database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

cleanup: PRIV_LOCK_TABLES (10.5 style)

Browse Source
This commit is contained in:
Sergei Golubchik
2020-10-25 18:16:24 +01:00
parent 8584349108
commit 320a73f6a2
1 changed files with 17 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
sql/sql_parse.cc
View File

@ -100,6 +100,8 @@
#include "my_json_writer.h" #include "my_json_writer.h"
#define PRIV_LOCK_TABLES (SELECT_ACL | LOCK_TABLES_ACL)
#define FLAGSTR(V,F) ((V)&(F)?#F" ":"") #define FLAGSTR(V,F) ((V)&(F)?#F" ":"")
#ifdef WITH_ARIA_STORAGE_ENGINE #ifdef WITH_ARIA_STORAGE_ENGINE
@ -4560,7 +4562,7 @@ mysql_execute_command(THD *thd)
if (first_table && lex->type & (REFRESH_READ_LOCK|REFRESH_FOR_EXPORT)) if (first_table && lex->type & (REFRESH_READ_LOCK|REFRESH_FOR_EXPORT))
{ {
/* Check table-level privileges. */ /* Check table-level privileges. */
if (check_table_access(thd, LOCK_TABLES_ACL | SELECT_ACL, all_tables, if (check_table_access(thd, PRIV_LOCK_TABLES, all_tables,
FALSE, UINT_MAX, FALSE)) FALSE, UINT_MAX, FALSE))
goto error; goto error;
@ -6065,7 +6067,7 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
@param thd Thread handler @param thd Thread handler
@param privilege requested privilege @param privilege requested privilege
@param all_tables global table list of query @param tables global table list of query
@param no_errors FALSE/TRUE - report/don't report error to @param no_errors FALSE/TRUE - report/don't report error to
the client (using my_error() call). the client (using my_error() call).
@ -6075,32 +6077,29 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
1 access denied, error is sent to client 1 access denied, error is sent to client
*/ */
bool check_single_table_access(THD *thd, ulong privilege, bool check_single_table_access(THD *thd, ulong privilege, TABLE_LIST *tables,
TABLE_LIST *all_tables, bool no_errors) bool no_errors)
{ {
Security_context * backup_ctx= thd->security_ctx; Security_context * backup_ctx= thd->security_ctx;
/* we need to switch to the saved context (if any) */ /* we need to switch to the saved context (if any) */
if (all_tables->security_ctx) if (tables->security_ctx)
thd->security_ctx= all_tables->security_ctx; thd->security_ctx= tables->security_ctx;
const char *db_name; const char *db_name;
if ((all_tables->view || all_tables->field_translation) && if ((tables->view || tables->field_translation) && !tables->schema_table)
!all_tables->schema_table) db_name= tables->view_db.str;
db_name= all_tables->view_db.str;
else else
db_name= all_tables->db; db_name= tables->db;
if (check_access(thd, privilege, db_name, if (check_access(thd, privilege, db_name, &tables->grant.privilege,
&all_tables->grant.privilege, &tables->grant.m_internal, 0, no_errors))
&all_tables->grant.m_internal,
0, no_errors))
goto deny; goto deny;
/* Show only 1 table for check_grant */ /* Show only 1 table for check_grant */
if (!(all_tables->belong_to_view && if (!(tables->belong_to_view &&
(thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) && (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
check_grant(thd, privilege, all_tables, FALSE, 1, no_errors)) check_grant(thd, privilege, tables, FALSE, 1, no_errors))
goto deny; goto deny;
thd->security_ctx= backup_ctx; thd->security_ctx= backup_ctx;
@ -9060,7 +9059,7 @@ static bool lock_tables_precheck(THD *thd, TABLE_LIST *tables)
if (is_temporary_table(table)) if (is_temporary_table(table))
continue; continue;
if (check_table_access(thd, LOCK_TABLES_ACL | SELECT_ACL, table, if (check_table_access(thd, PRIV_LOCK_TABLES, table,
FALSE, 1, FALSE)) FALSE, 1, FALSE))
return TRUE; return TRUE;
} }