set global sql_mode=""; set local sql_mode=""; SET NAMES binary; connect master,localhost,root,,; connection master; drop table if exists t1; delete from mysql.user where user like 'mysqltest\_%'; delete from mysql.db where user like 'mysqltest\_%'; delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; create user mysqltest_1@localhost; grant create user on *.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_1@localhost with grant option; connect user_a,localhost,mysqltest_1,,; connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; ERROR 42000: You are not allowed to create a user with GRANT create user mysqltest_2@localhost; disconnect user_a; disconnect master; connection default; delete from mysql.user where user like 'mysqltest\_%'; delete from mysql.db where user like 'mysqltest\_%'; delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant select on test.* to CUser@localhost; grant select on test.* to CUser@LOCALHOST; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2; user host db select_priv CUser localhost test Y REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2; user host db select_priv REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2; user host db select_priv DROP USER CUser@localhost; DROP USER CUser@LOCALHOST; ERROR HY000: Operation DROP USER failed for 'CUser'@'localhost' create table t1 (a int); grant select on test.t1 to CUser@localhost; grant select on test.t1 to CUser@LOCALHOST; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv CUser localhost test t1 Select REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv DROP USER CUser@localhost; DROP USER CUser@LOCALHOST; ERROR HY000: Operation DROP USER failed for 'CUser'@'localhost' grant select(a) on test.t1 to CUser@localhost; grant select(a) on test.t1 to CUser@LOCALHOST; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv CUser localhost test t1 Select REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2; User Host CUser localhost SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2; user host db Table_name Table_priv Column_priv DROP USER CUser@localhost; DROP USER CUser@LOCALHOST; ERROR HY000: Operation DROP USER failed for 'CUser'@'localhost' drop table t1; grant select on test.* to CUser2@localhost; grant select on test.* to CUser2@LOCALHOST; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2; User Host CUser2 localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2; user host db select_priv CUser2 localhost test Y REVOKE SELECT ON test.* FROM 'CUser2'@'LOCALHOST'; flush privileges; SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2; User Host CUser2 localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2; user host db select_priv REVOKE SELECT ON test.* FROM 'CUser2'@'localhost'; ERROR 42000: There is no such grant defined for user 'CUser2' on host 'localhost' flush privileges; SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2; User Host CUser2 localhost SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2; user host db select_priv DROP USER CUser2@localhost; DROP USER CUser2@LOCALHOST; ERROR HY000: Operation DROP USER failed for 'CUser2'@'localhost' CREATE DATABASE mysqltest_1; CREATE TABLE mysqltest_1.t1 (a INT); CREATE USER 'mysqltest1'@'%'; GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%'; REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%'; GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'; FLUSH PRIVILEGES; connect conn1,localhost,mysqltest1,,; connection conn1; SHOW GRANTS; Grants for mysqltest1@% GRANT USAGE ON *.* TO `mysqltest1`@`%` GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO `mysqltest1`@`%` GRANT UPDATE ON `mysqltest_1`.* TO `mysqltest1`@`%` SELECT * FROM mysqltest_1.t1; a disconnect conn1; connection default; DROP USER 'mysqltest1'@'%'; DROP DATABASE mysqltest_1; # # Bug#41597 - After rename of user, there are additional grants # when grants are reapplied. # CREATE DATABASE temp; CREATE TABLE temp.t1(a INT, b VARCHAR(10)); INSERT INTO temp.t1 VALUES(1, 'name1'); INSERT INTO temp.t1 VALUES(2, 'name2'); INSERT INTO temp.t1 VALUES(3, 'name3'); CREATE USER 'user1'@'%'; RENAME USER 'user1'@'%' TO 'user2'@'%'; # Show privileges after rename and BEFORE grant SHOW GRANTS FOR 'user2'@'%'; Grants for user2@% GRANT USAGE ON *.* TO `user2`@`%` GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%'; # Show privileges after rename and grant SHOW GRANTS FOR 'user2'@'%'; Grants for user2@% GRANT USAGE ON *.* TO `user2`@`%` GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO `user2`@`%` # Connect as the renamed user connect conn1, localhost, user2,,; connection conn1; SHOW GRANTS; Grants for user2@% GRANT USAGE ON *.* TO `user2`@`%` GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO `user2`@`%` SELECT a FROM temp.t1; a 1 2 3 # Check for additional privileges by accessing a # non privileged column. We shouldn't be able to # access this column. SELECT b FROM temp.t1; ERROR 42000: SELECT command denied to user 'user2'@'localhost' for column 'b' in table 't1' disconnect conn1; connection default; DROP USER 'user2'@'%'; DROP DATABASE temp; set global sql_mode=default; # # End of 5.0 tests # create database db1; create user foo@localhost; grant create on db1.* to foo@localhost; grant all privileges on test.* to foo@localhost; connect foo,localhost,foo; create temporary table t as values (1),(2),(3); use db1; create table t1 as select * from test.t; ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `db1`.`t1` create table t1 as values (1),(2),(3); ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `db1`.`t1` create table t1 (a int); disconnect foo; connection default; revoke create on db1.* from foo@localhost; grant insert on db1.* to foo@localhost; connect foo,localhost,foo; use db1; create table t2 as values (1),(2),(3); ERROR 42000: CREATE command denied to user 'foo'@'localhost' for table `db1`.`t2` disconnect foo; connection default; drop user foo@localhost; drop database db1;