MDEV-21928 ALTER USER doesn't remove excess authentication plugins from mysql.global_priv

only use auth1 update (no "auth_or":[]) array, if there was no "auth_or" array in the json yet.
2025-07-29 05:21:33 +03:00 · 2020-04-22 19:59:48 +02:00
parent 2144dc1ff2
commit a58b2b3b2b
3 changed files with 29 additions and 2 deletions
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@ -1425,9 +1425,12 @@ class User_table_json: public User_table

  bool set_auth(const ACL_USER &u) const
  {
-    StringBuffer<JSON_SIZE> json(m_table->field[2]->charset());
-    if (u.nauth == 1)
+    size_t array_len;
+    const char *array;
+    if (u.nauth == 1 && get_value("auth_or", JSV_ARRAY, &array, &array_len))
      return set_auth1(u, 0);
+
+    StringBuffer<JSON_SIZE> json(m_table->field[2]->charset());
    bool top_done = false;
    json.append('[');
    for (uint i=0; i < u.nauth; i++)