diff options
| author | unknown <gluh@gluh.mysql.r18.ru> | 2003-06-06 17:43:23 +0500 |
|---|---|---|
| committer | unknown <gluh@gluh.mysql.r18.ru> | 2003-06-06 17:43:23 +0500 |
| commit | 16dc40f810f9a24ec7edf763f8f7f865d7d56d43 (patch) | |
| tree | fa16d6b56c916744d18b1588f8e595ae8b53efa0 /sql | |
| parent | 1aa1d970d4d805a8029a7f197a59163145c7dc60 (diff) | |
| download | mariadb-git-16dc40f810f9a24ec7edf763f8f7f865d7d56d43.tar.gz | |
REVOKE all privileges and delete user(244)
include/mysqld_error.h:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
mysql-test/r/grant.result:
Test for DROP USER, REVOKE ALL PRIVILEGES, GRANT
mysql-test/t/grant.test:
Test for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/czech/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/danish/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/dutch/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/english/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/estonian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/french/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/german/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/greek/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/hungarian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/italian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/japanese/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/korean/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/norwegian-ny/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/norwegian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/polish/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/portuguese/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/romanian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/russian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/serbian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/slovak/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/spanish/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/swedish/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/ukrainian/errmsg.txt:
Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
Diffstat (limited to 'sql')
29 files changed, 381 insertions, 21 deletions
diff --git a/sql/lex.h b/sql/lex.h index e89c9f51520..064bab8acbb 100644 --- a/sql/lex.h +++ b/sql/lex.h @@ -396,6 +396,7 @@ static SYMBOL symbols[] = { { "UNSIGNED", SYM(UNSIGNED),0,0}, { "USE", SYM(USE_SYM),0,0}, { "USE_FRM", SYM(USE_FRM),0,0}, + { "USER", SYM(USER),0,0}, { "USING", SYM(USING),0,0}, { "UPDATE", SYM(UPDATE_SYM),0,0}, { "USAGE", SYM(USAGE),0,0}, @@ -632,7 +633,6 @@ static SYMBOL sql_functions[] = { { "UNIQUE_USERS", SYM(UNIQUE_USERS),0,0}, { "UNIX_TIMESTAMP", SYM(UNIX_TIMESTAMP),0,0}, { "UPPER", SYM(FUNC_ARG1),0,CREATE_FUNC(create_func_ucase)}, - { "USER", SYM(USER),0,0}, { "VARIANCE", SYM(VARIANCE_SYM),0,0}, { "VERSION", SYM(FUNC_ARG0),0,CREATE_FUNC(create_func_version)}, { "WEEK", SYM(WEEK_SYM),0,0}, diff --git a/sql/share/czech/errmsg.txt b/sql/share/czech/errmsg.txt index e277c19e26f..273dfa0fcf5 100644 --- a/sql/share/czech/errmsg.txt +++ b/sql/share/czech/errmsg.txt @@ -271,3 +271,5 @@ v/* "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/danish/errmsg.txt b/sql/share/danish/errmsg.txt index 01856ffed01..1d39a328154 100644 --- a/sql/share/danish/errmsg.txt +++ b/sql/share/danish/errmsg.txt @@ -265,3 +265,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/dutch/errmsg.txt b/sql/share/dutch/errmsg.txt index 4b9b0b9f710..5b79f06b621 100644 --- a/sql/share/dutch/errmsg.txt +++ b/sql/share/dutch/errmsg.txt @@ -273,3 +273,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/english/errmsg.txt b/sql/share/english/errmsg.txt index 89045b13985..ad15d55405f 100644 --- a/sql/share/english/errmsg.txt +++ b/sql/share/english/errmsg.txt @@ -267,3 +267,5 @@ "Data truncated for column '%s' at row %ld" "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/estonian/errmsg.txt b/sql/share/estonian/errmsg.txt index d5064b53790..506b5fc0188 