database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-27 18:02:13 +03:00
Code Activity

REVOKE all privileges and delete user(244)

Browse Source 
include/mysqld_error.h:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
mysql-test/r/grant.result:
  Test for DROP USER, REVOKE ALL PRIVILEGES, GRANT
mysql-test/t/grant.test:
  Test for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/czech/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/danish/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/dutch/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/english/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/estonian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/french/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/german/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/greek/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/hungarian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/italian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/japanese/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/korean/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/norwegian-ny/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/norwegian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/polish/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/portuguese/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/romanian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/russian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/serbian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/slovak/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/spanish/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/swedish/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
sql/share/ukrainian/errmsg.txt:
  Error messages for DROP USER, REVOKE ALL PRIVILEGES, GRANT
This commit is contained in:
unknown
2003-06-06 17:43:23 +05:00
parent 4beedd513e
commit d1a1d24c1f
32 changed files with 456 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/mysqld_error.h
View File

@ -282,4 +282,6 @@
#define ER_WARN_DATA_TRUNCATED 1263
#define ER_WARN_USING_OTHER_HANDLER 1264
#define ER_CANT_AGGREGATE_COLLATIONS 1265
#define ER_DROP_USER 1266
#define ER_REVOKE_GRANTS 1267
#define ER_ERROR_MESSAGES 266

35
mysql-test/r/grant.result
View File

@ -1,3 +1,5 @@
drop table if exists t1;
create table t1 (a int);
delete from mysql.user where user='mysqltest_1';
delete from mysql.db where user='mysqltest_1';
flush privileges;
@ -69,3 +71,36 @@ show grants for user@localhost;
Grants for user@localhost
GRANT USAGE ON *.* TO 'user'@'localhost'
GRANT USAGE ON `test`.* TO 'user'@'localhost' WITH GRANT OPTION
grant ALL PRIVILEGES on *.* to drop_user2@localhost with GRANT OPTION;
show grants for drop_user2@localhost;
Grants for drop_user2@localhost
GRANT ALL PRIVILEGES ON *.* TO 'drop_user2'@'localhost' WITH GRANT OPTION
revoke all privileges, grant from drop_user2@localhost;
drop user drop_user2@localhost;
grant ALL PRIVILEGES on *.* to drop_user@localhost with GRANT OPTION;
grant ALL PRIVILEGES on test.* to drop_user@localhost with GRANT OPTION;
grant select(a) on test.t1 to drop_user@localhost;
show grants for drop_user@localhost;
Grants for drop_user@localhost
GRANT ALL PRIVILEGES ON *.* TO 'drop_user'@'localhost' WITH GRANT OPTION
GRANT ALL PRIVILEGES ON `test`.* TO 'drop_user'@'localhost' WITH GRANT OPTION
GRANT SELECT (a) ON `test`.`t1` TO 'drop_user'@'localhost'
revoke all privileges, grant from drop_user@localhost;
show grants for drop_user@localhost;
Grants for drop_user@localhost
GRANT USAGE ON *.* TO 'drop_user'@'localhost'
drop user drop_user@localhost;
revoke all privileges, grant from drop_user@localhost;
Can't revoke all privileges, grant for one or more of the requested users
grant select(a) on test.t1 to drop_user1@localhost;
grant select on test.t1 to drop_user2@localhost;
grant select on test.* to drop_user3@localhost;
grant select on *.* to drop_user4@localhost;
drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
drop_user4@localhost;
Can't drop one or more of the requested users
revoke all privileges, grant from drop_user1@localhost, drop_user2@localhost,
drop_user3@localhost, drop_user4@localhost;
drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
drop_user4@localhost;
drop table t1;

