diff options
| -rw-r--r-- | mysql-test/r/information_schema.result | 18 | ||||
| -rw-r--r-- | mysql-test/t/information_schema.test | 19 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 10 | ||||
| -rw-r--r-- | sql/sql_show.cc | 4 |
4 files changed, 34 insertions, 17 deletions
diff --git a/mysql-test/r/information_schema.result b/mysql-test/r/information_schema.result index 26ebf492eb2..0aa5e759207 100644 --- a/mysql-test/r/information_schema.result +++ b/mysql-test/r/information_schema.result @@ -3,6 +3,8 @@ Variable_name Value skip_show_database OFF grant select, update, execute on test.* to mysqltest_2@localhost; grant select, update on test.* to mysqltest_1@localhost; +create user mysqltest_3@localhost; +create user mysqltest_3; select * from information_schema.SCHEMATA where schema_name > 'm'; CATALOG_NAME SCHEMA_NAME DEFAULT_CHARACTER_SET_NAME DEFAULT_COLLATION_NAME SQL_PATH NULL mysql latin1 latin1_swedish_ci NULL @@ -154,7 +156,9 @@ NULL mysqltest t1 a 1 NULL YES int NULL NULL 11 0 NULL NULL int(11) select,ins show columns from mysqltest.t1 where field like "%a%"; Field Type Null Key Default Extra a int(11) YES NULL +create view mysqltest.v1 (c) as select a from mysqltest.t1; grant select (a) on mysqltest.t1 to mysqltest_2@localhost; +grant select on mysqltest.v1 to mysqltest_3; select table_name, column_name, privileges from information_schema.columns where table_schema = 'mysqltest' and table_name = 't1'; table_name column_name privileges @@ -163,7 +167,11 @@ show columns from mysqltest.t1; Field Type Null Key Default Extra a int(11) YES NULL b varchar(30) YES MUL NULL -drop view v1; +select table_name, column_name, privileges from information_schema.columns +where table_schema = 'mysqltest' and table_name = 'v1'; +table_name column_name privileges +v1 c select +drop view v1, mysqltest.v1; drop tables mysqltest.t4, mysqltest.t1, t2, t3; drop database mysqltest; select * from information_schema.CHARACTER_SETS @@ -376,10 +384,10 @@ GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRAN 'mysqltest_1'@'localhost' NULL test t1 a INSERT NO 'mysqltest_1'@'localhost' NULL test t1 a UPDATE NO 'mysqltest_1'@'localhost' NULL test t1 a REFERENCES NO -delete from mysql.user where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.db where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.tables_priv where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.columns_priv where user='mysqltest_1' or user='mysqltest_2'; +delete from mysql.user where user like 'mysqltest%'; +delete from mysql.db where user like 'mysqltest%'; +delete from mysql.tables_priv where user like 'mysqltest%'; +delete from mysql.columns_priv where user like 'mysqltest%'; flush privileges; drop table t1; create table t1 (a int null, primary key(a)); diff --git a/mysql-test/t/information_schema.test b/mysql-test/t/information_schema.test index b4cc118c62f..1739604372a 100644 --- a/mysql-test/t/information_schema.test +++ b/mysql-test/t/information_schema.test @@ -7,6 +7,9 @@ show variables where variable_name like "skip_show_database"; grant select, update, execute on test.* to mysqltest_2@localhost; grant select, update on test.