Merge abotchkov@bk-internal.mysql.com:/home/bk/mysql-5.0-opt

into  mysql.com:/home/hf/work/mrg/mysql-5.0-opt

mysql-test/r/view_grant.result

@@ -773,4 +773,25 @@ DROP DATABASE mysqltest_db1;
 DROP DATABASE mysqltest_db2;
 DROP USER mysqltest_u1@localhost;
 DROP USER mysqltest_u2@localhost;
+CREATE DATABASE db26813;
+USE db26813;
+CREATE TABLE t1(f1 INT, f2 INT);
+CREATE VIEW v1 AS SELECT f1 FROM t1;
+CREATE VIEW v2 AS SELECT f1 FROM t1;
+CREATE VIEW v3 AS SELECT f1 FROM t1;
+CREATE USER u26813@localhost;
+GRANT DROP ON db26813.v1 TO u26813@localhost;
+GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
+GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
+GRANT SELECT ON db26813.t1 TO u26813@localhost;
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1'
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2'
+ALTER VIEW v3 AS SELECT f2 FROM t1;
+SHOW CREATE VIEW v3;
+View	Create View
+v3	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1`
+DROP USER u26813@localhost;
+DROP DATABASE db26813;
 End of 5.0 tests.

mysql-test/t/view_grant.test

@@ -1034,5 +1034,36 @@ DROP DATABASE mysqltest_db2;
 DROP USER mysqltest_u1@localhost;
 DROP USER mysqltest_u2@localhost;
 
+#
+# Bug#26813: The SUPER privilege is wrongly required to alter a view created
+#            by another user.
+#
+connection root;
+CREATE DATABASE db26813;
+USE db26813;
+CREATE TABLE t1(f1 INT, f2 INT);
+CREATE VIEW v1 AS SELECT f1 FROM t1;
+CREATE VIEW v2 AS SELECT f1 FROM t1;
+CREATE VIEW v3 AS SELECT f1 FROM t1;
+CREATE USER u26813@localhost;
+GRANT DROP ON db26813.v1 TO u26813@localhost;
+GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
+GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
+GRANT SELECT ON db26813.t1 TO u26813@localhost;
+
+connect (u1,localhost,u26813,,db26813);
+connection u1;
+--error 1142
+ALTER VIEW v1 AS SELECT f2 FROM t1;
+--error 1142
+ALTER VIEW v2 AS SELECT f2 FROM t1;
+ALTER VIEW v3 AS SELECT f2 FROM t1;
+
+connection root;
+SHOW CREATE VIEW v3;
+
+DROP USER u26813@localhost;
+DROP DATABASE db26813;
+disconnect u1;
 
 --echo End of 5.0 tests.

sql/sql_view.cc

@@ -224,6 +224,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
 {
   LEX *lex= thd->lex;
   bool link_to_local;
+  bool definer_check_is_needed= mode != VIEW_ALTER || lex->definer;
   /* first table in list is target VIEW name => cut off it */
   TABLE_LIST *view= lex->unlink_first_table(&link_to_local);
   TABLE_LIST *tables= lex->query_tables;
@@ -256,8 +257,9 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
     /*
       DEFINER-clause is missing; we have to create default definer in
       persistent arena to be PS/SP friendly.
+      If this is an ALTER VIEW then the current user should be set as
+      the definer.
     */
-
     Query_arena original_arena;
     Query_arena *ps_arena = thd->activate_stmt_arena_if_needed(&original_arena);
 
@@ -277,11 +279,11 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
       - same as current user
       - current user has SUPER_ACL
   */
-  if (strcmp(lex->definer->user.str,
+  if (definer_check_is_needed &&
-             thd->security_ctx->priv_user) != 0 ||
+      (strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 ||
-      my_strcasecmp(system_charset_info,
+       my_strcasecmp(system_charset_info,
-                    lex->definer->host.str,
+                     lex->definer->host.str,
-                    thd->security_ctx->priv_host) != 0)
+                     thd->security_ctx->priv_host) != 0))
   {
     if (!(thd->security_ctx->master_access & SUPER_ACL))
     {