38
mysql-test/t/grant.test
View File

@ -1,3 +1,9 @@
--disable_warnings
drop table if exists t1;
--enable_warnings
create table t1 (a int);
#
# Test that SSL options works properly
#
@ -42,3 +48,35 @@ flush privileges;
grant usage on test.* to user@localhost with grant option;
show grants for user@localhost;
#
# Test for 'drop user', 'revoke privileges, grant'
#
grant ALL PRIVILEGES on *.* to drop_user2@localhost with GRANT OPTION;
show grants for drop_user2@localhost;
revoke all privileges, grant from drop_user2@localhost;
drop user drop_user2@localhost;
grant ALL PRIVILEGES on *.* to drop_user@localhost with GRANT OPTION;
grant ALL PRIVILEGES on test.* to drop_user@localhost with GRANT OPTION;
grant select(a) on test.t1 to drop_user@localhost;
show grants for drop_user@localhost;
revoke all privileges, grant from drop_user@localhost;
show grants for drop_user@localhost;
drop user drop_user@localhost;
--error 1267
revoke all privileges, grant from drop_user@localhost;
grant select(a) on test.t1 to drop_user1@localhost;
grant select on test.t1 to drop_user2@localhost;
grant select on test.* to drop_user3@localhost;
grant select on *.* to drop_user4@localhost;
--error 1266
drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
drop_user4@localhost;
revoke all privileges, grant from drop_user1@localhost, drop_user2@localhost,
drop_user3@localhost, drop_user4@localhost;
drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
drop_user4@localhost;
drop table t1;

2
sql/lex.h
View File

@ -396,6 +396,7 @@ static SYMBOL symbols[] = {
{ "UNSIGNED", SYM(UNSIGNED),0,0},
{ "USE", SYM(USE_SYM),0,0},
{ "USE_FRM", SYM(USE_FRM),0,0},
{ "USER", SYM(USER),0,0},
{ "USING", SYM(USING),0,0},
{ "UPDATE", SYM(UPDATE_SYM),0,0},
{ "USAGE", SYM(USAGE),0,0},
@ -632,7 +633,6 @@ static SYMBOL sql_functions[] = {
{ "UNIQUE_USERS", SYM(UNIQUE_USERS),0,0},
{ "UNIX_TIMESTAMP", SYM(UNIX_TIMESTAMP),0,0},
{ "UPPER", SYM(FUNC_ARG1),0,CREATE_FUNC(create_func_ucase)},
{ "USER", SYM(USER),0,0},
{ "VARIANCE", SYM(VARIANCE_SYM),0,0},
{ "VERSION", SYM(FUNC_ARG0),0,CREATE_FUNC(create_func_version)},
{ "WEEK", SYM(WEEK_SYM),0,0},

2
sql/share/czech/errmsg.txt
View File

@ -271,3 +271,5 @@ v/*
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/danish/errmsg.txt
View File

@ -265,3 +265,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/dutch/errmsg.txt
View File

@ -273,3 +273,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/english/errmsg.txt
View File

@ -267,3 +267,5 @@
"Data truncated for column '%s' at row %ld"
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/estonian/errmsg.txt
View File

@ -267,3 +267,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/french/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/german/errmsg.txt
View File

@ -271,3 +271,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/greek/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/hungarian/errmsg.txt
View File

@ -264,3 +264,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/italian/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/japanese/errmsg.txt
View File

@ -264,3 +264,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/korean/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/norwegian-ny/errmsg.txt
View File

@ -264,3 +264,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/norwegian/errmsg.txt
View File

@ -264,3 +264,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/polish/errmsg.txt
View File

@ -266,3 +266,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/portuguese/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d linha(s) foi(foram) cortada(s) por group_concat()",
"Usando engine de armazenamento %s para tabela '%s'",
"Combina<6E><61>o ilegal de collations (%s,%s) e (%s,%s) para opera<72><61>o '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/romanian/errmsg.txt
View File

@ -266,3 +266,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/russian/errmsg.txt
View File

@ -264,3 +264,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/serbian/errmsg.txt
View File

@ -258,3 +258,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/slovak/errmsg.txt
View File

@ -270,3 +270,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/spanish/errmsg.txt
View File

@ -263,3 +263,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/swedish/errmsg.txt
View File

@ -262,3 +262,5 @@
"%d rad(er) kapades av group_concat()",
"Anv<6E>nder handler %s f<>r tabell '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

2
sql/share/ukrainian/errmsg.txt
View File

@ -267,3 +267,5 @@
"%d line(s) was(were) cut by group_concat()",
"Using storage engine %s for table '%s'",
"Illegal mix of collations (%s,%s) and (%s,%s) for operation '%s'",
"Can't drop one or more of the requested users"
"Can't revoke all privileges, grant for one or more of the requested users"

