MDEV-29851 Cached role privileges are not invalidated when needed

GRANT ROLE can update db-level privileges -> must invalidate acl_cache
author: Sergei Golubchik <serg@mariadb.org> 2022-10-22 17:11:04 +0200
committer: Sergei Golubchik <serg@mariadb.org> 2022-10-22 18:27:06 +0200
commit: 68fb05c360897112fe14038beffff7937d4337e6 (patch)
tree: da3098112601470953f976f4ec637433f21196e1 /sql/sql_acl.cc
parent: 7a2f99564932ff51e7008da1f6e1553467e469a1 (diff)
download: mariadb-git-68fb05c360897112fe14038beffff7937d4337e6.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 5a2865e535e..059a6ed4127 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -7152,7 +7152,10 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke)
        a role
     */
     if (role_as_user)
+    {
       propagate_role_grants(role_as_user, PRIVS_TO_MERGE::ALL);
+      acl_cache->clear(1);
+    }
   }
 
   mysql_mutex_unlock(&acl_cache->lock);
author	Sergei Golubchik <serg@mariadb.org>	2022-10-22 17:11:04 +0200
committer	Sergei Golubchik <serg@mariadb.org>	2022-10-22 18:27:06 +0200
commit	68fb05c360897112fe14038beffff7937d4337e6 (patch)
tree	da3098112601470953f976f4ec637433f21196e1 /sql/sql_acl.cc
parent	7a2f99564932ff51e7008da1f6e1553467e469a1 (diff)
download	mariadb-git-68fb05c360897112fe14038beffff7937d4337e6.tar.gz