database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Added more tests to grant2. Fixed some previous tests.

Browse Source 
Added new logic to ACL system:

1) If GRANT OPTION (not mysql db):
   Ok to update existing user, but not password.
   Not allowed to make a new user.

2) If UPDATE_ACL to mysql DB:
   Ok to update current user, but not make a new one.

3) If INSERT_ACL to mysql DB:
   Ok to add a new user, but not modify existing.

4) If GRANT OPTION to mysql DB:
   All modifications OK.


mysql-test/r/grant2.result:
  Added more ACL tests and fixed results in some old tests.
mysql-test/t/grant2.test:
  Added more ACL tests and fixed results in some old tests.
sql/sql_acl.h:
  Made check_acl_user() visible to sql_parse.cc
sql/sql_parse.cc:
  Added new logic to ACL system:
  
  1) If GRANT OPTION (not mysql db):
     Ok to update existing user, but not password.
     Not allowed to make a new user.
  
  2) If UPDATE_ACL to mysql DB:
     Ok to update current user, but not make a new one.
  
  3) If INSERT_ACL to mysql DB:
     Ok to add a new user, but not modify existing.
  
  4) If GRANT OPTION to mysql DB:
     All modifications OK.
This commit is contained in:
unknown
2005-03-18 13:32:28 +02:00
parent 0f58efbd48
commit c94570057c
4 changed files with 86 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
mysql-test/r/grant2.result
View File

@ -5,6 +5,23 @@ delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option;
create user mysqltest_2@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
ERROR 42000: You must have privileges to update tables in the mysql database to be able to change passwords for others
grant update on mysql.* to mysqltest_1@localhost;
grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
grant select on `my\_1`.* to mysqltest_3@localhost;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant insert on mysql.* to mysqltest_1@localhost;
grant select on `my\_1`.* to mysqltest_3@localhost;
grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass';
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
select current_user();
current_user()
@ -13,6 +30,7 @@ select current_user;
current_user
mysqltest_1@localhost
grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
set @@sql_mode='NO_AUTO_CREATE_USER';
@ -23,15 +41,13 @@ grant select on `my\_1`.* to mysqltest_4@localhost with grant option;
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass'
with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql'
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
show grants for mysqltest_2@localhost;
Grants for mysqltest_2@localhost
GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
ERROR 42000: There is no such grant defined for user 'mysqltest_2' on host 'localhost'
show grants for mysqltest_3@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
delete from mysql.user where user like 'mysqltest\_%';
@ -61,9 +77,9 @@ flush privileges;
create table t1 (a int, b int);
grant select (a) on t1 to mysqltest_1@localhost with grant option;
grant select (a,b) on t1 to mysqltest_2@localhost;
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
grant select on t1 to mysqltest_3@localhost;
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'
ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
drop table t1;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';