diff --git a/mysql-test/main/ctype_upgrade.result b/mysql-test/main/ctype_upgrade.result index 97c797e8418..05482eb19d4 100644 --- a/mysql-test/main/ctype_upgrade.result +++ b/mysql-test/main/ctype_upgrade.result @@ -302,6 +302,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -464,6 +465,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/information_schema.result b/mysql-test/main/information_schema.result index 154f60ae35c..8e41f6996f6 100644 --- a/mysql-test/main/information_schema.result +++ b/mysql-test/main/information_schema.result @@ -140,6 +140,7 @@ TABLES TABLES TABLESPACES TABLESPACES TABLE_CONSTRAINTS TABLE_CONSTRAINTS TABLE_PRIVILEGES TABLE_PRIVILEGES +TABLE_PRIVILEGES table_privileges TABLE_STATISTICS TABLE_STATISTICS TRIGGERS TRIGGERS t1 t1 @@ -163,6 +164,7 @@ TABLES TABLES TABLESPACES TABLESPACES TABLE_CONSTRAINTS TABLE_CONSTRAINTS TABLE_PRIVILEGES TABLE_PRIVILEGES +TABLE_PRIVILEGES table_privileges TABLE_STATISTICS TABLE_STATISTICS TRIGGERS TRIGGERS t1 t1 @@ -186,6 +188,7 @@ TABLES TABLES TABLESPACES TABLESPACES TABLE_CONSTRAINTS TABLE_CONSTRAINTS TABLE_PRIVILEGES TABLE_PRIVILEGES +TABLE_PRIVILEGES table_privileges TABLE_STATISTICS TABLE_STATISTICS TRIGGERS TRIGGERS t1 t1 @@ -1508,6 +1511,7 @@ statements_with_runtimes_in_95th_percentile YES statements_with_sorting YES statements_with_temp_tables YES statement_analysis YES +table_privileges NO user YES user_summary NO user_summary_by_file_io NO diff --git a/mysql-test/main/log_tables_upgrade.result b/mysql-test/main/log_tables_upgrade.result index 1f8f478200c..5725add6524 100644 --- a/mysql-test/main/log_tables_upgrade.result +++ b/mysql-test/main/log_tables_upgrade.result @@ -87,6 +87,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/lowercase_fs_off.result b/mysql-test/main/lowercase_fs_off.result index f59470ae0bc..b29bf0ba386 100644 --- a/mysql-test/main/lowercase_fs_off.result +++ b/mysql-test/main/lowercase_fs_off.result @@ -178,6 +178,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_json_mysql_upgrade.result b/mysql-test/main/mysql_json_mysql_upgrade.result index 2b909594e74..21a67d4e3d5 100644 --- a/mysql-test/main/mysql_json_mysql_upgrade.result +++ b/mysql-test/main/mysql_json_mysql_upgrade.result @@ -98,6 +98,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result b/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result index 7bc2808a40b..09e8855c4be 100644 --- a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result +++ b/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result @@ -98,6 +98,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade-20228.result b/mysql-test/main/mysql_upgrade-20228.result index cd616c53615..d43f26e69b6 100644 --- a/mysql-test/main/mysql_upgrade-20228.result +++ b/mysql-test/main/mysql_upgrade-20228.result @@ -91,6 +91,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade-28915.result b/mysql-test/main/mysql_upgrade-28915.result index 399cd9cf3c4..422fff4822f 100644 --- a/mysql-test/main/mysql_upgrade-28915.result +++ b/mysql-test/main/mysql_upgrade-28915.result @@ -149,6 +149,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -413,6 +414,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade-6984.result b/mysql-test/main/mysql_upgrade-6984.result index 4da47975d7d..ff3f017c144 100644 --- a/mysql-test/main/mysql_upgrade-6984.result +++ b/mysql-test/main/mysql_upgrade-6984.result @@ -94,6 +94,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade.result b/mysql-test/main/mysql_upgrade.result