288
sql/sql_acl.cc
View File

@ -2179,11 +2179,6 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list,
{
int error;
GRANT_TABLE *grant_table;
if (!Str->host.str)
{
Str->host.str=(char*) "%";
Str->host.length=1;
}
if (Str->host.length > HOSTNAME_LENGTH ||
Str->user.length > USERNAME_LENGTH)
{
@ -2350,11 +2345,6 @@ int mysql_grant (THD *thd, const char *db, List <LEX_USER> &list,
int result=0;
while ((Str = str_list++))
{
if (!Str->host.str)
{
Str->host.str=(char*) "%";
Str->host.length=1;
}
if (Str->host.length > HOSTNAME_LENGTH ||
Str->user.length > USERNAME_LENGTH)
{
@ -2855,11 +2845,6 @@ int mysql_show_grants(THD *thd,LEX_USER *lex_user)
send_error(thd, ER_UNKNOWN_COM_ERROR);
DBUG_RETURN(-1);
}
if (!lex_user->host.str)
{
lex_user->host.str=(char*) "%";
lex_user->host.length=1;
}
if (lex_user->host.length > HOSTNAME_LENGTH ||
lex_user->user.length > USERNAME_LENGTH)
{
@ -3202,6 +3187,279 @@ void get_mqh(const char *user, const char *host, USER_CONN *uc)
bzero((char*) &uc->user_resources, sizeof(uc->user_resources));
}
int open_grant_tables(THD *thd, TABLE_LIST *tables)
{
DBUG_ENTER("open_grant_tables");
if (!initialized)
{
send_error(thd, ER_OUT_OF_RESOURCES, ER(ER_OUT_OF_RESOURCES));
DBUG_RETURN(-1);
}
bzero((char*) tables, 4*sizeof(*tables));
tables->alias= tables->real_name= (char*) "user";
(tables+1)->alias= (tables+1)->real_name= (char*) "db";
(tables+2)->alias= (tables+2)->real_name= (char*) "tables_priv";
(tables+3)->alias= (tables+3)->real_name= (char*) "columns_priv";
tables->next= tables+1;
(tables+1)->next= tables+2;
(tables+2)->next= tables+3;
(tables+3)->next= 0;
tables->lock_type= (tables+1)->lock_type=
(tables+2)->lock_type= (tables+3)->lock_type= TL_WRITE;
tables->db= (tables+1)->db= (tables+2)->db= (tables+3)->db=(char*) "mysql";
#ifdef HAVE_REPLICATION
/*
GRANT and REVOKE are applied the slave in/exclusion rules as they are
some kind of updates to the mysql.% tables.
*/
if (thd->slave_thread && table_rules_on && !tables_ok(0, tables))
DBUG_RETURN(1);
#endif
if (open_and_lock_tables(thd, tables))
{ // This should never happen
close_thread_tables(thd);
DBUG_RETURN(-1);
}
DBUG_RETURN(0);
}
ACL_USER *check_acl_user(LEX_USER *user_name,
uint *acl_user_idx)
{
ACL_USER *acl_user= 0;
uint counter;
for (counter= 0 ; counter < acl_users.elements ; counter++)
{
const char *user,*host;
acl_user= dynamic_element(&acl_users, counter, ACL_USER*);
if (!(user=acl_user->user))
user="";
if (!(host=acl_user->host.hostname))
host="%";
if (!strcmp(user_name->user.str,user) &&
!my_strcasecmp(system_charset_info, user_name->host.str, host))
break;
}
if (counter == acl_users.elements)
return 0;
*acl_user_idx= counter;
return acl_user;
}
int mysql_drop_user(THD *thd, List <LEX_USER> &list)
{
uint counter, user_id;
int result;
ACL_USER *acl_user;
ACL_DB *acl_db;
TABLE_LIST tables[4];
DBUG_ENTER("mysql_drop_user");
if ((result= open_grant_tables(thd, tables)))
DBUG_RETURN(result == 1 ? 0 : -1);
rw_wrlock(&LOCK_grant);
VOID(pthread_mutex_lock(&acl_cache->lock));
LEX_USER *user_name;
List_iterator <LEX_USER> user_list(list);
while ((user_name=user_list++))
{
if (!(acl_user= check_acl_user(user_name, &counter)))
{
sql_print_error("DROP USER: Can't drop user: '%s'@'%s'",
user_name->user.str,
user_name->host.str);
result= -1;
continue;
}
if ((acl_user->access & ~0))
{
sql_print_error("DROP USER: Can't drop user: '%s'@'%s'",
user_name->user.str,
user_name->host.str);
result= -1;
continue;
}
user_id= counter;
for (counter= 0 ; counter < acl_dbs.elements ; counter++)
{
const char *user,*host;
acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
if (!(user= acl_db->user))
user="";
if (!(host= acl_db->host.hostname))
