Loading mysql-test/r/grant.result +22 −0 Original line number Diff line number Diff line Loading @@ -36,6 +36,28 @@ Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'MySQL AB' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA' delete from mysql.user where user='mysqltest_1'; flush privileges; delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N 10 0 0 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N 10 20 30 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 flush privileges; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 delete from mysql.user where user='mysqltest_1'; flush privileges; grant CREATE TEMPORARY TABLES, LOCK TABLES on mysqltest.* to mysqltest_1@localhost; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost Loading mysql-test/t/grant.test +17 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,23 @@ show grants for mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; flush privileges; # # Test of GRANTS specifying user limits # delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; # This is just to double check that one won't ignore results of selects flush privileges; show grants for mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; flush privileges; # # Test that the new db privileges are stored/retrieved correctly # Loading sql/sql_acl.cc +30 −26 Original line number Diff line number Diff line Loading @@ -1403,6 +1403,7 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, Field **tmp_field; ulong priv; uint next_field; for (tmp_field= table->field+3, priv = SELECT_ACL; *tmp_field && (*tmp_field)->real_type() == FIELD_TYPE_ENUM && ((Field_enum*) (*tmp_field))->typelib->count == 2 ; Loading @@ -1411,56 +1412,59 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, if (priv & rights) // set requested privileges (*tmp_field)->store(&what,1); } rights=get_access(table,3,0); rights= get_access(table, 3, &next_field); DBUG_PRINT("info",("table->fields: %d",table->fields)); if (table->fields >= 31) /* From 4.0.0 we have more fields */ { /* We write down SSL related ACL stuff */ switch (thd->lex.ssl_type) { case SSL_TYPE_ANY: table->field[24]->store("ANY",3); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("ANY", 3); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; case SSL_TYPE_X509: table->field[24]->store("X509",4); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("X509", 4); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; case SSL_TYPE_SPECIFIED: table->field[24]->store("SPECIFIED",9); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("SPECIFIED", 9); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); if (thd->lex.ssl_cipher) table->field[25]->store(thd->lex.ssl_cipher, table->field[next_field+1]->store(thd->lex.ssl_cipher, strlen(thd->lex.ssl_cipher)); if (thd->lex.x509_issuer) table->field[26]->store(thd->lex.x509_issuer, table->field[next_field+2]->store(thd->lex.x509_issuer, strlen(thd->lex.x509_issuer)); if (thd->lex.x509_subject) table->field[27]->store(thd->lex.x509_subject, table->field[next_field+3]->store(thd->lex.x509_subject, strlen(thd->lex.x509_subject)); break; case SSL_TYPE_NOT_SPECIFIED: break; case SSL_TYPE_NONE: table->field[24]->store("",0); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("", 0); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; } /* Skip over SSL related fields to first user limits related field */ next_field+= 4; USER_RESOURCES mqh = thd->lex.mqh; if (mqh.bits & 1) table->field[28]->store((longlong) mqh.questions); table->field[next_field]->store((longlong) mqh.questions); if (mqh.bits & 2) table->field[29]->store((longlong) mqh.updates); table->field[next_field+1]->store((longlong) mqh.updates); if (mqh.bits & 4) table->field[30]->store((longlong) mqh.connections); table->field[next_field+2]->store((longlong) mqh.connections); mqh_used = mqh_used || mqh.questions || mqh.updates || mqh.connections; } if (old_row_exists) Loading Loading
mysql-test/r/grant.result +22 −0 Original line number Diff line number Diff line Loading @@ -36,6 +36,28 @@ Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE ISSUER 'MySQL AB' SUBJECT 'testsubject' CIPHER 'EDH-RSA-DES-CBC3-SHA' delete from mysql.user where user='mysqltest_1'; flush privileges; delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N 10 0 0 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N 10 20 30 show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 flush privileges; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 delete from mysql.user where user='mysqltest_1'; flush privileges; grant CREATE TEMPORARY TABLES, LOCK TABLES on mysqltest.* to mysqltest_1@localhost; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost Loading
mysql-test/t/grant.test +17 −0 Original line number Diff line number Diff line Loading @@ -27,6 +27,23 @@ show grants for mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; flush privileges; # # Test of GRANTS specifying user limits # delete from mysql.user where user='mysqltest_1'; flush privileges; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; select * from mysql.user where user="mysqltest_1"; show grants for mysqltest_1@localhost; # This is just to double check that one won't ignore results of selects flush privileges; show grants for mysqltest_1@localhost; delete from mysql.user where user='mysqltest_1'; flush privileges; # # Test that the new db privileges are stored/retrieved correctly # Loading
sql/sql_acl.cc +30 −26 Original line number Diff line number Diff line Loading @@ -1403,6 +1403,7 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, Field **tmp_field; ulong priv; uint next_field; for (tmp_field= table->field+3, priv = SELECT_ACL; *tmp_field && (*tmp_field)->real_type() == FIELD_TYPE_ENUM && ((Field_enum*) (*tmp_field))->typelib->count == 2 ; Loading @@ -1411,56 +1412,59 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo, if (priv & rights) // set requested privileges (*tmp_field)->store(&what,1); } rights=get_access(table,3,0); rights= get_access(table, 3, &next_field); DBUG_PRINT("info",("table->fields: %d",table->fields)); if (table->fields >= 31) /* From 4.0.0 we have more fields */ { /* We write down SSL related ACL stuff */ switch (thd->lex.ssl_type) { case SSL_TYPE_ANY: table->field[24]->store("ANY",3); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("ANY", 3); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; case SSL_TYPE_X509: table->field[24]->store("X509",4); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("X509", 4); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; case SSL_TYPE_SPECIFIED: table->field[24]->store("SPECIFIED",9); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("SPECIFIED", 9); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); if (thd->lex.ssl_cipher) table->field[25]->store(thd->lex.ssl_cipher, table->field[next_field+1]->store(thd->lex.ssl_cipher, strlen(thd->lex.ssl_cipher)); if (thd->lex.x509_issuer) table->field[26]->store(thd->lex.x509_issuer, table->field[next_field+2]->store(thd->lex.x509_issuer, strlen(thd->lex.x509_issuer)); if (thd->lex.x509_subject) table->field[27]->store(thd->lex.x509_subject, table->field[next_field+3]->store(thd->lex.x509_subject, strlen(thd->lex.x509_subject)); break; case SSL_TYPE_NOT_SPECIFIED: break; case SSL_TYPE_NONE: table->field[24]->store("",0); table->field[25]->store("",0); table->field[26]->store("",0); table->field[27]->store("",0); table->field[next_field]->store("", 0); table->field[next_field+1]->store("", 0); table->field[next_field+2]->store("", 0); table->field[next_field+3]->store("", 0); break; } /* Skip over SSL related fields to first user limits related field */ next_field+= 4; USER_RESOURCES mqh = thd->lex.mqh; if (mqh.bits & 1) table->field[28]->store((longlong) mqh.questions); table->field[next_field]->store((longlong) mqh.questions); if (mqh.bits & 2) table->field[29]->store((longlong) mqh.updates); table->field[next_field+1]->store((longlong) mqh.updates); if (mqh.bits & 4) table->field[30]->store((longlong) mqh.connections); table->field[next_field+2]->store((longlong) mqh.connections); mqh_used = mqh_used || mqh.questions || mqh.updates || mqh.connections; } if (old_row_exists) Loading
