diff options
| -rw-r--r-- | mysql-test/r/grant.result | 9 | ||||
| -rw-r--r-- | mysql-test/t/grant.test | 10 | ||||
| -rw-r--r-- | sql/sql_update.cc | 2 |
3 files changed, 12 insertions, 9 deletions
diff --git a/mysql-test/r/grant.result b/mysql-test/r/grant.result index dffa4988ea7..1960f3a76b9 100644 --- a/mysql-test/r/grant.result +++ b/mysql-test/r/grant.result @@ -383,7 +383,7 @@ GRANT SELECT (c) ON `mysqltest_2`.`t1` TO 'mysqltest_3'@'localhost' update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1; ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'q' in table 't1' update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1; -ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'd' in table 't2' +ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 't1' update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1; ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1' update mysqltest_2.t1, mysqltest_2.t2 set d=10 where s=2; @@ -402,6 +402,7 @@ revoke all on mysqltest_2.t1 from mysqltest_3@localhost; revoke all on mysqltest_2.t2 from mysqltest_3@localhost; grant all on mysqltest_2.* to mysqltest_3@localhost; grant select on *.* to mysqltest_3@localhost; +grant select on mysqltest_2.t1 to mysqltest_3@localhost; flush privileges; use mysqltest_1; update mysqltest_2.t1, mysqltest_2.t2 set c=500,d=600; @@ -409,11 +410,11 @@ update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200; ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for column 'a' in table 't1' use mysqltest_2; update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1' +ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't1' update mysqltest_2.t1, mysqltest_1.t2 set c=100,b=200; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1' +ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't2' update mysqltest_1.t1, mysqltest_2.t2 set a=100,d=200; -ERROR 42000: Access denied for user 'mysqltest_3'@'localhost' to database 'mysqltest_1' +ERROR 42000: UPDATE command denied to user 'mysqltest_3'@'localhost' for table 't1' select t1.*,t2.* from mysqltest_1.t1,mysqltest_1.t2; a q b r 10 2 1 2 diff --git a/mysql-test/t/grant.test b/mysql-test/t/grant.test index 60b60547fcc..3365145650a 100644 --- a/mysql-test/t/grant.test +++ b/mysql-test/t/grant.test @@ -323,7 +323,7 @@ connection conn1; show grants for mysqltest_3@localhost; --error 1143 update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1; ---error 1143 +--error 1142 update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1; --error 1143 update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1; @@ -343,6 +343,8 @@ revoke all on mysqltest_2.t2 from mysqltest_3@localhost; #test the db/table level privileges grant all on mysqltest_2.* to mysqltest_3@localhost; grant select on *.* to mysqltest_3@localhost; +# Next grant is needed to trigger bug#7391. Do not optimize! +grant select on mysqltest_2.t1 to mysqltest_3@localhost; flush privileges; disconnect conn1; connect (conn2,localhost,mysqltest_3,,); @@ -354,11 +356,11 @@ update mysqltest_2.t1, mysqltest_2.t2 set c=500,d=600; update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200; use mysqltest_2; #the following used to succeed, it must fail now. ---error 1044 +--error 1142 update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200; ---error 1044 +--error 1142 update mysqltest_2.t1, mysqltest_1.t2 set c=100,b=200; ---error 1044 +--error 1142 update mysqltest_1.t1, mysqltest_2.t2 set a=100,d=200; #lets see the result connection master; diff --git a/sql/sql_update.cc b/sql/sql_update.cc index 089d0bf0660..af4ba8025f9 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -628,7 +628,7 @@ int mysql_multi_update_lock(THD *thd, if (!using_lock_tables) tl->table->reginfo.lock_type= tl->lock_type; if (check_access(thd, wants, tl->db, &tl->grant.privilege, 0, 0) || - (grant_option && check_grant(thd, wants, tl, 0, 0, 0))) + (grant_option && check_grant(thd, wants, tl, 0, 1, 0))) { tl->next= save; DBUG_RETURN(1); |