* to mysqltest_1@localhost; +create user mysqltest_3@localhost; +create user mysqltest_3; + select * from information_schema.SCHEMATA where schema_name > 'm'; select schema_name from information_schema.schemata; @@ -53,15 +56,21 @@ select * from information_schema.COLUMNS where table_name="t1" and column_name= "a"; show columns from mysqltest.t1 where field like "%a%"; +create view mysqltest.v1 (c) as select a from mysqltest.t1; grant select (a) on mysqltest.t1 to mysqltest_2@localhost; +grant select on mysqltest.v1 to mysqltest_3; connect (user3,localhost,mysqltest_2,,); connection user3; select table_name, column_name, privileges from information_schema.columns where table_schema = 'mysqltest' and table_name = 't1'; show columns from mysqltest.t1; +connect (user4,localhost,mysqltest_3,,mysqltest); +connection user4; +select table_name, column_name, privileges from information_schema.columns +where table_schema = 'mysqltest' and table_name = 'v1'; connection default; -drop view v1; +drop view v1, mysqltest.v1; drop tables mysqltest.t4, mysqltest.t1, t2, t3; drop database mysqltest; @@ -176,10 +185,10 @@ select * from information_schema.USER_PRIVILEGES where grantee like '%mysqltest_ select * from information_schema.SCHEMA_PRIVILEGES where grantee like '%mysqltest_1%'; select * from information_schema.TABLE_PRIVILEGES where grantee like '%mysqltest_1%'; select * from information_schema.COLUMN_PRIVILEGES where grantee like '%mysqltest_1%'; -delete from mysql.user where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.db where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.tables_priv where user='mysqltest_1' or user='mysqltest_2'; -delete from mysql.columns_priv where user='mysqltest_1' or user='mysqltest_2'; +delete from mysql.user where user like 'mysqltest%'; +delete from mysql.db where user like 'mysqltest%'; +delete from mysql.tables_priv where user like 'mysqltest%'; +delete from mysql.columns_priv where user like 'mysqltest%'; flush privileges; drop table t1; diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index c0bbc4d481a..ca9ba7611e6 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -63,8 +63,7 @@ static bool allow_all_hosts=1; static HASH acl_check_hosts, column_priv_hash, proc_priv_hash; static DYNAMIC_ARRAY acl_wild_hosts; static hash_filo *acl_cache; -static uint grant_version=0; -static uint priv_version=0; /* Version of priv tables. incremented by acl_init */ +static uint grant_version=0; /* Version of priv tables. incremented by acl_init */ static ulong get_access(TABLE *form,uint fieldnr, uint *next_field=0); static int acl_compare(ACL_ACCESS *a,ACL_ACCESS *b); static ulong get_sort(uint count,...); @@ -153,7 +152,7 @@ my_bool acl_init(THD *org_thd, bool dont_read_acl_tables) DBUG_RETURN(0); /* purecov: tested */ } - priv_version++; /* Privileges updated */ + grant_version++; /* Privileges updated */ mysql_proc_table_exists= 1; // Assume mysql.proc exists /* @@ -2721,6 +2720,7 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table_list, rw_wrlock(&LOCK_grant); MEM_ROOT *old_root= thd->mem_root; thd->mem_root= &memex; + grant_version++; while ((Str = str_list++)) { @@ -3689,9 +3689,9 @@ ulong get_column_grant(THD *thd, GRANT_INFO *grant, grant_column= column_hash_search(grant_table, field_name, (uint) strlen(field_name)); if (!grant_column) - priv= grant->privilege; + priv= (grant->privilege | grant_table->privs); else - priv= grant->privilege | grant_column->rights; + priv= (grant->privilege | grant_table->privs | grant_column->rights); } rw_unlock(&LOCK_grant); return priv; diff --git a/sql/sql_show.cc b/sql/sql_show.cc index f48a8d67d54..ceb98740298 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2303,8 +2303,8 @@ static int get_schema_column_record(THD *thd, struct st_table_list *tables, uint col_access; check_access(thd,SELECT_ACL | EXTRA_ACL, base_name, &tables->grant.privilege, 0, 0); - col_access= get_column_grant(thd, &tables->grant, tables->db, - tables->table_name, + col_access= get_column_grant(thd, &tables->grant, + base_name, file_name, field->field_name) & COL_ACLS; if (lex->orig_sql_command != SQLCOM_SHOW_FIELDS && !col_access) continue; |