database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

MDEV-24486 Add table_privileges view to the sys schema

Browse Source 
The existing INFORMATION_SCHEMA.TABLE_PRIVILEGES displays only those
privileges that were specifically granted on the table level,
whereas it may be useful to see privileges granted at the database
and global level.

This commit adds a new view `table_privileges` to the `sys` schema
for that purpose. The view shows privileges on existing tables
and views, combining all possible levels:
 - user_privileges
 - schema_privileges
 - table_privileges
This commit is contained in:
Oleg Smirnov
2023-11-16 16:54:16 +07:00
parent 6b2287fff2
commit 1a5e69b42b
30 changed files with 341 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mysql-test/main/ctype_upgrade.result
View File

@ -302,6 +302,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -464,6 +465,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

4
mysql-test/main/information_schema.result
View File

@ -140,6 +140,7 @@ TABLES TABLES
TABLESPACES TABLESPACES
TABLE_CONSTRAINTS TABLE_CONSTRAINTS
TABLE_PRIVILEGES TABLE_PRIVILEGES
TABLE_PRIVILEGES table_privileges
TABLE_STATISTICS TABLE_STATISTICS
TRIGGERS TRIGGERS
t1 t1
@ -163,6 +164,7 @@ TABLES TABLES
TABLESPACES TABLESPACES
TABLE_CONSTRAINTS TABLE_CONSTRAINTS
TABLE_PRIVILEGES TABLE_PRIVILEGES
TABLE_PRIVILEGES table_privileges
TABLE_STATISTICS TABLE_STATISTICS
TRIGGERS TRIGGERS
t1 t1
@ -186,6 +188,7 @@ TABLES TABLES
TABLESPACES TABLESPACES
TABLE_CONSTRAINTS TABLE_CONSTRAINTS
TABLE_PRIVILEGES TABLE_PRIVILEGES
TABLE_PRIVILEGES table_privileges
TABLE_STATISTICS TABLE_STATISTICS
TRIGGERS TRIGGERS
t1 t1
@ -1508,6 +1511,7 @@ statements_with_runtimes_in_95th_percentile YES
statements_with_sorting YES
statements_with_temp_tables YES
statement_analysis YES
table_privileges NO
user YES
user_summary NO
user_summary_by_file_io NO

1
mysql-test/main/log_tables_upgrade.result
View File

@ -87,6 +87,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/lowercase_fs_off.result
View File

@ -178,6 +178,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_json_mysql_upgrade.result
View File

@ -98,6 +98,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result
View File

@ -98,6 +98,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_upgrade-20228.result
View File

@ -91,6 +91,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

2
mysql-test/main/mysql_upgrade-28915.result
View File

@ -149,6 +149,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -413,6 +414,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_upgrade-6984.result
View File

@ -94,6 +94,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

13
mysql-test/main/mysql_upgrade.result
View File

@ -76,6 +76,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -229,6 +230,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -381,6 +383,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -539,6 +542,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -697,6 +701,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -858,6 +863,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -1059,6 +1065,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -1231,6 +1238,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -1411,6 +1419,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -1633,6 +1642,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -1813,6 +1823,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -2045,6 +2056,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -2265,6 +2277,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_upgrade_mysql_json_datatype.result
View File

@ -85,6 +85,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/mysql_upgrade_ssl.result
View File

@ -76,6 +76,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

3
mysql-test/main/mysql_upgrade_view.result
View File

@ -156,6 +156,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -409,6 +410,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -637,6 +639,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/upgrade_MDEV-19650.result
View File

@ -179,6 +179,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

2
mysql-test/main/upgrade_MDEV-23102-1.result
View File

@ -197,6 +197,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -399,6 +400,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

2
mysql-test/main/upgrade_MDEV-23102-2.result
View File

@ -181,6 +181,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK
@ -375,6 +376,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/upgrade_geometrycolumn_procedure_definer.result
View File

@ -127,6 +127,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

1
mysql-test/main/upgrade_mdev_24363.result
View File

@ -141,6 +141,7 @@ sys.statements_with_full_table_scans OK
sys.statements_with_runtimes_in_95th_percentile OK
sys.statements_with_sorting OK
sys.statements_with_temp_tables OK
sys.table_privileges OK
sys.user_summary OK
sys.user_summary_by_file_io OK
sys.user_summary_by_file_io_type OK

