mirror of
https://github.com/MariaDB/server.git
synced 2025-07-30 16:24:05 +03:00
Added the following new privleges:
SHOW DATABASES CREATE TEMPORARY TABLE LOCK TABLES REPLICATION SLAVE & REPLICATION CLIENT SUPER EXECUTE All scripts & documentation is updated for this change. Added better error messages for global privileges BitKeeper/deleted/.del-mysql_new_fix_privilege_tables.sh~b1664b401375eece: Delete: scripts/mysql_new_fix_privilege_tables.sh Docs/manual.texi: Updated manual for privilege changes. include/mysqld_error.h: new error messages mysql-test/install_test_db.sh: Updated to use new privileges mysql-test/r/grant_cache.result: Updated to use new privileges mysql-test/r/rpl000017.result: Updated to use new privileges mysql-test/t/rpl000017.test: Updated to use new privileges mysys/safemalloc.c: Cleanup scripts/mysql_fix_privilege_tables.sh: Updated to use new privileges scripts/mysql_install_db.sh: Updated to use new privileges sql/field.h: Cleanup sql/item_strfunc.cc: Updated to use new privileges sql/lex.h: Updated to use new privileges sql/log.cc: Updated to use new privileges sql/mysql_priv.h: Updated to use new privileges sql/mysqld.cc: Updated to use new privileges sql/repl_failsafe.cc: Updated to use new privileges sql/share/czech/errmsg.txt: new error messages sql/share/danish/errmsg.txt: new error messages sql/share/dutch/errmsg.txt: new error messages sql/share/english/errmsg.txt: new error messages sql/share/estonian/errmsg.txt: new error messages sql/share/french/errmsg.txt: new error messages sql/share/german/errmsg.txt: new error messages sql/share/greek/errmsg.txt: new error messages sql/share/hungarian/errmsg.txt: new error messages sql/share/italian/errmsg.txt: new error messages sql/share/japanese/errmsg.txt: new error messages sql/share/korean/errmsg.txt: new error messages sql/share/norwegian-ny/errmsg.txt: new error messages sql/share/norwegian/errmsg.txt: new error messages sql/share/polish/errmsg.txt: new error messages sql/share/portuguese/errmsg.txt: new error messages sql/share/romanian/errmsg.txt: new error messages sql/share/russian/errmsg.txt: new error messages sql/share/slovak/errmsg.txt: new error messages sql/share/spanish/errmsg.txt: new error messages sql/share/swedish/errmsg.txt: new error messages sql/share/ukrainian/errmsg.txt: new error messages sql/slave.cc: Portability cleanup sql/sql_acl.cc: Updated to use new privileges sql/sql_acl.h: Updated to use new privileges sql/sql_base.cc: Remove not used include file sql/sql_class.cc: Comment cleanup sql/sql_class.h: Updated to use new privileges Comment cleanups sql/sql_insert.cc: Updated to use new privileges sql/sql_lex.h: Indentation cleanup sql/sql_parse.cc: Updated to use new privileges sql/sql_repl.cc: Updated to use new privileges Comment cleanup sql/sql_show.cc: Updated to use new privileges sql/sql_yacc.yy: Updated to use new privileges Sorted some tockens for easer merge to 4.1 in the future. sql/table.h: Updated to use new privileges tests/grant.pl: Updated to use new privileges tests/grant.res: Updated to use new privileges
This commit is contained in:
unknown
@ -36,7 +36,8 @@ $|=1;
|
||||
|
||||
$tables_cols="Host, Db, User, Table_name, Grantor, Table_priv, Column_priv";
|
||||
$columns_cols="Host, Db, User, Table_name, Column_name, Column_priv";
|
||||
$tmp_table="/tmp/grant-$$.test";
|
||||
