unknown a2fc4843e3 Bug#20570: CURRENT_USER() in a VIEW with SQL SECURITY DEFINER returns ...

invoker name

The bug was fixed similar to how context switch is handled in
Item_func_sp::execute_impl(): we store pointer to current
Name_resolution_context in Item_func_current_user class, and use
its Security_context in Item_func_current_user::fix_fields().


mysql-test/r/view_grant.result:
  Add result for bug#20570.
mysql-test/t/view_grant.test:
  Add test case for bug#20570.
sql/item_create.cc:
  Remove create_func_current_user(), as it is not used for automatic
  function creation.
sql/item_create.h:
  Remove prototype for create_func_current_user().
sql/item_strfunc.cc:
  Add implementations for Item_func_user::init(),
  Item_func_user::fix_fields() and
  Item_func_current_user::fix_fields() methods.  The latter uses
  Security_context from current Name_resolution_context, if one is
  defined.
sql/item_strfunc.h:
  Move implementation of CURRENT_USER() out of Item_func_user to
  to new Item_func_current_user class.  For both classes calculate
  user name in fix_fields() method.
  For Item_func_current_user add context field to store
  Name_resolution_context in effect.
sql/sql_yacc.yy:
  Pass current Name_resolution_context to Item_func_current_user.

2006-07-02 14:35:45 +04:00

5.8 KiB

Raw Blame History

View Raw