mirror of
https://github.com/MariaDB/server.git
synced 2025-08-26 01:44:06 +03:00
20b938ec97
This variable is defined by default and one should not do it directly as the socket variable is not available on Windows.
222 lines
7.1 KiB
PHP
222 lines
7.1 KiB
PHP
#======================================================================
|
|
#
|
|
# Trigger Tests
|
|
# test cases for TRIGGER privilege on db, table and column level
|
|
#======================================================================
|
|
|
|
--disable_abort_on_error
|
|
|
|
############################################
|
|
################ Section 3.5.3 #############
|
|
# basic tests for the db level of Triggers #
|
|
############################################
|
|
|
|
# General setup to be used in all testcases
|
|
let $message= Testcase for db level:;
|
|
--source include/show_msg.inc
|
|
|
|
--disable_warnings
|
|
drop database if exists priv_db;
|
|
drop database if exists no_priv_db;
|
|
--enable_warnings
|
|
create database priv_db;
|
|
create database no_priv_db;
|
|
use priv_db;
|
|
eval create table t1 (f1 char(20)) engine= $engine_type;
|
|
|
|
create User test_yesprivs@localhost;
|
|
set password for test_yesprivs@localhost = password('PWD');
|
|
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
|
|
grant select on priv_db.* to test_yesprivs@localhost;
|
|
show grants for test_yesprivs@localhost;
|
|
|
|
create User test_noprivs@localhost;
|
|
set password for test_noprivs@localhost = password('PWD');
|
|
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
|
|
grant select,insert on priv_db.* to test_noprivs@localhost;
|
|
show grants for test_noprivs@localhost;
|
|
|
|
# no trigger privilege->create trigger must fail:
|
|
--replace_result $MASTER_MYPORT MASTER_MYPORT $MASTER_MYSOCK MASTER_MYSOCK
|
|
connect (yes_privs,localhost,test_yesprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK);
|
|
let $message= no trigger privilege on db level for create:;
|
|
--source include/show_msg.inc
|
|
use priv_db;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
create trigger trg1_1 before INSERT on t1 for each row
|
|
set new.f1 = 'trig 1_1-no';
|
|
|
|
# user with minimum privs on t1->no trigger executed;
|
|
--replace_result $MASTER_MYPORT MASTER_MYPORT $MASTER_MYSOCK MASTER_MYSOCK
|
|
connect (no_privs,localhost,test_noprivs,PWD,test,$MASTER_MYPORT,$MASTER_MYSOCK);
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
|
|
connection default;
|
|
select current_user;
|
|
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
|
|
show grants for test_yesprivs@localhost;
|
|
|
|
# user got trigger privilege->create successful:
|
|
let $message= trigger privilege on db level for create:;
|
|
--source include/show_msg.inc
|
|
connection yes_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
create trigger trg1_2 before INSERT on t1 for each row
|
|
set new.f1 = 'trig 1_2-yes';
|
|
|
|
# user with minimum privs on t1->fail,as trigger definer no update priv:;
|
|
connection no_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
|
|
connection default;
|
|
select current_user;
|
|
grant UPDATE on priv_db.* to test_yesprivs@localhost;
|
|
# succeed,as trigger definer has update privilege:
|
|
# new privilege take effect after 'use db':
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-no');
|
|
select f1 from t1 order by f1;
|
|
|
|
# succeed:
|
|
connection no_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
|
|
connection default;
|
|
select current_user;
|
|
revoke TRIGGER on priv_db.* from test_yesprivs@localhost;
|
|
show grants for test_yesprivs@localhost;
|
|
|
|
# drop must fail, as no trigger privilege:
|
|
let $message= no trigger privilege on db level for drop:;
|
|
--source include/show_msg.inc
|
|
connection yes_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
drop trigger trg1_2;
|
|
|
|
connection no_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
# no trigger privilege at activation time:
|
|
let $message= no trigger privilege at activation time:;
|
|
--source include/show_msg.inc
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
|
|
let $message= trigger privilege at activation time:;
|
|
--source include/show_msg.inc
|
|
connection default;
|
|
select current_user;
|
|
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
|
|
|
|
# succeed, as trigger privilege at activation time:
|
|
connection no_privs;
|
|
select current_user;
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-no');
|
|
select f1 from t1 order by f1;
|
|
# drop must fail, as no 'use db' executed:
|
|
let $message= trigger privilege on db level for drop:;
|
|
--source include/show_msg.inc
|
|
connection yes_privs;
|
|
select current_user;
|
|
show grants for test_yesprivs@localhost;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
drop trigger trg1_2;
|
|
|
|
# succeed
|
|
let $message= takes effect after use priv_db:;
|
|
--source include/show_msg.inc
|
|
use priv_db;
|
|
drop trigger trg1_2;
|
|
|
|
connection default;
|
|
select current_user;
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
|
|
let $message= switch to db without having trigger priv for it:;
|
|
--source include/show_msg.inc
|
|
use no_priv_db;
|
|
eval create table t1 (f1 char(20)) engine= $engine_type;
|
|
# Adding the minimal priv to be able to set to the db
|
|
grant SELECT,UPDATE on no_priv_db.* to test_yesprivs@localhost;
|
|
show grants for test_yesprivs@localhost;
|
|
|
|
# trigger privilege is hold over changes between priv and no priv db:
|
|
let $message= use db with trigger privilege on db level and without...:;
|
|
--source include/show_msg.inc
|
|
connection yes_privs;
|
|
select current_user;
|
|
use no_priv_db;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
create trigger trg1_3 before INSERT on t1 for each row
|
|
set new.f1 = 'trig 1_3-no';
|
|
use priv_db;
|
|
create trigger trg1_3 before INSERT on t1 for each row
|
|
set new.f1 = 'trig 1_3-yes';
|
|
use no_priv_db;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
create trigger trg1_4 before UPDATE on t1 for each row
|
|
set new.f1 = 'trig 1_4-no';
|
|
use priv_db;
|
|
create trigger trg1_4 before UPDATE on t1 for each row
|
|
set new.f1 = 'trig 1_4-yes';
|
|
|
|
connection no_privs;
|
|
select current_user;
|
|
use no_priv_db;
|
|
insert into t1 (f1) values ('insert-yes');
|
|
select f1 from t1 order by f1;
|
|
use priv_db;
|
|
insert into t1 (f1) values ('insert-no');
|
|
select f1 from t1 order by f1;
|
|
--disable_warnings
|
|
disconnect no_privs;
|
|
--enable_warnings
|
|
|
|
connection yes_privs;
|
|
select current_user;
|
|
use no_priv_db;
|
|
--error ER_TRG_DOES_NOT_EXIST
|
|
drop trigger trg1_3;
|
|
use priv_db;
|
|
drop trigger trg1_3;
|
|
use no_priv_db;
|
|
--error ER_TRG_DOES_NOT_EXIST
|
|
drop trigger trg1_4;
|
|
use priv_db;
|
|
drop trigger trg1_4;
|
|
|
|
|
|
# Cleanup db level
|
|
--disable_warnings
|
|
disconnect yes_privs;
|
|
|
|
connection default;
|
|
select current_user;
|
|
drop table priv_db.t1;
|
|
drop table no_priv_db.t1;
|
|
--enable_warnings
|
|
|
|
# general Cleanup
|
|
--disable_warnings
|
|
drop database if exists priv_db;
|
|
drop database if exists no_priv_db;
|
|
drop user test_yesprivs@localhost;
|
|
drop user test_noprivs@localhost;
|
|
--enable_warnings
|
|
|