$tmp_table="/tmp/mysql-grant.test"; # Can't use $$ as we are logging result
|
||||
unlink($tmp_table);
|
||||
|
||||
#
|
||||
# clear grant tables
|
||||
@ -74,6 +75,7 @@ user_connect(0);
|
||||
user_query("select * from mysql.user where user = '$opt_user'");
|
||||
user_query("select * from mysql.db where user = '$opt_user'");
|
||||
safe_query("grant select on *.* to $user,$user");
|
||||
safe_query("show grants for $user");
|
||||
|
||||
# The following should fail
|
||||
user_query("insert into mysql.user (host,user) values ('error','$opt_user')",1);
|
||||
@ -384,7 +386,9 @@ safe_query("select $columns_cols from mysql.columns_priv where user = '$opt_user
|
||||
# Clear up privileges to make future tests easier
|
||||
|
||||
safe_query("delete from user where user='$opt_user'");
|
||||
safe_query("delete from db where user='$opt_user'");
|
||||
safe_query("flush privileges");
|
||||
safe_query("show grants for $user",1);
|
||||
|
||||
#
|
||||
# Test IDENTIFIED BY
|
||||
@ -394,7 +398,9 @@ safe_query("grant ALL PRIVILEGES on $opt_database.test to $user identified by 'd
|
||||
user_connect(0,"dummy");
|
||||
safe_query("grant SELECT on $opt_database.* to $user identified by ''");
|
||||
user_connect(0);
|
||||
safe_query("revoke SELECT on $opt_database.* from $user identified by ''");
|
||||
safe_query("revoke ALL PRIVILEGES on $opt_database.test from $user identified by ''");
|
||||
safe_query("revoke ALL PRIVILEGES on $opt_database.* from $user identified by ''");
|
||||
safe_query("show grants for $user");
|
||||
|
||||
#
|
||||
# Test bug reported in SELECT INTO OUTFILE
|
||||
@ -407,7 +413,7 @@ safe_query("insert into $opt_database.test3 values (1)");
|
||||
user_connect(0);
|
||||
user_query("select * into outfile '$tmp_table' from $opt_database.test3");
|
||||
safe_query("revoke SELECT on $opt_database.test3 from $user");
|
||||
safe_query("revoke FILE from *.* from $user");
|
||||
safe_query("revoke FILE on *.* from $user");
|
||||
safe_query("drop table $opt_database.test3");
|
||||
|
||||
#
|
||||
@ -415,24 +421,36 @@ safe_query("drop table $opt_database.test3");
|
||||
#
|
||||
|
||||
safe_query("create table $opt_database.test3 (a int)");
|
||||
user_connect(1);
|
||||
safe_query("grant INSERT on $opt_database.test3 to $user");
|
||||
user_connect(0);
|
||||
user_query("select * into outfile '$tmp_table' from $opt_database.test3",1);
|
||||
safe_query("grant SELECT on $opt_database.test3 to $user");
|
||||
user_connect(0);
|
||||
user_query("LOCK TABLES $opt_database.test3",1);
|
||||
safe_query("grant INSERT,UPDATE,DELETE on $opt_database.test3 to $user");
|
||||
user_query("LOCK TABLES $opt_database.test3 READ",1);
|
||||
safe_query("grant LOCK TABLES on *.* to $user");
|
||||
safe_query("show grants for $user");
|
||||
safe_query("select * from mysql.user where user='$opt_user'");
|
||||
user_connect(0);
|
||||
user_query("LOCK TABLES $opt_database.test3");
|
||||
safe_query("revoke SELECT, INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
|
||||
safe_query("grant SELECT,INSERT,UPDATE,DELETE on $opt_database.* to $user");
|
||||
user_connect(0);
|
||||
user_query("LOCK TABLES $opt_database.test3");
|
||||
safe_query("revoke SELECT, INSERT,UPDATE,DELETE on $opt_database.* from $user");
|
||||
safe_query("grant SELECT,INSERT,UPDATE,DELETE on *.* to $user");
|
||||
user_connect(0);
|
||||
user_query("LOCK TABLES $opt_database.test3");