3
mysql-test/suite/sysschema/r/all_sys_objects_exist.result
View File

@ -42,6 +42,7 @@ statements_with_sorting
statements_with_temp_tables
statement_analysis
sys_config
table_privileges
user_summary
user_summary_by_file_io
user_summary_by_file_io_type
@ -159,4 +160,4 @@ SELECT TRIGGER_NAME FROM INFORMATION_SCHEMA.TRIGGERS WHERE TRIGGER_SCHEMA = 'sys
TRIGGER_NAME
SELECT sys_version FROM sys.version;
sys_version
1.5.1
1.5.2

92
mysql-test/suite/sysschema/r/v_table_privileges.result Normal file
View File

@ -0,0 +1,92 @@
DESC sys.table_privileges;
Field Type Null Key Default Extra
TABLE_SCHEMA varchar(64) NO NULL
TABLE_NAME varchar(64) NO NULL
GRANTEE varchar(385) NO
PRIVILEGE varchar(64) NO
LEVEL varchar(6) NO
SELECT * FROM sys.table_privileges;
CREATE DATABASE test2;
USE test2;
CREATE TABLE t1 (a int);
CREATE USER test2_user;
# Grant everything first
GRANT ALL ON t1 TO test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2_user%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
test2 t1 'test2_user'@'%' SELECT TABLE
test2 t1 'test2_user'@'%' INSERT TABLE
test2 t1 'test2_user'@'%' UPDATE TABLE
test2 t1 'test2_user'@'%' DELETE TABLE
test2 t1 'test2_user'@'%' CREATE TABLE
test2 t1 'test2_user'@'%' DROP TABLE
test2 t1 'test2_user'@'%' REFERENCES TABLE
test2 t1 'test2_user'@'%' INDEX TABLE
test2 t1 'test2_user'@'%' ALTER TABLE
test2 t1 'test2_user'@'%' SHOW VIEW TABLE
test2 t1 'test2_user'@'%' TRIGGER TABLE
test2 t1 'test2_user'@'%' DELETE HISTORY TABLE
# Then revoke some privileges
REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2_user%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
test2 t1 'test2_user'@'%' SELECT TABLE
test2 t1 'test2_user'@'%' INSERT TABLE
test2 t1 'test2_user'@'%' UPDATE TABLE
test2 t1 'test2_user'@'%' CREATE TABLE
test2 t1 'test2_user'@'%' INDEX TABLE
test2 t1 'test2_user'@'%' SHOW VIEW TABLE
test2 t1 'test2_user'@'%' TRIGGER TABLE
test2 t1 'test2_user'@'%' DELETE HISTORY TABLE
CREATE ROLE test2_role;
GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role;
# Must show both the user and the role
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
test2 t1 'test2_user'@'%' SELECT TABLE
test2 t1 'test2_user'@'%' INSERT TABLE
test2 t1 'test2_user'@'%' UPDATE TABLE
test2 t1 'test2_user'@'%' CREATE TABLE
test2 t1 'test2_user'@'%' INDEX TABLE
test2 t1 'test2_user'@'%' SHOW VIEW TABLE
test2 t1 'test2_user'@'%' TRIGGER TABLE
test2 t1 'test2_user'@'%' DELETE HISTORY TABLE
test2 t1 'test2_role'@'' SELECT TABLE
test2 t1 'test2_role'@'' UPDATE TABLE
test2 t1 'test2_role'@'' DELETE TABLE
test2 t1 'test2_role'@'' DROP TABLE
test2 t1 'test2_role'@'' INDEX TABLE
CREATE VIEW v1 AS SELECT * FROM t1;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
GRANT SELECT ON v1 TO test2_role;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
test2 v1 'test2_role'@'' SELECT TABLE
GRANT ALL ON v1 TO test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
TABLE_SCHEMA TABLE_NAME GRANTEE PRIVILEGE LEVEL
test2 v1 'test2_user'@'%' SELECT TABLE
test2 v1 'test2_user'@'%' INSERT TABLE
test2 v1 'test2_user'@'%' UPDATE TABLE
test2 v1 'test2_user'@'%' DELETE TABLE
test2 v1 'test2_user'@'%' CREATE TABLE
test2 v1 'test2_user'@'%' DROP TABLE
test2 v1 'test2_user'@'%' REFERENCES TABLE
test2 v1 'test2_user'@'%' INDEX TABLE
test2 v1 'test2_user'@'%' ALTER TABLE
test2 v1 'test2_user'@'%' SHOW VIEW TABLE
test2 v1 'test2_user'@'%' TRIGGER TABLE
test2 v1 'test2_user'@'%' DELETE HISTORY TABLE
test2 v1 'test2_role'@'' SELECT TABLE
DROP TABLE t1;
DROP VIEW v1;
DROP USER test2_user;
DROP ROLE test2_role;
DROP DATABASE test2;

