Merge mysql.com:/home/kgeorge/mysql/5.0/teamclean

DROP VIEW v;

DROP TABLE t1;

USE test;

CREATE USER mysqltest_db1@localhost identified by 'PWD';

GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;

CREATE SCHEMA mysqltest_db1 ;

USE mysqltest_db1 ;

CREATE TABLE t1 (f1 INTEGER);

CREATE VIEW view1 AS

SELECT * FROM t1;

SHOW CREATE VIEW view1;

View	Create View

view1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view1` AS select `t1`.`f1` AS `f1` from `t1`

CREATE VIEW view2 AS

SELECT * FROM view1;

# Here comes a suspicious warning

SHOW CREATE VIEW view2;

View	Create View

view2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view2` AS select `view1`.`f1` AS `f1` from `view1`

# But the view view2 is usable

SELECT * FROM view2;

f1

CREATE VIEW view3 AS

SELECT * FROM view2;

SELECT * from view3;

f1

DROP VIEW mysqltest_db1.view3;

DROP VIEW mysqltest_db1.view2;

DROP VIEW mysqltest_db1.view1;

DROP TABLE mysqltest_db1.t1;

DROP SCHEMA mysqltest_db1;

DROP USER mysqltest_db1@localhost;

CREATE DATABASE test1;

CREATE DATABASE test2;

CREATE TABLE test1.t0 (a VARCHAR(20));

CREATE TABLE test2.t1 (a VARCHAR(20));

CREATE VIEW  test2.t3 AS SELECT * FROM test1.t0;

CREATE OR REPLACE VIEW test.v1 AS 

SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;

DROP VIEW test.v1;

DROP VIEW test2.t3;

DROP TABLE test2.t1, test1.t0;

DROP DATABASE test2;

DROP DATABASE test1;

USE test;

#

# Bug#20363: Create view on just created view is now denied

# BUG#20482: failure on Create join view with sources views/tables 

#             in different schemas

#

eval CREATE USER mysqltest_db1@localhost identified by 'PWD';

eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;

# The session with the non root user is needed.

--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK

connect (session1,localhost,mysqltest_db1,PWD,test);

CREATE SCHEMA mysqltest_db1 ;

USE mysqltest_db1 ;

CREATE TABLE t1 (f1 INTEGER);

CREATE VIEW view1 AS

SELECT * FROM t1;

SHOW CREATE VIEW view1;

CREATE VIEW view2 AS

SELECT * FROM view1;

--echo # Here comes a suspicious warning

SHOW CREATE VIEW view2;

--echo # But the view view2 is usable

SELECT * FROM view2;

CREATE VIEW view3 AS

SELECT * FROM view2;

SELECT * from view3;

--disable_warnings

CREATE DATABASE test1;

CREATE DATABASE test2;

--enable_warnings

connection default;

DROP VIEW mysqltest_db1.view3;

DROP VIEW mysqltest_db1.view2;

DROP VIEW mysqltest_db1.view1;

DROP TABLE mysqltest_db1.t1;

DROP SCHEMA mysqltest_db1;

DROP USER mysqltest_db1@localhost;

CREATE TABLE test1.t0 (a VARCHAR(20));

CREATE TABLE test2.t1 (a VARCHAR(20));

CREATE VIEW  test2.t3 AS SELECT * FROM test1.t0;

CREATE OR REPLACE VIEW test.v1 AS 

  SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;

DROP VIEW test.v1;

DROP VIEW test2.t3;

DROP TABLE test2.t1, test1.t0;

DROP DATABASE test2;

DROP DATABASE test1;

void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);

bool check_one_table_access(THD *thd, ulong privilege,

			   TABLE_LIST *tables);

bool check_single_table_access(THD *thd, ulong privilege,

			   TABLE_LIST *tables);

bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,

			  bool is_proc, bool no_errors);

bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);

  for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf)

    if (leaves_tmp->belong_to_view && 

        check_one_table_access(thd, want_access,  leaves_tmp))

        check_single_table_access(thd, want_access,  leaves_tmp))

    {

      tables->hide_view_error(thd);

      return TRUE;

/*

  Check grants for commands which work only with one table and all other

  tables belonging to subselects or implicitly opened tables.

  Check grants for commands which work only with one table.

  SYNOPSIS

    check_one_table_access()

    check_single_table_access()

    thd			Thread handler

    privilege		requested privilege

    all_tables		global table list of query

    1 - access denied, error is sent to client

*/

bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)

bool check_single_table_access(THD *thd, ulong privilege, 

                               TABLE_LIST *all_tables)

{

  Security_context * backup_ctx= thd->security_ctx;

    goto deny;

  thd->security_ctx= backup_ctx;

  return 0;

deny:

  thd->security_ctx= backup_ctx;

  return 1;

}

/*

  Check grants for commands which work only with one table and all other

  tables belonging to subselects or implicitly opened tables.

  SYNOPSIS

    check_one_table_access()

    thd			Thread handler

    privilege		requested privilege

    all_tables		global table list of query

  RETURN

    0 - OK

    1 - access denied, error is sent to client

*/

bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)

{

  if (check_single_table_access (thd,privilege,all_tables))

    return 1;

  /* Check rights on tables of subselects and implictly opened tables */

  TABLE_LIST *subselects_tables;

  if ((subselects_tables= all_tables->next_global))

  {

    if ((check_table_access(thd, SELECT_ACL, subselects_tables, 0)))

      goto deny;

      return 1;

  }

  return 0;

deny:

  thd->security_ctx= backup_ctx;

  return 1;

}