100644 --- a/sql/share/estonian/errmsg.txt +++ b/sql/share/estonian/errmsg.txt @@ -267,3 +267,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/french/errmsg.txt b/sql/share/french/errmsg.txt index eb936243332..8882e4dceda 100644 --- a/sql/share/french/errmsg.txt +++ b/sql/share/french/errmsg.txt @@ -262,3 +262,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/german/errmsg.txt b/sql/share/german/errmsg.txt index 2ac25216b8e..1e8f5bb2c05 100644 --- a/sql/share/german/errmsg.txt +++ b/sql/share/german/errmsg.txt @@ -271,3 +271,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/greek/errmsg.txt b/sql/share/greek/errmsg.txt index 8e82559db5c..d322f3fbd6a 100644 --- a/sql/share/greek/errmsg.txt +++ b/sql/share/greek/errmsg.txt @@ -262,3 +262,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/hungarian/errmsg.txt b/sql/share/hungarian/errmsg.txt index de0e7da614e..162bfc5509c 100644 --- a/sql/share/hungarian/errmsg.txt +++ b/sql/share/hungarian/errmsg.txt @@ -264,3 +264,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/italian/errmsg.txt b/sql/share/italian/errmsg.txt index d9308faf8a6..26d916a968d 100644 --- a/sql/share/italian/errmsg.txt +++ b/sql/share/italian/errmsg.txt @@ -262,3 +262,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/japanese/errmsg.txt b/sql/share/japanese/errmsg.txt index 45e78941906..a01a2b7ff6f 100644 --- a/sql/share/japanese/errmsg.txt +++ b/sql/share/japanese/errmsg.txt @@ -264,3 +264,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/korean/errmsg.txt b/sql/share/korean/errmsg.txt index 43d291ae3a5..5f5526be04b 100644 --- a/sql/share/korean/errmsg.txt +++ b/sql/share/korean/errmsg.txt @@ -262,3 +262,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/norwegian-ny/errmsg.txt b/sql/share/norwegian-ny/errmsg.txt index c0c045438ec..bf1019d3d87 100644 --- a/sql/share/norwegian-ny/errmsg.txt +++ b/sql/share/norwegian-ny/errmsg.txt @@ -264,3 +264,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/norwegian/errmsg.txt b/sql/share/norwegian/errmsg.txt index 03430ae546b..68c95bbf22b 100644 --- a/sql/share/norwegian/errmsg.txt +++ b/sql/share/norwegian/errmsg.txt @@ -264,3 +264,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/polish/errmsg.txt b/sql/share/polish/errmsg.txt index 997ee08e66a..5b93403c757 100644 --- a/sql/share/polish/errmsg.txt +++ b/sql/share/polish/errmsg.txt @@ -266,3 +266,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/portuguese/errmsg.txt b/sql/share/portuguese/errmsg.txt index ef051d957cb..edd3e3b813f 100644 --- a/sql/share/portuguese/errmsg.txt +++ b/sql/share/portuguese/errmsg.txt @@ -262,3 +262,5 @@ "%d linha(s) foi(foram) cortada(s) por group_concat()", "Usando engine de armazenamento %s para tabela '%s'", "Combinação ilegal de collations (%s,%s) e (%s,%s) para operação '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/romanian/errmsg.txt b/sql/share/romanian/errmsg.txt index 89c00b4bf15..873a708fa7b 100644 --- a/sql/share/romanian/errmsg.txt +++ b/sql/share/romanian/errmsg.txt @@ -266,3 +266,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/russian/errmsg.txt b/sql/share/russian/errmsg.txt index fac4dedb3ee..a05ecde6808 100644 --- a/sql/share/russian/errmsg.txt +++ b/sql/share/russian/errmsg.txt @@ -264,3 +264,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/serbian/errmsg.txt b/sql/share/serbian/errmsg.txt index d954e7998a2..c1c0de779c7 100644 --- a/sql/share/serbian/errmsg.txt +++ b/sql/share/serbian/errmsg.txt @@ -258,3 +258,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/slovak/errmsg.txt b/sql/share/slovak/errmsg.txt index 8f7747c6bf6..26d673b847c 100644 --- a/sql/share/slovak/errmsg.txt +++ b/sql/share/slovak/errmsg.txt @@ -270,3 +270,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/spanish/errmsg.txt b/sql/share/spanish/errmsg.txt index 4a7989ce7be..99a92f63c4e 100644 --- a/sql/share/spanish/errmsg.txt +++ b/sql/share/spanish/errmsg.txt @@ -263,3 +263,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/swedish/errmsg.txt