|
||||
user_query("LOCK TABLES $opt_database.test3 READ");
|
||||
user_query("UNLOCK TABLES");
|
||||
safe_query("revoke SELECT, INSERT,UPDATE,DELETE on *.* from $user");
|
||||
safe_query("revoke SELECT,INSERT,UPDATE,DELETE on $opt_database.test3 from $user");
|
||||
user_connect(1);
|
||||
safe_query("revoke LOCK TABLES on *.* from $user");
|
||||
safe_query("drop table $opt_database.test3");
|
||||
|
||||
#
|
||||
# test new privileges in 4.0.2
|
||||
#
|
||||
|
||||
safe_query("show grants for $user");
|
||||
safe_query("grant all on *.* to $user WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3");
|
||||
safe_query("show grants for $user");
|
||||
safe_query("revoke LOCK TABLES on *.* from $user");
|
||||
safe_query("flush privileges");
|
||||
safe_query("show grants for $user");
|
||||
safe_query("revoke ALL PRIVILEGES on *.* from $user");
|
||||
safe_query("show grants for $user");
|
||||
|
||||
#
|
||||
# Clean up things
|
||||
|
||||
@ -19,10 +19,13 @@ Access denied for user: 'grant_user@localhost' (Using password: NO)
|
||||
set password FOR grant_user=''
|
||||
Connecting grant_user
|
||||
select * from mysql.user where user = 'grant_user'
|
||||
localhost grant_user Y N N N N N N N N N N N N N NONE
|
||||
localhost grant_user Y N N N N N N N N N N N N N N N N N N N N 0 0 0
|
||||
|
||||
select * from mysql.db where user = 'grant_user'
|
||||
grant select on *.* to grant_user@localhost,grant_user@localhost
|
||||
show grants for grant_user@localhost
|
||||
GRANT SELECT ON *.* TO 'grant_user'@'localhost'
|
||||
|
||||
insert into mysql.user (host,user) values ('error','grant_user')
|
||||
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
|
||||
update mysql.user set host='error' WHERE user='grant_user'
|
||||
@ -93,7 +96,7 @@ delete from user where user='grant_user'
|
||||
flush privileges
|
||||
grant select on grant_test.* to grant_user@localhost
|
||||
select * from mysql.user where user = 'grant_user'
|
||||
localhost grant_user N N N N N N N N N N N N N N NONE
|
||||
localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0
|
||||
|
||||
select * from mysql.db where user = 'grant_user'
|
||||
localhost grant_test grant_user Y N N N N N N N N N
|
||||
@ -152,7 +155,7 @@ insert into mysql.user (host,user) values ('error','grant_user',0)
|
||||
Error in execute: Access denied for user: 'grant_user@localhost' to database 'mysql'
|
||||
revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost
|
||||
select * from mysql.user where user = 'grant_user'
|
||||
localhost grant_user N N N N N N N N N N N N N N NONE
|
||||
localhost grant_user N N N N N N N N N N N N N N N N N N N N N 0 0 0
|
||||
|
||||
select * from mysql.db where user = 'grant_user'
|
||||
Connecting grant_user
|
||||
@ -432,18 +435,66 @@ localhost grant_test grant_user N Y N N N N N N N N
|
||||
select Host, Db, User, Table_name, Grantor, Table_priv, Column_priv from mysql.tables_priv where user = 'grant_user'
|
||||
select Host, Db, User, Table_name, Column_name, Column_priv from mysql.columns_priv where user = 'grant_user'
|
||||
delete from user where user='grant_user'
|
||||
delete from db where user='grant_user'
|
||||
flush privileges
|
||||
show grants for grant_user@localhost
|
||||
Error in execute: There is no such grant defined for user 'grant_user' on host 'localhost'
|
||||