index 80fcb35865d..2af8cd0c36c 100644 --- a/mysql-test/main/mysql_upgrade.result +++ b/mysql-test/main/mysql_upgrade.result @@ -76,6 +76,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -229,6 +230,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -381,6 +383,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -539,6 +542,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -697,6 +701,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -858,6 +863,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -1059,6 +1065,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -1231,6 +1238,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -1411,6 +1419,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -1633,6 +1642,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -1813,6 +1823,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -2045,6 +2056,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -2265,6 +2277,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade_mysql_json_datatype.result b/mysql-test/main/mysql_upgrade_mysql_json_datatype.result index cb964cb7d0c..628619139c4 100644 --- a/mysql-test/main/mysql_upgrade_mysql_json_datatype.result +++ b/mysql-test/main/mysql_upgrade_mysql_json_datatype.result @@ -85,6 +85,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade_ssl.result b/mysql-test/main/mysql_upgrade_ssl.result index 990f05b3d94..b572f38be1f 100644 --- a/mysql-test/main/mysql_upgrade_ssl.result +++ b/mysql-test/main/mysql_upgrade_ssl.result @@ -76,6 +76,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/mysql_upgrade_view.result b/mysql-test/main/mysql_upgrade_view.result index 21304c15dd5..1018e2fe4e3 100644 --- a/mysql-test/main/mysql_upgrade_view.result +++ b/mysql-test/main/mysql_upgrade_view.result @@ -156,6 +156,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -409,6 +410,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -637,6 +639,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/upgrade_MDEV-19650.result b/mysql-test/main/upgrade_MDEV-19650.result index 81673dc8cdf..3be76243e39 100644 --- a/mysql-test/main/upgrade_MDEV-19650.result +++ b/mysql-test/main/upgrade_MDEV-19650.result @@ -179,6 +179,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/upgrade_MDEV-23102-1.result b/mysql-test/main/upgrade_MDEV-23102-1.result index a092cf10e30..3d12e40b18e 100644 --- a/mysql-test/main/upgrade_MDEV-23102-1.result +++ b/mysql-test/main/upgrade_MDEV-23102-1.result @@ -197,6 +197,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -399,6 +400,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/upgrade_MDEV-23102-2.result b/mysql-test/main/upgrade_MDEV-23102-2.result index f84a109e792..e986b06d974 100644 --- a/mysql-test/main/upgrade_MDEV-23102-2.result +++ b/mysql-test/main/upgrade_MDEV-23102-2.result @@ -181,6 +181,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK @@ -375,6 +376,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/upgrade_geometrycolumn_procedure_definer.result b/mysql-test/main/upgrade_geometrycolumn_procedure_definer.result index 9d2f445d01c..0b3864bd994 100644 --- a/mysql-test/main/upgrade_geometrycolumn_procedure_definer.result +++ b/mysql-test/main/upgrade_geometrycolumn_procedure_definer.result @@ -127,6 +127,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/main/upgrade_mdev_24363.result b/mysql-test/main/upgrade_mdev_24363.result index 184c948fe75..6cc5f2500a9 100644 --- a/mysql-test/main/upgrade_mdev_24363.result +++ b/mysql-test/main/upgrade_mdev_24363.result @@ -141,6 +141,7 @@ sys.statements_with_full_table_scans OK sys.statements_with_runtimes_in_95th_percentile OK sys.statements_with_sorting OK sys.statements_with_temp_tables OK +sys.table_privileges OK sys.user_summary OK sys.user_summary_by_file_io OK sys.user_summary_by_file_io_type OK diff --git a/mysql-test/suite/sysschema/r/all_sys_objects_exist.result b/mysql-test/suite/sysschema/r/all_sys_objects_exist.result index 4c1bf311450..eea49dcd6ae 100644 --- a/mysql-test/suite/sysschema/r/all_sys_objects_exist.result +++ b/mysql-test/suite/sysschema/r/all_sys_objects_exist.result @@ -42,6 +42,7 @@ statements_with_sorting statements_with_temp_tables statement_analysis sys_config +table_privileges user_summary user_summary_by_file_io user_summary_by_file_io_type @@ -159,4 +160,4 @@ SELECT TRIGGER_NAME FROM INFORMATION_SCHEMA.TRIGGERS WHERE TRIGGER_SCHEMA = 'sys TRIGGER_NAME SELECT sys_version FROM sys.version; sys_version -1.5.1 +1.5.2 diff --git a/mysql-test/suite/sysschema/r/v_table_privileges.result b/mysql-test/suite/sysschema/r/v_table_privileges.result new file mode 100644 index 00000000000..57eb9077081 --- /dev/null +++ b/mysql-test/suite/sysschema/r/v_table_privileges.result @@ -0,0 +1,92 @@ +DESC sys.table_privileges; +Field Type Null Key Default Extra +TABLE_SCHEMA varchar(64) NO NULL +TABLE_NAME varchar(64) NO NULL +GRANTEE varchar(385) NO +PRIVILEGE varchar(64) NO +LEVEL varchar(6) NO +SELECT * FROM sys.table_privileges; +CREATE DATABASE test2; +USE test2; +CREATE TABLE t1 (a int); +CREATE USER test2_user; +# Grant everything first +GRANT ALL ON t1 TO test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2_user%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +test2 t1 'test2_user'@'%' SELECT TABLE +test2 t1 'test2_user'@'%' INSERT TABLE +test2 t1 'test2_user'@'%' UPDATE TABLE +test2 t1 'test2_user'@'%' DELETE TABLE +test2 t1 'test2_user'@'%' CREATE TABLE +test2 t1 'test2_user'@'%' DROP TABLE +test2 t1 'test2_user'@'%' REFERENCES TABLE +test2 t1 'test2_user'@'%' INDEX TABLE +test2 t1 'test2_user'@'%' ALTER TABLE +test2 t1 'test2_user'@'%' SHOW VIEW TABLE +test2 t1 'test2_user'@'%' TRIGGER TABLE +test2 t1 'test2_user'@'%' DELETE HISTORY TABLE +# Then revoke some privileges +REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2_user%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +test2 t1 'test2_user'@'%' SELECT TABLE +test2 t1 'test2_user'@'%' INSERT TABLE +test2 t1 'test2_user'@'%' UPDATE TABLE +test2 t1 'test2_user'@'%' CREATE TABLE +test2 t1 'test2_user'@'%' INDEX TABLE +test2 t1 'test2_user'@'%' SHOW VIEW TABLE +test2 t1 'test2_user'@'%' TRIGGER TABLE +test2 t1 'test2_user'@'%' DELETE HISTORY TABLE +CREATE ROLE test2_role; +GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role; +# Must show both the user and the role +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +test2 t1 'test2_user'@'%' SELECT TABLE +test2 t1 'test2_user'@'%' INSERT TABLE +test2 t1 'test2_user'@'%' UPDATE TABLE +test2 t1 'test2_user'@'%' CREATE TABLE +test2 t1 'test2_user'@'%' INDEX TABLE +test2 t1 'test2_user'@'%' SHOW VIEW TABLE +test2 t1 'test2_user'@'%' TRIGGER TABLE +test2 t1 'test2_user'@'%' DELETE HISTORY TABLE +test2 t1 'test2_role'@'' SELECT TABLE +test2 t1 'test2_role'@'' UPDATE TABLE +test2 t1 'test2_role'@'' DELETE TABLE +test2 t1 'test2_role'@'' DROP TABLE +test2 t1 'test2_role'@'' INDEX TABLE +CREATE VIEW v1 AS SELECT * FROM t1; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +GRANT