multiple_user_binlogbb-10.4-multiple-user-binlog

3 files changed, 138 insertions, 9 deletions

diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 88d1630d94b..9d243e95fbb 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -3880,6 +3880,41 @@ static bool test_if_create_new_users(THD *thd)
   return create_new_users;
 }
 
+void user_require_to_str(LEX *lex, String &str)
+{
+  int ssl_type= lex->ssl_type;
+  if (ssl_type != SSL_TYPE_NOT_SPECIFIED)
+  {
+    str.append(" REQUIRE ");
+    if (ssl_type == SSL_TYPE_ANY)
+      str.append(" SSL ");
+    else if (ssl_type == SSL_TYPE_X509)
+      str.append(" X509 ");
+    else if (ssl_type == SSL_TYPE_NONE)
+      str.append(" NONE ");
+    else if (ssl_type == SSL_TYPE_SPECIFIED)
+    {
+      if (strlen(lex->x509_subject))
+      {
+        str.append(" SUBJECT '");
+        str.append(lex->x509_subject);
+        str.append("' ");
+      }
+      if (strlen(lex->x509_issuer))
+      {
+        str.append(" ISSUER '");
+        str.append(lex->x509_issuer);
+        str.append("' ");
+      }
+      if (strlen(lex->ssl_cipher))
+      {
+        str.append(" CIPHER '");
+        str.append(lex->ssl_cipher);
+        str.append("' ");
+      }
+    }
+  }
+}
 
 /****************************************************************************
   Handle GRANT commands
@@ -10137,10 +10172,10 @@ end:
 bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
 {
   int result;
-  String wrong_users;
+  String wrong_users, binlog_query;
   LEX_USER *user_name;
   List_iterator <LEX_USER> user_list(list);
-  bool binlog= false;
+  bool if_not_exists= thd->lex->create_info.if_not_exists();
   DBUG_ENTER("mysql_create_user");
   DBUG_PRINT("entry", ("Handle as %s", handle_as_role ? "role" : "user"));
 
@@ -10209,9 +10244,8 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
         }
         // Proceed with the creation
       }
-      else if (thd->lex->create_info.if_not_exists())
+      else if (if_not_exists)
       {
-        binlog= true;
         if (handle_as_role)
           push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE,
                               ER_ROLE_CREATE_EXISTS,
@@ -10222,7 +10256,7 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
                               ER_USER_CREATE_EXISTS,
                               ER_THD(thd, ER_USER_CREATE_EXISTS),
                               user_name->user.str, user_name->host.str);
-        continue;
+        goto log;
       }
       else
       {
@@ -10239,7 +10273,6 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
       result= TRUE;
       continue;
     }
-    binlog= true;
 
     // every created role is automatically granted to its creator-admin
     if (handle_as_role)
@@ -10273,6 +10306,25 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
                                  &thd->lex->definer->host,
                                  &user_name->user, true, NULL, false);
     }
+
+log:
+    if (mysql_bin_log.is_open())
+    {
+      binlog_query.append("CREATE USER ");
+      if (thd->lex->create_info.if_not_exists())
+        binlog_query.append(" IF NOT EXISTS ");
+      user_name->to_str(binlog_query);
+      user_require_to_str(thd->lex, binlog_query);
+      thd->lex->mqh.to_str(binlog_query);
+      binlog_query.append("/* Generated by server */");
+      // Log individual user into binlog
+      thd->binlog_query(THD::STMT_QUERY_TYPE,
+                        binlog_query.ptr(),
+                        binlog_query.length(),
+                        FALSE, FALSE, if_not_exists,
+                        result ? ER_CANNOT_USER : 0);
+      binlog_query.release();
+    }
   }
 
   mysql_mutex_unlock(&acl_cache->lock);
@@ -10282,9 +10334,6 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role)
              (handle_as_role) ? "CREATE ROLE" : "CREATE USER",
              wrong_users.c_ptr_safe());
 
