diff options
| -rw-r--r-- | mysql-test/r/timezone2.result | 36 | ||||
| -rw-r--r-- | mysql-test/t/timezone2.test | 43 | ||||
| -rw-r--r-- | sql/item_geofunc.cc | 1 | ||||
| -rw-r--r-- | sql/item_strfunc.cc | 1 | ||||
| -rw-r--r-- | sql/log.cc | 1 | ||||
| -rw-r--r-- | sql/mysql_priv.h | 3 | ||||
| -rw-r--r-- | sql/mysqld.cc | 1 | ||||
| -rw-r--r-- | sql/repl_failsafe.cc | 1 | ||||
| -rw-r--r-- | sql/set_var.cc | 1 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 1 | ||||
| -rw-r--r-- | sql/sql_base.cc | 1 | ||||
| -rw-r--r-- | sql/sql_cache.cc | 1 | ||||
| -rw-r--r-- | sql/sql_class.cc | 1 | ||||
| -rw-r--r-- | sql/sql_db.cc | 1 | ||||
| -rw-r--r-- | sql/sql_derived.cc | 1 | ||||
| -rw-r--r-- | sql/sql_do.cc | 1 | ||||
| -rw-r--r-- | sql/sql_insert.cc | 1 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 10 | ||||
| -rw-r--r-- | sql/sql_prepare.cc | 1 | ||||
| -rw-r--r-- | sql/sql_repl.cc | 1 | ||||
| -rw-r--r-- | sql/sql_show.cc | 1 | ||||
| -rw-r--r-- | sql/sql_update.cc | 1 | ||||
| -rw-r--r-- | sql/sql_yacc.yy | 1 | ||||
| -rw-r--r-- | sql/tztime.h | 6 |
24 files changed, 87 insertions, 30 deletions
diff --git a/mysql-test/r/timezone2.result b/mysql-test/r/timezone2.result index 86264bf5b7e..1c98fd18a08 100644 --- a/mysql-test/r/timezone2.result +++ b/mysql-test/r/timezone2.result @@ -1,4 +1,4 @@ -drop table if exists t1; +drop table if exists t1, t2; create table t1 (ts timestamp); set time_zone='+00:00'; select unix_timestamp(utc_timestamp())-unix_timestamp(current_timestamp()); @@ -256,18 +256,50 @@ delete from mysql.db where user like 'mysqltest\_%'; delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; -grant usage on mysqltest.* to mysqltest_1@localhost; +create table t1 (a int, b datetime); +create table t2 (c int, d datetime); +grant all privileges on test.* to mysqltest_1@localhost; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' +GRANT ALL PRIVILEGES ON `test`.* TO 'mysqltest_1'@'localhost' set time_zone= '+00:00'; set time_zone= 'Europe/Moscow'; select convert_tz('2004-10-21 19:00:00', 'Europe/Moscow', 'UTC'); convert_tz('2004-10-21 19:00:00', 'Europe/Moscow', 'UTC') 2004-10-21 15:00:00 +select convert_tz(b, 'Europe/Moscow', 'UTC') from t1; +convert_tz(b, 'Europe/Moscow', 'UTC') +update t1, t2 set t1.b = convert_tz('2004-10-21 19:00:00', 'Europe/Moscow', 'UTC') +where t1.a = t2.c and t2.d = (select max(d) from t2); select * from mysql.time_zone_name; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql' select Name, convert_tz('2004-10-21 19:00:00', Name, 'UTC') from mysql.time_zone_name; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql' +delete from mysql.db where user like 'mysqltest\_%'; +flush privileges; +grant all privileges on test.t1 to mysqltest_1@localhost; +grant all privileges on test.t2 to mysqltest_1@localhost; +show grants for current_user(); +Grants for mysqltest_1@localhost +GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' +GRANT ALL PRIVILEGES ON `test`.`t2` TO 'mysqltest_1'@'localhost' +GRANT ALL PRIVILEGES ON `test`.`t1` TO 'mysqltest_1'@'localhost' +set time_zone= '+00:00'; +set time_zone= 'Europe/Moscow'; +select convert_tz('2004-11-31 12:00:00', 'Europe/Moscow', 'UTC'); +convert_tz('2004-11-31 12:00:00', 'Europe/Moscow', 'UTC') +2004-12-01 09:00:00 +select convert_tz(b, 'Europe/Moscow', 'UTC') from t1; +convert_tz(b, 'Europe/Moscow', 'UTC') +update t1, t2 set t1.b = convert_tz('2004-11-30 12:00:00', 'Europe/Moscow', 'UTC') +where t1.a = t2.c and t2.d = (select max(d) from t2); +select * from mysql.time_zone_name; +ERROR 42000: select command denied to user 'mysqltest_1'@'localhost' for table 'time_zone_name' +select Name, convert_tz('2004-11-30 12:00:00', Name, 'UTC') from mysql.time_zone_name; +ERROR 42000: select command denied to user 'mysqltest_1'@'localhost' for