mirror of
https://github.com/MariaDB/server.git
synced 2025-12-06 05:42:06 +03:00
2f2699f97b
mainly to avoid the pattern of * get username/hostname/rolename * optionally find the corresponding ACL_USER and ACL_ROLE * allocate memory, concatenate username/hostname/rolename * call a function passing only this memory as an argument ** use concatenated username/etc to find ACL_USER and ACL_ROLE again ** do something * free the object Also to undo push_dynamic we use pop_dynamic now, not a linear search/scan through the dynamic array. as a bonus, role@ is now an invalid way to refer to a role.
79 lines
1.9 KiB
Plaintext
79 lines
1.9 KiB
Plaintext
|
|
#create a user with no privileges
|
|
create user test_user@localhost;
|
|
create role test_role1;
|
|
grant test_role1 to test_user@localhost;
|
|
create role test_role2;
|
|
grant test_role2 to test_role1;
|
|
|
|
--sorted_result
|
|
select user, host from mysql.user where user not like 'root';
|
|
--sorted_result
|
|
select * from mysql.roles_mapping where User like 'test_user';
|
|
--sorted_result
|
|
select * from mysql.roles_mapping where User like 'test_role1';
|
|
grant select on *.* to test_role2;
|
|
--sorted_result
|
|
select * from mysql.user where user like 'test_role1';
|
|
--sorted_result
|
|
select * from mysql.user where user like 'test_role2';
|
|
|
|
change_user 'test_user';
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
select * from mysql.roles_mapping;
|
|
|
|
--sorted_result
|
|
show grants;
|
|
select current_user(), current_role();
|
|
set role test_role1;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
select * from mysql.roles_mapping where Host='';
|
|
|
|
--sorted_result
|
|
show grants;
|
|
set role none;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
select * from mysql.roles_mapping;
|
|
|
|
--sorted_result
|
|
show grants;
|
|
--error ER_INVALID_ROLE
|
|
set role test_role2;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
select * from mysql.roles_mapping;
|
|
|
|
#Make sure that this still works after an ER_INVALID_ROLE error
|
|
--sorted_result
|
|
show grants;
|
|
set role test_role1;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
--sorted_result
|
|
select * from mysql.roles_mapping where Host='';
|
|
|
|
--sorted_result
|
|
show grants;
|
|
set role none;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
select * from mysql.roles_mapping;
|
|
|
|
change_user 'root';
|
|
delete from mysql.user where user='test_role1';
|
|
delete from mysql.user where user='test_role2';
|
|
delete from mysql.roles_mapping;
|
|
flush privileges;
|
|
drop user 'test_user'@'localhost';
|