; CREATE USER 'testuser2'@'localhost'; +GRANT ALL ON test.* TO 'testuser1'@'localhost'; +GRANT ALL ON test.* TO 'testuser2'@'localhost'; CREATE TABLE db_datadict.t1 (f1 INT NOT NULL, PRIMARY KEY(f1), f2 INT, INDEX f2_ind(f2)) ENGINE = <engine_type>; @@ -200,9 +202,11 @@ def db_datadict_2 t4 0 db_datadict_2 PRIMARY 1 f1 NULL 0 NULL NULL HASH NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` SHOW GRANTS FOR 'testuser2'@'localhost'; Grants for testuser2@localhost GRANT USAGE ON *.* TO `testuser2`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser2`@`localhost` connect testuser1, localhost, testuser1, , test; SELECT * FROM information_schema.statistics WHERE table_schema LIKE 'db_datadict%' @@ -211,6 +215,7 @@ TABLE_CATALOG TABLE_SCHEMA TABLE_NAME NON_UNIQUE INDEX_SCHEMA INDEX_NAME SEQ_IN_ SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` SHOW GRANTS FOR 'testuser2'@'localhost'; ERROR 42000: Access denied for user 'testuser1'@'localhost' to database 'mysql' connect testuser2, localhost, testuser2, , test; @@ -223,6 +228,7 @@ ERROR 42000: Access denied for user 'testuser2'@'localhost' to database 'mysql' SHOW GRANTS FOR 'testuser2'@'localhost'; Grants for testuser2@localhost GRANT USAGE ON *.* TO `testuser2`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser2`@`localhost` connection default; GRANT SELECT ON db_datadict.t1 TO 'testuser1'@'localhost' WITH GRANT OPTION; GRANT SELECT(f1,f5) ON db_datadict_2.t3 TO 'testuser1'@'localhost'; @@ -243,11 +249,13 @@ def db_datadict_2 t4 0 db_datadict_2 PRIMARY 1 f1 NULL 0 NULL NULL HASH NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` GRANT SELECT (f5, f1) ON `db_datadict_2`.`t3` TO `testuser1`@`localhost` GRANT SELECT ON `db_datadict`.`t1` TO `testuser1`@`localhost` WITH GRANT OPTION SHOW GRANTS FOR 'testuser2'@'localhost'; Grants for testuser2@localhost GRANT USAGE ON *.* TO `testuser2`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser2`@`localhost` connection testuser1; SELECT * FROM information_schema.statistics WHERE table_schema LIKE 'db_datadict%' @@ -262,6 +270,7 @@ def db_datadict_2 t3 0 db_datadict_2 PRIMARY 1 f1 NULL 0 NULL NULL HASH NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` GRANT SELECT (f5, f1) ON `db_datadict_2`.`t3` TO `testuser1`@`localhost` GRANT SELECT ON `db_datadict`.`t1` TO `testuser1`@`localhost` WITH GRANT OPTION SHOW GRANTS FOR 'testuser2'@'localhost'; @@ -276,11 +285,13 @@ ERROR 42000: Access denied for user 'testuser2'@'localhost' to database 'mysql' SHOW GRANTS FOR 'testuser2'@'localhost'; Grants for testuser2@localhost GRANT USAGE ON *.* TO `testuser2`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser2`@`localhost` connection default; REVOKE SELECT,GRANT OPTION ON db_datadict.t1 FROM 'testuser1'@'localhost'; SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` GRANT SELECT (f5, f1) ON `db_datadict_2`.`t3` TO `testuser1`@`localhost` connection testuser1; SELECT * FROM information_schema.statistics @@ -294,6 +305,7 @@ def db_datadict_2 t3 0 db_datadict_2 PRIMARY 1 f1 NULL 0 NULL NULL HASH NO SHOW GRANTS FOR 'testuser1'@'localhost'; Grants for testuser1@localhost GRANT USAGE ON *.* TO `testuser1`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `testuser1`@`localhost` GRANT SELECT (f5, f1) ON `db_datadict_2`.`t3` TO `testuser1`@`localhost` connection default; disconnect testuser1; diff --git a/mysql-test/suite/funcs_1/r/is_user_privileges.result b/mysql-test/suite/funcs_1/r/is_user_privileges.result index 4228c744e46..a2a6838358a 100644 --- a/mysql-test/suite/funcs_1/r/is_user_privileges.result +++ b/mysql-test/suite/funcs_1/r/is_user_privileges.result @@ -371,7 +371,7 @@ ERROR 42000: SELECT command denied to user 'testuser2'@'localhost' for table `my SHOW GRANTS; Grants for testuser2@localhost GRANT INSERT, UPDATE ON *.* TO `testuser2`@`localhost` -connect testuser3, localhost, testuser3, , test; +connect testuser3, localhost, testuser3, ,"*NO-ONE*"; SELECT * FROM information_schema.user_privileges WHERE grantee LIKE '''testuser%''' ORDER BY grantee, table_catalog, privilege_type; diff --git a/mysql-test/suite/funcs_1/r/is_views.result b/mysql-test/suite/funcs_1/r/is_views.result index 97ce2d915d8..6a86e7464a0 100644 --- a/mysql-test/suite/funcs_1/r/is_views.result +++ b/mysql-test/suite/funcs_1/r/is_views.result @@ -93,18 +93,18 @@ WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_glob select `db_datadict`.`t1`.`f2` AS `f2`,`db_datadict`.`t1`.`f3` AS `f3` from `db_datadict`.`t1` NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED def db_datadict v_granted_to_1 select `db_datadict`.`t1`.`f1` AS `f1`,`db_datadict`.`t1`.`f2` AS `f2`,`db_datadict`.`t1`.`f3` AS `f3` from `db_datadict`.`t1` NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect testuser1, localhost, testuser1, , test; +connect testuser1, localhost, testuser1, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_to_1 NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect testuser2, localhost, testuser2, , test; +connect testuser2, localhost, testuser2, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_glob NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED def db_datadict v_granted_to_1 NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect test_no_views, localhost, test_no_views, , test; +connect test_no_views, localhost, test_no_views, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM diff --git a/mysql-test/suite/funcs_1/r/is_views_embedded.result b/mysql-test/suite/funcs_1/r/is_views_embedded.result index 136126d8ab5..f64562aadd1 100644 --- a/mysql-test/suite/funcs_1/r/is_views_embedded.result +++ b/mysql-test/suite/funcs_1/r/is_views_embedded.result @@ -93,19 +93,19 @@ WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_glob select `db_datadict`.`t1`.`f2` AS `f2`,`db_datadict`.`t1`.`f3` AS `f3` from `db_datadict`.`t1` NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED def db_datadict v_granted_to_1 select `db_datadict`.`t1`.`f1` AS `f1`,`db_datadict`.`t1`.`f2` AS `f2`,`db_datadict`.`t1`.`f3` AS `f3` from `db_datadict`.`t1` NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect testuser1, localhost, testuser1, , test; +connect testuser1, localhost, testuser1, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_glob NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED def db_datadict v_granted_to_1 NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect testuser2, localhost, testuser2, , test; +connect testuser2, localhost, testuser2, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM def db_datadict v_granted_glob NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED def db_datadict v_granted_to_1 NONE YES root@localhost DEFINER latin1 latin1_swedish_ci UNDEFINED -connect test_no_views, localhost, test_no_views, , test; +connect test_no_views, localhost, test_no_views, ,"*NO-ONE*"; SELECT * FROM information_schema.views WHERE table_schema = 'db_datadict' ORDER BY table_name; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE CHARACTER_SET_CLIENT COLLATION_CONNECTION ALGORITHM diff --git a/mysql-test/suite/funcs_1/r/memory_trig_03.result b/mysql-test/suite/funcs_1/r/memory_trig_03.result index b76e7d01f59..477a2fa3035 100644 --- a/mysql-test/suite/funcs_1/r/memory_trig_03.result +++ b/mysql-test/suite/funcs_1/r/memory_trig_03.result @@ -241,7 +241,7 @@ show grants for test_yesprivs@localhost; Grants for test_yesprivs@localhost GRANT TRIGGER ON *.* TO `test_yesprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT UPDATE ON `priv_db`.* TO `test_yesprivs`@`localhost` -connect no_privs_424b,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs_424b,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; connect yes_privs_424b,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; connection default; connection no_privs_424b; diff --git a/mysql-test/suite/funcs_1/r/memory_trig_03e.result b/mysql-test/suite/funcs_1/r/memory_trig_03e.result index c40cbd0ab72..e1ed25be0c5 100644 --- a/mysql-test/suite/funcs_1/r/memory_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/memory_trig_03e.result @@ -25,7 +25,8 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; no trigger privilege on db level for create: -------------------------------------------- @@ -33,8 +34,8 @@ use priv_db; create trigger trg1_1 before INSERT on t1 for each row set new.f1 = 'trig 1_1-no'; ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table `priv_db`.`t1` -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv_db; +connect no_privs,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; insert into t1 (f1) values ('insert-yes'); select f1 from t1 order by f1; f1 @@ -272,8 +273,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; create User test_noprivs@localhost; set password for test_noprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; no trigger privilege on table level for create: ----------------------------------------------- @@ -825,10 +828,8 @@ Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT, UPDATE ON `priv1_db`.* TO `test_noprivs`@`localhost` GRANT SELECT, INSERT ON `priv2_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; +connect yes_privs,localhost,test_yesprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs,localhost,test_noprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; trigger privilege on one db1 db level, not on db2 ------------------------------------------------- @@ -1056,7 +1057,8 @@ create User test_useprivs@localhost; set password for test_useprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1086,11 +1088,11 @@ select f1 from t1 order by f1; f1 trig 1_1-yes prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')'; -connect use_privs,localhost,test_useprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect use_privs,localhost,test_useprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection use_privs; select current_user; current_user test_useprivs@localhost -use priv_db; prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')'; execute ins1; select f1 from t1 order by f1; @@ -1302,7 +1304,8 @@ create table t1 (f1 char(20)) engine= memory; create User test_yesprivs@localhost; set password for test_yesprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1423,8 +1426,10 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, UPDATE ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; update only on column: ---------------------- diff --git a/mysql-test/suite/funcs_1/r/memory_trig_0407.result b/mysql-test/suite/funcs_1/r/memory_trig_0407.result index ceae360946c..c9a15b46aba 100644 --- a/mysql-test/suite/funcs_1/r/memory_trig_0407.result +++ b/mysql-test/suite/funcs_1/r/memory_trig_0407.result @@ -69,8 +69,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; -connect con1_general,localhost,test_general,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect con1_super,localhost,test_super,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect con1_general,localhost,test_general,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_general; +connect con1_super,localhost,test_super,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_super; connection default; Testcase 3.5.4: diff --git a/mysql-test/suite/funcs_1/r/memory_trig_08.result b/mysql-test/suite/funcs_1/r/memory_trig_08.result index c9d6454dc5b..c37266bb40c 100644 --- a/mysql-test/suite/funcs_1/r/memory_trig_08.result +++ b/mysql-test/suite/funcs_1/r/memory_trig_08.result @@ -66,6 +66,7 @@ Testcase: 3.5: create User test_general@localhost; set password for test_general@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; +grant SELECT,UPDATE,DELETE,INSERT on test.