b/sql/share/swedish/errmsg.txt index 6734369d3ac..c613d205947 100644 --- a/sql/share/swedish/errmsg.txt +++ b/sql/share/swedish/errmsg.txt @@ -262,3 +262,5 @@ "%d rad(er) kapades av group_concat()", "Använder handler %s för tabell '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/share/ukrainian/errmsg.txt b/sql/share/ukrainian/errmsg.txt index 67c52dc8fee..6505c3c9cac 100644 --- a/sql/share/ukrainian/errmsg.txt +++ b/sql/share/ukrainian/errmsg.txt @@ -267,3 +267,5 @@ "%d line(s) was(were) cut by group_concat()", "Using storage engine %s for table '%s'", "Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'", +"Can't drop one or more of the requested users" +"Can't revoke all privileges, grant for one or more of the requested users" diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ec6db64ea73..49aad321702 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -2179,11 +2179,6 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, { int error; GRANT_TABLE *grant_table; - if (!Str->host.str) - { - Str->host.str=(char*) "%"; - Str->host.length=1; - } if (Str->host.length > HOSTNAME_LENGTH || Str->user.length > USERNAME_LENGTH) { @@ -2350,11 +2345,6 @@ int mysql_grant (THD *thd, const char *db, List <LEX_USER> &list, int result=0; while ((Str = str_list++)) { - if (!Str->host.str) - { - Str->host.str=(char*) "%"; - Str->host.length=1; - } if (Str->host.length > HOSTNAME_LENGTH || Str->user.length > USERNAME_LENGTH) { @@ -2855,11 +2845,6 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user) send_error(thd, ER_UNKNOWN_COM_ERROR); DBUG_RETURN(-1); } - if (!lex_user->host.str) - { - lex_user->host.str=(char*) "%"; - lex_user->host.length=1; - } if (lex_user->host.length > HOSTNAME_LENGTH || lex_user->user.length > USERNAME_LENGTH) { @@ -3202,6 +3187,279 @@ void get_mqh(const char *user, const char *host, USER_CONN *uc) bzero((char*) &uc->user_resources, sizeof(uc->user_resources)); } +int open_grant_tables(THD *thd, TABLE_LIST *tables) +{ + DBUG_ENTER("open_grant_tables"); + + if (!initialized) + { + send_error(thd, ER_OUT_OF_RESOURCES, ER(ER_OUT_OF_RESOURCES)); + DBUG_RETURN(-1); + } + + bzero((char*) tables, 4*sizeof(*tables)); + tables->alias= tables->real_name= (char*) "user"; + (tables+1)->alias= (tables+1)->real_name= (char*) "db"; + (tables+2)->alias= (tables+2)->real_name= (char*) "tables_priv"; + (tables+3)->alias= (tables+3)->real_name= (char*) "columns_priv"; + tables->next= tables+1; + (tables+1)->next= tables+2; + (tables+2)->next= tables+3; + (tables+3)->next= 0; + tables->lock_type= (tables+1)->lock_type= + (tables+2)->lock_type= (tables+3)->lock_type= TL_WRITE; + tables->db= (tables+1)->db= (tables+2)->db= (tables+3)->db=(char*) "mysql"; + +#ifdef HAVE_REPLICATION + /* + GRANT and REVOKE are applied the slave in/exclusion rules as they are + some kind of updates to the mysql.% tables. + */ + if (thd->slave_thread && table_rules_on && !tables_ok(0, tables)) + DBUG_RETURN(1); +#endif + + if (open_and_lock_tables(thd, tables)) + { // This should never happen + close_thread_tables(thd); + DBUG_RETURN(-1); + } + + DBUG_RETURN(0); +} + +ACL_USER *check_acl_user(LEX_USER *user_name, + uint *acl_user_idx) +{ + ACL_USER *acl_user= 0; + uint counter; + + for (counter= 0 ; counter < acl_users.elements ; counter++) + { + const char *user,*host; + acl_user= dynamic_element(&acl_users, counter, ACL_USER*); + if (!(user=acl_user->user)) + user=""; + if (!(host=acl_user->host.hostname)) + host="%"; + if (!strcmp(user_name->user.str,user) && + !my_strcasecmp(system_charset_info, user_name->host.str, host)) + break; + } + if (counter == acl_users.elements) + return 0; + + *acl_user_idx= counter; + return acl_user; +} + +int mysql_drop_user(THD *thd, List <LEX_USER> &list) +{ + uint counter, user_id; + int result; + ACL_USER *acl_user; + ACL_DB *acl_db; + TABLE_LIST tables[4]; + + DBUG_ENTER("mysql_drop_user"); + + if ((result= open_grant_tables(thd, tables))) + DBUG_RETURN(result == 1 ? 