From d40d35660603d0ac764fafadeed6c3a46c1919ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vicen=C8=9Biu=20Ciorbaru?= <cvicentiu@gmail.com>
Date: Fri, 18 Oct 2013 04:29:01 -0700
Subject: [PATCH] Added syntax detection for the GRANT role TO {user | role }
 command.

Also added syntax for GRANT privilege TO { role } command
---
 sql/mysqld.cc    |   1 +
 sql/sql_acl.cc   |   4 +-
 sql/sql_lex.h    |   2 +-
 sql/sql_parse.cc |   8 ++++
 sql/sql_yacc.yy  | 114 ++++++++++++++++++++++++++++++++++++++---------
 5 files changed, 104 insertions(+), 25 deletions(-)

diff --git a/sql/mysqld.cc b/sql/mysqld.cc
index f9c6675400d..8fc7627e247 100644
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -3456,6 +3456,7 @@ SHOW_VAR com_status_vars[]= {
   {"execute_sql",          (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_EXECUTE]), SHOW_LONG_STATUS},
   {"flush",                (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_FLUSH]), SHOW_LONG_STATUS},
   {"grant",                (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
+  {"grant_role",           (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
   {"ha_close",             (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_CLOSE]), SHOW_LONG_STATUS},
   {"ha_open",              (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_OPEN]), SHOW_LONG_STATUS},
   {"ha_read",              (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_READ]), SHOW_LONG_STATUS},
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index df620a8186d..520b90f4386 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -2275,7 +2275,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
   role->flags|= ROLE_VISITED;
 
   (void) my_init_dynamic_array(&stack, sizeof(NODE_STATE), 20, 50, MYF(0));
-  push_dynamic(&stack, &state);
+  push_dynamic(&stack, (uchar*)&state);
 
   while (stack.elements)
   {
@@ -2343,7 +2343,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
       neighbour->flags|= ROLE_VISITED;
       state.neigh_idx= 0;
       state.node_data= neighbour;
-      push_dynamic(&stack, &state);
+      push_dynamic(&stack, (uchar*)&state);
     }
     else
     {
diff --git a/sql/sql_lex.h b/sql/sql_lex.h
index 18be450caf2..72eb9d7229e 100644
--- a/sql/sql_lex.h
+++ b/sql/sql_lex.h
@@ -148,7 +148,7 @@ enum enum_sql_command {
   SQLCOM_SHOW_TRIGGERS,
 
   SQLCOM_LOAD,SQLCOM_SET_OPTION,SQLCOM_LOCK_TABLES,SQLCOM_UNLOCK_TABLES,
-  SQLCOM_GRANT,
+  SQLCOM_GRANT, SQLCOM_GRANT_ROLE,
   SQLCOM_CHANGE_DB, SQLCOM_CREATE_DB, SQLCOM_DROP_DB, SQLCOM_ALTER_DB,
   SQLCOM_REPAIR, SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT,
   SQLCOM_CREATE_FUNCTION, SQLCOM_DROP_FUNCTION,
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 17503e08307..dceeb1cab82 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -367,6 +367,7 @@ void init_update_queries(void)
   sql_command_flags[SQLCOM_RENAME_USER]=       CF_CHANGES_DATA;
   sql_command_flags[SQLCOM_DROP_USER]=         CF_CHANGES_DATA;
   sql_command_flags[SQLCOM_GRANT]=             CF_CHANGES_DATA;
+  sql_command_flags[SQLCOM_GRANT_ROLE]=        CF_CHANGES_DATA;
   sql_command_flags[SQLCOM_REVOKE]=            CF_CHANGES_DATA;
   sql_command_flags[SQLCOM_OPTIMIZE]=          CF_CHANGES_DATA;
   sql_command_flags[SQLCOM_CREATE_FUNCTION]=   CF_CHANGES_DATA;
@@ -418,6 +419,7 @@ void init_update_queries(void)
   sql_command_flags[SQLCOM_REVOKE_ALL]=         CF_AUTO_COMMIT_TRANS;
   sql_command_flags[SQLCOM_REVOKE]|=            CF_AUTO_COMMIT_TRANS;
   sql_command_flags[SQLCOM_GRANT]|=             CF_AUTO_COMMIT_TRANS;
+  sql_command_flags[SQLCOM_GRANT_ROLE]|=        CF_AUTO_COMMIT_TRANS;
 
   sql_command_flags[SQLCOM_ASSIGN_TO_KEYCACHE]= CF_AUTO_COMMIT_TRANS;
   sql_command_flags[SQLCOM_PRELOAD_KEYS]=       CF_AUTO_COMMIT_TRANS;
@@ -3877,6 +3879,12 @@ end_with_restore_list:
     }
     break;
   }
+  case SQLCOM_GRANT_ROLE:
+  {
+    /* TODO Implement grant */
+    my_ok(thd);
+    break;
+  }
 #endif /*!NO_EMBEDDED_ACCESS_CHECKS*/
   case SQLCOM_RESET:
     /*
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index 1f7166c6cd6..db137ae13c6 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -1459,6 +1459,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
         NCHAR_STRING opt_component key_cache_name
         sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty
         opt_constraint constraint opt_ident opt_if_not_exists_ident
+        grant_role
 