* to test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; diff --git a/mysql-test/suite/funcs_1/r/myisam_trig_03.result b/mysql-test/suite/funcs_1/r/myisam_trig_03.result index b76e7d01f59..477a2fa3035 100644 --- a/mysql-test/suite/funcs_1/r/myisam_trig_03.result +++ b/mysql-test/suite/funcs_1/r/myisam_trig_03.result @@ -241,7 +241,7 @@ show grants for test_yesprivs@localhost; Grants for test_yesprivs@localhost GRANT TRIGGER ON *.* TO `test_yesprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT UPDATE ON `priv_db`.* TO `test_yesprivs`@`localhost` -connect no_privs_424b,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs_424b,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; connect yes_privs_424b,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; connection default; connection no_privs_424b; diff --git a/mysql-test/suite/funcs_1/r/myisam_trig_03e.result b/mysql-test/suite/funcs_1/r/myisam_trig_03e.result index 71cf064d201..26862e38803 100644 --- a/mysql-test/suite/funcs_1/r/myisam_trig_03e.result +++ b/mysql-test/suite/funcs_1/r/myisam_trig_03e.result @@ -25,7 +25,8 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; no trigger privilege on db level for create: -------------------------------------------- @@ -33,8 +34,8 @@ use priv_db; create trigger trg1_1 before INSERT on t1 for each row set new.f1 = 'trig 1_1-no'; ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table `priv_db`.`t1` -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv_db; +connect no_privs,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; insert into t1 (f1) values ('insert-yes'); select f1 from t1 order by f1; f1 @@ -272,8 +273,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; create User test_noprivs@localhost; set password for test_noprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; no trigger privilege on table level for create: ----------------------------------------------- @@ -825,10 +828,8 @@ Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, INSERT, UPDATE ON `priv1_db`.* TO `test_noprivs`@`localhost` GRANT SELECT, INSERT ON `priv2_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -use priv1_db; +connect yes_privs,localhost,test_yesprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connect no_privs,localhost,test_noprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK; trigger privilege on one db1 db level, not on db2 ------------------------------------------------- @@ -1056,7 +1057,8 @@ create User test_useprivs@localhost; set password for test_useprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1086,11 +1088,11 @@ select f1 from t1 order by f1; f1 trig 1_1-yes prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')'; -connect use_privs,localhost,test_useprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect use_privs,localhost,test_useprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK; +connection use_privs; select current_user; current_user test_useprivs@localhost -use priv_db; prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')'; execute ins1; select f1 from t1 order by f1; @@ -1302,7 +1304,8 @@ create table t1 (f1 char(20)) engine= myisam; create User test_yesprivs@localhost; set password for test_yesprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; connection default; select current_user; current_user @@ -1423,8 +1426,10 @@ show grants for test_noprivs@localhost; Grants for test_noprivs@localhost GRANT USAGE ON *.* TO `test_noprivs`@`localhost` IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576' GRANT SELECT, UPDATE ON `priv_db`.* TO `test_noprivs`@`localhost` -connect yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection yes_privs; +connect no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection no_privs; update only on column: ---------------------- diff --git a/mysql-test/suite/funcs_1/r/myisam_trig_0407.result b/mysql-test/suite/funcs_1/r/myisam_trig_0407.result index ceae360946c..c9a15b46aba 100644 --- a/mysql-test/suite/funcs_1/r/myisam_trig_0407.result +++ b/mysql-test/suite/funcs_1/r/myisam_trig_0407.result @@ -69,8 +69,10 @@ revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; -connect con1_general,localhost,test_general,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; -connect con1_super,localhost,test_super,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect con1_general,localhost,test_general,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_general; +connect con1_super,localhost,test_super,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; +connection con1_super; connection default; Testcase 3.5.4: diff --git a/mysql-test/suite/funcs_1/r/myisam_trig_08.result b/mysql-test/suite/funcs_1/r/myisam_trig_08.result index c9d6454dc5b..c37266bb40c 100644 --- a/mysql-test/suite/funcs_1/r/myisam_trig_08.result +++ b/mysql-test/suite/funcs_1/r/myisam_trig_08.result @@ -66,6 +66,7 @@ Testcase: 3.5: create User test_general@localhost; set password for test_general@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; +grant SELECT,UPDATE,DELETE,INSERT on test.* to test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; diff --git a/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result b/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result index 126bf44f7eb..2bba1c06162 100644 --- a/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result +++ b/mysql-test/suite/funcs_1/r/processlist_priv_no_prot.result @@ -10,6 +10,8 @@ DROP USER ddicttestuser1@'localhost'; DROP USER ddicttestuser2@'localhost'; CREATE USER ddicttestuser1@'localhost'; CREATE USER ddicttestuser2@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser1@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser2@'localhost'; SET PASSWORD FOR ddicttestuser1@'localhost' = PASSWORD('ddictpass'); SET PASSWORD FOR ddicttestuser2@'localhost' = PASSWORD('ddictpass'); #################################################################################### @@ -152,6 +154,7 @@ ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'in SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` CREATE INDEX i_processlist ON processlist (user); ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema' DROP TABLE processlist; @@ -188,6 +191,7 @@ connection con100; SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT PROCESS ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Query TIME starting SHOW processlist TIME_MS @@ -202,6 +206,7 @@ connect con101,localhost,ddicttestuser1,ddictpass,information_schema; SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT PROCESS ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID root HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -255,6 +260,7 @@ ddicttestuser1 are visible. SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -298,6 +304,7 @@ Only the processes of ddicttestuser1 user are visible. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -325,6 +332,7 @@ Only the processes of ddicttestuser1 are visible. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -353,6 +361,7 @@ Try to grant PROCESS privilege to user ddicttestuser2 without having it. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' WITH GRANT OPTION +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES) #################################################################################### @@ -369,6 +378,7 @@ Grant PROCESS privilege to user ddicttestuser2 SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT PROCESS, SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' WITH GRANT OPTION +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; #################################################################################### 10.4 New connection con200 (ddicttestuser2 with PROCESS privilege) @@ -378,6 +388,7 @@ ddicttestuser2 has now the PROCESS privilege and sees all connections SHOW GRANTS FOR 'ddicttestuser2'@'localhost'; Grants for ddicttestuser2@localhost GRANT PROCESS ON *.* TO `ddicttestuser2`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser2`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID root HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -418,6 +429,7 @@ ddicttestuser2 has no more the PROCESS privilege and can only see own connects SHOW GRANTS; Grants for ddicttestuser2@localhost GRANT USAGE ON *.* TO `ddicttestuser2`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser2`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser2 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -441,6 +453,7 @@ He is also unable to GRANT the PROCESS privilege to ddicttestuser2 SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES) SHOW processlist; @@ -480,6 +493,7 @@ Therefore the missing SELECT privilege does not affect SELECTs on PROCESSLIST. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS diff --git a/mysql-test/suite/funcs_1/r/processlist_priv_ps.result b/mysql-test/suite/funcs_1/r/processlist_priv_ps.result index 95c706b3f25..94bc1544c07 100644 --- a/mysql-test/suite/funcs_1/r/processlist_priv_ps.result +++ b/mysql-test/suite/funcs_1/r/processlist_priv_ps.result @@ -10,6 +10,8 @@ DROP USER ddicttestuser1@'localhost'; DROP USER ddicttestuser2@'localhost'; CREATE USER ddicttestuser1@'localhost'; CREATE USER ddicttestuser2@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser1@'localhost'; +GRANT SELECT,UPDATE,DELETE,INSERT,CREATE,CREATE TEMPORARY TABLES,CREATE VIEW,DROP on test.* to ddicttestuser2@'localhost'; SET PASSWORD FOR ddicttestuser1@'localhost' = PASSWORD('ddictpass'); SET PASSWORD FOR ddicttestuser2@'localhost' = PASSWORD('ddictpass'); #################################################################################### @@ -152,6 +154,7 @@ ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'in SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` CREATE INDEX i_processlist ON processlist (user); ERROR 42000: Access denied for user 'ddicttestuser1'@'localhost' to database 'information_schema' DROP TABLE processlist; @@ -188,6 +191,7 @@ connection con100; SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT PROCESS ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Query TIME starting SHOW processlist TIME_MS @@ -202,6 +206,7 @@ connect con101,localhost,ddicttestuser1,ddictpass,information_schema; SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT PROCESS ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID root HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -255,6 +260,7 @@ ddicttestuser1 are visible. SHOW GRANTS; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -298,6 +304,7 @@ Only the processes of ddicttestuser1 user are visible. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -325,6 +332,7 @@ Only the processes of ddicttestuser1 are visible. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -353,6 +361,7 @@ Try to grant PROCESS privilege to user ddicttestuser2 without having it. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' WITH GRANT OPTION +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES) #################################################################################### @@ -369,6 +378,7 @@ Grant PROCESS privilege to user ddicttestuser2 SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT PROCESS, SUPER ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' WITH GRANT OPTION +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; #################################################################################### 10.4 New connection con200 (ddicttestuser2 with PROCESS privilege) @@ -378,6 +388,7 @@ ddicttestuser2 has now the PROCESS privilege and sees all connections SHOW GRANTS FOR 'ddicttestuser2'@'localhost'; Grants for ddicttestuser2@localhost GRANT PROCESS ON *.