0 : -1); + + rw_wrlock(&LOCK_grant); + VOID(pthread_mutex_lock(&acl_cache->lock)); + + LEX_USER *user_name; + List_iterator <LEX_USER> user_list(list); + while ((user_name=user_list++)) + { + if (!(acl_user= check_acl_user(user_name, &counter))) + { + sql_print_error("DROP USER: Can't drop user: '%s'@'%s'", + user_name->user.str, + user_name->host.str); + result= -1; + continue; + } + if ((acl_user->access & ~0)) + { + sql_print_error("DROP USER: Can't drop user: '%s'@'%s'", + user_name->user.str, + user_name->host.str); + result= -1; + continue; + } + user_id= counter; + + for (counter= 0 ; counter < acl_dbs.elements ; counter++) + { + const char *user,*host; + acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*); + if (!(user= acl_db->user)) + user=""; + if (!(host= acl_db->host.hostname)) + host=""; + + if (!strcmp(user_name->user.str,user) && + !my_strcasecmp(system_charset_info, user_name->host.str, host)) + break; + } + if (counter != acl_dbs.elements) + { + sql_print_error("DROP USER: Can't drop user: '%s'@'%s'", + user_name->user.str, + user_name->host.str); + result= -1; + continue; + } + + for (counter= 0 ; counter < column_priv_hash.records ; counter++) + { + const char *user,*host; + GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, + counter); + if (!(user=grant_table->user)) + user=""; + if (!(host=grant_table->host)) + host=""; + + if (!strcmp(user_name->user.str,user) && + !my_strcasecmp(system_charset_info, user_name->host.str, host)) + break; + } + if (counter != column_priv_hash.records) + { + sql_print_error("DROP USER: Can't drop user: '%s'@'%s'", + user_name->user.str, + user_name->host.str); + result= -1; + continue; + } + + tables[0].table->field[0]->store(user_name->host.str,(uint) + user_name->host.length, system_charset_info); + tables[0].table->field[1]->store(user_name->user.str,(uint) + user_name->user.length, system_charset_info); + if (!tables[0].table->file->index_read_idx(tables[0].table->record[0],0, + (byte*) tables[0].table->field[0]->ptr,0, + HA_READ_KEY_EXACT)) + { + int error; + if ((error = tables[0].table->file->delete_row(tables[0].table->record[0]))) + { + tables[0].table->file->print_error(error, MYF(0)); + tables[0].table->file->index_end(); + DBUG_RETURN(-1); + } + delete_dynamic_element(&acl_users, user_id); + } + tables[0].table->file->index_end(); + } +err: + VOID(pthread_mutex_unlock(&acl_cache->lock)); + rw_unlock(&LOCK_grant); + close_thread_tables(thd); + if (result) + my_error(ER_DROP_USER, MYF(0)); + DBUG_RETURN(result); +} + +int mysql_revoke_all(THD *thd, List <LEX_USER> &list) +{ + uint counter; + int result; + ACL_USER *acl_user; ACL_DB *acl_db; + TABLE_LIST tables[4]; + DBUG_ENTER("mysql_revoke_all"); + + if ((result= open_grant_tables(thd, tables))) + DBUG_RETURN(result == 1 ? 0 : -1); + + rw_wrlock(&LOCK_grant); + VOID(pthread_mutex_lock(&acl_cache->lock)); + + LEX_USER *lex_user; + List_iterator <LEX_USER> user_list(list); + while ((lex_user=user_list++)) + { + if (!(acl_user= check_acl_user(lex_user, &counter))) + { + sql_print_error("REVOKE ALL PRIVILEGES, GRANT: User '%s'@'%s' not exists", + lex_user->user.str, + lex_user->host.str); + result= -1; + continue; + } + + if (replace_user_table(thd, tables[0].table, + *lex_user, ~0, 1, 0)) + { + result= -1; + continue; + } + + /* Remove db access privileges */ + for (counter= 0 ; counter < acl_dbs.elements ; counter++) + { + const char *user,*host; + + acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*); + if (!(user=acl_db->user)) + user=""; + if (!(host=acl_db->host.hostname)) + host=""; + + if (!strcmp(lex_user->user.str,user) && + !my_strcasecmp(system_charset_info, lex_user->host.str, host)) + { + if (replace_db_table(tables[1].table, acl_db->db, *lex_user, ~0, 1)) + result= -1; + } + } + + /* Remove column access */ + for (counter= 0 ; counter < column_priv_hash.records ; counter++) + { + const char *user,*host; + GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash, + counter); + if (!(user=grant_table->user)) + user=""; + if (!