database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

Bug #20482: failure on Create join view with sources views/tables in different

Browse Source 
schemas
The function check_one_table_access() called to check access to tables in 
SELECT/INSERT/UPDATE was doing additional checks/modifications that don't hold
in the context of setup_tables_and_check_access().
That's why the check_one_table() was split into two : the functionality needed by
setup_tables_and_check_access() into check_single_table_access() and the rest of 
the functionality stays in check_one_table_access() that is made to call the new
check_single_table_access() function.
This commit is contained in:
gkodinov@mysql.com
2006-06-21 12:12:46 +03:00
parent ee2e2d0c6d
commit 75ca055493
5 changed files with 67 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mysql-test/r/view_grant.result
View File

@ -618,3 +618,15 @@ ERROR HY000: There is no 'no-such-user'@'localhost' registered
DROP VIEW v; DROP VIEW v;
DROP TABLE t1; DROP TABLE t1;
USE test; USE test;
CREATE DATABASE test1;
CREATE DATABASE test2;
CREATE TABLE test1.t0 (a VARCHAR(20));
CREATE TABLE test2.t1 (a VARCHAR(20));
CREATE VIEW test2.t3 AS SELECT * FROM test1.t0;
CREATE OR REPLACE VIEW test.v1 AS
SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
DROP VIEW test.v1;
DROP VIEW test2.t3;
DROP TABLE test2.t1, test1.t0;
DROP DATABASE test2;
DROP DATABASE test1;

21
mysql-test/t/view_grant.test
View File

@ -807,3 +807,24 @@ SELECT * FROM v;
DROP VIEW v; DROP VIEW v;
DROP TABLE t1; DROP TABLE t1;
USE test; USE test;
#
# BUG#20482: failure on Create join view with sources views/tables
# in different schemas
#
--disable_warnings
CREATE DATABASE test1;
CREATE DATABASE test2;
--enable_warnings
CREATE TABLE test1.t0 (a VARCHAR(20));
CREATE TABLE test2.t1 (a VARCHAR(20));
CREATE VIEW test2.t3 AS SELECT * FROM test1.t0;
CREATE OR REPLACE VIEW test.v1 AS
SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
DROP VIEW test.v1;
DROP VIEW test2.t3;
DROP TABLE test2.t1, test1.t0;
DROP DATABASE test2;
DROP DATABASE test1;

2
sql/mysql_priv.h
View File

@ -513,6 +513,8 @@ class THD;
void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0); void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
bool check_one_table_access(THD *thd, ulong privilege, bool check_one_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables); TABLE_LIST *tables);
bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables);
bool check_routine_access(THD *thd,ulong want_access,char *db,char *name, bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
bool is_proc, bool no_errors); bool is_proc, bool no_errors);
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table); bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);

2
sql/sql_base.cc
View File

@ -4545,7 +4545,7 @@ bool setup_tables_and_check_access(THD *thd,
for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf) for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf)
if (leaves_tmp->belong_to_view && if (leaves_tmp->belong_to_view &&
check_one_table_access(thd, want_access, leaves_tmp)) check_single_table_access(thd, want_access, leaves_tmp))
{ {
tables->hide_view_error(thd); tables->hide_view_error(thd);
return TRUE; return TRUE;

40
sql/sql_parse.cc
View File

@ -4978,11 +4978,10 @@ error:
/* /*
Check grants for commands which work only with one table and all other Check grants for commands which work only with one table.
tables belonging to subselects or implicitly opened tables.
SYNOPSIS SYNOPSIS
check_one_table_access() check_single_table_access()
thd Thread handler thd Thread handler
privilege requested privilege privilege requested privilege
all_tables global table list of query all_tables global table list of query
@ -4992,7 +4991,8 @@ error:
1 - access denied, error is sent to client 1 - access denied, error is sent to client
*/ */
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables) bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *all_tables)
{ {
Security_context * backup_ctx= thd->security_ctx; Security_context * backup_ctx= thd->security_ctx;
@ -5010,19 +5010,41 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
goto deny; goto deny;
thd->security_ctx= backup_ctx; thd->security_ctx= backup_ctx;
return 0;
deny:
thd->security_ctx= backup_ctx;
return 1;
}
/*
Check grants for commands which work only with one table and all other
tables belonging to subselects or implicitly opened tables.
SYNOPSIS
check_one_table_access()
thd Thread handler
privilege requested privilege
all_tables global table list of query
RETURN
0 - OK
1 - access denied, error is sent to client
*/
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
{
if (check_single_table_access (thd,privilege,all_tables))
return 1;
/* Check rights on tables of subselects and implictly opened tables */ /* Check rights on tables of subselects and implictly opened tables */
TABLE_LIST *subselects_tables; TABLE_LIST *subselects_tables;
if ((subselects_tables= all_tables->next_global)) if ((subselects_tables= all_tables->next_global))
{ {
if ((check_table_access(thd, SELECT_ACL, subselects_tables, 0))) if ((check_table_access(thd, SELECT_ACL, subselects_tables, 0)))
goto deny; return 1;
} }
return 0; return 0;
deny:
thd->security_ctx= backup_ctx;
return 1;
} }