* TO `ddicttestuser2`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser2`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID root HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -418,6 +429,7 @@ ddicttestuser2 has no more the PROCESS privilege and can only see own connects SHOW GRANTS; Grants for ddicttestuser2@localhost GRANT USAGE ON *.* TO `ddicttestuser2`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser2`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser2 HOST_NAME information_schema Sleep TIME NULL TIME_MS @@ -441,6 +453,7 @@ He is also unable to GRANT the PROCESS privilege to ddicttestuser2 SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` GRANT PROCESS ON *.* TO 'ddicttestuser2'@'localhost'; ERROR 28000: Access denied for user 'ddicttestuser1'@'localhost' (using password: YES) SHOW processlist; @@ -480,6 +493,7 @@ Therefore the missing SELECT privilege does not affect SELECTs on PROCESSLIST. SHOW GRANTS FOR 'ddicttestuser1'@'localhost'; Grants for ddicttestuser1@localhost GRANT USAGE ON *.* TO `ddicttestuser1`@`localhost` IDENTIFIED BY PASSWORD '*22DA61451703738F203CDB9DB041ACBA1F4760B1' +GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE TEMPORARY TABLES, CREATE VIEW ON `test`.* TO `ddicttestuser1`@`localhost` SHOW processlist; Id User Host db Command Time State Info Progress ID ddicttestuser1 HOST_NAME information_schema Sleep TIME NULL TIME_MS diff --git a/mysql-test/suite/funcs_1/t/is_basics_mixed.test b/mysql-test/suite/funcs_1/t/is_basics_mixed.test index bed3f633212..0fea9dd351c 100644 --- a/mysql-test/suite/funcs_1/t/is_basics_mixed.test +++ b/mysql-test/suite/funcs_1/t/is_basics_mixed.test @@ -52,6 +52,7 @@ SELECT DATABASE(); --error 0,ER_CANNOT_USER DROP USER 'testuser1'@'localhost'; CREATE USER 'testuser1'@'localhost'; +GRANT SELECT ON test.* TO 'testuser1'@'localhost'; # Low privileged user --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (testuser1, localhost, testuser1, , test); diff --git a/mysql-test/suite/funcs_1/t/is_check_constraints.test b/mysql-test/suite/funcs_1/t/is_check_constraints.test index 0881b4bdf77..3ae45e23cb8 100644 --- a/mysql-test/suite/funcs_1/t/is_check_constraints.test +++ b/mysql-test/suite/funcs_1/t/is_check_constraints.test @@ -77,7 +77,7 @@ CONSTRAINT b1 check (b<123456789012345678901234567890123456789012345678901234567 SELECT * from information_schema.check_constraints; DISCONNECT con1; -CONNECT(con2, localhost, boo2,, test); +CONNECT(con2, localhost, boo2,,"*NO-ONE*"); --sorted_result SELECT * from information_schema.check_constraints; diff --git a/mysql-test/suite/funcs_1/t/is_schema_privileges.test b/mysql-test/suite/funcs_1/t/is_schema_privileges.test index fdf09a6f94b..8d0ec916f6f 100644 --- a/mysql-test/suite/funcs_1/t/is_schema_privileges.test +++ b/mysql-test/suite/funcs_1/t/is_schema_privileges.test @@ -116,7 +116,7 @@ let $show_testuser1 = SHOW GRANTS FOR 'testuser1'@'localhost'; let $show_testuser2 = SHOW GRANTS FOR 'testuser2'@'localhost'; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser1, localhost, testuser1, , test); +connect (testuser1, localhost, testuser1, ,"*NO-ONE*"); GRANT SELECT ON db_datadict_4.* TO 'testuser2'@'localhost'; --echo # Root granted INSERT db_datadict_1 to me -> visible --echo # Root granted SELECT db_datadict_1 to testuser2 -> invisible @@ -132,7 +132,7 @@ eval $show_testuser1; eval $show_testuser2; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser2, localhost, testuser2, , test); +connect (testuser2, localhost, testuser2, ,"*NO-ONE*"); --echo # Root granted SELECT db_datadict_1 to me -> visible --echo # Root granted INSERT db_datadict_1 to testuser1 -> invisible --echo # Root granted INSERT db_datadict_2.t1 but not db_datadict_1 to testuser1 -> invisible diff --git a/mysql-test/suite/funcs_1/t/is_statistics.test b/mysql-test/suite/funcs_1/t/is_statistics.test index 3d7f23a7b2c..9f317eee55c 100644 --- a/mysql-test/suite/funcs_1/t/is_statistics.test +++ b/mysql-test/suite/funcs_1/t/is_statistics.test @@ -109,6 +109,8 @@ CREATE USER 'testuser1'@'localhost'; --error 0,ER_CANNOT_USER DROP USER 'testuser2'@'localhost'; CREATE USER 'testuser2'@'localhost'; +GRANT ALL ON test.* TO 'testuser1'@'localhost'; +GRANT ALL ON test.* TO 'testuser2'@'localhost'; --replace_result $engine_type <engine_type> eval diff --git a/mysql-test/suite/funcs_1/t/is_user_privileges.test b/mysql-test/suite/funcs_1/t/is_user_privileges.test index 3af56ad2533..814e4db97fb 100644 --- a/mysql-test/suite/funcs_1/t/is_user_privileges.test +++ b/mysql-test/suite/funcs_1/t/is_user_privileges.test @@ -170,7 +170,7 @@ eval $my_select2; eval $my_show; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (testuser3, localhost, testuser3, , test); +connect (testuser3, localhost, testuser3, ,"*NO-ONE*"); --vertical_results eval $my_select1; --error ER_TABLEACCESS_DENIED_ERROR diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03.inc b/mysql-test/suite/funcs_1/triggers/triggers_03.inc index f48d1979f77..c16737afab3 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03.inc @@ -205,7 +205,7 @@ let $message= Testcase 3.5.3.7b:; grant UPDATE on priv_db.* to test_yesprivs@localhost; show grants for test_yesprivs@localhost; - connect (no_privs_424b,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (no_privs_424b,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK); connect (yes_privs_424b,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); connection default; diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_columns.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_columns.inc index 2f0ad2c1ccc..3b2ffc57aa3 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_columns.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_columns.inc @@ -36,9 +36,13 @@ let $message= ####### Testcase for column privileges of triggers: #######; grant SELECT,UPDATE on priv_db.* to test_noprivs@localhost; show grants for test_noprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection yes_privs; - connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection no_privs; # grant TRIGGER and UPDATE on column -> succeed diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_db_level.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_db_level.inc index 9e6d8598e6f..1170bb7811d 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_db_level.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_db_level.inc @@ -37,7 +37,9 @@ let $message= Testcase for db level:; show grants for test_noprivs@localhost; # no trigger privilege->create trigger must fail: - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection yes_privs; let $message= no trigger privilege on db level for create:; --source include/show_msg.inc use priv_db; @@ -46,8 +48,9 @@ let $message= no trigger privilege on db level for create:; set new.f1 = 'trig 1_1-no'; # user with minimum privs on t1->no trigger executed; - connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); - use priv_db; + connect (no_privs,localhost,test_noprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection no_privs; insert into t1 (f1) values ('insert-yes'); select f1 from t1 order by f1; diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_db_table_mix.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_db_table_mix.inc index e56a5972ce6..6566cd6fd4e 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_db_table_mix.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_db_table_mix.inc @@ -41,10 +41,8 @@ let $message= ####### Testcase for mix of db and table level: #######; grant SELECT,INSERT on priv2_db.* to test_noprivs@localhost; show grants for test_noprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); - use priv1_db; - connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); - use priv1_db; + connect (yes_privs,localhost,test_yesprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (no_privs,localhost,test_noprivs,PWD,priv1_db,$MASTER_MYPORT,$MASTER_MYSOCK); # trigger priv on db level->create trigger for all tables successful diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_definer.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_definer.inc index 9988e1cafc2..8e3dff9b018 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_definer.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_definer.inc @@ -27,7 +27,9 @@ let $message= ######### Testcase for definer: ########; revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection yes_privs; # create trigger with not existing definer shall deliver a warning: connection default; diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_prepare.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_prepare.inc index e2efa5774fa..6479439467a 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_prepare.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_prepare.inc @@ -32,7 +32,9 @@ let $message= #### Testcase for trigger privilege on execution time ########; revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection yes_privs; connection default; select current_user; @@ -56,9 +58,10 @@ let $message= #### Testcase for trigger privilege on execution time ########; select f1 from t1 order by f1; prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')'; - connect (use_privs,localhost,test_useprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (use_privs,localhost,test_useprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection use_privs; select current_user; - use priv_db; prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')'; execute ins1; select f1 from t1 order by f1; diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_table_level.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_table_level.inc index bd6bee9bcf2..bc73511a2ea 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_table_level.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_table_level.inc @@ -30,9 +30,13 @@ let $message= ######### Testcase for table level: ########; set password for test_noprivs@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (yes_privs,localhost,test_yesprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection yes_privs; - connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (no_privs,localhost,test_noprivs,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection no_privs; ################ Section 3.5.3 ############ # Check for the table level of Triggers # diff --git a/mysql-test/suite/funcs_1/triggers/triggers_03e_transaction.inc b/mysql-test/suite/funcs_1/triggers/triggers_03e_transaction.inc index 2f72ba64bfd..35c0ec76eba 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_03e_transaction.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_03e_transaction.inc @@ -27,7 +27,6 @@ let $message= ######### Testcase for transactions: ########; revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost; - connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); connection default; select current_user; @@ -35,9 +34,9 @@ let $message= ######### Testcase for transactions: ########; on priv_db.t1 to test_yesprivs@localhost; show grants for test_yesprivs@localhost; + connect (yes_privs,localhost,test_yesprivs,PWD,priv_db,$MASTER_MYPORT,$MASTER_MYSOCK); connection yes_privs; select current_user; - use priv_db; set autocommit=0; create definer=current_user trigger trg1_1 before INSERT on t1 for each row diff --git a/mysql-test/suite/funcs_1/triggers/triggers_0407.inc b/mysql-test/suite/funcs_1/triggers/triggers_0407.inc index 71471696761..81281156150 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_0407.