2
mysql-test/suite/sysschema/r/v_version.result
View File

@ -1,3 +1,3 @@
SELECT sys_version FROM sys.version;
sys_version
1.5.1
1.5.2

53
mysql-test/suite/sysschema/t/v_table_privileges.test Normal file
View File

@ -0,0 +1,53 @@
-- source include/not_embedded.inc
# -- source ../include/ps_truncate_all_tables.inc
# Tests for sys schema
# Verify the sys.table_privileges view
# Ensure structure changes don't slip in
DESC sys.table_privileges;
# Make sure view select does not error, but ignore results
--disable_result_log
SELECT * FROM sys.table_privileges;
--enable_result_log
CREATE DATABASE test2;
USE test2;
CREATE TABLE t1 (a int);
CREATE USER test2_user;
--echo # Grant everything first
GRANT ALL ON t1 TO test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2_user%';
--echo # Then revoke some privileges
REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2_user%';
CREATE ROLE test2_role;
GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role;
--echo # Must show both the user and the role
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
AND grantee LIKE '%test2%';
CREATE VIEW v1 AS SELECT * FROM t1;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
GRANT SELECT ON v1 TO test2_role;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
GRANT ALL ON v1 TO test2_user;
SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
AND grantee LIKE '%test2%';
DROP TABLE t1;
DROP VIEW v1;
DROP USER test2_user;
DROP ROLE test2_role;
DROP DATABASE test2;

1
scripts/sys_schema/CMakeLists.txt
View File

@ -38,6 +38,7 @@ ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_object_overview.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_auto_increment_columns.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/x_schema_flattened_keys.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_redundant_indexes.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/table_privileges.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/ps_check_lost_instrumentation_57.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/latest_file_io.sql
${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/x_latest_file_io.sql

23
scripts/sys_schema/NEWS.md
View File

@ -1,6 +1,13 @@
# Change history for the MySQL sys schema
## 1.5.1 (07/07/16)
## 1.5.2 (2023-11-20)
### Improvements
* A new `table_privileges` view was added, which displays privileges on tables granted at all levels (user, schema, table)
## 1.5.1 (2016-07-07)
### Improvements
@ -24,7 +31,7 @@
* Oracle Bug #21970806 - The `sysschema.fn_ps_thread_trx_info` test was unstable
* Oracle Bug #23621189 - The `ps_trace_statement_digest` procedure ran EXPLAIN incorrectly in certain cases (such as on a SHOW statement, no query being specified, or not having a full qualified table), the procedure now catches these issues and ignores them
## 1.5.0 (11/09/15)
## 1.5.0 (2015-09-11)
### Improvements
@ -84,7 +91,7 @@
* Template files were added for stored procedures and functions
* Improved the sys_config_cleanup.inc procedure in tests to be able to reset the sys_config table completely (including the set_by column to NULL). The triggers can now be set to not update the column by setting the @sys.ignore_sys_config_triggers user variable to true
## 1.4.0 (09/03/2015)
## 1.4.0 (2015-03-09)
### Backwards Incompatible Changes
@ -126,7 +133,7 @@ Various changes were made to allow better generation of integration sql files:
* Each object has been created within it's own file. No longer do x$ views live with their non-x$ counterparts
* DELIMITERs were standardized to $$
## 1.3.0 (23/10/2014)
## 1.3.0 (2014-10-23)
### Improvements
@ -136,7 +143,7 @@ Various changes were made to allow better generation of integration sql files:
* Fixed broken `host_summary_by_stages` views, broken with a last minute change before the 1.2.0 release that went unnoticed (facepalm)
## 1.2.0 (22/10/2014)
## 1.2.0 (2014-10-22)
### Backwards Incompatible Changes
@ -163,7 +170,7 @@ Various changes were made to allow better generation of integration sql files:
* Added missing space for hour notation within the `format_time` function
* Fixed views affected by MySQL 5.7 ONLY_FULL_GROUP_BY and functional dependency changes
## 1.1.0 (04/09/2014)
## 1.1.0 (2014-09-04)
### Improvements
@ -195,7 +202,7 @@ Various changes were made to allow better generation of integration sql files:
* Fixed the RETURN datatype `extract_schema_from_file_name` and `extract_table_from_file_name` to return a VARCHAR(64) (**Contributed by Jesper Wisborg Krogh**)
* Added events_transactions_current to the default enabled consumers in 5.7 (#25)
## 1.0.1 (23/05/2014)
## 1.0.1 (2014-05-23)
### Improvements
@ -215,4 +222,4 @@ Various changes were made to allow better generation of integration sql files:
* Some views did not work with the ERROR_FOR_DIVISION_BY_ZERO SQL mode. (#6) (**Contributed by Joe Grasse**)
* On Windows the `ps_thread_stack()` stored function failed to escape file path backslashes correctly within the JSON output.
## 1.0.0 (11/04/2014)
## 1.0.0 (2014-04-11)

