summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--mysql-test/main/lock_user.result29
-rw-r--r--mysql-test/main/lock_user.test19
-rw-r--r--sql/sql_yacc.yy35
3 files changed, 69 insertions, 14 deletions
diff --git a/mysql-test/main/lock_user.result b/mysql-test/main/lock_user.result
index a0d2b40572c..7d9aeebb7aa 100644
--- a/mysql-test/main/lock_user.result
+++ b/mysql-test/main/lock_user.result
@@ -139,4 +139,33 @@ show create user user1@localhost;
CREATE USER for user1@localhost
CREATE USER `user1`@`localhost` ACCOUNT LOCK PASSWORD EXPIRE
drop user user1@localhost;
+#
+# MDEV-24098 CREATE USER/ALTER USER PASSWORD EXPIRE/LOCK in
+# either order.
+#
+create user user1@localhost PASSWORD EXPIRE ACCOUNT LOCK;
+show create user user1@localhost;
+CREATE USER for user1@localhost
+CREATE USER `user1`@`localhost` ACCOUNT LOCK PASSWORD EXPIRE
+drop user user1@localhost;
+create user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE;
+show create user user1@localhost;
+CREATE USER for user1@localhost
+CREATE USER `user1`@`localhost` ACCOUNT LOCK PASSWORD EXPIRE
+alter user user1@localhost PASSWORD EXPIRE NEVER ACCOUNT UNLOCK ;
+show create user user1@localhost;
+CREATE USER for user1@localhost
+CREATE USER `user1`@`localhost` PASSWORD EXPIRE
+alter user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE DEFAULT;
+show create user user1@localhost;
+CREATE USER for user1@localhost
+CREATE USER `user1`@`localhost` ACCOUNT LOCK PASSWORD EXPIRE
+alter user user1@localhost PASSWORD EXPIRE INTERVAL 60 DAY ACCOUNT UNLOCK;
+select * from mysql.global_priv where user='user1';
+Host User Priv
+localhost user1 {"access":0,"plugin":"mysql_native_password","authentication_string":"","account_locked":false,"password_last_changed":0,"password_lifetime":60}
+show create user user1@localhost;
+CREATE USER for user1@localhost
+CREATE USER `user1`@`localhost` PASSWORD EXPIRE
+drop user user1@localhost;
drop user user2@localhost;
diff --git a/mysql-test/main/lock_user.test b/mysql-test/main/lock_user.test
index 504c6c5ac10..530883f33ef 100644
--- a/mysql-test/main/lock_user.test
+++ b/mysql-test/main/lock_user.test
@@ -143,6 +143,25 @@ alter user user1@localhost account lock;
--echo #
alter user user1@localhost PASSWORD EXPIRE;
show create user user1@localhost;
+drop user user1@localhost;
+
+--echo #
+--echo # MDEV-24098 CREATE USER/ALTER USER PASSWORD EXPIRE/LOCK in
+--echo # either order.
+--echo #
+create user user1@localhost PASSWORD EXPIRE ACCOUNT LOCK;
+show create user user1@localhost;
+drop user user1@localhost;
+create user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE;
+show create user user1@localhost;
+alter user user1@localhost PASSWORD EXPIRE NEVER ACCOUNT UNLOCK ;
+show create user user1@localhost;
+alter user user1@localhost ACCOUNT LOCK PASSWORD EXPIRE DEFAULT;
+show create user user1@localhost;
+# note output needs to be corrected by MDEV-24114: password expire users cannot be unexpired
+alter user user1@localhost PASSWORD EXPIRE INTERVAL 60 DAY ACCOUNT UNLOCK;
+select * from mysql.global_priv where user='user1';
+show create user user1@localhost;
drop user user1@localhost;
drop user user2@localhost;
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index 3e3674d03ea..47102c3c6aa 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -2902,7 +2902,7 @@ create:
MYSQL_YYABORT;
}
| create_or_replace USER_SYM opt_if_not_exists clear_privileges
- grant_list opt_require_clause opt_resource_options opt_account_locking opt_password_expiration
+ grant_list opt_require_clause opt_resource_options opt_account_locking_and_opt_password_expiration
{
if (unlikely(Lex->set_command_with_check(SQLCOM_CREATE_USER,
$1 | $3)))
@@ -8032,7 +8032,7 @@ alter:
} OPTIONS_SYM '(' server_options_list ')' { }
/* ALTER USER foo is allowed for MySQL compatibility. */
| ALTER USER_SYM opt_if_exists clear_privileges grant_list
- opt_require_clause opt_resource_options opt_account_locking opt_password_expiration
+ opt_require_clause opt_resource_options opt_account_locking_and_opt_password_expiration
{
Lex->create_info.set($3);
Lex->sql_command= SQLCOM_ALTER_USER;
@@ -8071,39 +8071,46 @@ alter:
}
;
-opt_account_locking:
- /* Nothing */ {}
- | ACCOUNT_SYM LOCK_SYM
+account_locking_option:
+ LOCK_SYM
{
Lex->account_options.account_locked= ACCOUNTLOCK_LOCKED;
}
- | ACCOUNT_SYM UNLOCK_SYM
+ | UNLOCK_SYM
{
Lex->account_options.account_locked= ACCOUNTLOCK_UNLOCKED;
}
;
-opt_password_expiration:
- /* Nothing */ {}
- | PASSWORD_SYM EXPIRE_SYM
+
+opt_password_expire_option:
+ /* empty */
{
Lex->account_options.password_expire= PASSWORD_EXPIRE_NOW;
}
- | PASSWORD_SYM EXPIRE_SYM NEVER_SYM
+ | NEVER_SYM
{
Lex->account_options.password_expire= PASSWORD_EXPIRE_NEVER;
}
- | PASSWORD_SYM EXPIRE_SYM DEFAULT
+ | DEFAULT
{
Lex->account_options.password_expire= PASSWORD_EXPIRE_DEFAULT;
}
- | PASSWORD_SYM EXPIRE_SYM INTERVAL_SYM NUM DAY_SYM
+ | INTERVAL_SYM NUM DAY_SYM
{
Lex->account_options.password_expire= PASSWORD_EXPIRE_INTERVAL;
- if (!(Lex->account_options.num_expiration_days= atoi($4.str)))
- my_yyabort_error((ER_WRONG_VALUE, MYF(0), "DAY", $4.str));
+ if (!(Lex->account_options.num_expiration_days= atoi($2.str)))
+ my_yyabort_error((ER_WRONG_VALUE, MYF(0), "DAY", $2.str));
}
;
+opt_account_locking_and_opt_password_expiration:
+ /* empty */
+ | ACCOUNT_SYM account_locking_option
+ | PASSWORD_SYM EXPIRE_SYM opt_password_expire_option
+ | ACCOUNT_SYM account_locking_option PASSWORD_SYM EXPIRE_SYM opt_password_expire_option
+ | PASSWORD_SYM EXPIRE_SYM opt_password_expire_option ACCOUNT_SYM account_locking_option
+ ;
+
ev_alter_on_schedule_completion:
/* empty */ { $$= 0;}
| ON SCHEDULE_SYM ev_schedule_time { $$= 1; }
View Lorry Controller Status