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_0407.inc @@ -23,8 +23,12 @@ let $message= Testcase: 3.5:; create User test_super@localhost; set password for test_super@localhost = password('PWD'); grant ALL on *.* to test_super@localhost with grant OPTION; - connect (con1_general,localhost,test_general,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); - connect (con1_super,localhost,test_super,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK); + connect (con1_general,localhost,test_general,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection con1_general; + connect (con1_super,localhost,test_super,PWD,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); +# next is to check that we connected above + connection con1_super; connection default; #################################### diff --git a/mysql-test/suite/funcs_1/triggers/triggers_08.inc b/mysql-test/suite/funcs_1/triggers/triggers_08.inc index 0aeb46896a6..7169f160fb8 100644 --- a/mysql-test/suite/funcs_1/triggers/triggers_08.inc +++ b/mysql-test/suite/funcs_1/triggers/triggers_08.inc @@ -20,6 +20,7 @@ let $message= Testcase: 3.5:; create User test_general@localhost; set password for test_general@localhost = password('PWD'); revoke ALL PRIVILEGES, GRANT OPTION FROM test_general@localhost; + grant SELECT,UPDATE,DELETE,INSERT on test.* to test_general@localhost; create User test_super@localhost; set password for test_super@localhost = password('PWD'); diff --git a/mysql-test/suite/galera/r/galera_create_procedure.result b/mysql-test/suite/galera/r/galera_create_procedure.result index 24a0bd66b39..27bdf19f256 100644 --- a/mysql-test/suite/galera/r/galera_create_procedure.result +++ b/mysql-test/suite/galera/r/galera_create_procedure.result @@ -2,6 +2,7 @@ connection node_2; connection node_1; connection node_1; CREATE USER 'user1'; +GRANT ALL ON test.* to 'user1'; CREATE TABLE t1 (f1 INTEGER); CREATE DEFINER = 'user1' diff --git a/mysql-test/suite/galera/r/galera_create_trigger.result b/mysql-test/suite/galera/r/galera_create_trigger.result index 56b35150d87..4244e4c85ad 100644 --- a/mysql-test/suite/galera/r/galera_create_trigger.result +++ b/mysql-test/suite/galera/r/galera_create_trigger.result @@ -5,6 +5,7 @@ CREATE TABLE definer_user (f1 INTEGER, trigger_user VARCHAR(100)) ENGINE=InnoDB; CREATE TABLE definer_current_user (f1 INTEGER, trigger_user VARCHAR(100)) ENGINE=InnoDB; CREATE TABLE definer_default (f1 INTEGER, trigger_user VARCHAR(100)) ENGINE=InnoDB; CREATE USER 'user1'; +GRANT ALL ON test.* to 'user1'; CREATE DEFINER=root@localhost TRIGGER definer_root BEFORE INSERT ON definer_root FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); CREATE DEFINER=user1 TRIGGER definer_user BEFORE INSERT ON definer_user FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); CREATE DEFINER=current_user TRIGGER definer_current_user BEFORE INSERT ON definer_current_user FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); diff --git a/mysql-test/suite/galera/r/galera_read_only.result b/mysql-test/suite/galera/r/galera_read_only.result index e7e18ca8145..0928c62f23b 100644 --- a/mysql-test/suite/galera/r/galera_read_only.result +++ b/mysql-test/suite/galera/r/galera_read_only.result @@ -10,6 +10,7 @@ SELECT COUNT(*) = 1 FROM t1; COUNT(*) = 1 1 CREATE USER foo@localhost; +GRANT ALL ON test.* to foo@localhost; # Open connection to node 2 using 'foo' user. connect foo_node_2,127.0.0.1,foo,,test,$port_2,; diff --git a/mysql-test/suite/galera/r/galera_roles.result b/mysql-test/suite/galera/r/galera_roles.result index 19bc9be62b0..fccef1637f6 100644 --- a/mysql-test/suite/galera/r/galera_roles.result +++ b/mysql-test/suite/galera/r/galera_roles.result @@ -21,8 +21,8 @@ GRANT EXECUTE ON PROCEDURE test1.pr1 TO role1; GRANT SELECT ON test1.t1 TO role1; GRANT SELECT (a) ON test1.t2 TO role1; # Open connections to the 2 nodes using 'foo' user. -connect foo_node_1,127.0.0.1,foo,,test,$port_1,; -connect foo_node_2,127.0.0.1,foo,,test,$port_2,; +connect foo_node_1,127.0.0.1,foo,,"*NO-ONE*",$port_1,; +connect foo_node_2,127.0.0.1,foo,,"*NO-ONE*",$port_2,; # Connect with foo_node_1 connection foo_node_1; diff --git a/mysql-test/suite/galera/t/galera_create_procedure.test b/mysql-test/suite/galera/t/galera_create_procedure.test index 30bc85fcea0..4947a446e9e 100644 --- a/mysql-test/suite/galera/t/galera_create_procedure.test +++ b/mysql-test/suite/galera/t/galera_create_procedure.test @@ -7,6 +7,7 @@ --connection node_1 CREATE USER 'user1'; +GRANT ALL ON test.* to 'user1'; CREATE TABLE t1 (f1 INTEGER); CREATE diff --git a/mysql-test/suite/galera/t/galera_create_trigger.test b/mysql-test/suite/galera/t/galera_create_trigger.test index 6708e30bf0f..c76981aae29 100644 --- a/mysql-test/suite/galera/t/galera_create_trigger.test +++ b/mysql-test/suite/galera/t/galera_create_trigger.test @@ -11,6 +11,7 @@ CREATE TABLE definer_current_user (f1 INTEGER, trigger_user VARCHAR(100)) ENGINE CREATE TABLE definer_default (f1 INTEGER, trigger_user VARCHAR(100)) ENGINE=InnoDB; CREATE USER 'user1'; +GRANT ALL ON test.* to 'user1'; CREATE DEFINER=root@localhost TRIGGER definer_root BEFORE INSERT ON definer_root FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); CREATE DEFINER=user1 TRIGGER definer_user BEFORE INSERT ON definer_user FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); CREATE DEFINER=current_user TRIGGER definer_current_user BEFORE INSERT ON definer_current_user FOR EACH ROW SET NEW.trigger_user = CURRENT_USER(); diff --git a/mysql-test/suite/galera/t/galera_read_only.test b/mysql-test/suite/galera/t/galera_read_only.test index 56fe2fdd910..8d8a8cf88aa 100644 --- a/mysql-test/suite/galera/t/galera_read_only.test +++ b/mysql-test/suite/galera/t/galera_read_only.test @@ -18,6 +18,7 @@ INSERT INTO t1 VALUES (1); SELECT COUNT(*) = 1 FROM t1; CREATE USER foo@localhost; +GRANT ALL ON test.* to foo@localhost; --echo # Open connection to node 2 using 'foo' user. --let $port_2= \$NODE_MYPORT_2 diff --git a/mysql-test/suite/galera/t/galera_roles.test b/mysql-test/suite/galera/t/galera_roles.test index 3005562db9c..e71ca42f2d8 100644 --- a/mysql-test/suite/galera/t/galera_roles.test +++ b/mysql-test/suite/galera/t/galera_roles.test @@ -33,11 +33,11 @@ GRANT SELECT (a) ON test1.t2 TO role1; --echo # Open connections to the 2 nodes using 'foo' user. --let $port_1= \$NODE_MYPORT_1 ---connect(foo_node_1,127.0.0.1,foo,,test,$port_1,) +--connect(foo_node_1,127.0.0.1,foo,,"*NO-ONE*",$port_1,) --let $port_2= \$NODE_MYPORT_2 --sleep 1 ---connect(foo_node_2,127.0.0.1,foo,,test,$port_2,) +--connect(foo_node_2,127.0.0.1,foo,,"*NO-ONE*",$port_2,) --echo --echo # Connect with foo_node_1 diff --git a/mysql-test/suite/innodb/r/partition_locking.result b/mysql-test/suite/innodb/r/partition_locking.result index 56bfe388517..f25b8a15a24 100644 --- a/mysql-test/suite/innodb/r/partition_locking.result +++ b/mysql-test/suite/innodb/r/partition_locking.result @@ -3,7 +3,7 @@ set @start_autocommit= @@global.autocommit; set default_storage_engine= innodb; set @@global.autocommit= 0; CREATE USER test@localhost; -grant CREATE, SELECT, UPDATE on *.* to test@localhost; +grant CREATE, SELECT, UPDATE, INSERT on *.* to test@localhost; CREATE USER test2@localhost; grant CREATE, SELECT, UPDATE on *.* to test2@localhost; CREATE TABLE t1 ( diff --git a/mysql-test/suite/innodb/t/partition_locking.test b/mysql-test/suite/innodb/t/partition_locking.test index e33df934a28..13457c1d9be 100644 --- a/mysql-test/suite/innodb/t/partition_locking.test +++ b/mysql-test/suite/innodb/t/partition_locking.test @@ -9,7 +9,7 @@ set default_storage_engine= innodb; set @@global.autocommit= 0; CREATE USER test@localhost; -grant CREATE, SELECT, UPDATE on *.* to test@localhost; +grant CREATE, SELECT, UPDATE, INSERT on *.* to test@localhost; CREATE USER test2@localhost; grant CREATE, SELECT, UPDATE on *.* to test2@localhost; diff --git a/mysql-test/suite/parts/inc/part_exch_qa_7.inc b/mysql-test/suite/parts/inc/part_exch_qa_7.inc index e6276fe3ca2..11707767594 100644 --- a/mysql-test/suite/parts/inc/part_exch_qa_7.inc +++ b/mysql-test/suite/parts/inc/part_exch_qa_7.inc @@ -1,4 +1,5 @@ CREATE USER test_2@localhost; +GRANT SELECT,INSERT,CREATE,ALTER,DROP on test.* to test_2@localhost; --source include/not_embedded.inc --disable_result_log diff --git a/mysql-test/suite/parts/r/partition_exch_qa_7_innodb.result b/mysql-test/suite/parts/r/partition_exch_qa_7_innodb.result index 0913bbaa55b..4613a2fd064 100644 --- a/mysql-test/suite/parts/r/partition_exch_qa_7_innodb.result +++ b/mysql-test/suite/parts/r/partition_exch_qa_7_innodb.result @@ -1,4 +1,5 @@ CREATE USER test_2@localhost; +GRANT SELECT,INSERT,CREATE,ALTER,DROP on test.* to test_2@localhost; send ALTER TABLE tp EXCHANGE PARTITION p0 WITH TABLE t_10; connect test_2,localhost,test_2,,test,$MASTER_MYPORT,$MASTER_MYSOCK; diff --git a/mysql-test/suite/parts/r/partition_exch_qa_7_myisam.result b/mysql-test/suite/parts/r/partition_exch_qa_7_myisam.result index 0913bbaa55b..4613a2fd064 100644 --- a/mysql-test/suite/parts/r/partition_exch_qa_7_myisam.result +++ b/mysql-test/suite/parts/r/partition_exch_qa_7_myisam.result @@ -1,4 +1,5 @@ CREATE USER test_2@localhost; +GRANT SELECT,INSERT,CREATE,ALTER,DROP on test.* to test_2@localhost; send ALTER TABLE tp EXCHANGE PARTITION p0 WITH TABLE t_10; connect test_2,localhost,test_2,,test,$MASTER_MYPORT,$MASTER_MYSOCK; diff --git a/mysql-test/suite/perfschema/r/connect_attrs.result b/mysql-test/suite/perfschema/r/connect_attrs.result index aa61eb306a2..6db8f3585d0 100644 --- a/mysql-test/suite/perfschema/r/connect_attrs.result +++ b/mysql-test/suite/perfschema/r/connect_attrs.result @@ -25,7 +25,7 @@ FROM performance_schema.session_account_connect_attrs; COUNT(DISTINCT PROCESSLIST_ID) 1 CREATE USER wl5924@localhost; -connect non_privileged_user,localhost,wl5924,,test; +connect non_privileged_user,localhost,wl5924,,"*NO-ONE*"; connection default; # must return 1 SELECT COUNT(DISTINCT PROCESSLIST_ID) diff --git a/mysql-test/suite/perfschema/r/global_read_lock.result b/mysql-test/suite/perfschema/r/global_read_lock.result index df98b9bd1bb..31e1751d7b9 100644 --- a/mysql-test/suite/perfschema/r/global_read_lock.result +++ b/mysql-test/suite/perfschema/r/global_read_lock.result @@ -3,7 +3,7 @@ update performance_schema.setup_instruments set enabled='YES'; create user pfsuser@localhost; grant SELECT, UPDATE, LOCK TABLES on performance_schema.* to pfsuser@localhost; flush privileges; -connect con1, localhost, pfsuser, , test; +connect con1, localhost, pfsuser, ,"*NO-ONE*"; lock tables performance_schema.setup_instruments read; select * from performance_schema.setup_instruments; unlock tables; diff --git a/mysql-test/suite/perfschema/r/privilege.result b/mysql-test/suite/perfschema/r/privilege.result index 79d69b87ca7..75b018426bc 100644 --- a/mysql-test/suite/perfschema/r/privilege.result +++ b/mysql-test/suite/perfschema/r/privilege.result @@ -5,6 +5,9 @@ GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION create user 'pfs_user_1'@localhost; create user 'pfs_user_2'@localhost; create user 'pfs_user_3'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_1'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_2'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_3'@localhost; grant ALL on *.* to 'pfs_user_1'@localhost with GRANT OPTION; grant ALL on performance_schema.