diff options
Diffstat (limited to 'mysql-test/main/partition_grant.test')
| -rw-r--r-- | mysql-test/main/partition_grant.test | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/mysql-test/main/partition_grant.test b/mysql-test/main/partition_grant.test new file mode 100644 index 00000000000..a5df218bb10 --- /dev/null +++ b/mysql-test/main/partition_grant.test @@ -0,0 +1,82 @@ +-- source include/have_partition.inc +# Grant tests not performed with embedded server +-- source include/not_embedded.inc + +--disable_warnings +drop schema if exists mysqltest_1; +--enable_warnings + + +# +# Bug #17139: ALTER TABLE ... DROP PARTITION should require DROP privilege +# + +create schema mysqltest_1; +use mysqltest_1; + +create table t1 (a int) partition by list (a) (partition p1 values in (1), partition p2 values in (2), partition p3 values in (3)); +insert into t1 values (1),(2); + +# We don't have DROP USER IF EXISTS. Use this workaround to +# cleanup possible grants for mysqltest_1 left by previous tests +# and ensure consistent results of SHOW GRANTS command below. +--disable_warnings +create user mysqltest_1@localhost; +grant usage on *.* to mysqltest_1@localhost; +revoke all privileges on *.* from mysqltest_1@localhost; +--enable_warnings + +grant select,alter on mysqltest_1.* to mysqltest_1@localhost; + +connect (conn1,localhost,mysqltest_1,,mysqltest_1); +show grants for current_user; +alter table t1 add b int; +--error ER_TABLEACCESS_DENIED_ERROR +alter table t1 drop partition p2; +disconnect conn1; + +connection default; +grant drop on mysqltest_1.* to mysqltest_1@localhost; + +connect (conn2,localhost,mysqltest_1,,mysqltest_1); +alter table t1 drop partition p2; +disconnect conn2; + +connection default; +revoke alter on mysqltest_1.* from mysqltest_1@localhost; + +connect (conn3,localhost,mysqltest_1,,mysqltest_1); +--error ER_TABLEACCESS_DENIED_ERROR +alter table t1 drop partition p3; +disconnect conn3; + +connection default; + +revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost; +drop table t1; + +# +# Bug #23675 Partitions: possible security breach via alter +# + +create table t1 (s1 int); +insert into t1 values (1); +grant alter on mysqltest_1.* to mysqltest_1@localhost; +connect (conn4,localhost,mysqltest_1,,mysqltest_1); +connection conn4; +--error ER_NO_PARTITION_FOR_GIVEN_VALUE +alter table t1 partition by list (s1) (partition p1 values in (2)); +connection default; +grant select, alter on mysqltest_1.* to mysqltest_1@localhost; +disconnect conn4; +connect (conn5,localhost,mysqltest_1,,mysqltest_1); +--error ER_NO_PARTITION_FOR_GIVEN_VALUE +alter table t1 partition by list (s1) (partition p1 values in (2)); +disconnect conn5; +connection default; +drop table t1; + +drop user mysqltest_1@localhost; +drop schema mysqltest_1; + +--echo End of 5.1 tests |