diff options
| author | Georgi Kodinov <joro@sun.com> | 2009-08-19 15:14:57 +0300 |
|---|---|---|
| committer | Georgi Kodinov <joro@sun.com> | 2009-08-19 15:14:57 +0300 |
| commit | 4207e50e23cd5b964e4223b61048cd2b5729358f (patch) | |
| tree | ec3d6929232f89d5951fb478830ddf37d9aa403b /sql/sql_acl.cc | |
| parent | 0c8690e5694ba0f70ef3a5deedad910d161c36ba (diff) | |
| download | mariadb-git-4207e50e23cd5b964e4223b61048cd2b5729358f.tar.gz | |
Bug #46019: ERROR 1356 When selecting from within another
view that has Group By
Table access rights checking function check_grant() assumed
that no view is opened when it's called.
This is not true with nested views where the inner view
needs materialization. In this case the view is already
materialized when check_grant() is called for it.
This caused check_grant() to not look for table level
grants on the materialized view table.
Fixed by checking if a view is already materialized and if
it is check table level grants using the original table name
(not the ones of the materialized temp table).
Diffstat (limited to 'sql/sql_acl.cc')
| -rw-r--r-- | sql/sql_acl.cc | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ab4e518d5dd..a411101fcfd 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -3650,11 +3650,14 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, continue; // ok if (!(~table->grant.privilege & want_access) || - table->derived || table->schema_table) + table->is_non_materialized_derived_table() || table->schema_table) { /* It is subquery in the FROM clause. VIEW set table->derived after - table opening, but this function always called before table opening. + table opening, but this function is mostly called before table opening. + When it's called after table opening e.g. for nested views with + materialization we shoud check the materialized table for access as + any other table. */ if (!table->referencing_view) { @@ -3667,9 +3670,10 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, } continue; } + if (!(grant_table= table_hash_search(sctx->host, sctx->ip, - table->db, sctx->priv_user, - table->table_name,0))) + table->get_db_name(), sctx->priv_user, + table->get_table_name(), 0))) { want_access &= ~table->grant.privilege; goto err; // No grants |