* to 'pfs_user_2'@localhost with GRANT OPTION; @@ -521,7 +524,7 @@ flush privileges; # Test cases from WL#4818 # Setup user CREATE user pfs_user_4; -connect pfs_user_4, localhost, pfs_user_4, , ; +connect pfs_user_4, localhost, pfs_user_4, ,"*NO-ONE*"; # # WL#4818, NFS4: Normal user does not have access to view data # without grants diff --git a/mysql-test/suite/perfschema/r/privilege_table_io.result b/mysql-test/suite/perfschema/r/privilege_table_io.result index 94cc2b33b49..6dd885281b3 100644 --- a/mysql-test/suite/perfschema/r/privilege_table_io.result +++ b/mysql-test/suite/perfschema/r/privilege_table_io.result @@ -119,8 +119,6 @@ wait/io/table/sql/handler TABLE mysql global_priv fetch 1 wait/io/table/sql/handler TABLE mysql global_priv fetch 1 wait/io/table/sql/handler TABLE mysql global_priv fetch 1 wait/io/table/sql/handler TABLE mysql db fetch 1 -wait/io/table/sql/handler TABLE mysql db fetch 1 -wait/io/table/sql/handler TABLE mysql db fetch 1 wait/io/table/sql/handler TABLE mysql proxies_priv fetch 1 wait/io/table/sql/handler TABLE mysql proxies_priv fetch 1 wait/io/table/sql/handler TABLE mysql proxies_priv fetch 1 diff --git a/mysql-test/suite/perfschema/r/read_only.result b/mysql-test/suite/perfschema/r/read_only.result index 344526bbd63..aa18efc928f 100644 --- a/mysql-test/suite/perfschema/r/read_only.result +++ b/mysql-test/suite/perfschema/r/read_only.result @@ -3,7 +3,7 @@ set @start_read_only= @@global.read_only; create user pfsuser@localhost; grant SELECT, UPDATE on performance_schema.* to pfsuser@localhost; flush privileges; -connect con1, localhost, pfsuser, , test; +connect con1, localhost, pfsuser, ,"*NO-ONE*"; connection default; set global read_only=0; connection con1; @@ -35,7 +35,7 @@ connection default; grant READ_ONLY ADMIN on *.* to pfsuser@localhost; flush privileges; disconnect con1; -connect con1, localhost, pfsuser, , test; +connect con1, localhost, pfsuser, ,"*NO-ONE*"; select @@global.read_only; @@global.read_only 1 diff --git a/mysql-test/suite/perfschema/t/connect_attrs.test b/mysql-test/suite/perfschema/t/connect_attrs.test index c703badef85..2d2c2ce266e 100644 --- a/mysql-test/suite/perfschema/t/connect_attrs.test +++ b/mysql-test/suite/perfschema/t/connect_attrs.test @@ -45,7 +45,7 @@ SELECT COUNT(DISTINCT PROCESSLIST_ID) CREATE USER wl5924@localhost; -connect(non_privileged_user,localhost,wl5924,,test); +connect(non_privileged_user,localhost,wl5924,,"*NO-ONE*"); connection default; --echo # must return 1 diff --git a/mysql-test/suite/perfschema/t/global_read_lock.test b/mysql-test/suite/perfschema/t/global_read_lock.test index 4217de0d723..430d6eed5dc 100644 --- a/mysql-test/suite/perfschema/t/global_read_lock.test +++ b/mysql-test/suite/perfschema/t/global_read_lock.test @@ -15,7 +15,7 @@ create user pfsuser@localhost; grant SELECT, UPDATE, LOCK TABLES on performance_schema.* to pfsuser@localhost; flush privileges; -connect (con1, localhost, pfsuser, , test); +connect (con1, localhost, pfsuser, ,"*NO-ONE*"); lock tables performance_schema.setup_instruments read; --disable_result_log diff --git a/mysql-test/suite/perfschema/t/privilege.test b/mysql-test/suite/perfschema/t/privilege.test index a0af41e0372..06e7cdf0cae 100644 --- a/mysql-test/suite/perfschema/t/privilege.test +++ b/mysql-test/suite/perfschema/t/privilege.test @@ -8,6 +8,9 @@ show grants; create user 'pfs_user_1'@localhost; create user 'pfs_user_2'@localhost; create user 'pfs_user_3'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_1'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_2'@localhost; +grant SELECT,INSERT,UPDATE,DELETE,DROP,CREATE on test.* to 'pfs_user_3'@localhost; grant ALL on *.* to 'pfs_user_1'@localhost with GRANT OPTION; # Test denied privileges on performance_schema.* @@ -228,7 +231,7 @@ flush privileges; --echo # Setup user CREATE user pfs_user_4; ---connect (pfs_user_4, localhost, pfs_user_4, , ) +--connect (pfs_user_4, localhost, pfs_user_4, ,"*NO-ONE*") --echo # --echo # WL#4818, NFS4: Normal user does not have access to view data diff --git a/mysql-test/suite/perfschema/t/read_only.test b/mysql-test/suite/perfschema/t/read_only.test index 2d8e41595d1..4cbaad0de6b 100644 --- a/mysql-test/suite/perfschema/t/read_only.test +++ b/mysql-test/suite/perfschema/t/read_only.test @@ -16,7 +16,7 @@ create user pfsuser@localhost; grant SELECT, UPDATE on performance_schema.* to pfsuser@localhost; flush privileges; -connect (con1, localhost, pfsuser, , test); +connect (con1, localhost, pfsuser, ,"*NO-ONE*"); connection default; @@ -55,7 +55,7 @@ grant READ_ONLY ADMIN on *.* to pfsuser@localhost; flush privileges; disconnect con1; -connect (con1, localhost, pfsuser, , test); +connect (con1, localhost, pfsuser, ,"*NO-ONE*"); select @@global.read_only; show grants; diff --git a/mysql-test/suite/plugins/r/dialog.result b/mysql-test/suite/plugins/r/dialog.result index 0fcbb41ebe0..b0acc311843 100644 --- a/mysql-test/suite/plugins/r/dialog.result +++ b/mysql-test/suite/plugins/r/dialog.result @@ -1,5 +1,6 @@ install plugin three_attempts soname 'dialog_examples.so'; create user test_dialog identified via three_attempts using 'SECRET'; +GRANT SELECT ON test.* TO test_dialog; # # -pSECRET is picked up, no questions asked. # diff --git a/mysql-test/suite/plugins/r/multiauth.result b/mysql-test/suite/plugins/r/multiauth.result index 73241619008..a3a9d238a00 100644 --- a/mysql-test/suite/plugins/r/multiauth.result +++ b/mysql-test/suite/plugins/r/multiauth.result @@ -1,6 +1,8 @@ install soname 'auth_ed25519'; create user 'USER' identified via unix_socket OR mysql_native_password as password("GOOD"); +grant select on test.* to 'USER' ; create user mysqltest1 identified via unix_socket OR mysql_native_password as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA unix_socket OR mysql_native_password USING '*8409037B3E362D6DAE24C8E667F4D3B66716144E' @@ -16,7 +18,9 @@ mysqltest1@localhost mysqltest1@% test mysqltest: Could not open connection 'default': 1045 Access denied for user 'mysqltest1'@'localhost' (using password: YES) drop user 'USER', mysqltest1; create user 'USER' identified via mysql_native_password as password("GOOD") OR unix_socket; +grant select on test.* to 'USER' ; create user mysqltest1 identified via mysql_native_password as password("good") OR unix_socket; +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA mysql_native_password USING '*8409037B3E362D6DAE24C8E667F4D3B66716144E' OR unix_socket @@ -32,7 +36,9 @@ mysqltest1@localhost mysqltest1@% test mysqltest: Could not open connection 'default': 1698 Access denied for user 'mysqltest1'@'localhost' drop user 'USER', mysqltest1; create user 'USER' identified via unix_socket OR ed25519 as password("GOOD"); +grant select on test.* to 'USER' ; create user mysqltest1 identified via unix_socket OR ed25519 as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA unix_socket OR ed25519 USING 'F4aF8bw7130VaRbdLCl4f/P/wkjDmgJXwWvpJ5gmsZc' @@ -48,7 +54,9 @@ mysqltest1@localhost mysqltest1@% test mysqltest: Could not open connection 'default': 1045 Access denied for user 'mysqltest1'@'localhost' (using password: YES) drop user 'USER', mysqltest1; create user 'USER' identified via ed25519 as password("GOOD") OR unix_socket; +grant select on test.* to 'USER' ; create user mysqltest1 identified via ed25519 as password("good") OR unix_socket; +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA ed25519 USING 'F4aF8bw7130VaRbdLCl4f/P/wkjDmgJXwWvpJ5gmsZc' OR unix_socket @@ -64,7 +72,9 @@ mysqltest1@localhost mysqltest1@% test mysqltest: Could not open connection 'default': 1698 Access denied for user 'mysqltest1'@'localhost' drop user 'USER', mysqltest1; create user 'USER' identified via ed25519 as password("GOOD") OR unix_socket OR mysql_native_password as password("works"); +grant select on test.* to 'USER' ; create user mysqltest1 identified via ed25519 as password("good") OR unix_socket OR mysql_native_password as password("works"); +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA ed25519 USING 'F4aF8bw7130VaRbdLCl4f/P/wkjDmgJXwWvpJ5gmsZc' OR unix_socket OR mysql_native_password USING '*7D8C3DF236D9163B6C274A9D47704BC496988460' @@ -84,6 +94,7 @@ mysqltest1@localhost mysqltest1@% test mysqltest: Could not open connection 'default': 1045 Access denied for user 'mysqltest1'@'localhost' (using password: YES) drop user 'USER', mysqltest1; create user mysqltest1 identified via mysql_native_password as password("good") OR mysql_native_password as password("works"); +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA mysql_native_password USING '*8409037B3E362D6DAE24C8E667F4D3B66716144E' OR mysql_native_password USING '*7D8C3DF236D9163B6C274A9D47704BC496988460' @@ -158,7 +169,9 @@ create user mysqltest1 identified via ed25519 as password("good") OR unix_socket ERROR HY000: Column count of mysql.user is wrong. Expected 3, found 47. Created with MariaDB XX.YY.ZZ, now running XX.YY.ZZ. Please use mariadb-upgrade to fix this error # switching back from mysql.user to mysql.global_priv create user 'USER' identified via mysql_native_password as '1234567890123456789012345678901234567890a' OR unix_socket; +grant select on test.* to 'USER' ; create user mysqltest1 identified via mysql_native_password as '1234567890123456789012345678901234567890a' OR unix_socket; +grant select on test.* to mysqltest1; update mysql.global_priv set priv=replace(priv, '1234567890123456789012345678901234567890a', 'invalid password'); flush privileges; show create user mysqltest1; @@ -177,6 +190,7 @@ user() current_user() database() mysqltest1@localhost mysqltest1@% test drop user 'USER', mysqltest1; create user mysqltest1 identified via ed25519 as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; CREATE USER for mysqltest1@% CREATE USER `mysqltest1`@`%` IDENTIFIED VIA ed25519 USING 'F4aF8bw7130VaRbdLCl4f/P/wkjDmgJXwWvpJ5gmsZc' diff --git a/mysql-test/suite/plugins/r/pam.result b/mysql-test/suite/plugins/r/pam.result index b8588916169..ceb81690cd8 100644 --- a/mysql-test/suite/plugins/r/pam.result +++ b/mysql-test/suite/plugins/r/pam.result @@ -1,6 +1,8 @@ install plugin pam soname 'auth_pam.so'; create user test_pam identified via pam using 'mariadb_mtr'; +grant all on test.* to test_pam; create user pam_test; +grant all on test.* to pam_test; grant proxy on pam_test to test_pam; # # athentication is successful, challenge/pin are ok @@ -72,6 +74,7 @@ select user(), current_user(), database(); drop user test_pam; drop user pam_test; create user PAM_TEST identified via pam using 'mariadb_mtr'; +grant all on test.* to PAM_TEST; # # athentication is unsuccessful # @@ -95,6 +98,7 @@ drop user PAM_TEST; # MDEV-27341 Use SET PASSWORD to change PAM service # create user pam_test identified via pam using 'mariadb_mtr'; +grant all on test.* to pam_test; Challenge input first. Enter: ************************* Now, the magic number! diff --git a/mysql-test/suite/plugins/r/pam_cleartext.result b/mysql-test/suite/plugins/r/pam_cleartext.result index 07c379a4b7f..6a4d21edbf2 100644 --- a/mysql-test/suite/plugins/r/pam_cleartext.result +++ b/mysql-test/suite/plugins/r/pam_cleartext.result @@ -1,6 +1,8 @@ install plugin pam soname 'auth_pam.so'; create user test_pam identified via pam using 'mariadb_mtr'; +grant all on test.* to test_pam; create user pam_test; +grant all on test.* to pam_test; grant proxy on pam_test to test_pam; show variables like 'pam_use_%'; Variable_name Value diff --git a/mysql-test/suite/plugins/r/pam_v1.result b/mysql-test/suite/plugins/r/pam_v1.result index 66776e3bca7..c90d17188d6 100644 --- a/mysql-test/suite/plugins/r/pam_v1.result +++ b/mysql-test/suite/plugins/r/pam_v1.result @@ -1,6 +1,8 @@ install plugin pam soname 'auth_pam_v1.so'; create user test_pam identified via pam using 'mariadb_mtr'; +grant all on test.* to test_pam; create user pam_test; +grant all on test.