table 'time_zone_name' delete from mysql.user where user like 'mysqltest\_%'; +delete from mysql.db where user like 'mysqltest\_%'; +delete from mysql.tables_priv where user like 'mysqltest\_%'; flush privileges; +drop table t1, t2; diff --git a/mysql-test/t/timezone2.test b/mysql-test/t/timezone2.test index ad8089e1a37..d185a647921 100644 --- a/mysql-test/t/timezone2.test +++ b/mysql-test/t/timezone2.test @@ -2,7 +2,7 @@ # Preparing playground --disable_warnings -drop table if exists t1; +drop table if exists t1, t2; --enable_warnings @@ -205,25 +205,64 @@ drop table t1; # even for unprivileged users. # +# Let us prepare playground delete from mysql.user where user like 'mysqltest\_%'; delete from mysql.db where user like 'mysqltest\_%'; delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; +create table t1 (a int, b datetime); +create table t2 (c int, d datetime); -grant usage on mysqltest.* to mysqltest_1@localhost; +grant all privileges on test.* to mysqltest_1@localhost; connect (tzuser, localhost, mysqltest_1,,); connection tzuser; show grants for current_user(); set time_zone= '+00:00'; set time_zone= 'Europe/Moscow'; select convert_tz('2004-10-21 19:00:00', 'Europe/Moscow', 'UTC'); +select convert_tz(b, 'Europe/Moscow', 'UTC') from t1; +# Let us also check whenever multi-update works ok +update t1, t2 set t1.b = convert_tz('2004-10-21 19:00:00', 'Europe/Moscow', 'UTC') + where t1.a = t2.c and t2.d = (select max(d) from t2); # But still these two statements should not work: --error 1044 select * from mysql.time_zone_name; --error 1044 select Name, convert_tz('2004-10-21 19:00:00', Name, 'UTC') from mysql.time_zone_name; +# +# Test for bug #6765 "Implicit access to time zone description tables +# requires privileges for them if some table or column level grants +# present" +# +connection default; +# Let use some table-level grants instead of db-level +# to make life more interesting +delete from mysql.db where user like 'mysqltest\_%'; +flush privileges; +grant all privileges on test.t1 to mysqltest_1@localhost; +grant all privileges on test.t2 to mysqltest_1@localhost; +# The test itself is almost the same as previous one +connect (tzuser2, localhost, mysqltest_1,,); +connection tzuser2; +show grants for current_user(); +set time_zone= '+00:00'; +set time_zone= 'Europe/Moscow'; +select convert_tz('2004-11-31 12:00:00', 'Europe/Moscow', 'UTC'); +select convert_tz(b, 'Europe/Moscow', 'UTC') from t1; +update t1, t2 set t1.b = convert_tz('2004-11-30 12:00:00', 'Europe/Moscow', 'UTC') + where t1.a = t2.c and t2.d = (select max(d) from t2); +# Again these two statements should not work (but with different errors): +--error 1142 +select * from mysql.time_zone_name; +--error 1142 +select Name, convert_tz('2004-11-30 12:00:00', Name, 'UTC') from mysql.time_zone_name; + +# Clean-up connection default; delete from mysql.user where user like 'mysqltest\_%'; +delete from mysql.db where user like 'mysqltest\_%'; +delete from mysql.tables_priv where user like 'mysqltest\_%'; flush privileges; +drop table t1, t2; diff --git a/sql/item_geofunc.cc b/sql/item_geofunc.cc index 7c3319bbfea..2f00416bddf 100644 --- a/sql/item_geofunc.cc +++ b/sql/item_geofunc.cc @@ -24,7 +24,6 @@ #include "mysql_priv.h" #ifdef HAVE_SPATIAL -#include "sql_acl.h" #include <m_ctype.h> void Item_geometry_func::fix_length_and_dec() diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc index 5a23eec5a1b..ebd794f1e76 100644 --- a/sql/item_strfunc.cc +++ b/sql/item_strfunc.cc @@ -25,7 +25,6 @@ #endif #include "mysql_priv.h" -#include "sql_acl.h" #include <m_ctype.h> #ifdef HAVE_OPENSSL #include <openssl/des.h> diff --git a/sql/log.cc b/sql/log.cc index 460910fcee8..83034c79dde 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -23,7 +23,6 @@ #endif #include "mysql_priv.h" -#include "sql_acl.h" #include "sql_repl.h" #include "ha_innodb.h" // necessary to cut the binlog when crash recovery diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h index 3f55a88b262..46f47e51b6d 100644 --- a/sql/mysql_priv.h +++ b/sql/mysql_priv.h @@ -350,7 +350,6 @@ inline THD *_current_thd(void) #include "sql_udf.h" class user_var_entry; #include "item.h" -#include "tztime.h" typedef Comp_creator* (*chooser_compare_func_creator)(bool invert); /* sql_parse.cc */ void free_items(Item *item); @@ -371,6 +370,8 @@ int create_table_precheck(THD *thd, TABLE_LIST *tables, TABLE_LIST *create_table); Item *negate_expression(THD *thd, Item *expr); #include "sql_class.h" +#include "sql_acl.h" +#include "tztime.h" #include "opt_range.h" #ifdef HAVE_QUERY_CACHE diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 43407b345fa..ccb38b40802 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -17,7 +17,6 @@ #include "mysql_priv.h" #include <m_ctype.h> #include <my_dir.h> -#include "sql_acl.h" #include "slave.h" #include "sql_repl.h" #include "repl_failsafe.h" diff --git a/sql/repl_failsafe.cc b/sql/repl_failsafe.cc index 356ec80608c..85a51ba9b51 100644 --- a/sql/repl_failsafe.cc +++ b/sql/repl_failsafe.cc @@ -20,7 +20,6 @@ #include "repl_failsafe.h" #include "sql_repl.h" #include "slave.h" -#include "sql_acl.h" #include "log_event.h" #include <mysql.h> diff --git a/sql/set_var.cc b/sql/set_var.cc index 2031ac15412..bbc9cf77c9f 100644 --- a/sql/set_var.cc +++ b/sql/set_var.cc @@ -55,7 +55,6 @@ #include "mysql_priv.h" #include <mysql.h> #include "slave.h" -#include "sql_acl.h" #include <my_getopt.h> #include <thr_alarm.h> #include <myisam.h> diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index d6f52fed1d2..b880a7b2b65 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -26,7 +26,6 @@ */ #include "mysql_priv.h" -#include "sql_acl.h" #include "hash_filo.h" #ifdef HAVE_REPLICATION #include "sql_repl.h" //for tables_ok() diff --git a/sql/sql_base.cc b/sql/sql_base.cc index a5db02478ac..a8e1d3020ca 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -18,7 +18,6 @@ /* Basic functions needed by many modules */ #include "mysql_priv.h" -#include "sql_acl.h" #include "sql_select.h" #include <m_ctype.h> #include <my_dir.h> diff --git a/sql/sql_cache.cc b/sql/sql_cache.cc index 1bf8d179770..0e2058d73e9 100644 --- a/sql/sql_cache.cc +++ b/sql/sql_cache.cc @@ -300,7 +300,6 @@ TODO list: #include <m_ctype.h> #include <my_dir.h> #include <hash.h> -#include "sql_acl.h" #include "ha_myisammrg.h" #ifndef MASTER #include "../srclib/myisammrg/myrg_def.h" diff --git a/sql/sql_class.cc b/sql/sql_class.cc index bab81d785c3..1ba34595dd9 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -27,7 +27,6 @@ #endif #include "mysql_priv.h" -#include "sql_acl.h" #include <m_ctype.h> #include <sys/stat.h> #include <thr_alarm.h> diff --git a/sql/sql_db.cc b/sql/sql_db.cc index 350a7432990..cb360859049 100644 --- a/sql/sql_db.cc +++ b/sql/sql_db.cc @@ -19,7 +19,6 @@ #include "mysql_priv.h" #include <mysys_err.h> -#include "sql_acl.h" #include <my_dir.h> #include <m_ctype.h> #ifdef __WIN__ diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc index 3259e0a4f22..9475ec08c96 100644 --- a/sql/sql_derived.cc +++ b/sql/sql_derived.cc @@ -23,7 +23,6 @@ #include "mysql_priv.h" #include "sql_select.h" -#include "sql_acl.h" static int mysql_derived(THD *thd, LEX *lex, SELECT_LEX_UNIT *s, TABLE_LIST *t); diff --git a/sql/sql_do.cc b/sql/sql_do.cc index 0d4529fb29e..af72632199f 100644 --- a/sql/sql_do.cc +++ b/sql/sql_do.cc @@ -18,7 +18,6 @@ /* Execute DO statement */ #include "mysql_priv.h" -#include "sql_acl.h" int mysql_do(THD *thd, List<Item> &values) { diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc index d590d3b5093..f191a4b327a 100644 --- a/sql/sql_insert.cc +++ b/sql/sql_insert.cc @@ -18,7 +18,6 @@ /* Insert of records */ #include "mysql_priv.h" -#include "sql_acl.h" static int check_null_fields(THD *thd,TABLE *entry); #ifndef EMBEDDED_LIBRARY diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index e066e447345..3dec17ae8ba 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -15,7 +15,6 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #include "mysql_priv.h" -#include "sql_acl.h" #include "sql_repl.h" #include "repl_failsafe.h" #include <m_ctype.h> @@ -3571,7 +3570,7 @@ error: /* Check grants for commands which work only with one table and all other - tables belong to subselects. + tables belonging to subselects or implicitly opened tables. SYNOPSIS check_one_table_access() @@ -3593,7 +3592,7 @@ int check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables) if (grant_option && check_grant(thd, privilege, tables, 0, 1, 0)) return 1; - /* Check rights on tables of subselect (if exists) */ + /* Check rights on tables of subselects and implictly opened tables */ TABLE_LIST *subselects_tables; if ((subselects_tables= tables->next)) { @@ -5229,7 +5228,10 @@ int multi_update_precheck(THD *thd, TABLE_LIST *tables) DBUG_PRINT("info",("Checking sub query list")); for (table= tables; table; table= table->next) { - if (table->table_in_update_from_clause) + if (my_tz_check_n_skip_implicit_tables(&table, + lex->time_zone_tables_used)) + continue; + else if (table->table_in_update_from_clause) { /* If we check table by local TABLE_LIST copy then we should copy diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index a790e6fe9d8..69e3cddfdde 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -68,7 +68,6 @@ Long data handling: ***********************************************************************/ #include "mysql_priv.h" -#include "sql_acl.h" #include "sql_select.h" // for JOIN #include <m_ctype.h> // for isspace() #ifdef EMBEDDED_LIBRARY diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index bbcea537ff1..6854cb24ee9 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -18,7 +18,6 @@ #ifdef HAVE_REPLICATION #include "sql_repl.h" -#include "sql_acl.h" #include "log_event.h" #include <my_dir.h> diff --git a/sql/sql_show.cc b/sql/sql_show.cc index bda490e2916..4454499c1fc 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -19,7 +19,6 @@ #include "mysql_priv.h" #include "sql_select.h" // For select_describe -#include "sql_acl.h" #include "repl_failsafe.h" #include <my_dir.h> diff --git a/sql/sql_update.cc b/sql/sql_update.cc index d3597f274dc..4a225913eaa 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -21,7 +21,6 @@ */ #include "mysql_priv.h" -#include "sql_acl.h" #include "sql_select.h" static bool safe_update_on_fly(JOIN_TAB *join_tab, List<Item> *fields); diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index 8cbfaf3f99b..03acc81b5ab 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -32,7 +32,6 @@ #define Select Lex->current_select #include "mysql_priv.h" #include "slave.h" -#include "sql_acl.h" #include "lex_symbol.h" #include "item_create.h" #include <myisam.h> diff --git a/sql/tztime.h b/sql/tztime.h index 9f969639bd0..2214c1b29d6 100644 --- a/sql/tztime.h +++ b/sql/tztime.h @@ -66,8 +66,8 @@ extern void my_tz_free(); /* - Check if we have pointer to the beggining of list of implictly used - time zone tables and fast-forward to its end. + Check if we have pointer to the begining of list of implicitly used time + zone tables, set SELECT_ACL for them and fast-forward to its end. SYNOPSIS my_tz_check_n_skip_implicit_tables() @@ -87,6 +87,8 @@ inline bool my_tz_check_n_skip_implicit_tables(TABLE_LIST **table, { if (*table == tz_tables) { + for (int i= 0; i < 4; i++) + (*table)[i].grant.privilege= SELECT_ACL; (*table)+= 3; return TRUE; } |