database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-11-27 05:41:41 +03:00
Code Activity
Files
d2c019b200d7b9eb010a070c8bdbb9249e7dcffb
mariadb/mysql-test/suite/roles/set_role-database-simple.result
Oleksandr Byelkin 0253ea7f22 MDEV-19650: Privilege bug on MariaDB 10.4 
Also fixes:
MDEV-21487: Implement option for mysql_upgrade that allows root@localhost to be replaced
MDEV-21486: Implement option for mysql_install_db that allows root@localhost to be replaced

Add user mariadb.sys to be definer of user view
(and has right on underlying table global_priv for
required operation over global_priv
(SELECT,UPDATE,DELETE))

Also changed definer of gis functions in case of creation,
but they work with any definer so upgrade script do not try
to push this change.
2020-05-07 10:54:56 +02:00

54 lines
2.2 KiB
Plaintext
Raw Blame History

create user 'test_user'@'localhost';
create role test_role1;
grant test_role1 to test_user@localhost;
select user, host from mysql.user where user not like 'root';
User Host
mariadb.sys localhost
test_role1
test_user localhost
select * from mysql.roles_mapping;
Host User Role Admin_option
localhost root test_role1 Y
localhost test_user test_role1 N
grant select on mysql.* to test_role1;
grant insert, delete on mysql.roles_mapping to test_role1;
grant reload on *.* to test_role1;
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
select current_user(), current_role();
current_user() current_role()
test_user@localhost NULL
set role test_role1;
select current_user(), current_role();
current_user() current_role()
test_user@localhost test_role1
select * from mysql.roles_mapping;
Host User Role Admin_option
localhost root test_role1 Y
localhost test_user test_role1 N
insert into mysql.user (user, host) values ('Dummy', 'Dummy');
ERROR 42000: INSERT command denied to user 'test_user'@'localhost' for table 'user'
insert into mysql.roles_mapping values ('localhost', 'test_user', 'test_role2', 'N');
delete from mysql.roles_mapping where Role='test_role2';
use mysql;
set role none;
select current_user(), current_role();
current_user() current_role()
test_user@localhost NULL
use mysql;
ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
insert into mysql.user (user, host) values ('Dummy', 'Dummy');
ERROR 42000: INSERT command denied to user 'test_user'@'localhost' for table 'user'
insert into mysql.roles_mapping values ('localhost', 'test_user', 'test_role2', 'N');
ERROR 42000: INSERT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
delete from mysql.roles_mapping where Role='test_role2';
ERROR 42000: DELETE command denied to user 'test_user'@'localhost' for table 'roles_mapping'
drop user 'test_user'@'localhost';
revoke select on mysql.* from test_role1;
revoke insert, delete on mysql.roles_mapping from test_role1;
drop role test_role1;
delete from mysql.roles_mapping where Role='test_role1';
flush privileges;
View Git Blame Copy Permalink