53
scripts/sys_schema/README.md
View File

@ -1635,6 +1635,59 @@ mysql> select * from schema_object_overview;
10 rows in set (1.58 sec)
```
#### table_privileges
##### Description
-- Shows privileges on existing tables and views granted at all possible levels:
-- - user_privileges
-- - schema_privileges
-- - table_privileges
##### Structure
```SQL
MariaDB [test]> desc sys.table_privileges;
+--------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+--------------+--------------+------+-----+---------+-------+
| TABLE_SCHEMA | varchar(64) | NO | | NULL | |
| TABLE_NAME | varchar(64) | NO | | NULL | |
| GRANTEE | varchar(385) | NO | | | |
| PRIVILEGE | varchar(64) | NO | | | |
| LEVEL | varchar(6) | NO | | | |
+--------------+--------------+------+-----+---------+-------+
5 rows in set (0.002 sec)
```
##### Example
```SQL
mysql> select * from sys.table_privileges;
+--------------+------------+--------------------+----------------+--------+
| TABLE_SCHEMA | TABLE_NAME | GRANTEE | PRIVILEGE_TYPE | LEVEL |
+--------------+------------+--------------------+----------------+--------+
| test | v1 | 'oleg'@'localhost' | SELECT | GLOBAL |
| test | t1 | 'oleg'@'localhost' | SELECT | GLOBAL |
| test | v1 | 'oleg'@'localhost' | INSERT | GLOBAL |
| test | t1 | 'oleg'@'localhost' | INSERT | GLOBAL |
| test | v1 | 'oleg'@'localhost' | UPDATE | GLOBAL |
| test | v1 | 'PUBLIC'@'' | SELECT | SCHEMA |
| test | t1 | 'PUBLIC'@'' | SELECT | SCHEMA |
| test | v1 | 'PUBLIC'@'' | INSERT | SCHEMA |
| test | t1 | 'PUBLIC'@'' | INSERT | SCHEMA |
| test | v1 | 'PUBLIC'@'' | UPDATE | SCHEMA |
| test | t1 | 'PUBLIC'@'' | UPDATE | SCHEMA |
| test | v1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA |
| test | t1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA |
| test | t1 | 'oleg'@'%' | SELECT | TABLE |
| test | t1 | 'oleg'@'%' | UPDATE | TABLE |
| test | v1 | 'oleg'@'%' | SELECT | TABLE |
+--------------+------------+--------------------+----------------+--------+
16 rows in set (1.58 sec)
```
#### schema_table_statistics / x$schema_table_statistics
##### Description

1
scripts/sys_schema/sys_56.sql
View File

@ -55,6 +55,7 @@ SOURCE ./views/i_s/schema_object_overview.sql
SOURCE ./views/i_s/schema_auto_increment_columns.sql
SOURCE ./views/i_s/x_schema_flattened_keys.sql
SOURCE ./views/i_s/schema_redundant_indexes.sql
SOURCE ./views/i_s/table_privileges.sql
SOURCE ./views/p_s/ps_check_lost_instrumentation.sql
SOURCE ./views/p_s/processlist.sql

1
scripts/sys_schema/sys_57.sql
View File

@ -56,6 +56,7 @@ SOURCE ./views/i_s/schema_object_overview.sql
SOURCE ./views/i_s/schema_auto_increment_columns.sql
SOURCE ./views/i_s/x_schema_flattened_keys.sql
SOURCE ./views/i_s/schema_redundant_indexes.sql
SOURCE ./views/i_s/table_privileges.sql
SOURCE ./views/p_s/ps_check_lost_instrumentation_57.sql

76
scripts/sys_schema/views/i_s/table_privileges.sql Normal file
View File

@ -0,0 +1,76 @@
--
-- View: table_privileges
--
-- Shows privileges on existing tables and views granted at all possible levels:
-- - user_privileges
