Loading mysql-test/r/information_schema.result +13 −0 Original line number Diff line number Diff line Loading @@ -1108,3 +1108,16 @@ routine_name delete from proc where name=''; use test; grant select on test.* to mysqltest_1@localhost; create table t1 (id int); create view v1 as select * from t1; create definer = mysqltest_1@localhost sql security definer view v2 as select 1; select * from information_schema.views where table_name='v1' or table_name='v2'; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE NULL test v1 NONE YES root@localhost DEFINER NULL test v2 select 1 AS `1` NONE NO mysqltest_1@localhost DEFINER drop view v1, v2; drop table t1; drop user mysqltest_1@localhost; mysql-test/t/information_schema.test +19 −0 Original line number Diff line number Diff line Loading @@ -822,3 +822,22 @@ INSERT INTO `proc` VALUES ('test','','PROCEDURE','','SQL','CONTAINS_SQL', select routine_name from information_schema.routines; delete from proc where name=''; use test; # # Bug#16681 information_schema shows forbidden VIEW details # grant select on test.* to mysqltest_1@localhost; create table t1 (id int); create view v1 as select * from t1; create definer = mysqltest_1@localhost sql security definer view v2 as select 1; connect (con16681,localhost,mysqltest_1,,test); connection con16681; select * from information_schema.views where table_name='v1' or table_name='v2'; connection default; drop view v1, v2; drop table t1; drop user mysqltest_1@localhost; sql/sql_show.cc +25 −3 Original line number Diff line number Diff line Loading @@ -3076,10 +3076,32 @@ static int get_schema_views_record(THD *thd, struct st_table_list *tables, if (tables->view) { Security_context *sctx= thd->security_ctx; ulong grant= SHOW_VIEW_ACL; #ifndef NO_EMBEDDED_ACCESS_CHECKS char *save_table_name= tables->table_name; if (!my_strcasecmp(system_charset_info, tables->definer.user.str, sctx->priv_user) && !my_strcasecmp(system_charset_info, tables->definer.host.str, sctx->priv_host)) grant= SHOW_VIEW_ACL; else { tables->table_name= tables->view_name.str; if (check_access(thd, SHOW_VIEW_ACL , base_name, &tables->grant.privilege, 0, 1, test(tables->schema_table))) grant= get_table_grant(thd, tables); else grant= tables->grant.privilege; } tables->table_name= save_table_name; #endif restore_record(table, s->default_values); table->field[1]->store(tables->view_db.str, tables->view_db.length, cs); table->field[2]->store(tables->view_name.str, tables->view_name.length, cs); table->field[2]->store(tables->view_name.str, tables->view_name.length, cs); if (grant & SHOW_VIEW_ACL) table->field[3]->store(tables->query.str, tables->query.length, cs); if (tables->with_check != VIEW_CHECK_NONE) Loading Loading
mysql-test/r/information_schema.result +13 −0 Original line number Diff line number Diff line Loading @@ -1108,3 +1108,16 @@ routine_name delete from proc where name=''; use test; grant select on test.* to mysqltest_1@localhost; create table t1 (id int); create view v1 as select * from t1; create definer = mysqltest_1@localhost sql security definer view v2 as select 1; select * from information_schema.views where table_name='v1' or table_name='v2'; TABLE_CATALOG TABLE_SCHEMA TABLE_NAME VIEW_DEFINITION CHECK_OPTION IS_UPDATABLE DEFINER SECURITY_TYPE NULL test v1 NONE YES root@localhost DEFINER NULL test v2 select 1 AS `1` NONE NO mysqltest_1@localhost DEFINER drop view v1, v2; drop table t1; drop user mysqltest_1@localhost;
mysql-test/t/information_schema.test +19 −0 Original line number Diff line number Diff line Loading @@ -822,3 +822,22 @@ INSERT INTO `proc` VALUES ('test','','PROCEDURE','','SQL','CONTAINS_SQL', select routine_name from information_schema.routines; delete from proc where name=''; use test; # # Bug#16681 information_schema shows forbidden VIEW details # grant select on test.* to mysqltest_1@localhost; create table t1 (id int); create view v1 as select * from t1; create definer = mysqltest_1@localhost sql security definer view v2 as select 1; connect (con16681,localhost,mysqltest_1,,test); connection con16681; select * from information_schema.views where table_name='v1' or table_name='v2'; connection default; drop view v1, v2; drop table t1; drop user mysqltest_1@localhost;
sql/sql_show.cc +25 −3 Original line number Diff line number Diff line Loading @@ -3076,10 +3076,32 @@ static int get_schema_views_record(THD *thd, struct st_table_list *tables, if (tables->view) { Security_context *sctx= thd->security_ctx; ulong grant= SHOW_VIEW_ACL; #ifndef NO_EMBEDDED_ACCESS_CHECKS char *save_table_name= tables->table_name; if (!my_strcasecmp(system_charset_info, tables->definer.user.str, sctx->priv_user) && !my_strcasecmp(system_charset_info, tables->definer.host.str, sctx->priv_host)) grant= SHOW_VIEW_ACL; else { tables->table_name= tables->view_name.str; if (check_access(thd, SHOW_VIEW_ACL , base_name, &tables->grant.privilege, 0, 1, test(tables->schema_table))) grant= get_table_grant(thd, tables); else grant= tables->grant.privilege; } tables->table_name= save_table_name; #endif restore_record(table, s->default_values); table->field[1]->store(tables->view_db.str, tables->view_db.length, cs); table->field[2]->store(tables->view_name.str, tables->view_name.length, cs); table->field[2]->store(tables->view_name.str, tables->view_name.length, cs); if (grant & SHOW_VIEW_ACL) table->field[3]->store(tables->query.str, tables->query.length, cs); if (tables->with_check != VIEW_CHECK_NONE) Loading
