null-merged the fix and kept the test for bug #41354 from 5.0-bugteam

2025-07-30 16:24:05 +03:00 · 2009-02-26 19:20:50 +02:00
parent cd5744db13 a9d707037a
commit f3c6ff1f7a
2 changed files with 66 additions and 0 deletions
--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@ -921,6 +921,32 @@ c4
 DROP DATABASE mysqltest1;
 DROP DATABASE mysqltest2;
 DROP USER mysqltest_u1@localhost;
 CREATE DATABASE db1;
 USE db1;
 CREATE TABLE t1(f1 INT, f2 INT);
 CREATE VIEW v1 AS SELECT f1, f2 FROM t1;
 GRANT SELECT (f1) ON t1 TO foo;
 GRANT SELECT (f1) ON v1 TO foo;
 USE db1;
 SELECT f1 FROM t1;
 f1
 SELECT f2 FROM t1;
 ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 't1'
 SELECT * FROM t1;
 ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 't1'
 SELECT f1 FROM v1;
 f1
 SELECT f2 FROM v1;
 ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 'v1'
 SELECT * FROM v1;
 ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'v1'
 USE test;
 REVOKE SELECT (f1) ON db1.t1 FROM foo;
 REVOKE SELECT (f1) ON db1.v1 FROM foo;
 DROP USER foo;
 DROP VIEW db1.v1;
 DROP TABLE db1.t1;
 DROP DATABASE db1;
 End of 5.0 tests.
 DROP VIEW IF EXISTS v1;
 DROP TABLE IF EXISTS t1;
--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@ -1191,6 +1191,46 @@ DROP DATABASE mysqltest1;
 DROP DATABASE mysqltest2;
 DROP USER mysqltest_u1@localhost;
 #
 # Bug #41354: Access control is bypassed when all columns of a view are 
 # selected by * wildcard
 CREATE DATABASE db1;
 USE db1;
 CREATE TABLE t1(f1 INT, f2 INT);
 CREATE VIEW v1 AS SELECT f1, f2 FROM t1;
 GRANT SELECT (f1) ON t1 TO foo;
 GRANT SELECT (f1) ON v1 TO foo;
 connect (addconfoo, localhost, foo,,);
 connection addconfoo;
 USE db1;
 SELECT f1 FROM t1;
 --error ER_COLUMNACCESS_DENIED_ERROR
 SELECT f2 FROM t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 SELECT * FROM t1;
 SELECT f1 FROM v1;
 --error ER_COLUMNACCESS_DENIED_ERROR
 SELECT f2 FROM v1;
 --error ER_TABLEACCESS_DENIED_ERROR
 SELECT * FROM v1;
 connection default;
 USE test;
 disconnect addconfoo;
 REVOKE SELECT (f1) ON db1.t1 FROM foo;
 REVOKE SELECT (f1) ON db1.v1 FROM foo;
 DROP USER foo;
 DROP VIEW db1.v1;
 DROP TABLE db1.t1;
 DROP DATABASE db1;
 --echo End of 5.0 tests.