-- - schema_privileges
-- - table_privileges
--
-- mysql> select * from sys.table_privileges;
-- +--------------+------------+--------------------+----------------+--------+
-- | TABLE_SCHEMA | TABLE_NAME | GRANTEE | PRIVILEGE_TYPE | LEVEL |
-- +--------------+------------+--------------------+----------------+--------+
-- | test | v1 | 'oleg'@'localhost' | SELECT | GLOBAL |
-- | test | t1 | 'oleg'@'localhost' | SELECT | GLOBAL |
-- | test | v1 | 'oleg'@'localhost' | INSERT | GLOBAL |
-- | test | t1 | 'oleg'@'localhost' | INSERT | GLOBAL |
-- | test | v1 | 'oleg'@'localhost' | UPDATE | GLOBAL |
-- | test | v1 | 'PUBLIC'@'' | SELECT | SCHEMA |
-- | test | t1 | 'PUBLIC'@'' | SELECT | SCHEMA |
-- | test | v1 | 'PUBLIC'@'' | INSERT | SCHEMA |
-- | test | t1 | 'PUBLIC'@'' | INSERT | SCHEMA |
-- | test | v1 | 'PUBLIC'@'' | UPDATE | SCHEMA |
-- | test | t1 | 'PUBLIC'@'' | UPDATE | SCHEMA |
-- | test | v1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA |
-- | test | t1 | 'PUBLIC'@'' | DELETE HISTORY | SCHEMA |
-- | test | t1 | 'oleg'@'%' | SELECT | TABLE |
-- | test | t1 | 'oleg'@'%' | UPDATE | TABLE |
-- | test | v1 | 'oleg'@'%' | SELECT | TABLE |
-- +--------------+------------+--------------------+----------------+--------+
CREATE OR REPLACE
ALGORITHM = TEMPTABLE
DEFINER = 'mariadb.sys'@'localhost'
SQL SECURITY INVOKER
VIEW table_privileges (
TABLE_SCHEMA,
TABLE_NAME,
GRANTEE,
PRIVILEGE,
LEVEL
) AS
SELECT t.TABLE_SCHEMA,
t.TABLE_NAME,
privs.GRANTEE,
privs.PRIVILEGE_TYPE,
privs.LEVEL
FROM INFORMATION_SCHEMA.TABLES AS t
JOIN ( SELECT NULL AS TABLE_SCHEMA,
NULL AS TABLE_NAME,
GRANTEE,
PRIVILEGE_TYPE,
'GLOBAL' LEVEL
FROM INFORMATION_SCHEMA.USER_PRIVILEGES
UNION
SELECT TABLE_SCHEMA,
NULL AS TABLE_NAME,
GRANTEE,
PRIVILEGE_TYPE,
'SCHEMA' LEVEL
FROM INFORMATION_SCHEMA.SCHEMA_PRIVILEGES
UNION
SELECT TABLE_SCHEMA,
TABLE_NAME,
GRANTEE,
PRIVILEGE_TYPE,
'TABLE' LEVEL
FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES
) privs
ON (t.TABLE_SCHEMA = privs.TABLE_SCHEMA OR privs.TABLE_SCHEMA IS NULL)
AND (t.TABLE_NAME = privs.TABLE_NAME OR privs.TABLE_NAME IS NULL)
AND privs.PRIVILEGE_TYPE IN ('SELECT', 'INSERT', 'UPDATE', 'DELETE',
'CREATE', 'ALTER', 'DROP', 'INDEX',
'REFERENCES', 'TRIGGER', 'GRANT OPTION',
'SHOW VIEW', 'DELETE HISTORY')
WHERE t.TABLE_SCHEMA NOT IN ('sys', 'mysql','information_schema',
'performance_schema');

4
scripts/sys_schema/views/version.sql
View File

@ -33,5 +33,5 @@ VIEW version (
sys_version,
mysql_version
) AS
SELECT '1.5.1' AS sys_version,
version() AS mysql_version;
SELECT '1.5.2' AS sys_version,
version() AS mysql_version;

5
sql/privilege.h
View File

@ -269,6 +269,11 @@ constexpr privilege_t PROC_DDL_ACLS=
constexpr privilege_t SHOW_PROC_WITHOUT_DEFINITION_ACLS=
PROC_DDL_ACLS | EXECUTE_ACL;
/*
When changing this, don't forget to update tables_priv
at scripts/mariadb_system_tables.sql, scripts/mariadb_system_tables_fix.sql
and scripts/sys_schema/i_s/table_privileges.sql
*/
constexpr privilege_t TABLE_ACLS=
COL_DML_ACLS | ALL_TABLE_DDL_ACLS | VIEW_ACLS |
GRANT_ACL | REFERENCES_ACL |