SELECT ON v1 TO test2_role; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +test2 v1 'test2_role'@'' SELECT TABLE +GRANT ALL ON v1 TO test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; +TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL +test2 v1 'test2_user'@'%' SELECT TABLE +test2 v1 'test2_user'@'%' INSERT TABLE +test2 v1 'test2_user'@'%' UPDATE TABLE +test2 v1 'test2_user'@'%' DELETE TABLE +test2 v1 'test2_user'@'%' CREATE TABLE +test2 v1 'test2_user'@'%' DROP TABLE +test2 v1 'test2_user'@'%' REFERENCES TABLE +test2 v1 'test2_user'@'%' INDEX TABLE +test2 v1 'test2_user'@'%' ALTER TABLE +test2 v1 'test2_user'@'%' SHOW VIEW TABLE +test2 v1 'test2_user'@'%' TRIGGER TABLE +test2 v1 'test2_user'@'%' DELETE HISTORY TABLE +test2 v1 'test2_role'@'' SELECT TABLE +DROP TABLE t1; +DROP VIEW v1; +DROP USER test2_user; +DROP ROLE test2_role; +DROP DATABASE test2; diff --git a/mysql-test/suite/sysschema/r/v_version.result b/mysql-test/suite/sysschema/r/v_version.result index ac914fc8524..ff1e351b184 100644 --- a/mysql-test/suite/sysschema/r/v_version.result +++ b/mysql-test/suite/sysschema/r/v_version.result @@ -1,3 +1,3 @@ SELECT sys_version FROM sys.version; sys_version -1.5.1 +1.5.2 diff --git a/mysql-test/suite/sysschema/t/v_table_privileges.test b/mysql-test/suite/sysschema/t/v_table_privileges.test new file mode 100644 index 00000000000..2186b75c959 --- /dev/null +++ b/mysql-test/suite/sysschema/t/v_table_privileges.test @@ -0,0 +1,53 @@ +-- source include/not_embedded.inc +# -- source ../include/ps_truncate_all_tables.inc +# Tests for sys schema +# Verify the sys.table_privileges view + +# Ensure structure changes don't slip in +DESC sys.table_privileges; + +# Make sure view select does not error, but ignore results +--disable_result_log +SELECT * FROM sys.table_privileges; +--enable_result_log + +CREATE DATABASE test2; +USE test2; +CREATE TABLE t1 (a int); + +CREATE USER test2_user; + +--echo # Grant everything first +GRANT ALL ON t1 TO test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2_user%'; + +--echo # Then revoke some privileges +REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2_user%'; + +CREATE ROLE test2_role; +GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role; +--echo # Must show both the user and the role +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1' + AND grantee LIKE '%test2%'; + +CREATE VIEW v1 AS SELECT * FROM t1; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; + +GRANT SELECT ON v1 TO test2_role; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; +GRANT ALL ON v1 TO test2_user; +SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1' + AND grantee LIKE '%test2%'; + +DROP TABLE t1; +DROP VIEW v1; +DROP USER test2_user; +DROP ROLE test2_role; +DROP DATABASE test2; + + diff --git a/scripts/sys_schema/CMakeLists.txt b/scripts/sys_schema/CMakeLists.txt index 9222f9fa7aa..c0a953ccf18 100644 --- a/scripts/sys_schema/CMakeLists.txt +++ b/scripts/sys_schema/CMakeLists.txt @@ -38,6 +38,7 @@ ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_object_overview.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_auto_increment_columns.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/x_schema_flattened_keys.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_redundant_indexes.sql +${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/table_privileges.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/ps_check_lost_instrumentation_57.