summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mysql-test/r/alter_user.result79
-rw-r--r--mysql-test/r/create_user.result72
-rw-r--r--mysql-test/t/alter_user.test71
-rw-r--r--mysql-test/t/create_user.test58
-rw-r--r--sql/sql_acl.cc51
-rw-r--r--sql/sql_yacc.yy3
6 files changed, 331 insertions, 3 deletions
diff --git a/mysql-test/r/alter_user.result b/mysql-test/r/alter_user.result
new file mode 100644
index 00000000000..2acc2493acb
--- /dev/null
+++ b/mysql-test/r/alter_user.result
@@ -0,0 +1,79 @@
+select * from mysql.user where user = 'root' and host = 'localhost';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+localhost root Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y 0 0 0 0 N N 0.000000
+# Test syntax
+#
+# These 2 selects should have no changes from the first one.
+alter user CURRENT_USER;
+select * from mysql.user where user = 'root' and host = 'localhost';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+localhost root Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y 0 0 0 0 N N 0.000000
+alter user CURRENT_USER();
+select * from mysql.user where user = 'root' and host = 'localhost';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+localhost root Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y 0 0 0 0 N N 0.000000
+create user foo;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N N 0.000000
+alter user foo;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N N 0.000000
+# Test super privilege works correctly with a read only database.
+SET @start_read_only = @@global.read_only;
+SET GLOBAL read_only=1;
+grant create user on *.* to foo;
+# Currently no super privileges.
+connect a, localhost, foo;
+select @@global.read_only;
+@@global.read_only
+1
+alter user foo;
+ERROR HY000: The MariaDB server is running with the --read-only option so it cannot execute this statement
+# Grant super privilege to the user.
+connection default;
+grant super on *.* to foo;
+# We now have super privilege. We should be able to run alter user.
+connect b, localhost, foo;
+alter user foo;
+connection default;
+SET GLOBAL read_only = @start_read_only;
+# Test inexistant user.
+alter user boo;
+ERROR HY000: Operation ALTER USER failed for 'boo'
+#--warning ER_CANNOT_USER
+alter if exists user boo;
+Warnings:
+Error 1133 Can't find any matching row in the user table
+Note 1396 Operation ALTER USER failed for 'boo'
+# Test SSL related altering.
+alter user foo identified by 'something';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *88C89BE093D4ECF72D039F62EBB7477EA1FD4D63 N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 0 0 0 0 N N 0.000000
+alter user foo identified by 'something2';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *9CD58369E930E28C8996A89DB18B63294E6DC10C N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 0 0 0 0 N N 0.000000
+alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *88C89BE093D4ECF72D039F62EBB7477EA1FD4D63 N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 0 0 0 0 N N 0.000000
+alter user foo identified with 'somecoolplugin';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 0 0 0 0 somecoolplugin N N 0.000000
+alter user foo identified with 'somecoolplugin' using 'somecoolpassphrase';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 0 0 0 0 somecoolplugin somecoolpassphrase N N 0.000000
+# Test resource limits altering.
