database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00
Code Activity

WL#1366: Use the schema (db) associated with an SP.

Browse Source 
Phase 3: Made qualified names work for functions as well.


mysql-test/r/sp-security.result:
  New testcases for functions with qualified names.
mysql-test/t/sp-security.test:
  New testcases for functions with qualified names.
sql/item_func.cc:
  Added error handling for stored function, if it doesn't exist.
sql/item_func.h:
  Set null_value if execution of a stored function fails.
sql/mysql_priv.h:
  Reverted previous change: No optional args for mysql_change_db().
  (SPs use a specially tailored function instead.)
sql/sp.cc:
  Copied mysql_change_db() from sql_db.cc and modified specially for SPs.
sql/sp_head.cc:
  Fixed error handling for errors in functions during query/statement execution.
sql/sql_db.cc:
  Reverted previous change: No optional args for mysql_change_db().
  (SPs use a specially tailored function instead.)
sql/sql_yacc.yy:
  Reworked the stored function/UDF invokation parsing and added qualified names
  for stored functions. UDFs now have precedence over stored functions (whith
  unqualified name). When using an unqualified name, only IDENT_sys is allowed
  (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts
  otherwise.
This commit is contained in:
unknown
2004-03-19 19:01:54 +01:00
parent edf2003009
commit d2ad3cff19
9 changed files with 289 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
mysql-test/r/sp-security.result
View File

@ -10,14 +10,27 @@ insert into db1_secret.t1 values (user(), i);
show procedure status like 'stamp';
Db Name Type Definer Modified Created Security_type Comment
db1_secret stamp PROCEDURE root@localhost 0000-00-00 00:00:00 0000-00-00 00:00:00 DEFINER
create function db() returns varchar(64) return database();
show function status like 'db';
Db Name Type Definer Modified Created Security_type Comment
db1_secret db FUNCTION root@localhost 0000-00-00 00:00:00 0000-00-00 00:00:00 DEFINER
call stamp(1);
select * from t1;
u i
root@localhost 1
select db();
db()
db1_secret
call db1_secret.stamp(2);
select db1_secret.db();
db1_secret.db()
db1_secret
select * from db1_secret.t1;
ERROR 42000: Access denied for user: 'user1'@'localhost' to database 'db1_secret'
call db1_secret.stamp(3);
select db1_secret.db();
db1_secret.db()
db1_secret
select * from db1_secret.t1;
ERROR 42000: Access denied for user: ''@'localhost' to database 'db1_secret'
select * from t1;
@ -29,6 +42,10 @@ alter procedure stamp sql security invoker;
show procedure status like 'stamp';
Db Name Type Definer Modified Created Security_type Comment
db1_secret stamp PROCEDURE root@localhost 0000-00-00 00:00:00 0000-00-00 00:00:00 INVOKER
alter function db sql security invoker;
show function status like 'db';
Db Name Type Definer Modified Created Security_type Comment
db1_secret db FUNCTION root@localhost 0000-00-00 00:00:00 0000-00-00 00:00:00 INVOKER
call stamp(4);
select * from t1;
u i
@ -36,10 +53,17 @@ root@localhost 1
user1@localhost 2
anon@localhost 3
root@localhost 4
select db();
db()
db1_secret
call db1_secret.stamp(5);
ERROR 42000: Access denied for user: 'user1'@'localhost' to database 'db1_secret'
select db1_secret.db();
ERROR 42000: Access denied for user: 'user1'@'localhost' to database 'db1_secret'
call db1_secret.stamp(6);
ERROR 42000: Access denied for user: ''@'localhost' to database 'db1_secret'
select db1_secret.db();
ERROR 42000: Access denied for user: ''@'localhost' to database 'db1_secret'
drop database if exists db2;
create database db2;
use db2;
@ -74,6 +98,7 @@ s1
2
2
drop procedure db1_secret.stamp;
drop function db1_secret.db;
drop procedure db2.p;
drop procedure db2.q;
use test;

20
mysql-test/t/sp-security.test
View File

@ -21,15 +21,20 @@ use db1_secret;
create table t1 ( u varchar(64), i int );
# Our test procedure
# A test procedure and function
create procedure stamp(i int)
insert into db1_secret.t1 values (user(), i);
--replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
show procedure status like 'stamp';
create function db() returns varchar(64) return database();
--replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
show function status like 'db';
# root can, of course
call stamp(1);
select * from t1;
select db();
connect (con2user1,localhost,user1,,);
connect (con3anon,localhost,anon,,);
@ -41,6 +46,7 @@ connection con2user1;
# This should work...
call db1_secret.stamp(2);
select db1_secret.db();
# ...but not this
--error 1044
@ -53,6 +59,7 @@ connection con3anon;
# This should work...
call db1_secret.stamp(3);
select db1_secret.db();
# ...but not this
--error 1044
@ -71,9 +78,14 @@ alter procedure stamp sql security invoker;
--replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
show procedure status like 'stamp';
alter function db sql security invoker;
--replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
show function status like 'db';
# root still can
call stamp(4);
select * from t1;
select db();
#
# User1 cannot
@ -83,6 +95,8 @@ connection con2user1;
# This should not work
--error 1044
call db1_secret.stamp(5);
--error 1044
select db1_secret.db();
#
# Anonymous cannot
@ -92,7 +106,8 @@ connection con3anon;
# This should not work
--error 1044
call db1_secret.stamp(6);
--error 1044
select db1_secret.db();
#
# BUG#2777
@ -149,6 +164,7 @@ select * from t2;
# Clean up
connection con1root;
drop procedure db1_secret.stamp;
drop function db1_secret.db;
drop procedure db2.p;
drop procedure db2.q;
use test;