* to pam_test; grant proxy on pam_test to test_pam; # # athentication is successful, challenge/pin are ok diff --git a/mysql-test/suite/plugins/r/qc_info_priv.result b/mysql-test/suite/plugins/r/qc_info_priv.result index 9aa15885563..ea866d51030 100644 --- a/mysql-test/suite/plugins/r/qc_info_priv.result +++ b/mysql-test/suite/plugins/r/qc_info_priv.result @@ -31,6 +31,7 @@ STATEMENT_SCHEMA STATEMENT_TEXT RESULT_BLOCKS_COUNT RESULT_BLOCKS_SIZE RESULT_BL test select * from t1 1 512 # -1 1011 513 binary utf32 utf32_bin Europe/Moscow 4 7 STRICT_ALL_TABLES ar_SD 1 1 1 # 0 0 0 # 0 test select * from t1 1 512 # -1 1024 1048576 latin1 latin1 latin1_swedish_ci SYSTEM 0 4 STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION en_US 1 1 1 # 0 0 1 # 0 create user mysqltest; +grant select on test.* to mysqltest; connect conn1,localhost,mysqltest,,; connection conn1; select a from t1; diff --git a/mysql-test/suite/plugins/r/server_audit.result b/mysql-test/suite/plugins/r/server_audit.result index c676c671a87..ae40d54e8df 100644 --- a/mysql-test/suite/plugins/r/server_audit.result +++ b/mysql-test/suite/plugins/r/server_audit.result @@ -247,7 +247,7 @@ connect(localhost,plug,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con,localhost,plug,plug_dest; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug; -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; connection plug_con; select USER(),CURRENT_USER(); USER() CURRENT_USER() @@ -478,8 +478,8 @@ TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,global_priv, TIME,HOSTNAME,root,localhost,ID,ID,QUERY,sa_db,'GRANT PROXY ON plug_dest TO plug',0 TIME,HOSTNAME,plug,localhost,ID,0,CONNECT,,,0 TIME,HOSTNAME,plug,localhost,ID,0,PROXY_CONNECT,,`plug_dest`@`%`,0 -TIME,HOSTNAME,plug,localhost,ID,ID,QUERY,test,'select USER(),CURRENT_USER()',0 -TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,test,,0 +TIME,HOSTNAME,plug,localhost,ID,ID,QUERY,,'select USER(),CURRENT_USER()',0 +TIME,HOSTNAME,plug,localhost,ID,0,DISCONNECT,,,0 TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,db, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,tables_priv, TIME,HOSTNAME,root,localhost,ID,ID,WRITE,mysql,columns_priv, diff --git a/mysql-test/suite/plugins/r/unix_socket.result b/mysql-test/suite/plugins/r/unix_socket.result index b663d341221..81fef9f7c96 100644 --- a/mysql-test/suite/plugins/r/unix_socket.result +++ b/mysql-test/suite/plugins/r/unix_socket.result @@ -2,6 +2,7 @@ # with named user # create user 'USER' identified via unix_socket; +grant select on test.* to 'USER'; # # name match = ok # @@ -27,3 +28,4 @@ USER@localhost @% test # delete from mysql.user where user=''; FLUSH PRIVILEGES; +delete from mysql.db; diff --git a/mysql-test/suite/plugins/t/dialog.test b/mysql-test/suite/plugins/t/dialog.test index 1dd52cfde34..efababa96b9 100644 --- a/mysql-test/suite/plugins/t/dialog.test +++ b/mysql-test/suite/plugins/t/dialog.test @@ -14,6 +14,7 @@ if (!$DIALOG_EXAMPLES_SO) { --replace_result .dll .so eval install plugin three_attempts soname '$DIALOG_EXAMPLES_SO'; create user test_dialog identified via three_attempts using 'SECRET'; +GRANT SELECT ON test.* TO test_dialog; --write_file $MYSQLTEST_VARDIR/tmp/dialog_good.txt foo diff --git a/mysql-test/suite/plugins/t/multiauth.test b/mysql-test/suite/plugins/t/multiauth.test index 86c98a5d5c3..d2a93cf1006 100644 --- a/mysql-test/suite/plugins/t/multiauth.test +++ b/mysql-test/suite/plugins/t/multiauth.test @@ -28,6 +28,7 @@ select user(), current_user(), database(); EOF --let $creplace=create user '$USER' +--let $greplace=grant select on test.* to '$USER' --let $dreplace=drop user '$USER' # @@ -35,7 +36,10 @@ EOF # --replace_result $creplace "create user 'USER'" eval $creplace identified via unix_socket OR mysql_native_password as password("GOOD"); +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via unix_socket OR mysql_native_password as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # name match = ok --exec $try_auth -u $USER @@ -52,7 +56,10 @@ eval $dreplace, mysqltest1; # --replace_result $creplace "create user 'USER'" eval $creplace identified via mysql_native_password as password("GOOD") OR unix_socket; +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via mysql_native_password as password("good") OR unix_socket; +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # name match = ok --exec $try_auth -u $USER @@ -69,7 +76,10 @@ eval $dreplace, mysqltest1; # --replace_result $creplace "create user 'USER'" eval $creplace identified via unix_socket OR ed25519 as password("GOOD"); +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via unix_socket OR ed25519 as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # name match = ok --exec $try_auth -u $USER @@ -86,7 +96,10 @@ eval $dreplace, mysqltest1; # --replace_result $creplace "create user 'USER'" eval $creplace identified via ed25519 as password("GOOD") OR unix_socket; +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via ed25519 as password("good") OR unix_socket; +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # name match = ok --exec $try_auth -u $USER @@ -103,7 +116,10 @@ eval $dreplace, mysqltest1; # --replace_result $creplace "create user 'USER'" eval $creplace identified via ed25519 as password("GOOD") OR unix_socket OR mysql_native_password as password("works"); +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via ed25519 as password("good") OR unix_socket OR mysql_native_password as password("works"); +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # name match = ok --exec $try_auth -u $USER @@ -121,6 +137,7 @@ eval $dreplace, mysqltest1; # password,password # create user mysqltest1 identified via mysql_native_password as password("good") OR mysql_native_password as password("works"); +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # password good = ok --exec $try_auth -u mysqltest1 -pgood @@ -165,7 +182,10 @@ create user mysqltest1 identified via ed25519 as password("good") OR unix_socket # --replace_result $creplace "create user 'USER'" eval $creplace identified via mysql_native_password as '1234567890123456789012345678901234567890a' OR unix_socket; +--replace_result $greplace "grant select on test.* to 'USER'" +eval $greplace ; create user mysqltest1 identified via mysql_native_password as '1234567890123456789012345678901234567890a' OR unix_socket; +grant select on test.* to mysqltest1; update mysql.global_priv set priv=replace(priv, '1234567890123456789012345678901234567890a', 'invalid password'); flush privileges; show create user mysqltest1; @@ -184,6 +204,7 @@ eval $dreplace, mysqltest1; # missing client-side plugin # create user mysqltest1 identified via ed25519 as password("good"); +grant select on test.* to mysqltest1; show create user mysqltest1; --echo # no plugin = failure # covers Linux (1st re), FreeBSD (2nd), AIX (3rd and 4th) diff --git a/mysql-test/suite/plugins/t/pam.test b/mysql-test/suite/plugins/t/pam.test index dbe108d1efa..c953e05fa68 100644 --- a/mysql-test/suite/plugins/t/pam.test +++ b/mysql-test/suite/plugins/t/pam.test @@ -86,6 +86,7 @@ alter user test_pam password expire; drop user test_pam; drop user pam_test; create user PAM_TEST identified via pam using 'mariadb_mtr'; +grant all on test.* to PAM_TEST; --echo # --echo # athentication is unsuccessful @@ -109,6 +110,7 @@ drop user PAM_TEST; --echo # MDEV-27341 Use SET PASSWORD to change PAM service --echo # create user pam_test identified via pam using 'mariadb_mtr'; +grant all on test.* to pam_test; --write_file $MYSQLTEST_VARDIR/tmp/setpwd.txt not very secret challenge 9225 diff --git a/mysql-test/suite/plugins/t/pam_init.inc b/mysql-test/suite/plugins/t/pam_init.inc index 131b787f6b9..f3a948421ed 100644 --- a/mysql-test/suite/plugins/t/pam_init.inc +++ b/mysql-test/suite/plugins/t/pam_init.inc @@ -7,7 +7,9 @@ if (!$PAM_PLUGIN_VERSION) { eval install plugin pam soname '$PAM_PLUGIN_VERSION'; create user test_pam identified via pam using 'mariadb_mtr'; +grant all on test.* to test_pam; create user pam_test; +grant all on test.* to pam_test; grant proxy on pam_test to test_pam; let $plugindir=`SELECT @@global.plugin_dir`; diff --git a/mysql-test/suite/plugins/t/qc_info_priv.test b/mysql-test/suite/plugins/t/qc_info_priv.test index 59258731508..f5052702768 100644 --- a/mysql-test/suite/plugins/t/qc_info_priv.test +++ b/mysql-test/suite/plugins/t/qc_info_priv.test @@ -4,6 +4,7 @@ set @save_query_cache_size=@@global.query_cache_size; # try an unprivileged user create user mysqltest; +grant select on test.* to mysqltest; connect (conn1,localhost,mysqltest,,); connection conn1; select a from t1; diff --git a/mysql-test/suite/plugins/t/server_audit.test b/mysql-test/suite/plugins/t/server_audit.test index d8f8b9d0165..3a78a4049e8 100644 --- a/mysql-test/suite/plugins/t/server_audit.test +++ b/mysql-test/suite/plugins/t/server_audit.test @@ -200,7 +200,7 @@ connect(plug_con,localhost,plug,plug_dest); --sleep 2 GRANT PROXY ON plug_dest TO plug; --sleep 2 -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); connection plug_con; select USER(),CURRENT_USER(); connection default; diff --git a/mysql-test/suite/plugins/t/unix_socket.test b/mysql-test/suite/plugins/t/unix_socket.test index be2afb0ca66..892b6f75161 100644 --- a/mysql-test/suite/plugins/t/unix_socket.test +++ b/mysql-test/suite/plugins/t/unix_socket.test @@ -5,8 +5,11 @@ --echo # --let $replace=create user '$USER' +--let $greplace=grant select on test.* to '$USER' --replace_result $replace "create user 'USER'" eval create user '$USER' identified via unix_socket; +--replace_result $greplace "grant select on test.* to 'USER'" +eval grant select on test.* to '$USER'; --write_file $MYSQLTEST_VARDIR/tmp/peercred_test.txt --let $replace1=$USER@localhost @@ -49,3 +52,5 @@ grant SELECT ON test.* TO '' identified via unix_socket; delete from mysql.user where user=''; FLUSH PRIVILEGES; --remove_file $MYSQLTEST_VARDIR/tmp/peercred_test.txt + +delete from mysql.db; diff --git a/mysql-test/suite/roles/acl_statistics.result b/mysql-test/suite/roles/acl_statistics.result index f43f692cc48..c60e0297af3 100644 --- a/mysql-test/suite/roles/acl_statistics.result +++ b/mysql-test/suite/roles/acl_statistics.result @@ -1,7 +1,7 @@ SHOW STATUS LIKE 'Acl%'; Variable_name Value Acl_column_grants 0 -Acl_database_grants 2 +Acl_database_grants 0 Acl_function_grants 0 Acl_procedure_grants 0 Acl_package_spec_grants 0 @@ -16,7 +16,7 @@ COLUMN_GRANTS 0 SELECT count(*) DATABASE_GRANTS from mysql.db; DATABASE_GRANTS -2 +0 SELECT count(*) FUNCTION_GRANTS from mysql.procs_priv where routine_type='FUNCTION'; FUNCTION_GRANTS 0 @@ -66,7 +66,7 @@ GRANT EXECUTE ON FUNCTION mysql.test_func TO r2; SHOW STATUS LIKE 'Acl%'; Variable_name Value Acl_column_grants 2 -Acl_database_grants 4 +Acl_database_grants 2 Acl_function_grants 3 Acl_procedure_grants 2 Acl_package_spec_grants 0 @@ -81,7 +81,7 @@ COLUMN_GRANTS 2 SELECT count(*) DATABASE_GRANTS from mysql.db; DATABASE_GRANTS -4 +2 SELECT count(*) FUNCTION_GRANTS from mysql.procs_priv where routine_type='FUNCTION'; FUNCTION_GRANTS 3 diff --git a/mysql-test/suite/roles/definer.result b/mysql-test/suite/roles/definer.result index 8b5e36d8b3c..091ba255bc6 100644 --- a/mysql-test/suite/roles/definer.result +++ b/mysql-test/suite/roles/definer.result @@ -5,15 +5,19 @@ insert t1 values (1,10,100),(2,20,200); create role role1; grant select (a) on mysqltest1.t1 to role1; grant event,execute,trigger on mysqltest1.* to role1; +grant select on test.* to role1; grant role1 to current_user; create role role2; grant insert,select on mysqltest1.t1 to role2; grant event,execute,trigger on mysqltest1.