+alter user foo with MAX_QUERIES_PER_HOUR 10
+MAX_UPDATES_PER_HOUR 20
+MAX_CONNECTIONS_PER_HOUR 30
+MAX_USER_CONNECTIONS 40;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N Y N N N N N N N N N Y N N N 10 20 30 40 somecoolplugin somecoolpassphrase N N 0.000000
+drop user foo;
diff --git a/mysql-test/r/create_user.result b/mysql-test/r/create_user.result
new file mode 100644
index 00000000000..1411f2e8792
--- /dev/null
+++ b/mysql-test/r/create_user.result
@@ -0,0 +1,72 @@
+create user foo;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require SSL;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N ANY 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require X509;
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N X509 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require CIPHER 'cipher';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED cipher 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require ISSUER 'issuer';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED issuer 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require SUBJECT 'subject';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED subject 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require CIPHER 'cipher'
+ SUBJECT 'subject';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED cipher subject 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo identified by 'password' require CIPHER 'cipher'
+AND SUBJECT 'subject'
+ AND ISSUER 'issuer';
+select * from mysql.user where user = 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED cipher issuer subject 0 0 0 0 N N 0.000000
+drop user foo;
+create user foo, foo2 identified by 'password' require CIPHER 'cipher'
+AND SUBJECT 'subject'
+ AND ISSUER 'issuer';
+select * from mysql.user where user like 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED cipher issuer subject 0 0 0 0 N N 0.000000
+#--warning ER_USER_CREATE_EXISTS
+create user if not exists foo, foo2 identified by 'password2'
+ require CIPHER 'cipher2' AND SUBJECT 'subject2' AND ISSUER 'issuer2';
+Warnings:
+Note 1973 Can't create user 'foo'@'%'; it already exists
+Note 1973 Can't create user 'foo2'@'%'; it already exists
+select * from mysql.user where user like 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED cipher issuer subject 0 0 0 0 N N 0.000000
+drop user foo, foo2;
+create user foo with MAX_QUERIES_PER_HOUR 10
+MAX_UPDATES_PER_HOUR 20
+MAX_CONNECTIONS_PER_HOUR 30
+MAX_USER_CONNECTIONS 40;
+select * from mysql.user where user like 'foo';
+Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string password_expired is_role default_role max_statement_time
+% foo N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 40 N N 0.000000
+drop user foo;
diff --git a/mysql-test/t/alter_user.test b/mysql-test/t/alter_user.test
new file mode 100644
index 00000000000..3a3a7d74ba5
--- /dev/null
+++ b/mysql-test/t/alter_user.test
@@ -0,0 +1,71 @@
+--source include/not_embedded.inc
+--enable_connect_log
+
+
+select * from mysql.user where user = 'root' and host = 'localhost';
+--echo # Test syntax
+--echo #
+--echo # These 2 selects should have no changes from the first one.
+alter user CURRENT_USER;
+select * from mysql.user where user = 'root' and host = 'localhost';
+alter user CURRENT_USER();
+select * from mysql.user where user = 'root' and host = 'localhost';
+
+create user foo;
+select * from mysql.user where user = 'foo';
+alter user foo;
+select * from mysql.user where user = 'foo';
+
+--echo # Test super privilege works correctly with a read only database.
+SET @start_read_only = @@global.read_only;
+SET GLOBAL read_only=1;
+grant create user on *.* to foo;
+
+--echo # Currently no super privileges.
+connect (a, localhost, foo);
+select @@global.read_only;
+
+--error ER_OPTION_PREVENTS_STATEMENT
+alter user foo;
+
+--echo # Grant super privilege to the user.
+connection default;
+grant super on *.* to foo;
+
+--echo # We now have super privilege. We should be able to run alter user.
+connect (b, localhost, foo);
+alter user foo;
+
+connection default;
+SET GLOBAL read_only = @start_read_only;
+
+--echo # Test inexistant user.
+--error ER_CANNOT_USER
+alter user boo;
+--echo #--warning ER_CANNOT_USER
+alter if exists user boo;
+
+--echo # Test SSL related altering.
+alter user foo identified by 'something';
+select * from mysql.user where user = 'foo';
+
+alter user foo identified by 'something2';
+select * from mysql.user where user = 'foo';
+
+alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';
+select * from mysql.user where user = 'foo';
+
+alter user foo identified with 'somecoolplugin';
+select * from mysql.user where user = 'foo';
+
+alter user foo identified with 'somecoolplugin' using 'somecoolpassphrase';
+select * from mysql.user where user = 'foo';
+
+--echo # Test resource limits altering.
