Loading mysql-test/r/alter_table.result +1 −1 Original line number Diff line number Diff line Loading @@ -121,7 +121,7 @@ create database mysqltest; create table mysqltest.t1 (a int,b int,c int); grant all on mysqltest.t1 to mysqltest_1@localhost; alter table t1 rename t2; insert command denied to user: 'mysqltest_1@localhost' for table 't2' INSERT,CREATE command denied to user: 'mysqltest_1@localhost' for table 't2' revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; drop database mysqltest; Loading mysql-test/r/grant.result +1 −1 Original line number Diff line number Diff line Loading @@ -198,7 +198,7 @@ GRANT UPDATE (d) ON `mysqltest_2`.`t2` TO 'mysqltest_3'@'localhost' update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1; UPDATE command denied to user: 'mysqltest_3@localhost' for column 'q' in table 't1' update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1; select command denied to user: 'mysqltest_3@localhost' for table 't1' SELECT command denied to user: 'mysqltest_3@localhost' for table 't1' update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1; UPDATE command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' update mysqltest_2.t1, mysqltest_2.t2 set d=10 where s=2; Loading mysql-test/r/grant_cache.result +3 −3 Original line number Diff line number Diff line Loading @@ -121,7 +121,7 @@ a b c a 1 1 1 test.t1 2 2 2 test.t1 select * from t2; select command denied to user: 'mysqltest_2@localhost' for table 't2' SELECT command denied to user: 'mysqltest_2@localhost' for table 't2' show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 Loading @@ -135,7 +135,7 @@ select "user3"; user3 user3 select * from t1; select command denied to user: 'mysqltest_3@localhost' for column 'b' in table 't1' SELECT command denied to user: 'mysqltest_3@localhost' for column 'b' in table 't1' select a from t1; a 1 Loading @@ -143,7 +143,7 @@ a select c from t1; SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' select * from t2; select command denied to user: 'mysqltest_3@localhost' for table 't2' SELECT command denied to user: 'mysqltest_3@localhost' for table 't2' select mysqltest.t1.c from test.t1,mysqltest.t1; SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' show status like "Qcache_queries_in_cache"; Loading sql/sql_acl.cc +50 −50 Original line number Diff line number Diff line Loading @@ -2134,6 +2134,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); } if (!revoke_grant) { if (columns.elements && !revoke_grant) { TABLE *table; Loading @@ -2144,18 +2146,25 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); while ((column = column_iter++)) { if (!find_field_in_table(thd,table,column->column.ptr(), column->column.length(),0,0)) Field *f= find_field_in_table(thd,table,column->column.ptr(), column->column.length(),1,0); if (!f) { my_printf_error(ER_BAD_FIELD_ERROR,ER(ER_BAD_FIELD_ERROR),MYF(0), column->column.c_ptr(), table_list->alias); DBUG_RETURN(-1); } if (f == (Field*)-1) { DBUG_RETURN(-1); } column_priv|= column->rights; } close_thread_tables(thd); } else if (!(rights & CREATE_ACL) && !revoke_grant) else { if (!(rights & CREATE_ACL)) { char buf[FN_REFLEN]; sprintf(buf,"%s/%s/%s.frm",mysql_data_home, table_list->db, Loading @@ -2167,6 +2176,17 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); } } if (table_list->grant.want_privilege) { char command[128]; get_privilege_desc(command, sizeof(command), table_list->grant.want_privilege); my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), command, thd->priv_user, thd->host_or_ip, table_list->alias); DBUG_RETURN(-1); } } } /* open the mysql.tables_priv and mysql.columns_priv tables */ Loading Loading @@ -2636,25 +2656,8 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, pthread_mutex_unlock(&LOCK_grant); if (!no_errors) // Not a silent skip of table { const char *command=""; if (want_access & SELECT_ACL) command ="select"; else if (want_access & INSERT_ACL) command = "insert"; else if (want_access & UPDATE_ACL) command = "update"; else if (want_access & DELETE_ACL) command = "delete"; else if (want_access & DROP_ACL) command = "drop"; else if (want_access & CREATE_ACL) command = "create"; else if (want_access & ALTER_ACL) command = "alter"; else if (want_access & INDEX_ACL) command = "index"; else if (want_access & GRANT_ACL) command = "grant"; char command[128]; get_privilege_desc(command, sizeof(command), want_access); net_printf(&thd->net,ER_TABLEACCESS_DENIED_ERROR, command, thd->priv_user, Loading Loading @@ -2767,11 +2770,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table) err: pthread_mutex_unlock(&LOCK_grant); const char *command=""; if (want_access & SELECT_ACL) command ="select"; else if (want_access & INSERT_ACL) command = "insert"; char command[128]; get_privilege_desc(command, sizeof(command), want_access); my_printf_error(ER_COLUMNACCESS_DENIED_ERROR, ER(ER_COLUMNACCESS_DENIED_ERROR), MYF(0), Loading Loading