* to role2; +grant select on test.* to role2; create user foo@localhost; grant create view on mysqltest1.* to foo@localhost; +grant select, create view on test.* to foo@localhost; create role role4; grant select on mysqltest1.t1 to role4; grant role4 to foo@localhost; +grant select on test.* to role4; create definer=current_role view test.v1 as select a+b,c from t1; ERROR 0L000: Invalid definer set role role1; @@ -41,6 +45,7 @@ Grants for foo@localhost GRANT `role4` TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE VIEW ON `mysqltest1`.* TO `foo`@`localhost` +GRANT SELECT, CREATE VIEW ON `test`.* TO `foo`@`localhost` select * from test.v1; ERROR HY000: View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from test.v2; @@ -642,7 +647,7 @@ grant r1 to user1; grant r1 to r2; grant r2 to user1; grant r3 to user1; -connect user1, localhost,user1,,,,,; +connect user1, localhost,user1,,"*NO-ONE*",,,; set role r2; use rtest; CREATE DEFINER=current_role() PROCEDURE user1_proc() SQL SECURITY INVOKER @@ -717,7 +722,7 @@ CREATE DEFINER=`user_like_role`@`%` PROCEDURE sensitive_proc() SQL SECURITY INVO BEGIN SELECT NOW(), VERSION(); END;// -connect user_like_role, localhost, user_like_role,,,,,; +connect user_like_role, localhost, user_like_role,,"*NO-ONE*",,,; use rtest; show create procedure sensitive_proc; Procedure sql_mode Create Procedure character_set_client collation_connection Database Collation @@ -726,7 +731,7 @@ sensitive_proc STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USE BEGIN SELECT NOW(), VERSION(); END latin1 latin1_swedish_ci latin1_swedish_ci -connect foo, localhost, foo,,,,,; +connect foo, localhost, foo,,"*NO-ONE*",,,; set role user_like_role; use rtest; # diff --git a/mysql-test/suite/roles/definer.test b/mysql-test/suite/roles/definer.test index c1e56f3f94b..4cd42d59b24 100644 --- a/mysql-test/suite/roles/definer.test +++ b/mysql-test/suite/roles/definer.test @@ -19,6 +19,7 @@ insert t1 values (1,10,100),(2,20,200); create role role1; grant select (a) on mysqltest1.t1 to role1; grant event,execute,trigger on mysqltest1.* to role1; +grant select on test.* to role1; grant role1 to current_user; @@ -26,13 +27,16 @@ grant role1 to current_user; create role role2; grant insert,select on mysqltest1.t1 to role2; grant event,execute,trigger on mysqltest1.* to role2; +grant select on test.* to role2; # create a non-priv user and a priv role granted to him create user foo@localhost; grant create view on mysqltest1.* to foo@localhost; +grant select, create view on test.* to foo@localhost; create role role4; grant select on mysqltest1.t1 to role4; grant role4 to foo@localhost; +grant select on test.* to role4; ################################################## # views @@ -355,7 +359,7 @@ grant r1 to r2; grant r2 to user1; grant r3 to user1; -connect (user1, localhost,user1,,,,,); +connect (user1, localhost,user1,,"*NO-ONE*",,,); set role r2; use rtest; @@ -433,11 +437,11 @@ CREATE DEFINER=`user_like_role`@`%` PROCEDURE sensitive_proc() SQL SECURITY INVO END;// DELIMITER ;// -connect (user_like_role, localhost, user_like_role,,,,,); +connect (user_like_role, localhost, user_like_role,,"*NO-ONE*",,,); use rtest; show create procedure sensitive_proc; -connect (foo, localhost, foo,,,,,); +connect (foo, localhost, foo,,"*NO-ONE*",,,); set role user_like_role; use rtest; diff --git a/mysql-test/suite/roles/flush_roles-12366.result b/mysql-test/suite/roles/flush_roles-12366.result index f65c97e0ee3..043f79f8f7f 100644 --- a/mysql-test/suite/roles/flush_roles-12366.result +++ b/mysql-test/suite/roles/flush_roles-12366.result @@ -240,7 +240,6 @@ connect con1,localhost,u,,; SHOW DATABASES; Database information_schema -test SET ROLE operations_cluster; SHOW DATABASES; Database @@ -261,7 +260,6 @@ oms_live_sg oms_live_th oms_live_tw oms_live_vn -test SELECT COUNT(1) FROM oms_live_sg.a; COUNT(1) 0 @@ -364,7 +362,6 @@ connect con3,localhost,u,,; SHOW DATABASES; Database information_schema -test SET ROLE operations_cluster; SHOW DATABASES; Database @@ -385,7 +382,6 @@ oms_live_sg oms_live_th oms_live_tw oms_live_vn -test SELECT COUNT(1) FROM oms_live_sg.a; COUNT(1) 0 diff --git a/mysql-test/suite/roles/recursive.inc b/mysql-test/suite/roles/recursive.inc index 940a3c9e0db..7642f2d69bf 100644 --- a/mysql-test/suite/roles/recursive.inc +++ b/mysql-test/suite/roles/recursive.inc @@ -17,6 +17,7 @@ source include/not_embedded.inc; create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; diff --git a/mysql-test/suite/roles/recursive.result b/mysql-test/suite/roles/recursive.result index 05f28745f02..77dade466eb 100644 --- a/mysql-test/suite/roles/recursive.result +++ b/mysql-test/suite/roles/recursive.result @@ -1,4 +1,5 @@ create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; @@ -26,6 +27,7 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2' connect foo, localhost, foo; show grants; Grants for foo@localhost +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT `role10` TO `foo`@`localhost` select * from information_schema.applicable_roles; @@ -57,6 +59,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON *.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role2` @@ -115,6 +118,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -158,6 +162,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -203,6 +208,7 @@ count(concat(User)) show grants; Grants for foo@localhost GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -238,6 +244,7 @@ show grants; Grants for foo@localhost GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO `role3` GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` diff --git a/mysql-test/suite/roles/recursive_dbug.result b/mysql-test/suite/roles/recursive_dbug.result index 55bbad51c09..053307804d8 100644 --- a/mysql-test/suite/roles/recursive_dbug.result +++ b/mysql-test/suite/roles/recursive_dbug.result @@ -3,6 +3,7 @@ Variable_name Value set @old_dbug=@@global.debug_dbug; set global debug_dbug="+d,role_merge_stats"; create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; @@ -30,6 +31,7 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2' connect foo, localhost, foo; show grants; Grants for foo@localhost +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT `role10` TO `foo`@`localhost` select * from information_schema.applicable_roles; @@ -71,6 +73,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON *.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role2` @@ -139,6 +142,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -192,6 +196,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -247,6 +252,7 @@ count(concat(User)) show grants; Grants for foo@localhost GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -287,6 +293,7 @@ show grants; Grants for foo@localhost GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO `role3` GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` diff --git a/mysql-test/suite/roles/set_role-9614.result b/mysql-test/suite/roles/set_role-9614.result index 318d9ced73e..d4d689b87e4 100644 --- a/mysql-test/suite/roles/set_role-9614.result +++ b/mysql-test/suite/roles/set_role-9614.result @@ -61,13 +61,11 @@ connect john, localhost, john,,information_schema; show databases; Database information_schema -test set role client; show databases; Database bug_db information_schema -test use bug_db; # # Try using the database as usertestjohn. @@ -76,13 +74,11 @@ connect usertestjohn, localhost, usertestjohn,,information_schema; show databases; Database information_schema -test set role client; show databases; Database bug_db information_schema -test show grants; Grants for usertestjohn@% GRANT `client` TO `usertestjohn`@`%` diff --git a/mysql-test/suite/roles/set_role-database-recursive.result b/mysql-test/suite/roles/set_role-database-recursive.result index be31e645362..594ea059988 100644 --- a/mysql-test/suite/roles/set_role-database-recursive.result +++ b/mysql-test/suite/roles/set_role-database-recursive.result @@ -19,8 +19,6 @@ localhost test_user test_role1 N localhost test_user test_role2 N select user, host from mysql.db; user host - % - % grant select on mysql.* to test_role2; flush privileges; select * from mysql.roles_mapping; diff --git a/mysql-test/suite/roles/show_create_database-10463.result b/mysql-test/suite/roles/show_create_database-10463.result index 121aab4fe1d..94f7d7e95ba 100644 --- a/mysql-test/suite/roles/show_create_database-10463.result +++ b/mysql-test/suite/roles/show_create_database-10463.result @@ -12,7 +12,6 @@ connect con1,localhost,beep,,; show databases; Database information_schema -test show create database db; ERROR 42000: Access denied for user 'beep'@'localhost' to database 'db' select table_schema, table_name from information_schema.tables @@ -23,7 +22,6 @@ show databases; Database db information_schema -test show create database db; Database Create Database db CREATE DATABASE `db` /*!40100 DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci */ @@ -41,7 +39,6 @@ connect con2,localhost,beep2,,; show databases; Database information_schema -test show create database db; ERROR 42000: Access denied for user 'beep2'@'localhost' to database 'db' select table_schema, table_name from information_schema.tables @@ -52,7 +49,6 @@ show databases; Database db information_schema -test show create database db; Database Create Database db CREATE DATABASE `db` /*!40100 DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci */ diff --git a/mysql-test/suite/roles/show_grants.result b/mysql-test/suite/roles/show_grants.result index 7ae499a9cfc..21c5a74efe4 100644 --- a/mysql-test/suite/roles/show_grants.result +++ b/mysql-test/suite/roles/show_grants.result @@ -19,8 +19,6 @@ localhost test_user test_role1 N localhost test_user test_role2 N select user, host from mysql.db; user host - % - % grant select on mysql.* to test_role2; flush privileges; select * from information_schema.applicable_roles; diff --git a/mysql-test/suite/rpl/r/rpl_read_only.result b/mysql-test/suite/rpl/r/rpl_read_only.result index dbcd58a224f..64791888964 100644 --- a/mysql-test/suite/rpl/r/rpl_read_only.result +++ b/mysql-test/suite/rpl/r/rpl_read_only.result @@ -3,6 +3,7 @@ include/master-slave.inc call mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT"); connection master; create user test; +grant all on test.* to test; connection slave; connect master2,127.0.0.1,test,,test,$MASTER_MYPORT,; connect slave2,127.0.0.1,test,,test,$SLAVE_MYPORT,; diff --git a/mysql-test/suite/rpl/r/rpl_temporary.result b/mysql-test/suite/rpl/r/rpl_temporary.result index 650fe1db9e0..492e9ac3ac3 100644 --- a/mysql-test/suite/rpl/r/rpl_temporary.result +++ b/mysql-test/suite/rpl/r/rpl_temporary.result @@ -34,6 +34,8 @@ connection master; DROP TABLE t1; connection slave; connection master; +create user zedjzlcsjhd@localhost; +GRANT ALL on test.* to zedjzlcsjhd@localhost; connect con1,localhost,root,,; connect con2,localhost,root,,; connect con3,localhost,zedjzlcsjhd,,; @@ -83,6 +85,7 @@ f 5 7 drop table t1, t2; +drop user zedjzlcsjhd@localhost; use test; SET TIMESTAMP=1040323920; create table t1(f int); @@ -174,7 +177,7 @@ FLUSH PRIVILEGES; GRANT USAGE ON *.* TO user43748@127.0.0.1 IDENTIFIED BY 'meow'; GRANT PROCESS ON *.* TO user43748@127.0.0.1; -- try to KILL system-thread as that non-privileged user (on slave). -connect cont43748,127.0.0.1,user43748,meow,test,$SLAVE_MYPORT,; +connect cont43748,127.0.0.1,user43748,meow,"*NO-ONE*",$SLAVE_MYPORT,; connection cont43748; SELECT id INTO @id FROM information_schema.processlist WHERE user='system user' LIMIT 1; KILL @id; diff --git a/mysql-test/suite/rpl/t/rpl_read_only.test b/mysql-test/suite/rpl/t/rpl_read_only.test index c4781bbbb3b..15d5f74fb6d 100644 --- a/mysql-test/suite/rpl/t/rpl_read_only.test +++ b/mysql-test/suite/rpl/t/rpl_read_only.test @@ -7,6 +7,7 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state # Create a test and replicate it to slave connection master; create user test; +grant all on test.