host="";
if (!strcmp(user_name->user.str,user) &&
!my_strcasecmp(system_charset_info, user_name->host.str, host))
break;
}
if (counter != acl_dbs.elements)
{
sql_print_error("DROP USER: Can't drop user: '%s'@'%s'",
user_name->user.str,
user_name->host.str);
result= -1;
continue;
}
for (counter= 0 ; counter < column_priv_hash.records ; counter++)
{
const char *user,*host;
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
counter);
if (!(user=grant_table->user))
user="";
if (!(host=grant_table->host))
host="";
if (!strcmp(user_name->user.str,user) &&
!my_strcasecmp(system_charset_info, user_name->host.str, host))
break;
}
if (counter != column_priv_hash.records)
{
sql_print_error("DROP USER: Can't drop user: '%s'@'%s'",
user_name->user.str,
user_name->host.str);
result= -1;
continue;
}
tables[0].table->field[0]->store(user_name->host.str,(uint)
user_name->host.length, system_charset_info);
tables[0].table->field[1]->store(user_name->user.str,(uint)
user_name->user.length, system_charset_info);
if (!tables[0].table->file->index_read_idx(tables[0].table->record[0],0,
(byte*) tables[0].table->field[0]->ptr,0,
HA_READ_KEY_EXACT))
{
int error;
if ((error = tables[0].table->file->delete_row(tables[0].table->record[0])))
{
tables[0].table->file->print_error(error, MYF(0));
tables[0].table->file->index_end();
DBUG_RETURN(-1);
}
delete_dynamic_element(&acl_users, user_id);
}
tables[0].table->file->index_end();
}
err:
VOID(pthread_mutex_unlock(&acl_cache->lock));
rw_unlock(&LOCK_grant);
close_thread_tables(thd);
if (result)
my_error(ER_DROP_USER, MYF(0));
DBUG_RETURN(result);
}
int mysql_revoke_all(THD *thd, List <LEX_USER> &list)
{
uint counter;
int result;
ACL_USER *acl_user; ACL_DB *acl_db;
TABLE_LIST tables[4];
DBUG_ENTER("mysql_revoke_all");
if ((result= open_grant_tables(thd, tables)))
DBUG_RETURN(result == 1 ? 0 : -1);
rw_wrlock(&LOCK_grant);
VOID(pthread_mutex_lock(&acl_cache->lock));
LEX_USER *lex_user;
List_iterator <LEX_USER> user_list(list);
while ((lex_user=user_list++))
{
if (!(acl_user= check_acl_user(lex_user, &counter)))
{
sql_print_error("REVOKE ALL PRIVILEGES, GRANT: User '%s'@'%s' not exists",
lex_user->user.str,
lex_user->host.str);
result= -1;
continue;
}
if (replace_user_table(thd, tables[0].table,
*lex_user, ~0, 1, 0))
{
result= -1;
continue;
}
/* Remove db access privileges */
for (counter= 0 ; counter < acl_dbs.elements ; counter++)
{
const char *user,*host;
acl_db=dynamic_element(&acl_dbs,counter,ACL_DB*);
if (!(user=acl_db->user))
user="";
if (!(host=acl_db->host.hostname))
host="";
if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str, host))
{
if (replace_db_table(tables[1].table, acl_db->db, *lex_user, ~0, 1))
result= -1;
}
}
/* Remove column access */
for (counter= 0 ; counter < column_priv_hash.records ; counter++)
{
const char *user,*host;
GRANT_TABLE *grant_table= (GRANT_TABLE*) hash_element(&column_priv_hash,
counter);
if (!(user=grant_table->user))
user="";
if (!(host=grant_table->host))
host="";
if (!strcmp(lex_user->user.str,user) &&
!my_strcasecmp(system_charset_info, lex_user->host.str, host))
{
if (replace_table_table(thd,grant_table,tables[2].table,*lex_user,
grant_table->db,
grant_table->tname,
~0, 0, 1))
{
result= -1;
continue;
}
if (grant_table->cols)
{
List<LEX_COLUMN> columns;
if (replace_column_table(grant_table,tables[3].table, *lex_user,
columns,
grant_table->db,
grant_table->tname,
~0, 1))
result= -1;
}
}
}
}
VOID(pthread_mutex_unlock(&acl_cache->lock));
rw_unlock(&LOCK_grant);
close_thread_tables(thd);
if (result)
my_error(ER_REVOKE_GRANTS, MYF(0));
DBUG_RETURN(result);
}
/*****************************************************************************

