From 6c8ce999f861c8c56edaf6b6e965c6c48bd9e37c Mon Sep 17 00:00:00 2001 From: Robert Bindar Date: Wed, 13 Feb 2019 20:02:42 +0100 Subject: MDEV-13095 Implement User Account locking Add server support for user account locking. This patch extends the ALTER/CREATE USER statements for denying a user's subsequent login attempts: ALTER USER user [, user2] ACCOUNT [LOCK | UNLOCK] CREATE USER user [, user2] ACCOUNT [LOCK | UNLOCK] The SHOW CREATE USER statement was updated to display the locking state of an user. Closes #1006 --- scripts/mysql_system_tables_fix.sql | 2 ++ 1 file changed, 2 insertions(+) (limited to 'scripts/mysql_system_tables_fix.sql') diff --git a/scripts/mysql_system_tables_fix.sql b/scripts/mysql_system_tables_fix.sql index fe0b9c01600..381f5356575 100644 --- a/scripts/mysql_system_tables_fix.sql +++ b/scripts/mysql_system_tables_fix.sql @@ -643,6 +643,7 @@ ALTER TABLE user ADD plugin char(64) CHARACTER SET latin1 DEFAULT '' NOT NULL, ALTER TABLE user MODIFY plugin char(64) CHARACTER SET latin1 DEFAULT '' NOT NULL, MODIFY authentication_string TEXT NOT NULL; ALTER TABLE user ADD password_expired ENUM('N', 'Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL; +ALTER TABLE user ADD account_locked enum('N', 'Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL after password_expired; ALTER TABLE user ADD is_role enum('N', 'Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL; ALTER TABLE user ADD default_role char(80) binary DEFAULT '' NOT NULL; ALTER TABLE user ADD max_statement_time decimal(12,6) DEFAULT 0 NOT NULL; @@ -804,6 +805,7 @@ IF 'BASE TABLE' = (select table_type from information_schema.tables where table_ 'max_statement_time', max_statement_time, 'plugin', if(plugin>'',plugin,if(length(password)=16,'mysql_old_password','mysql_native_password')), 'authentication_string', if(plugin>'' and authentication_string>'',authentication_string,password), + 'account_locked', 'Y'=account_locked, 'default_role', default_role, 'is_role', 'Y'=is_role)) as Priv FROM user; -- cgit v1.2.1