mysql-test/r/alter_table.result +1 −1 Original line number Diff line number Diff line Loading @@ -121,7 +121,7 @@ create database mysqltest; create table mysqltest.t1 (a int,b int,c int); grant all on mysqltest.t1 to mysqltest_1@localhost; alter table t1 rename t2; insert command denied to user: 'mysqltest_1@localhost' for table 't2' INSERT,CREATE command denied to user: 'mysqltest_1@localhost' for table 't2' revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; drop database mysqltest; Loading
mysql-test/r/grant.result +1 −1 Original line number Diff line number Diff line Loading @@ -198,7 +198,7 @@ GRANT UPDATE (d) ON `mysqltest_2`.`t2` TO 'mysqltest_3'@'localhost' update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1; UPDATE command denied to user: 'mysqltest_3@localhost' for column 'q' in table 't1' update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1; select command denied to user: 'mysqltest_3@localhost' for table 't1' SELECT command denied to user: 'mysqltest_3@localhost' for table 't1' update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1; UPDATE command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' update mysqltest_2.t1, mysqltest_2.t2 set d=10 where s=2; Loading
mysql-test/r/grant_cache.result +3 −3 Original line number Diff line number Diff line Loading @@ -121,7 +121,7 @@ a b c a 1 1 1 test.t1 2 2 2 test.t1 select * from t2; select command denied to user: 'mysqltest_2@localhost' for table 't2' SELECT command denied to user: 'mysqltest_2@localhost' for table 't2' show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 Loading @@ -135,7 +135,7 @@ select "user3"; user3 user3 select * from t1; select command denied to user: 'mysqltest_3@localhost' for column 'b' in table 't1' SELECT command denied to user: 'mysqltest_3@localhost' for column 'b' in table 't1' select a from t1; a 1 Loading @@ -143,7 +143,7 @@ a select c from t1; SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' select * from t2; select command denied to user: 'mysqltest_3@localhost' for table 't2' SELECT command denied to user: 'mysqltest_3@localhost' for table 't2' select mysqltest.t1.c from test.t1,mysqltest.t1; SELECT command denied to user: 'mysqltest_3@localhost' for column 'c' in table 't1' show status like "Qcache_queries_in_cache"; Loading
sql/sql_acl.cc +50 −50 Original line number Diff line number Diff line Loading @@ -2134,6 +2134,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); } if (!revoke_grant) { if (columns.elements && !revoke_grant) { TABLE *table; Loading @@ -2144,18 +2146,25 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); while ((column = column_iter++)) { if (!find_field_in_table(thd,table,column->column.ptr(), column->column.length(),0,0)) Field *f= find_field_in_table(thd,table,column->column.ptr(), column->column.length(),1,0); if (!f) { my_printf_error(ER_BAD_FIELD_ERROR,ER(ER_BAD_FIELD_ERROR),MYF(0), column->column.c_ptr(), table_list->alias); DBUG_RETURN(-1); } if (f == (Field*)-1) { DBUG_RETURN(-1); } column_priv|= column->rights; } close_thread_tables(thd); } else if (!(rights & CREATE_ACL) && !revoke_grant) else { if (!(rights & CREATE_ACL)) { char buf[FN_REFLEN]; sprintf(buf,"%s/%s/%s.frm",mysql_data_home, table_list->db, Loading @@ -2167,6 +2176,17 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, DBUG_RETURN(-1); } } if (table_list->grant.want_privilege) { char command[128]; get_privilege_desc(command, sizeof(command), table_list->grant.want_privilege); my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), command, thd->priv_user, thd->host_or_ip, table_list->alias); DBUG_RETURN(-1); } } } /* open the mysql.tables_priv and mysql.columns_priv tables */ Loading Loading @@ -2636,25 +2656,8 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, pthread_mutex_unlock(&LOCK_grant); if (!no_errors) // Not a silent skip of table { const char *command=""; if (want_access & SELECT_ACL) command ="select"; else if (want_access & INSERT_ACL) command = "insert"; else if (want_access & UPDATE_ACL) command = "update"; else if (want_access & DELETE_ACL) command = "delete"; else if (want_access & DROP_ACL) command = "drop"; else if (want_access & CREATE_ACL) command = "create"; else if (want_access & ALTER_ACL) command = "alter"; else if (want_access & INDEX_ACL) command = "index"; else if (want_access & GRANT_ACL) command = "grant"; char command[128]; get_privilege_desc(command, sizeof(command), want_access); net_printf(&thd->net,ER_TABLEACCESS_DENIED_ERROR, command, thd->priv_user, Loading Loading @@ -2767,11 +2770,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table) err: pthread_mutex_unlock(&LOCK_grant); const char *command=""; if (want_access & SELECT_ACL) command ="select"; else if (want_access & INSERT_ACL) command = "insert"; char command[128]; get_privilege_desc(command, sizeof(command), want_access); my_printf_error(ER_COLUMNACCESS_DENIED_ERROR, ER(ER_COLUMNACCESS_DENIED_ERROR), MYF(0), Loading
