diff options
| author | unknown <monty@mysql.com> | 2004-02-03 19:17:23 +0100 |
|---|---|---|
| committer | unknown <monty@mysql.com> | 2004-02-03 19:17:23 +0100 |
| commit | 313761cb40d7ba89c860e0c823f20f59698dab4c (patch) | |
| tree | d2e781dd8a39aa918c25b6ba10a1b6cabec62518 /sql/sql_update.cc | |
| parent | 619eaee654d213c68f86981bf33dcccf15b52f02 (diff) | |
| download | mariadb-git-313761cb40d7ba89c860e0c823f20f59698dab4c.tar.gz | |
Ensure that privileges are tested properly for multi-table-updates.
Now one need only SELECT privilege for tables that are only read in
UPDATE statements with many tables. (Bug #2377).
sql/sql_acl.cc:
Comment cleanup
sql/sql_parse.cc:
Merged duplicate code.
Removed some outdated 'tables->db' tests.
Check privileges for multi-updates properly (Bug #2377)
sql/sql_show.cc:
Remove disabled code
sql/sql_update.cc:
Ensure that privileges are tested properly for multi-table-updates
tests/grant.pl:
Added more tests
tests/grant.res:
updated results
Diffstat (limited to 'sql/sql_update.cc')
| -rw-r--r-- | sql/sql_update.cc | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/sql/sql_update.cc b/sql/sql_update.cc index 4f5f21d61ad..d2ccd02051b 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -15,8 +15,9 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Update of records - Multi-table updates were introduced by Monty and Sinisa <sinisa@mysql.com> +/* + Single table and multi table updates of tables. + Multi-table updates were introduced by Sinisa & Monty */ #include "mysql_priv.h" @@ -398,20 +399,33 @@ int mysql_multi_update(THD *thd, TABLE_LIST *tl; DBUG_ENTER("mysql_multi_update"); - table_list->grant.want_privilege=(SELECT_ACL & ~table_list->grant.privilege); if ((res=open_and_lock_tables(thd,table_list))) DBUG_RETURN(res); thd->select_limit=HA_POS_ERROR; + + /* + Ensure that we have update privilege for all tables and columns in the + SET part + */ + for (tl= table_list ; tl ; tl=tl->next) + { + TABLE *table= tl->table; + table->grant.want_privilege= (UPDATE_ACL & ~table->grant.privilege); + } + if (setup_fields(thd, table_list, *fields, 1, 0, 0)) DBUG_RETURN(-1); /* Count tables and setup timestamp handling */ - for (tl= (TABLE_LIST*) table_list ; tl ; tl=tl->next) + for (tl= table_list ; tl ; tl=tl->next) { TABLE *table= tl->table; + + /* We only need SELECT privilege for columns in the values list */ + table->grant.want_privilege= (SELECT_ACL & ~table->grant.privilege); if (table->timestamp_field) { table->time_stamp=0; |