Commit a43242ea authored by Martin Hansson's avatar Martin Hansson
Browse files

Bug#36086: SELECT * from views don't check column grants 

This patch also fixes bugs 36963 and 35600.
                      
- In many places a view was confused with an anonymous derived
  table, i.e. access checking was skipped. Fixed by introducing a
  predicate to tell the difference between named and anonymous
  derived tables.
                      
- When inserting fields for "SELECT * ", there was no 
  distinction between base tables and views, where one should be
  made. View privileges are checked elsewhere.
parent 4c318bf6

mysql-test/include/grant_cache.inc

+1 −1
Original line number Diff line number Diff line
@@ -136,7 +136,7 @@ connect (user3,localhost,mysqltest_3,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK); 
connection user3;

select "user3";

--replace_result 127.0.0.1 localhost

--error ER_COLUMNACCESS_DENIED_ERROR

--error ER_TABLEACCESS_DENIED_ERROR

select * from t1;

select a from t1;

--replace_result 127.0.0.1 localhost

mysql-test/r/grant2.result

+1 −1
Original line number Diff line number Diff line
@@ -434,7 +434,7 @@ USE db1; 
SELECT c FROM t2;

ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'

SELECT * FROM t2;

ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'

ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for table 't2'

SELECT * FROM t1 JOIN t2 USING (b);

ERROR 42000: SELECT command denied to user 'mysqltest1'@'localhost' for column 'c' in table 't2'

DROP TABLE db1.t1, db1.t2;

mysql-test/r/grant_cache_no_prot.result

+1 −1
Original line number Diff line number Diff line
@@ -155,7 +155,7 @@ select "user3"; 
user3

user3

select * from t1;

ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'b' in table 't1'

ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 't1'

select a from t1;

a

1

mysql-test/r/grant_cache_ps_prot.result

+1 −1
Original line number Diff line number Diff line
@@ -155,7 +155,7 @@ select "user3"; 
user3

user3

select * from t1;

ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'b' in table 't1'

ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 't1'

select a from t1;

a

1

mysql-test/r/view_grant.result

+32 −0
Original line number Diff line number Diff line
@@ -957,3 +957,35 @@ Warning 1356 View 'test.v1' references invalid table(s) or column(s) or function 
DROP VIEW v1;

DROP TABLE t1;

End of 5.1 tests.

CREATE USER mysqluser1@localhost;

CREATE DATABASE mysqltest1;

USE mysqltest1;

CREATE TABLE t1 ( a INT, b INT );

CREATE TABLE t2 ( a INT, b INT );

CREATE VIEW v1 AS SELECT a, b FROM t1;

GRANT SELECT( a ) ON v1 TO mysqluser1@localhost;

GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost;

SELECT * FROM mysqltest1.v1;

ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'

CREATE VIEW v1 AS SELECT * FROM mysqltest1.t2;

ERROR 42000: ANY command denied to user 'mysqluser1'@'localhost' for table 't2'

DROP TABLE t1, t2;

DROP VIEW v1;

DROP DATABASE mysqltest1;

DROP USER mysqluser1@localhost;

CREATE USER mysqluser1@localhost;

CREATE DATABASE mysqltest1;

USE mysqltest1;

CREATE VIEW v1 AS SELECT * FROM information_schema.tables LIMIT 1;

CREATE ALGORITHM = TEMPTABLE VIEW v2 AS SELECT 1 AS A;

GRANT SELECT ON mysqltest1.* to mysqluser1@localhost;

PREPARE stmt_v1     FROM "SELECT * FROM mysqltest1.v1";

PREPARE stmt_v2 FROM "SELECT * FROM mysqltest1.v2";

REVOKE SELECT ON mysqltest1.* FROM mysqluser1@localhost;

EXECUTE stmt_v1;

ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'

EXECUTE stmt_v2;

ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v2'

DROP VIEW v1, v2;

DROP DATABASE mysqltest1;

DROP USER mysqluser1@localhost;