Bug#16681 information_schema shows forbidden VIEW details

show view definition to users that have the needed privilleges


mysql-test/r/information_schema.result:
  Bug#16681 information_schema shows forbidden VIEW details
  test case
mysql-test/t/information_schema.test:
  Bug#16681 information_schema shows forbidden VIEW details
  test case

1 files changed, 25 insertions, 3 deletions

diff --git a/sql/sql_show.cc b/sql/sql_show.cc
index 70bdef302df..9018b364ec9 100644
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -3076,11 +3076,33 @@ static int get_schema_views_record(THD *thd, struct st_table_list *tables,
 
   if (tables->view)
   {
+    Security_context *sctx= thd->security_ctx;
+    ulong grant= SHOW_VIEW_ACL;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+    char *save_table_name= tables->table_name;
+    if (!my_strcasecmp(system_charset_info, tables->definer.user.str,
+                       sctx->priv_user) &&
+        !my_strcasecmp(system_charset_info, tables->definer.host.str,
+                       sctx->priv_host))
+      grant= SHOW_VIEW_ACL;
+    else
+    {
+      tables->table_name= tables->view_name.str;
+      if (check_access(thd, SHOW_VIEW_ACL , base_name,
+                       &tables->grant.privilege, 0, 1,
+                       test(tables->schema_table)))
+        grant= get_table_grant(thd, tables);
+      else
+        grant= tables->grant.privilege;
+    }
+    tables->table_name= save_table_name;
+#endif
+
     restore_record(table, s->default_values);
     table->field[1]->store(tables->view_db.str, tables->view_db.length, cs);
-    table->field[2]->store(tables->view_name.str, tables->view_name.length,
-                           cs);
-    table->field[3]->store(tables->query.str, tables->query.length, cs);
+    table->field[2]->store(tables->view_name.str, tables->view_name.length, cs);
+    if (grant & SHOW_VIEW_ACL)
+      table->field[3]->store(tables->query.str, tables->query.length, cs);
 
     if (tables->with_check != VIEW_CHECK_NONE)
     {