(host=grant_table->host)) + host=""; + + if (!strcmp(lex_user->user.str,user) && + !my_strcasecmp(system_charset_info, lex_user->host.str, host)) + { + if (replace_table_table(thd,grant_table,tables[2].table,*lex_user, + grant_table->db, + grant_table->tname, + ~0, 0, 1)) + { + result= -1; + continue; + } + if (grant_table->cols) + { + List<LEX_COLUMN> columns; + if (replace_column_table(grant_table,tables[3].table, *lex_user, + columns, + grant_table->db, + grant_table->tname, + ~0, 1)) + result= -1; + } + } + } + } + + VOID(pthread_mutex_unlock(&acl_cache->lock)); + rw_unlock(&LOCK_grant); + close_thread_tables(thd); + if (result) + my_error(ER_REVOKE_GRANTS, MYF(0)); + DBUG_RETURN(result); +} /***************************************************************************** diff --git a/sql/sql_acl.h b/sql/sql_acl.h index d85a281cbb5..e6c6771253c 100644 --- a/sql/sql_acl.h +++ b/sql/sql_acl.h @@ -163,3 +163,5 @@ ulong get_column_grant(THD *thd, TABLE_LIST *table, Field *field); int mysql_show_grants(THD *thd, LEX_USER *user); void get_privilege_desc(char *to, uint max_length, ulong access); void get_mqh(const char *user, const char *host, USER_CONN *uc); +int mysql_drop_user(THD *thd, List <LEX_USER> &list); +int mysql_revoke_all(THD *thd, List <LEX_USER> &list); diff --git a/sql/sql_lex.h b/sql/sql_lex.h index f31b3305e07..a01c98bb283 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -71,7 +71,7 @@ enum enum_sql_command { SQLCOM_SHOW_BINLOG_EVENTS, SQLCOM_SHOW_NEW_MASTER, SQLCOM_DO, SQLCOM_SHOW_WARNS, SQLCOM_EMPTY_QUERY, SQLCOM_SHOW_ERRORS, SQLCOM_SHOW_COLUMN_TYPES, SQLCOM_SHOW_TABLE_TYPES, SQLCOM_SHOW_PRIVILEGES, - SQLCOM_HELP, + SQLCOM_HELP, SQLCOM_DROP_USER, SQLCOM_REVOKE_ALL, /* This should be the last !!! */ SQLCOM_END diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 9ebb6305f70..fd3d359f0c8 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -2897,6 +2897,38 @@ mysql_execute_command(THD *thd) res= -1; #endif break; + case SQLCOM_DROP_USER: + { + if (check_access(thd, GRANT_ACL,"mysql",0,1)) + break; + if (!(res= mysql_drop_user(thd, lex->users_list))) + { + mysql_update_log.write(thd, thd->query, thd->query_length); + if (mysql_bin_log.is_open()) + { + Query_log_event qinfo(thd, thd->query, thd->query_length, 0); + mysql_bin_log.write(&qinfo); + } + send_ok(thd); + } + break; + } + case SQLCOM_REVOKE_ALL: + { + if (check_access(thd, GRANT_ACL ,"mysql",0,1)) + break; + if (!(res = mysql_revoke_all(thd, lex->users_list))) + { + mysql_update_log.write(thd, thd->query, thd->query_length); + if (mysql_bin_log.is_open()) + { + Query_log_event qinfo(thd, thd->query, thd->query_length, 0); + mysql_bin_log.write(&qinfo); + } + send_ok(thd); + } + break; + } case SQLCOM_REVOKE: case SQLCOM_GRANT: { diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 1002d06be88..fbc7e9deb36 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -3215,7 +3215,7 @@ do: DO_SYM ; /* - Drop : delete tables or index + Drop : delete tables or index or user */ drop: @@ -3249,7 +3249,16 @@ drop: LEX *lex=Lex; lex->sql_command = SQLCOM_DROP_FUNCTION; lex->udf.name = $3; - }; + } + | DROP USER + { + LEX *lex=Lex; + lex->sql_command = SQLCOM_DROP_USER; + lex->users_list.empty(); + } + user_list + {} + ; table_list: @@ -4177,8 +4186,10 @@ user: THD *thd= YYTHD; if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user)))) YYABORT; - $$->user = $1; $$->host.str=NullS; - } + $$->user = $1; + $$->host.str= (char *) "%"; + $$->host.length= 1; + } | ident_or_text '@' ident_or_text { THD *thd= YYTHD; @@ -4361,6 +4372,7 @@ keyword: | UDF_SYM {} | UNCOMMITTED_SYM {} | UNICODE_SYM {} + | USER {} | USE_FRM {} | VARIABLES {} | VALUE_SYM {} @@ -4632,8 +4644,18 @@ revoke: lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0; bzero((char*) &lex->mqh, sizeof(lex->mqh)); } + revoke_command + {} + ; + +revoke_command: grant_privileges ON opt_table FROM user_list {} + | + ALL PRIVILEGES ',' GRANT FROM user_list + { + Lex->sql_command = SQLCOM_REVOKE_ALL; + } ; grant: |