database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Added syntax detection for the GRANT role TO {user | role } command.

Browse Source 
Also added syntax for GRANT privilege TO { role } command
This commit is contained in:
Vicențiu Ciorbaru
2013-10-18 04:29:01 -07:00
committed by Sergei Golubchik
parent dcf76e6514
commit d40d356606
5 changed files with 104 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sql/mysqld.cc
View File

@ -3456,6 +3456,7 @@ SHOW_VAR com_status_vars[]= {
{"execute_sql", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_EXECUTE]), SHOW_LONG_STATUS}, {"execute_sql", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_EXECUTE]), SHOW_LONG_STATUS},
{"flush", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_FLUSH]), SHOW_LONG_STATUS}, {"flush", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_FLUSH]), SHOW_LONG_STATUS},
{"grant", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS}, {"grant", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
{"grant_role", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
{"ha_close", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_CLOSE]), SHOW_LONG_STATUS}, {"ha_close", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_CLOSE]), SHOW_LONG_STATUS},
{"ha_open", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_OPEN]), SHOW_LONG_STATUS}, {"ha_open", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_OPEN]), SHOW_LONG_STATUS},
{"ha_read", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_READ]), SHOW_LONG_STATUS}, {"ha_read", (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_READ]), SHOW_LONG_STATUS},

4
sql/sql_acl.cc
View File

@ -2275,7 +2275,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
role->flags|= ROLE_VISITED; role->flags|= ROLE_VISITED;
(void) my_init_dynamic_array(&stack, sizeof(NODE_STATE), 20, 50, MYF(0)); (void) my_init_dynamic_array(&stack, sizeof(NODE_STATE), 20, 50, MYF(0));
push_dynamic(&stack, &state); push_dynamic(&stack, (uchar*)&state);
while (stack.elements) while (stack.elements)
{ {
@ -2343,7 +2343,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
neighbour->flags|= ROLE_VISITED; neighbour->flags|= ROLE_VISITED;
state.neigh_idx= 0; state.neigh_idx= 0;
state.node_data= neighbour; state.node_data= neighbour;
push_dynamic(&stack, &state); push_dynamic(&stack, (uchar*)&state);
} }
else else
{ {

2
sql/sql_lex.h
View File

@ -148,7 +148,7 @@ enum enum_sql_command {
SQLCOM_SHOW_TRIGGERS, SQLCOM_SHOW_TRIGGERS,
SQLCOM_LOAD,SQLCOM_SET_OPTION,SQLCOM_LOCK_TABLES,SQLCOM_UNLOCK_TABLES, SQLCOM_LOAD,SQLCOM_SET_OPTION,SQLCOM_LOCK_TABLES,SQLCOM_UNLOCK_TABLES,
SQLCOM_GRANT, SQLCOM_GRANT, SQLCOM_GRANT_ROLE,
SQLCOM_CHANGE_DB, SQLCOM_CREATE_DB, SQLCOM_DROP_DB, SQLCOM_ALTER_DB, SQLCOM_CHANGE_DB, SQLCOM_CREATE_DB, SQLCOM_DROP_DB, SQLCOM_ALTER_DB,
SQLCOM_REPAIR, SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT, SQLCOM_REPAIR, SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT,
SQLCOM_CREATE_FUNCTION, SQLCOM_DROP_FUNCTION, SQLCOM_CREATE_FUNCTION, SQLCOM_DROP_FUNCTION,

8
sql/sql_parse.cc
View File

@ -367,6 +367,7 @@ void init_update_queries(void)
sql_command_flags[SQLCOM_RENAME_USER]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_RENAME_USER]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_DROP_USER]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_DROP_USER]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_GRANT]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_GRANT]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_GRANT_ROLE]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_REVOKE]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_REVOKE]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_OPTIMIZE]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_OPTIMIZE]= CF_CHANGES_DATA;
sql_command_flags[SQLCOM_CREATE_FUNCTION]= CF_CHANGES_DATA; sql_command_flags[SQLCOM_CREATE_FUNCTION]= CF_CHANGES_DATA;
@ -418,6 +419,7 @@ void init_update_queries(void)
sql_command_flags[SQLCOM_REVOKE_ALL]= CF_AUTO_COMMIT_TRANS; sql_command_flags[SQLCOM_REVOKE_ALL]= CF_AUTO_COMMIT_TRANS;
sql_command_flags[SQLCOM_REVOKE]|= CF_AUTO_COMMIT_TRANS; sql_command_flags[SQLCOM_REVOKE]|= CF_AUTO_COMMIT_TRANS;
sql_command_flags[SQLCOM_GRANT]|= CF_AUTO_COMMIT_TRANS; sql_command_flags[SQLCOM_GRANT]|= CF_AUTO_COMMIT_TRANS;
sql_command_flags[SQLCOM_GRANT_ROLE]|= CF_AUTO_COMMIT_TRANS;
sql_command_flags[SQLCOM_ASSIGN_TO_KEYCACHE]= CF_AUTO_COMMIT_TRANS; sql_command_flags[SQLCOM_ASSIGN_TO_KEYCACHE]= CF_AUTO_COMMIT_TRANS;
sql_command_flags[SQLCOM_PRELOAD_KEYS]= CF_AUTO_COMMIT_TRANS; sql_command_flags[SQLCOM_PRELOAD_KEYS]= CF_AUTO_COMMIT_TRANS;
@ -3877,6 +3879,12 @@ end_with_restore_list:
} }
break; break;
} }
case SQLCOM_GRANT_ROLE:
{
/* TODO Implement grant */
my_ok(thd);
break;
}
#endif /*!NO_EMBEDDED_ACCESS_CHECKS*/ #endif /*!NO_EMBEDDED_ACCESS_CHECKS*/
case SQLCOM_RESET: case SQLCOM_RESET:
/* /*