grant ALL PRIVILEGES on grant_test.test to grant_user@localhost identified by 'dummy', grant_user@127.0.0.1 identified by 'dummy2'
|
||||
Connecting grant_user
|
||||
grant SELECT on grant_test.* to grant_user@localhost identified by ''
|
||||
Connecting grant_user
|
||||
revoke SELECT on grant_test.* from grant_user@localhost identified by ''
|
||||
revoke ALL PRIVILEGES on grant_test.test from grant_user@localhost identified by ''
|
||||
revoke ALL PRIVILEGES on grant_test.* from grant_user@localhost identified by ''
|
||||
show grants for grant_user@localhost
|
||||
create table grant_test.test3 (a int)
|
||||
grant SELECT on grant_test.test3 to grant_user@localhost
|
||||
grant FILE on *.* to grant_user@localhost
|
||||
insert into grant_test.test3 values (1)
|
||||
Connecting grant_user
|
||||
select * into outfile '/tmp/grant-11047.test' from grant_test.test3
|
||||
select * into outfile '/tmp/mysql-grant.test' from grant_test.test3
|
||||
revoke SELECT on grant_test.test3 from grant_user@localhost
|
||||
revoke FILE on *.* from grant_user@localhost
|
||||
drop table grant_test.test3
|
||||
create table grant_test.test3 (a int)
|
||||
Connecting grant_user
|
||||
Access denied for user: 'grant_user@localhost' to database 'grant_test'
|
||||
grant INSERT on grant_test.test3 to grant_user@localhost
|
||||
Connecting grant_user
|
||||
select * into outfile '/tmp/mysql-grant.test' from grant_test.test3
|
||||
Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO)
|
||||
grant SELECT on grant_test.test3 to grant_user@localhost
|
||||
Connecting grant_user
|
||||
LOCK TABLES grant_test.test3 READ
|
||||
Error in execute: Access denied for user: 'grant_user@localhost' (Using password: NO)
|
||||
grant LOCK TABLES on *.* to grant_user@localhost
|
||||
show grants for grant_user@localhost
|
||||
GRANT LOCK TABLES ON *.* TO 'grant_user'@'localhost'
|
||||
GRANT SELECT, INSERT ON grant_test.test3 TO 'grant_user'@'localhost'
|
||||
|
||||
select * from mysql.user where user='grant_user'
|
||||
127.0.0.1 grant_user 7f70e8b858ee6782 N N N N N N N N N N N N N N N N N N N N N 0 0 0
|
||||
localhost grant_user N N N N N N N N N N N N N N N N N Y N N N 0 0 0
|
||||
|
||||
Connecting grant_user
|
||||
LOCK TABLES grant_test.test3 READ
|
||||
UNLOCK TABLES
|
||||
revoke SELECT,INSERT,UPDATE,DELETE on grant_test.test3 from grant_user@localhost
|
||||
Connecting grant_user
|
||||
Access denied for user: 'grant_user@localhost' to database 'grant_test'
|
||||
revoke LOCK TABLES on *.* from grant_user@localhost
|
||||
drop table grant_test.test3
|
||||
show grants for grant_user@localhost
|
||||
grant all on *.* to grant_user@localhost WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
|
||||
show grants for grant_user@localhost
|
||||
GRANT ALL PRIVILEGES ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
|
||||
|
||||
revoke LOCK TABLES on *.* from grant_user@localhost
|
||||
flush privileges
|
||||
show grants for grant_user@localhost
|
||||
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'grant_user'@'localhost' WITH MAX_QUERIES_PER_HOUR 1 MAX_UPDATES_PER_HOUR 2 MAX_CONNECTIONS_PER_HOUR 3
|
||||
|
||||
revoke ALL PRIVILEGES on *.* from grant_user@localhost
|
||||
show grants for grant_user@localhost
|
||||
drop database grant_test
|
||||
delete from user where user='grant_user'
|
||||
delete from db where user='grant_user'
|
||||
|
||||
Reference in New Issue
Block a user