+alter user foo with MAX_QUERIES_PER_HOUR 10
+ MAX_UPDATES_PER_HOUR 20
+ MAX_CONNECTIONS_PER_HOUR 30
+ MAX_USER_CONNECTIONS 40;
+select * from mysql.user where user = 'foo';
+drop user foo;
+--disable_connect_log
diff --git a/mysql-test/t/create_user.test b/mysql-test/t/create_user.test
new file mode 100644
index 00000000000..f04cb3e302a
--- /dev/null
+++ b/mysql-test/t/create_user.test
@@ -0,0 +1,58 @@
+--source include/not_embedded.inc
+
+create user foo;
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require SSL;
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require X509;
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require CIPHER 'cipher';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require ISSUER 'issuer';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require SUBJECT 'subject';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require CIPHER 'cipher'
+ SUBJECT 'subject';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo identified by 'password' require CIPHER 'cipher'
+ AND SUBJECT 'subject'
+ AND ISSUER 'issuer';
+select * from mysql.user where user = 'foo';
+drop user foo;
+
+create user foo, foo2 identified by 'password' require CIPHER 'cipher'
+ AND SUBJECT 'subject'
+ AND ISSUER 'issuer';
+select * from mysql.user where user like 'foo';
+
+--echo #--warning ER_USER_CREATE_EXISTS
+create user if not exists foo, foo2 identified by 'password2'
+ require CIPHER 'cipher2' AND SUBJECT 'subject2' AND ISSUER 'issuer2';
+select * from mysql.user where user like 'foo';
+drop user foo, foo2;
+
+create user foo with MAX_QUERIES_PER_HOUR 10
+ MAX_UPDATES_PER_HOUR 20
+ MAX_CONNECTIONS_PER_HOUR 30
+ MAX_USER_CONNECTIONS 40;
+select * from mysql.user where user like 'foo';
+drop user foo;
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 9178b1f8cc3..24f4042d2a5 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -9851,13 +9851,60 @@ bool mysql_rename_user(THD *thd, List <LEX_USER> &list)
RETURN
> 0 Error. Error message already sent.
0 OK.
- < 0 Error. Error message not yet sent.
*/
int mysql_alter_user(THD* thd, List<LEX_USER> &users_list)
{
DBUG_ENTER("mysql_alter_user");
int result= 0;
- // TODO implement the alter user logic.
+ TABLE_LIST tables[TABLES_MAX];
+ String wrong_users;
+ // The only table we're altering is the user table.
+ if ((result= open_grant_tables(thd, tables, TL_WRITE, Table_user)))
+ DBUG_RETURN(result);
+
+ // Lock ACL data structures until we finish altering all users.
+ mysql_rwlock_wrlock(&LOCK_grant);
+ mysql_mutex_lock(&acl_cache->lock);
+
+ LEX_USER *tmp_lex_user;
+ List_iterator<LEX_USER> users_list_iterator(users_list);
+ while ((tmp_lex_user= users_list_iterator++))
+ {
+ LEX_USER* lex_user= get_current_user(thd, tmp_lex_user, false);
+ if (!lex_user ||
+ fix_lex_user(thd, lex_user) ||
+ replace_user_table(thd, tables[USER_TABLE].table, *lex_user,0,
+ false, false, true))
+ {
+ thd->clear_error();
+ append_user(thd, &wrong_users, tmp_lex_user);
+ result= TRUE;
+ continue;
+ }
+ }
+
+ // Unlock ACL data structures.
+ mysql_mutex_unlock(&acl_cache->lock);
+ mysql_rwlock_unlock(&LOCK_grant);
+
+ if (result)
+ {
+ // 'if exists' flag leads to warnings instead of errors.
+ if (thd->lex->create_info.if_exists())
+ {
+ push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE,
+ ER_CANNOT_USER,
+ ER_THD(thd, ER_CANNOT_USER),
+ "ALTER USER", wrong_users.c_ptr_safe());
+ result= FALSE;
+ }
+ else
+ {
+ my_error(ER_CANNOT_USER, MYF(0),
+ "ALTER USER",
+ wrong_users.c_ptr_safe());
+ }
+ }
DBUG_RETURN(result);
}
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index 0cb13fe5a2b..dd9f2fdf0ae 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -7107,9 +7107,10 @@ alter:
lex->sql_command= SQLCOM_ALTER_SERVER;
lex->server_options.reset($3);
} OPTIONS_SYM '(' server_options_list ')' { }
- | ALTER opt_if_exists USER clear_privileges user_list
+ | ALTER opt_if_exists USER clear_privileges grant_list
require_clause resource_options
{
+ Lex->create_info.set($2);
Lex->sql_command= SQLCOM_ALTER_USER;
}
;