database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

MDEV-21743 Split up SUPER privilege to smaller privileges

Browse Source
This commit is contained in:
Alexander Barkov
2020-02-28 21:59:01 +04:00
parent 91ba789aaf
commit a1e330de5a
82 changed files with 1511 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
mysql-test/main/alter_user.test
View File

@ -16,36 +16,47 @@ select * from mysql.user where user = 'foo';
alter user foo;
select * from mysql.user where user = 'foo';
--echo # Test super privilege works correctly with a read only database.
--echo #
--echo # Test READ_ONLY privilege works correctly with a read only database.
--echo #
SET @start_read_only = @@global.read_only;
SET GLOBAL read_only=1;
grant create user on *.* to foo;
--echo # Currently no super privileges.
--echo # Currently no READ_ONLY ADMIN privileges.
connect (a, localhost, foo);
select @@global.read_only;
--error ER_OPTION_PREVENTS_STATEMENT
alter user foo;
--echo # Grant super privilege to the user.
--echo # Grant READ_ONLY ADMIN privilege to the user.
connection default;
grant super on *.* to foo;
grant READ_ONLY ADMIN on *.* to foo;
--echo # We now have super privilege. We should be able to run alter user.
--echo # We now have READ_ONLY ADMIN privilege. We should be able to run alter user.
connect (b, localhost, foo);
alter user foo;
connection default;
SET GLOBAL read_only = @start_read_only;
--echo #
--echo # Test inexistant user.
--echo #
--error ER_CANNOT_USER
alter user boo;
--echo #--warning ER_CANNOT_USER
alter if exists user boo;
--echo #
--echo # Test password related altering.
--echo #
alter user foo identified by 'something';
select * from mysql.user where user = 'foo';
@ -65,7 +76,11 @@ select * from mysql.user where user = 'foo';
alter user foo identified with 'mysql_old_password' using '0123456789ABCDEF';
select * from mysql.user where user = 'foo';
--echo #
--echo # Test ssl related altering.
--echo #
alter user foo identified by 'something' require SSL;
select * from mysql.user where user = 'foo';
@ -76,7 +91,11 @@ alter user foo identified by 'something'
require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
select * from mysql.user where user = 'foo';
--echo #
--echo # Test resource limits altering.
--echo #
alter user foo with MAX_QUERIES_PER_HOUR 10
MAX_UPDATES_PER_HOUR 20
MAX_CONNECTIONS_PER_HOUR 30