-  if (binlog)
-    result |= write_bin_log(thd, FALSE, thd->query(), thd->query_length());
-
   mysql_rwlock_unlock(&LOCK_grant);
   DBUG_RETURN(result);
 }
diff --git a/sql/sql_class.cc b/sql/sql_class.cc
index 0bbfdba88c7..c9ed61b175e 100644
--- a/sql/sql_class.cc
+++ b/sql/sql_class.cc
@@ -7651,6 +7651,84 @@ void AUTHID::parse(const char *str, size_t length)
     host.length= HOSTNAME_LENGTH;
 }
 
+void LEX_USER::to_str(String &str)
+{
+  str.append("'");
+  str.append(user.str, user.length);
+  str.append("'");
+  if (host.length)
+  {
+    str.append("@");
+    str.append("'");
+    str.append(host.str, host.length);
+    str.append("'");
+  }
+  str.append(" IDENTIFIED ");
+  if (pwtext.length)
+  {
+    str.append(" BY '");
+    str.append(pwtext.str, pwtext.length);
+    str.append("' ");
+  }
+  else if (pwhash.length)
+  {
+    str.append(" BY PASSWORD '");
+    str.append(pwhash.str, pwhash.length);
+    str.append("' ");
+  }
+  if (plugin.length)
+  {
+    str.append(" WITH ");
+    str.append(plugin.str, pwhash.length);
+    str.append("' ");
+    if (auth.length)
+    {
+      str.append(" USING '");
+      str.append(auth.str, auth.length);
+      str.append("' ");
+    }
+  }
+}
+
+void USER_RESOURCES::to_str(String &str)
+{
+  str.append(" WITH ");
+  if (specified_limits & USER_RESOURCES::QUERIES_PER_HOUR)
+  {
+    char num[10];
+    sprintf(num, "%d", questions);
+    str.append(" MAX_QUERIES_PER_HOUR ");
+    str.append((const char *)&num);
+  }
+  if (specified_limits & USER_RESOURCES::UPDATES_PER_HOUR)
+  {
+    char num[10];
+    sprintf(num, "%d", updates);
+    str.append(" MAX_UPDATES_PER_HOUR ");
+    str.append((const char *)&num);
+  }
+  if (specified_limits & USER_RESOURCES::CONNECTIONS_PER_HOUR)
+  {
+    char num[10];
+    sprintf(num, "%d", conn_per_hour);
+    str.append(" MAX_CONNECTIONS_PER_HOUR ");
+    str.append((const char *)&num);
+  }
+  if (specified_limits & USER_RESOURCES::USER_CONNECTIONS)
+  {
+    char num[10];
+    sprintf(num, "%d", user_conn);
+    str.append(" MAX_USER_CONNECTIONS ");
+    str.append((const char *)&num);
+  }
+  if (specified_limits & USER_RESOURCES::MAX_STATEMENT_TIME)
+  {
+    char num[20];
+    sprintf(num, "%f", max_statement_time);
+    str.append(" MAX_QUERY_PER_HOUR ");
+    str.append((const char *)&num);
+  }
+}
 
 void Database_qualified_name::copy(MEM_ROOT *mem_root,
                                    const LEX_CSTRING &db,
diff --git a/sql/structs.h b/sql/structs.h
index 355d6e75e48..5efd658878b 100644
--- a/sql/structs.h
+++ b/sql/structs.h
@@ -235,6 +235,7 @@ struct LEX_USER: public AUTHID
     pwtext.str= pwhash.str= 0;
     plugin.str= auth.str= "";
   }
+  void to_str(class String &str);
 };
 
 /*
@@ -267,6 +268,7 @@ typedef struct user_resources {
   enum {QUERIES_PER_HOUR= 1, UPDATES_PER_HOUR= 2, CONNECTIONS_PER_HOUR= 4,
         USER_CONNECTIONS= 8, MAX_STATEMENT_TIME= 16};
   uint specified_limits;
+  void to_str(class String &str);
 } USER_RESOURCES;