114
sql/sql_yacc.yy
View File

@ -1459,6 +1459,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
NCHAR_STRING opt_component key_cache_name NCHAR_STRING opt_component key_cache_name
sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty
opt_constraint constraint opt_ident opt_if_not_exists_ident opt_constraint constraint opt_ident opt_if_not_exists_ident
grant_role
%type <lex_str_ptr> %type <lex_str_ptr>
opt_table_alias opt_table_alias
@ -1569,7 +1570,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
%type <symbol> keyword keyword_sp %type <symbol> keyword keyword_sp
%type <lex_user> user grant_user %type <lex_user> user specified_user grant_user role
%type <charset> %type <charset>
opt_collate opt_collate
@ -1623,6 +1624,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
opt_option opt_place opt_option opt_place
opt_attribute opt_attribute_list attribute column_list column_list_id opt_attribute opt_attribute_list attribute column_list column_list_id
opt_column_list grant_privileges grant_ident grant_list grant_option opt_column_list grant_privileges grant_ident grant_list grant_option
grant_list_with_roles
object_privilege object_privilege_list user_list rename_list object_privilege object_privilege_list user_list rename_list
clear_privileges flush_options flush_option clear_privileges flush_options flush_option
opt_with_read_lock flush_options_list opt_with_read_lock flush_options_list
@ -13153,24 +13155,8 @@ ident_or_text:
| LEX_HOSTNAME { $$=$1;} | LEX_HOSTNAME { $$=$1;}
; ;
user: specified_user:
ident_or_text ident_or_text '@' ident_or_text
{
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT;
$$->user = $1;
$$->host.str= (char *) "%";
$$->host.length= 1;
$$->password= null_lex_str;
$$->plugin= empty_lex_str;
$$->auth= empty_lex_str;
if (check_string_char_length(&$$->user, ER(ER_USERNAME),
username_char_length,
system_charset_info, 0))
MYSQL_YYABORT;
}
| ident_or_text '@' ident_or_text
{ {
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user)))) if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT; MYSQL_YYABORT;
@ -13195,8 +13181,8 @@ user:
{ {
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user)))) if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT; MYSQL_YYABORT;
/* /*
empty LEX_USER means current_user and empty LEX_USER means current_user and
will be handled in the get_current_user() function will be handled in the get_current_user() function
later later
*/ */
@ -13204,6 +13190,46 @@ user:
} }
; ;
user:
ident_or_text
{
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT;
$$->user = $1;
$$->host.str= (char *) "%";
$$->host.length= 1;
$$->password= null_lex_str;
$$->plugin= empty_lex_str;
$$->auth= empty_lex_str;
if (check_string_char_length(&$$->user, ER(ER_USERNAME),
username_char_length,
system_charset_info, 0))
MYSQL_YYABORT;
}
|
specified_user {$$ = $1;}
;
role:
ident_or_text
{
if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
MYSQL_YYABORT;
$$->user = $1;
$$->host.str= (char *) "";
$$->host.length= 0;
$$->password= null_lex_str;
$$->plugin= empty_lex_str;
$$->auth= empty_lex_str;
if (check_string_char_length(&$$->user, ER(ER_USERNAME),
username_char_length,
system_charset_info, 0))
MYSQL_YYABORT;
}
;
/* Keyword that we allow for identifiers (except SP labels) */ /* Keyword that we allow for identifiers (except SP labels) */
keyword: keyword:
keyword_sp {} keyword_sp {}
@ -14282,7 +14308,27 @@ grant_command:
lex->users_list.push_front ($3); lex->users_list.push_front ($3);
lex->sql_command= SQLCOM_GRANT; lex->sql_command= SQLCOM_GRANT;
lex->type= TYPE_ENUM_PROXY; lex->type= TYPE_ENUM_PROXY;
} }
| grant_privileges TO_SYM grant_list
{
LEX *lex= Lex;
lex->sql_command= SQLCOM_GRANT_ROLE;
lex->type= 0;
printf("Need to grant privileges to a role / user\n");
}
| grant_role TO_SYM grant_list_with_roles
{
LEX *lex= Lex;
lex->sql_command= SQLCOM_GRANT_ROLE;
lex->type= 0;
printf("The rolename to be granted is: %s\n", $1.str);
}
;
grant_role:
IDENT_sys {$$=$1;}
| TEXT_STRING_sys {$$=$1;}
; ;
opt_table: opt_table:
@ -14459,6 +14505,30 @@ user_list:
} }
; ;
grant_list_with_roles:
role
{
if (Lex->users_list.push_back($1))
MYSQL_YYABORT;
}
| specified_user
{
if (Lex->users_list.push_back($1))
MYSQL_YYABORT;
}
| grant_list_with_roles ',' role
{
if (Lex->users_list.push_back($3))
MYSQL_YYABORT;
}
| grant_list_with_roles ',' specified_user
{
if (Lex->users_list.push_back($3))
MYSQL_YYABORT;
}
;
grant_list: grant_list:
grant_user grant_user
{ {