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/latest_file_io.sql ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/x_latest_file_io.sql diff --git a/scripts/sys_schema/NEWS.md b/scripts/sys_schema/NEWS.md index 7aeefb7edf9..cf180fb614d 100644 --- a/scripts/sys_schema/NEWS.md +++ b/scripts/sys_schema/NEWS.md @@ -1,6 +1,13 @@ # Change history for the MySQL sys schema -## 1.5.1 (07/07/16) +## 1.5.2 (2023-11-20) + +### Improvements + +* A new `table_privileges` view was added, which displays privileges on tables granted at all levels (user, schema, table) + + +## 1.5.1 (2016-07-07) ### Improvements @@ -24,7 +31,7 @@ * Oracle Bug #21970806 - The `sysschema.fn_ps_thread_trx_info` test was unstable * Oracle Bug #23621189 - The `ps_trace_statement_digest` procedure ran EXPLAIN incorrectly in certain cases (such as on a SHOW statement, no query being specified, or not having a full qualified table), the procedure now catches these issues and ignores them -## 1.5.0 (11/09/15) +## 1.5.0 (2015-09-11) ### Improvements @@ -84,7 +91,7 @@ * Template files were added for stored procedures and functions * Improved the sys_config_cleanup.inc procedure in tests to be able to reset the sys_config table completely (including the set_by column to NULL). The triggers can now be set to not update the column by setting the @sys.ignore_sys_config_triggers user variable to true -## 1.4.0 (09/03/2015) +## 1.4.0 (2015-03-09) ### Backwards Incompatible Changes @@ -126,7 +133,7 @@ Various changes were made to allow better generation of integration sql files: * Each object has been created within it's own file. No longer do x$ views live with their non-x$ counterparts * DELIMITERs were standardized to $$ -## 1.3.0 (23/10/2014) +## 1.3.0 (2014-10-23) ### Improvements @@ -136,7 +143,7 @@ Various changes were made to allow better generation of integration sql files: * Fixed broken `host_summary_by_stages` views, broken with a last minute change before the 1.2.0 release that went unnoticed (facepalm) -## 1.2.0 (22/10/2014) +## 1.2.0 (2014-10-22) ### Backwards Incompatible Changes @@ -163,7 +170,7 @@ Various changes were made to allow better generation of integration sql files: * Added missing space for hour notation within the `format_time` function * Fixed views affected by MySQL 5.7 ONLY_FULL_GROUP_BY and functional dependency changes -## 1.1.0 (04/09/2014) +## 1.1.0 (2014-09-04) ### Improvements @@ -195,7 +202,7 @@ Various changes were made to allow better generation of integration sql files: * Fixed the RETURN datatype `extract_schema_from_file_name` and `extract_table_from_file_name` to return a VARCHAR(64) (**Contributed by Jesper Wisborg Krogh**) * Added events_transactions_current to the default enabled consumers in 5.7 (#25) -## 1.0.1 (23/05/2014) +## 1.0.1 (2014-05-23) ### Improvements @@ -215,4 +222,4 @@ Various changes were made to allow better generation of integration sql files: * Some views did not work with the ERROR_FOR_DIVISION_BY_ZERO SQL mode. (#6) (**Contributed by Joe Grasse**) * On Windows the `ps_thread_stack()` stored function failed to escape file path backslashes correctly within the JSON output. -## 1.0.0 (11/04/2014) +## 1.0.0 (2014-04-11) diff --git a/scripts/sys_schema/README.md b/scripts/sys_schema/README.md index 2f1dc74e055..0dd5fb96e55 100644 --- a/scripts/sys_schema/README.md +++ b/scripts/sys_schema/README.md @@ -1635,6 +1635,59 @@ mysql> select * from schema_object_overview; 10 rows in set (1.58 