fix of required privileges for altering view VIEW (DELETE->DROP) (BUG#9260)

2025-12-24 11:21:21 +03:00 · 2005-04-02 18:05:00 +03:00
parent 2292480e79
commit 3061a749e6
3 changed files with 20 additions and 6 deletions
--- a/mysql-test/r/view.result
+++ b/mysql-test/r/view.result
@@ -237,13 +237,17 @@ grant select on mysqltest.t1 to mysqltest_1@localhost;
 grant create view,select on test.* to mysqltest_1@localhost;
 create view v1 as select * from mysqltest.t1;
 alter view v1 as select * from mysqltest.t1;
-ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v1'
+ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 'v1'
 create or replace view v1 as select * from mysqltest.t1;
-ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v1'
+ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 'v1'
 create view mysqltest.v2  as select * from mysqltest.t1;
 ERROR 42000: CREATE VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
 create view v2 as select * from mysqltest.t2;
 ERROR 42000: ANY command denied to user 'mysqltest_1'@'localhost' for table 't2'
+grant create view,drop,select on test.* to mysqltest_1@localhost;
+use test;
+alter view v1 as select * from mysqltest.t1;
+create or replace view v1 as select * from mysqltest.t1;
 revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
 revoke all privileges on test.* from mysqltest_1@localhost;
 drop database mysqltest;
--- a/mysql-test/t/view.test
+++ b/mysql-test/t/view.test
@@ -181,7 +181,7 @@ connect (user1,localhost,mysqltest_1,,test);
 connection user1;

 create view v1 as select * from mysqltest.t1;
-# try to modify view without DELETE privilege on it
+# try to modify view without DROP privilege on it
 -- error 1142
 alter view v1 as select * from mysqltest.t1;
 -- error 1142
@@ -193,6 +193,16 @@ create view mysqltest.v2  as select * from mysqltest.t1;
 -- error 1142
 create view v2 as select * from mysqltest.t2;

+connection root;
+grant create view,drop,select on test.* to mysqltest_1@localhost;
+
+connection user1;
+# following 'use' command is workaround of bug #9582 and should be removed
+# when that bug will be fixed
+use test;
+alter view v1 as select * from mysqltest.t1;
+create or replace view v1 as select * from mysqltest.t1;
+
 connection root;
 revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
 revoke all privileges on test.* from mysqltest_1@localhost;
--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -89,7 +89,7 @@ bool mysql_create_view(THD *thd,
  /*
    Privilege check for view creation:
    - user have CREATE VIEW privilege on view table
-    - user have DELETE privilege in case of ALTER VIEW or CREATE OR REPLACE
+    - user have DROP privilege in case of ALTER VIEW or CREATE OR REPLACE
    VIEW
    - have some (SELECT/UPDATE/INSERT/DELETE) privileges on columns of
    underlying tables used on top of SELECT list (because it can be
@@ -104,9 +104,9 @@ bool mysql_create_view(THD *thd,
                    0, 0) ||
       grant_option && check_grant(thd, CREATE_VIEW_ACL, view, 0, 1, 0)) ||
      (mode != VIEW_CREATE_NEW &&
-       (check_access(thd, DELETE_ACL, view->db, &view->grant.privilege,
+       (check_access(thd, DROP_ACL, view->db, &view->grant.privilege,
                     0, 0) ||
-        grant_option && check_grant(thd, DELETE_ACL, view, 0, 1, 0))))
+        grant_option && check_grant(thd, DROP_ACL, view, 0, 1, 0))))
    DBUG_RETURN(TRUE);
  for (sl= select_lex; sl; sl= sl->next_select())
  {