 %type <lex_str_ptr>
         opt_table_alias
@@ -1569,7 +1570,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
 
 %type <symbol> keyword keyword_sp
 
-%type <lex_user> user grant_user
+%type <lex_user> user specified_user grant_user role
 
 %type <charset>
         opt_collate
@@ -1623,6 +1624,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
         opt_option opt_place
         opt_attribute opt_attribute_list attribute column_list column_list_id
         opt_column_list grant_privileges grant_ident grant_list grant_option
+        grant_list_with_roles
         object_privilege object_privilege_list user_list rename_list
         clear_privileges flush_options flush_option
         opt_with_read_lock flush_options_list
@@ -13153,24 +13155,8 @@ ident_or_text:
         | LEX_HOSTNAME { $$=$1;}
         ;
 
-user:
-          ident_or_text
-          {
-            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
-              MYSQL_YYABORT;
-            $$->user = $1;
-            $$->host.str= (char *) "%";
-            $$->host.length= 1;
-            $$->password= null_lex_str; 
-            $$->plugin= empty_lex_str;
-            $$->auth= empty_lex_str;
-
-            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
-                                         username_char_length,
-                                         system_charset_info, 0))
-              MYSQL_YYABORT;
-          }
-        | ident_or_text '@' ident_or_text
+specified_user:
+          ident_or_text '@' ident_or_text
           {
             if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
               MYSQL_YYABORT;
@@ -13195,8 +13181,8 @@ user:
           {
             if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
               MYSQL_YYABORT;
-            /* 
-              empty LEX_USER means current_user and 
+            /*
+              empty LEX_USER means current_user and
               will be handled in the  get_current_user() function
               later
             */
@@ -13204,6 +13190,46 @@ user:
           }
         ;
 
+user:
+          ident_or_text
+          {
+            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
+              MYSQL_YYABORT;
+            $$->user = $1;
+            $$->host.str= (char *) "%";
+            $$->host.length= 1;
+            $$->password= null_lex_str; 
+            $$->plugin= empty_lex_str;
+            $$->auth= empty_lex_str;
+
+            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
+                                         username_char_length,
+                                         system_charset_info, 0))
+              MYSQL_YYABORT;
+          }
+        |
+          specified_user {$$ = $1;}
+        ;
+
+role:
+          ident_or_text
+          {
+            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
+              MYSQL_YYABORT;
+            $$->user = $1;
+            $$->host.str= (char *) "";
+            $$->host.length= 0;
+            $$->password= null_lex_str;
+            $$->plugin= empty_lex_str;
+            $$->auth= empty_lex_str;
+
+            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
+                                         username_char_length,
+                                         system_charset_info, 0))
+              MYSQL_YYABORT;
+          }
+        ;
+
 /* Keyword that we allow for identifiers (except SP labels) */
 keyword:
           keyword_sp            {}
@@ -14282,7 +14308,27 @@ grant_command:
             lex->users_list.push_front ($3);
             lex->sql_command= SQLCOM_GRANT;
             lex->type= TYPE_ENUM_PROXY;
-          } 
+          }
+        | grant_privileges TO_SYM grant_list
+          {
+            LEX *lex= Lex;
+            lex->sql_command= SQLCOM_GRANT_ROLE;
+            lex->type= 0;
+            printf("Need to grant privileges to a role / user\n");
+          }
+        | grant_role TO_SYM grant_list_with_roles
+          {
+            LEX *lex= Lex;
+            lex->sql_command= SQLCOM_GRANT_ROLE;
+            lex->type= 0;
+            printf("The rolename to be granted is: %s\n", $1.str);
+          }
+
+        ;
+
+grant_role:
+          IDENT_sys             {$$=$1;}
+        | TEXT_STRING_sys       {$$=$1;}
         ;
 
 opt_table:
@@ -14459,6 +14505,30 @@ user_list:
           }
         ;
 
+grant_list_with_roles:
+          role
+          {
+            if (Lex->users_list.push_back($1))
+              MYSQL_YYABORT;
+          }
+        | specified_user
+          {
+            if (Lex->users_list.push_back($1))
+              MYSQL_YYABORT;
+          }
+        | grant_list_with_roles ',' role
+          {
+            if (Lex->users_list.push_back($3))
+              MYSQL_YYABORT;
+          }
+        | grant_list_with_roles ',' specified_user
+          {
+            if (Lex->users_list.push_back($3))
+              MYSQL_YYABORT;
+          }
+        ;
+
+
 grant_list:
           grant_user
           {