sec) ``` +#### table_privileges + +##### Description + +-- Shows privileges on existing tables and views granted at all possible levels: +-- - user_privileges +-- - schema_privileges +-- - table_privileges + +##### Structure + +```SQL +MariaDB [test]> desc sys.table_privileges; ++--------------+--------------+------+-----+---------+-------+ +| Field | Type | Null | Key | Default | Extra | ++--------------+--------------+------+-----+---------+-------+ +| TABLE_SCHEMA | varchar(64) | NO | | NULL | | +| TABLE_NAME | varchar(64) | NO | | NULL | | +| GRANTEE | varchar(385) | NO | | | | +| PRIVILEGE | varchar(64) | NO | | | | +| LEVEL | varchar(6) | NO | | | | ++--------------+--------------+------+-----+---------+-------+ +5 rows in set (0.002 sec) +``` + +##### Example + +```SQL +mysql> select * from sys.table_privileges; ++--------------+------------+--------------------+----------------+--------+ +| TABLE_SCHEMA | TABLE_NAME | GRANTEE | PRIVILEGE_TYPE | LEVEL | ++--------------+------------+--------------------+----------------+--------+ +| test | v1 | 'oleg'@'localhost' | SELECT | GLOBAL | +| test | t1 | 'oleg'@'localhost' | SELECT | GLOBAL | +| test | v1 | 'oleg'@'localhost' | INSERT | GLOBAL | +| test | t1 | 'oleg'@'localhost' | INSERT | GLOBAL | +| test | v1 | 'oleg'@'localhost' | UPDATE | GLOBAL | +| test | v1 | 'PUBLIC'@'' | SELECT | SCHEMA | +| test | t1 | 'PUBLIC'@'' | SELECT | SCHEMA | +| test | v1 | 'PUBLIC'@'' | INSERT | SCHEMA | +| test | t1 | 'PUBLIC'@'' | INSERT | SCHEMA | +| test | v1 | 'PUBLIC'@'' | UPDATE | SCHEMA | +| test | t1 | 'PUBLIC'@'' | UPDATE | SCHEMA | +| test | v1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA | +| test | t1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA | +| test | t1 | 'oleg'@'%' | SELECT | TABLE | +| test | t1 | 'oleg'@'%' | UPDATE | TABLE | +| test | v1 | 'oleg'@'%' | SELECT | TABLE | ++--------------+------------+--------------------+----------------+--------+ +16 rows in set (1.58 sec) +``` + + #### schema_table_statistics / x$schema_table_statistics ##### Description diff --git a/scripts/sys_schema/sys_56.sql b/scripts/sys_schema/sys_56.sql index 1de01d25b21..8bcdcf6f486 100644 --- a/scripts/sys_schema/sys_56.sql +++ b/scripts/sys_schema/sys_56.sql @@ -55,6 +55,7 @@ SOURCE ./views/i_s/schema_object_overview.sql SOURCE ./views/i_s/schema_auto_increment_columns.sql SOURCE ./views/i_s/x_schema_flattened_keys.sql SOURCE ./views/i_s/schema_redundant_indexes.sql +SOURCE ./views/i_s/table_privileges.sql SOURCE ./views/p_s/ps_check_lost_instrumentation.sql SOURCE ./views/p_s/processlist.sql diff --git a/scripts/sys_schema/sys_57.sql b/scripts/sys_schema/sys_57.sql index 277cc62457a..9aad516975d 100644 --- a/scripts/sys_schema/sys_57.sql +++ b/scripts/sys_schema/sys_57.sql @@ -56,6 +56,7 @@ SOURCE ./views/i_s/schema_object_overview.sql SOURCE ./views/i_s/schema_auto_increment_columns.sql SOURCE ./views/i_s/x_schema_flattened_keys.sql SOURCE ./views/i_s/schema_redundant_indexes.sql +SOURCE ./views/i_s/table_privileges.sql SOURCE ./views/p_s/ps_check_lost_instrumentation_57.sql diff --git a/scripts/sys_schema/views/i_s/table_privileges.sql b/scripts/sys_schema/views/i_s/table_privileges.sql new file mode 100644 index 00000000000..6aed7bf8794 --- /dev/null +++ b/scripts/sys_schema/views/i_s/table_privileges.sql @@ -0,0 +1,76 @@ +-- +-- View: table_privileges +-- +-- Shows privileges on existing tables and views granted at all possible levels: +-- - user_privileges +-- - schema_privileges +-- - table_privileges +-- +-- mysql> select * from sys.table_privileges; +-- +--------------+------------+--------------------+----------------+--------+ +-- | TABLE_SCHEMA | TABLE_NAME | GRANTEE | PRIVILEGE_TYPE | LEVEL | +-- +--------------+------------+--------------------+----------------+--------+ +-- | test | v1 | 'oleg'@'localhost' | SELECT | GLOBAL | +-- | test | t1 | 'oleg'@'localhost' | SELECT | GLOBAL | +-- | test | v1 | 'oleg'@'localhost' | INSERT | GLOBAL | +-- | test | t1 | 'oleg'@'localhost' | INSERT | GLOBAL | +-- | test | v1 | 'oleg'@'localhost' | UPDATE | GLOBAL | +-- | test | v1 | 'PUBLIC'@'' | SELECT | SCHEMA | +-- | test | t1 | 'PUBLIC'@'' | SELECT | SCHEMA | +-- | test | v1 | 'PUBLIC'@'' | INSERT | SCHEMA | +-- | test | t1 | 'PUBLIC'@'' | INSERT | SCHEMA | +-- | test | v1 | 'PUBLIC'@'' | UPDATE | SCHEMA | +-- | test | t1 | 'PUBLIC'@'' | UPDATE | SCHEMA | +-- | test | v1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA | +-- | test | t1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA | +-- | test | t1 | 'oleg'@'%' | SELECT | TABLE | +-- | test | t1 | 'oleg'@'%' | UPDATE | TABLE | +-- | test | v1 | 'oleg'@'%' | SELECT | TABLE | +-- +--------------+------------+--------------------+----------------+--------+ + +CREATE OR REPLACE + ALGORITHM = TEMPTABLE + DEFINER = 'mariadb.sys'@'localhost' + SQL SECURITY INVOKER +VIEW table_privileges ( + TABLE_SCHEMA, + TABLE_NAME, + GRANTEE, + PRIVILEGE, + LEVEL +) AS +SELECT t.TABLE_SCHEMA, + t.TABLE_NAME, + privs.GRANTEE, + privs.PRIVILEGE_TYPE, + privs.LEVEL +FROM INFORMATION_SCHEMA.TABLES AS t +JOIN ( SELECT NULL AS TABLE_SCHEMA, + NULL AS TABLE_NAME, + GRANTEE, + PRIVILEGE_TYPE, + 'GLOBAL' LEVEL + FROM INFORMATION_SCHEMA.USER_PRIVILEGES + UNION + SELECT TABLE_SCHEMA, + NULL AS TABLE_NAME, + GRANTEE, + PRIVILEGE_TYPE, + 'SCHEMA' LEVEL + FROM INFORMATION_SCHEMA.SCHEMA_PRIVILEGES + UNION + SELECT TABLE_SCHEMA, + TABLE_NAME, + GRANTEE, + PRIVILEGE_TYPE, + 'TABLE' LEVEL + FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES + ) privs + ON (t.TABLE_SCHEMA = privs.TABLE_SCHEMA OR privs.TABLE_SCHEMA IS NULL) + AND (t.TABLE_NAME = privs.TABLE_NAME OR privs.TABLE_NAME IS NULL) + AND privs.PRIVILEGE_TYPE IN ('SELECT', 'INSERT', 'UPDATE', 'DELETE', + 'CREATE', 'ALTER', 'DROP', 'INDEX', + 'REFERENCES', 'TRIGGER', 'GRANT OPTION', + 'SHOW VIEW', 'DELETE HISTORY') +WHERE t.TABLE_SCHEMA NOT IN ('sys', 'mysql','information_schema', + 'performance_schema'); diff --git a/scripts/sys_schema/views/version.sql b/scripts/sys_schema/views/version.sql index a25b53151d2..4ba6401612b 100644 --- a/scripts/sys_schema/views/version.sql +++ b/scripts/sys_schema/views/version.sql @@ -33,5 +33,5 @@ VIEW version ( sys_version, mysql_version ) AS -SELECT '1.5.1' AS sys_version, - version() AS mysql_version; \ No newline at end of file +SELECT '1.5.2' AS sys_version, + version() AS mysql_version; diff --git a/sql/privilege.h b/sql/privilege.h index 87bb2dc1da3..143eebd125e 100644 --- a/sql/privilege.h +++ b/sql/privilege.h @@ -269,6 +269,11 @@ constexpr privilege_t PROC_DDL_ACLS= constexpr privilege_t SHOW_PROC_WITHOUT_DEFINITION_ACLS= PROC_DDL_ACLS | EXECUTE_ACL; +/* + When changing this, don't forget to update tables_priv + at scripts/mariadb_system_tables.sql, scripts/mariadb_system_tables_fix.sql + and scripts/sys_schema/i_s/table_privileges.sql +*/ constexpr privilege_t TABLE_ACLS= COL_DML_ACLS | ALL_TABLE_DDL_ACLS | VIEW_ACLS | GRANT_ACL | REFERENCES_ACL |