2
sql/sql_acl.h
View File

@ -163,3 +163,5 @@ ulong get_column_grant(THD *thd, TABLE_LIST *table, Field *field);
int mysql_show_grants(THD *thd, LEX_USER *user);
void get_privilege_desc(char *to, uint max_length, ulong access);
void get_mqh(const char *user, const char *host, USER_CONN *uc);
int mysql_drop_user(THD *thd, List <LEX_USER> &list);
int mysql_revoke_all(THD *thd, List <LEX_USER> &list);

2
sql/sql_lex.h
View File

@ -71,7 +71,7 @@ enum enum_sql_command {
SQLCOM_SHOW_BINLOG_EVENTS, SQLCOM_SHOW_NEW_MASTER, SQLCOM_DO,
SQLCOM_SHOW_WARNS, SQLCOM_EMPTY_QUERY, SQLCOM_SHOW_ERRORS,
SQLCOM_SHOW_COLUMN_TYPES, SQLCOM_SHOW_TABLE_TYPES, SQLCOM_SHOW_PRIVILEGES,
SQLCOM_HELP,
SQLCOM_HELP, SQLCOM_DROP_USER, SQLCOM_REVOKE_ALL,
/* This should be the last !!! */
SQLCOM_END

32
sql/sql_parse.cc
View File

@ -2897,6 +2897,38 @@ mysql_execute_command(THD *thd)
res= -1;
#endif
break;
case SQLCOM_DROP_USER:
{
if (check_access(thd, GRANT_ACL,"mysql",0,1))
break;
if (!(res= mysql_drop_user(thd, lex->users_list)))
{
mysql_update_log.write(thd, thd->query, thd->query_length);
if (mysql_bin_log.is_open())
{
Query_log_event qinfo(thd, thd->query, thd->query_length, 0);
mysql_bin_log.write(&qinfo);
}
send_ok(thd);
}
break;
}
case SQLCOM_REVOKE_ALL:
{
if (check_access(thd, GRANT_ACL ,"mysql",0,1))
break;
if (!(res = mysql_revoke_all(thd, lex->users_list)))
{
mysql_update_log.write(thd, thd->query, thd->query_length);
if (mysql_bin_log.is_open())
{
Query_log_event qinfo(thd, thd->query, thd->query_length, 0);
mysql_bin_log.write(&qinfo);
}
send_ok(thd);
}
break;
}
case SQLCOM_REVOKE:
case SQLCOM_GRANT:
{

30
sql/sql_yacc.yy
View File

@ -3215,7 +3215,7 @@ do: DO_SYM
;
/*
Drop : delete tables or index
Drop : delete tables or index or user
*/
drop:
@ -3249,7 +3249,16 @@ drop:
LEX *lex=Lex;
lex->sql_command = SQLCOM_DROP_FUNCTION;
lex->udf.name = $3;
};
}
| DROP USER
{
LEX *lex=Lex;
lex->sql_command = SQLCOM_DROP_USER;
lex->users_list.empty();
}
user_list
{}
;
table_list:
@ -4177,8 +4186,10 @@ user:
THD *thd= YYTHD;
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
YYABORT;
$$->user = $1; $$->host.str=NullS;
}
$$->user = $1;
$$->host.str= (char *) "%";
$$->host.length= 1;
}
| ident_or_text '@' ident_or_text
{
THD *thd= YYTHD;
@ -4361,6 +4372,7 @@ keyword:
| UDF_SYM {}
| UNCOMMITTED_SYM {}
| UNICODE_SYM {}
| USER {}
| USE_FRM {}
| VARIABLES {}
| VALUE_SYM {}
@ -4632,8 +4644,18 @@ revoke:
lex->ssl_cipher= lex->x509_subject= lex->x509_issuer= 0;
bzero((char*) &lex->mqh, sizeof(lex->mqh));
}
revoke_command
{}
;
revoke_command:
grant_privileges ON opt_table FROM user_list
{}
|
ALL PRIVILEGES ',' GRANT FROM user_list
{
Lex->sql_command = SQLCOM_REVOKE_ALL;
}
;
grant: