diff options
| author | unknown <pem@mysql.comhem.se> | 2004-10-22 20:29:06 +0200 |
|---|---|---|
| committer | unknown <pem@mysql.comhem.se> | 2004-10-22 20:29:06 +0200 |
| commit | a50cd5c53dcdaad4202cdb4626372fd85eda6cb7 (patch) | |
| tree | 7a873eb1cff12b1f55c60118cf16a838f3ac0488 /mysql-test | |
| parent | 35588c9dd0aef7db1c89731b0c4899b41576df9c (diff) | |
| download | mariadb-git-a50cd5c53dcdaad4202cdb4626372fd85eda6cb7.tar.gz | |
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege.
...and no ALTER privilege either.
For now, only the definer and root can drop or alter an SP.
include/mysqld_error.h:
New access denied error code when dropping/altering stored procedures.
include/sql_state.h:
New access denied error code when dropping/altering stored procedures.
mysql-test/r/sp-error.result:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
mysql-test/r/sp-security.result:
Added tests for access control on who's allowed to drop and alter SPs.
mysql-test/r/sp.result:
Updated results. (Warning removed.)
mysql-test/t/sp-error.test:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
mysql-test/t/sp-security.test:
Added tests for access control on who's allowed to drop and alter SPs.
sql/share/czech/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/danish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/dutch/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/english/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/estonian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/french/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/german/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/greek/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/hungarian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/italian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/japanese/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/korean/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/norwegian-ny/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/norwegian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/polish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/portuguese/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/romanian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/russian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/serbian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/slovak/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/spanish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/swedish/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/share/ukrainian/errmsg.txt:
New access denied error message when dropping/altering stored procedures.
sql/sql_parse.cc:
Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer
and root are allowed to do this.
sql/sql_yacc.yy:
Removed warning for "unitialized variable", as this popped up in unexpected
places after the access control for drop/alter SPs was added. (And the warning
was wrong and planned to be removed anyway.)
Diffstat (limited to 'mysql-test')
| -rw-r--r-- | mysql-test/r/sp-error.result | 8 | ||||
| -rw-r--r-- | mysql-test/r/sp-security.result | 11 | ||||
| -rw-r--r-- | mysql-test/r/sp.result | 4 | ||||
| -rw-r--r-- | mysql-test/t/sp-error.test | 8 | ||||
| -rw-r--r-- | mysql-test/t/sp-security.test | 26 |
5 files changed, 34 insertions, 23 deletions
diff --git a/mysql-test/r/sp-error.result b/mysql-test/r/sp-error.result index db6f89c8c0e..9bea0fe0d4c 100644 --- a/mysql-test/r/sp-error.result +++ b/mysql-test/r/sp-error.result @@ -115,14 +115,6 @@ foo: loop set @x=2; end loop bar| ERROR 42000: End-label bar without match -create procedure foo(out x int) -begin -declare y int; -set x = y; -end| -Warnings: -Warning 1311 Referring to uninitialized variable y -drop procedure foo| create procedure foo() return 42| ERROR 42000: RETURN is only allowed in a FUNCTION diff --git a/mysql-test/r/sp-security.result b/mysql-test/r/sp-security.result index cdcc4595a73..23804e62ef5 100644 --- a/mysql-test/r/sp-security.result +++ b/mysql-test/r/sp-security.result @@ -107,13 +107,20 @@ s1 0 2 2 +alter procedure p modifies sql data; +drop procedure p; +alter procedure q modifies sql data; +ERROR 42000: Access denied; you are not the procedure/function definer of 'db2.q' +drop procedure q; +ERROR 42000: Access denied; you are not the procedure/function definer of 'db2.q' +use db2; +alter procedure q modifies sql data; +drop procedure q; use test; select type,db,name from mysql.proc; type db name FUNCTION db1_secret db PROCEDURE db1_secret stamp -PROCEDURE db2 p -PROCEDURE db2 q drop database db1_secret; drop database db2; select type,db,name from mysql.proc; diff --git a/mysql-test/r/sp.result b/mysql-test/r/sp.result index d19c3c5355e..670c16c3e50 100644 --- a/mysql-test/r/sp.result +++ b/mysql-test/r/sp.result @@ -1843,13 +1843,9 @@ begin declare v char; return v; end| -Warnings: -Warning 1311 Referring to uninitialized variable v select bug4487()| bug4487() NULL -Warnings: -Warning 1311 Referring to uninitialized variable v drop function bug4487| drop procedure if exists bug4941| create procedure bug4941(out x int) diff --git a/mysql-test/t/sp-error.test b/mysql-test/t/sp-error.test index 73f2730b44c..08c8c7788ce 100644 --- a/mysql-test/t/sp-error.test +++ b/mysql-test/t/sp-error.test @@ -156,14 +156,6 @@ foo: loop set @x=2; end loop bar| -# Referring to undef variable -create procedure foo(out x int) -begin - declare y int; - set x = y; -end| -drop procedure foo| - # RETURN in FUNCTION only --error 1313 create procedure foo() diff --git a/mysql-test/t/sp-security.test b/mysql-test/t/sp-security.test index 4804d44e63a..2b53bbc528a 100644 --- a/mysql-test/t/sp-security.test +++ b/mysql-test/t/sp-security.test @@ -180,8 +180,32 @@ use db2; call q(); select * from t2; -# Clean up + +# +# BUG#6030: Stored procedure has no appropriate DROP privilege +# (or ALTER for that matter) + +# still connection con2user1 in db2 + +# This should work: +alter procedure p modifies sql data; +drop procedure p; + +# This should NOT work +--error 1370 +alter procedure q modifies sql data; +--error 1370 +drop procedure q; + connection con1root; +use db2; +# But root always can +alter procedure q modifies sql data; +drop procedure q; + + +# Clean up +#Still connection con1root; use test; select type,db,name from mysql.proc; drop database db1_secret; |