diff options
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/sql_acl.cc | 9 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 3 | ||||
| -rw-r--r-- | sql/table.h | 9 |
3 files changed, 18 insertions, 3 deletions
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index ab18a2d1d04..de132d169f2 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -3905,11 +3905,15 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, continue; // ok if (!(~table->grant.privilege & want_access) || - table->is_anonymous_derived_table() || table->schema_table) + (table->is_anonymous_derived_table() && + table->is_non_materialized_derived_table()) || table->schema_table) { /* It is subquery in the FROM clause. VIEW set table->derived after - table opening, but this function always called before table opening. + table opening, but this function is mostly called before table opening. + When it's called after table opening e.g. for nested views with + materialization we shoud check the materialized table for access as + any other table. */ if (!table->referencing_view) { @@ -3922,6 +3926,7 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, } continue; } + if (!(grant_table= table_hash_search(sctx->host, sctx->ip, table->get_db_name(), sctx->priv_user, table->get_table_name(), FALSE))) diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index fb5d58b63c4..de5f2838edd 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -5058,7 +5058,8 @@ bool check_single_table_access(THD *thd, ulong privilege, if (!(all_tables->belong_to_view && (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) && !(all_tables->view && - all_tables->effective_algorithm == VIEW_ALGORITHM_TMPTABLE) && + all_tables->effective_algorithm == VIEW_ALGORITHM_TMPTABLE && + all_tables->is_non_materialized_derived_table()) && check_grant(thd, privilege, all_tables, 0, 1, no_errors)) goto deny; diff --git a/sql/table.h b/sql/table.h index 40372fa91cf..1beea8ac1a1 100644 --- a/sql/table.h +++ b/sql/table.h @@ -1466,6 +1466,15 @@ struct TABLE_LIST bool is_anonymous_derived_table() const { return derived && !view; } /** + @brief True if this TABLE_LIST represents an not yet materialized + derived table, i.e. the result of a subquery or view execution. + */ + bool is_non_materialized_derived_table() const + { + return derived && !derived_result; + } + + /** @brief Returns the name of the database that the referenced table belongs to. */ |