* to test; sync_slave_with_master; # Setting the master readonly : diff --git a/mysql-test/suite/rpl/t/rpl_temporary.test b/mysql-test/suite/rpl/t/rpl_temporary.test index 729f275bb0d..0ec57715f79 100644 --- a/mysql-test/suite/rpl/t/rpl_temporary.test +++ b/mysql-test/suite/rpl/t/rpl_temporary.test @@ -99,6 +99,9 @@ sync_slave_with_master; connection master; +create user zedjzlcsjhd@localhost; +GRANT ALL on test.* to zedjzlcsjhd@localhost; + connect (con1,localhost,root,,); connect (con2,localhost,root,,); # We want to connect as an unprivileged user. But if we use user="" then this @@ -182,6 +185,7 @@ select * from t2 ORDER BY f; #show binlog events; drop table t1, t2; +drop user zedjzlcsjhd@localhost; use test; SET TIMESTAMP=1040323920; @@ -339,7 +343,7 @@ GRANT USAGE ON *.* TO user43748@127.0.0.1 IDENTIFIED BY 'meow'; GRANT PROCESS ON *.* TO user43748@127.0.0.1; --echo -- try to KILL system-thread as that non-privileged user (on slave). -connect (cont43748,127.0.0.1,user43748,meow,test,$SLAVE_MYPORT,); +connect (cont43748,127.0.0.1,user43748,meow,"*NO-ONE*",$SLAVE_MYPORT,); connection cont43748; SELECT id INTO @id FROM information_schema.processlist WHERE user='system user' LIMIT 1; diff --git a/mysql-test/suite/sys_vars/inc/secure_timestamp_func.inc b/mysql-test/suite/sys_vars/inc/secure_timestamp_func.inc index 4ea7a2aff46..e097938f3c8 100644 --- a/mysql-test/suite/sys_vars/inc/secure_timestamp_func.inc +++ b/mysql-test/suite/sys_vars/inc/secure_timestamp_func.inc @@ -17,7 +17,7 @@ set timestamp=default; --echo ### SUPER create user foo@127.0.0.1; grant super on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; disable_abort_on_error; set timestamp=1234567890.101112; enable_abort_on_error; @@ -30,7 +30,7 @@ set timestamp=default; --echo ### BINLOG REPLAY create user foo@127.0.0.1; grant binlog replay on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; disable_abort_on_error; set timestamp=1234567890.101112; enable_abort_on_error; @@ -42,7 +42,7 @@ set timestamp=default; --echo ### non-privileged user create user foo@127.0.0.1; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; disable_abort_on_error; set timestamp=1234567890.101112; enable_abort_on_error; diff --git a/mysql-test/suite/sys_vars/r/automatic_sp_privileges_func.result b/mysql-test/suite/sys_vars/r/automatic_sp_privileges_func.result index d4d582b92d5..421ea144678 100644 --- a/mysql-test/suite/sys_vars/r/automatic_sp_privileges_func.result +++ b/mysql-test/suite/sys_vars/r/automatic_sp_privileges_func.result @@ -3,7 +3,9 @@ SET @global_automatic_sp_privileges = @@GLOBAL.automatic_sp_privileges; CREATE TABLE t1 (a varchar(200)); INSERT INTO t1 VALUES('Procedure Executed.'); CREATE USER 'userTest'@'localhost'; +GRANT CREATE ROUTINE, SELECT ON test.* to 'userTest'@'localhost'; CREATE USER 'userTest1'@'localhost'; +GRANT CREATE ROUTINE, SELECT ON test.* to 'userTest1'@'localhost'; connection default; SET GLOBAL automatic_sp_privileges = TRUE; connect conUser,localhost,userTest,,; diff --git a/mysql-test/suite/sys_vars/r/log_bin_trust_function_creators_func.result b/mysql-test/suite/sys_vars/r/log_bin_trust_function_creators_func.result index 0bec3eb2b29..8291800afa3 100644 --- a/mysql-test/suite/sys_vars/r/log_bin_trust_function_creators_func.result +++ b/mysql-test/suite/sys_vars/r/log_bin_trust_function_creators_func.result @@ -3,6 +3,7 @@ drop table if exists t1; SET @start_value= @@global.log_bin_trust_function_creators; ## Creating new user tt ## CREATE USER tt@localhost; +GRANT ALL ON test.* TO tt@localhost; ## Setting value of variable to 0 ## SET @@global.log_bin_trust_function_creators = 0; ## Creating new table t2 ## diff --git a/mysql-test/suite/sys_vars/r/read_only_func.result b/mysql-test/suite/sys_vars/r/read_only_func.result index 88a7b334204..f9ac41293ab 100644 --- a/mysql-test/suite/sys_vars/r/read_only_func.result +++ b/mysql-test/suite/sys_vars/r/read_only_func.result @@ -18,6 +18,7 @@ id name '#--------------------FN_DYNVARS_140_02-------------------------#' ** Creating new user with out super privilege** CREATE user sameea; +grant all on test.* to sameea; CONNECT connn,localhost,sameea,,; SET Global read_ONLY=ON; ERROR 42000: Access denied; you need (at least one of) the READ_ONLY ADMIN privilege(s) for this operation diff --git a/mysql-test/suite/sys_vars/r/secure_timestamp_no.result b/mysql-test/suite/sys_vars/r/secure_timestamp_no.result index fcf04f94476..14d16d9fc99 100644 --- a/mysql-test/suite/sys_vars/r/secure_timestamp_no.result +++ b/mysql-test/suite/sys_vars/r/secure_timestamp_no.result @@ -13,7 +13,7 @@ set timestamp=default; ### SUPER create user foo@127.0.0.1; grant super on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'SUPER'; SUPER @@ -25,7 +25,7 @@ set timestamp=default; ### BINLOG REPLAY create user foo@127.0.0.1; grant binlog replay on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'BINLOG REPLAY'; BINLOG REPLAY @@ -36,7 +36,7 @@ drop user foo@127.0.0.1; set timestamp=default; ### non-privileged user create user foo@127.0.0.1; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'non-privileged'; non-privileged diff --git a/mysql-test/suite/sys_vars/r/secure_timestamp_rpl.result b/mysql-test/suite/sys_vars/r/secure_timestamp_rpl.result index d4b25257da3..43c7a402cd5 100644 --- a/mysql-test/suite/sys_vars/r/secure_timestamp_rpl.result +++ b/mysql-test/suite/sys_vars/r/secure_timestamp_rpl.result @@ -13,7 +13,7 @@ set timestamp=default; ### SUPER create user foo@127.0.0.1; grant super on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR 42000: Access denied; you need (at least one of) the BINLOG REPLAY privilege(s) for this operation select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'SUPER'; @@ -26,7 +26,7 @@ set timestamp=default; ### BINLOG REPLAY create user foo@127.0.0.1; grant binlog replay on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'BINLOG REPLAY'; BINLOG REPLAY @@ -37,7 +37,7 @@ drop user foo@127.0.0.1; set timestamp=default; ### non-privileged user create user foo@127.0.0.1; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR 42000: Access denied; you need (at least one of) the BINLOG REPLAY privilege(s) for this operation select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'non-privileged'; diff --git a/mysql-test/suite/sys_vars/r/secure_timestamp_super.result b/mysql-test/suite/sys_vars/r/secure_timestamp_super.result index e005fdabf8a..b1aec21fea7 100644 --- a/mysql-test/suite/sys_vars/r/secure_timestamp_super.result +++ b/mysql-test/suite/sys_vars/r/secure_timestamp_super.result @@ -13,7 +13,7 @@ set timestamp=default; ### SUPER create user foo@127.0.0.1; grant super on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'SUPER'; SUPER @@ -25,7 +25,7 @@ set timestamp=default; ### BINLOG REPLAY create user foo@127.0.0.1; grant binlog replay on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'BINLOG REPLAY'; BINLOG REPLAY @@ -36,7 +36,7 @@ drop user foo@127.0.0.1; set timestamp=default; ### non-privileged user create user foo@127.0.0.1; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG REPLAY privilege(s) for this operation select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'non-privileged'; diff --git a/mysql-test/suite/sys_vars/r/secure_timestamp_yes.result b/mysql-test/suite/sys_vars/r/secure_timestamp_yes.result index 44b310809f6..c6c1dea6657 100644 --- a/mysql-test/suite/sys_vars/r/secure_timestamp_yes.result +++ b/mysql-test/suite/sys_vars/r/secure_timestamp_yes.result @@ -14,7 +14,7 @@ set timestamp=default; ### SUPER create user foo@127.0.0.1; grant super on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR HY000: The MariaDB server is running with the --secure-timestamp=YES option so it cannot execute this statement select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'SUPER'; @@ -27,7 +27,7 @@ set timestamp=default; ### BINLOG REPLAY create user foo@127.0.0.1; grant binlog replay on *.* TO `foo`@`127.0.0.1`; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR HY000: The MariaDB server is running with the --secure-timestamp=YES option so it cannot execute this statement select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'BINLOG REPLAY'; @@ -39,7 +39,7 @@ drop user foo@127.0.0.1; set timestamp=default; ### non-privileged user create user foo@127.0.0.1; -connect con2,127.0.0.1,foo,,test,$SLAVE_MYPORT; +connect con2,127.0.0.1,foo,,"*NO-ONE*",$SLAVE_MYPORT; set timestamp=1234567890.101112; ERROR HY000: The MariaDB server is running with the --secure-timestamp=YES option so it cannot execute this statement select if(now(6) > 20100101, 'READONLY', 'EDITABLE') as 'non-privileged'; diff --git a/mysql-test/suite/sys_vars/t/automatic_sp_privileges_func.test b/mysql-test/suite/sys_vars/t/automatic_sp_privileges_func.test index fd2dbefe7f6..25fda7d664a 100644 --- a/mysql-test/suite/sys_vars/t/automatic_sp_privileges_func.test +++ b/mysql-test/suite/sys_vars/t/automatic_sp_privileges_func.test @@ -38,7 +38,9 @@ INSERT INTO t1 VALUES('Procedure Executed.'); # CREATE USER 'userTest'@'localhost'; +GRANT CREATE ROUTINE, SELECT ON test.* to 'userTest'@'localhost'; CREATE USER 'userTest1'@'localhost'; +GRANT CREATE ROUTINE, SELECT ON test.* to 'userTest1'@'localhost'; # # Value TRUE diff --git a/mysql-test/suite/sys_vars/t/log_bin_trust_function_creators_func.test b/mysql-test/suite/sys_vars/t/log_bin_trust_function_creators_func.test index 41911d82ac5..958ae5d6c7a 100644 --- a/mysql-test/suite/sys_vars/t/log_bin_trust_function_creators_func.test +++ b/mysql-test/suite/sys_vars/t/log_bin_trust_function_creators_func.test @@ -36,6 +36,7 @@ SET @start_value= @@global.log_bin_trust_function_creators; --echo ## Creating new user tt ## CREATE USER tt@localhost; +GRANT ALL ON test.* TO tt@localhost; --echo ## Setting value of variable to 0 ## SET @@global.log_bin_trust_function_creators = 0; diff --git a/mysql-test/suite/sys_vars/t/read_only_func.test b/mysql-test/suite/sys_vars/t/read_only_func.test index bc3991aee7c..64141e3f91d 100644 --- a/mysql-test/suite/sys_vars/t/read_only_func.test +++ b/mysql-test/suite/sys_vars/t/read_only_func.test @@ -81,6 +81,7 @@ select * from t1 where id=1; --echo ** Creating new user with out super privilege** CREATE user sameea; +grant all on test.* to sameea; CONNECT (connn,localhost,sameea,,); --Error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/suite/versioning/r/not_embedded.result b/mysql-test/suite/versioning/r/not_embedded.result index 23574f34da9..5d8380e0969 100644 --- a/mysql-test/suite/versioning/r/not_embedded.result +++ b/mysql-test/suite/versioning/r/not_embedded.result @@ -38,7 +38,7 @@ connect root,localhost,root,,test; connection root; create database mysqltest; create user mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; connection root; create table mysqltest.t (a int) with system versioning; diff --git a/mysql-test/suite/versioning/t/not_embedded.test b/mysql-test/suite/versioning/t/not_embedded.test index 80e936b02f3..38f42a44587 100644 --- a/mysql-test/suite/versioning/t/not_embedded.test +++ b/mysql-test/suite/versioning/t/not_embedded.test @@ -50,7 +50,7 @@ create database mysqltest; --enable_warnings create user mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; connection root; |