mariadb/mysql-test/r/grant2.result

SET NAMES binary;
drop database if exists mysqltest;
drop database if exists mysqltest_1;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
select current_user();
current_user()
mysqltest_1@localhost
grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
show grants for mysqltest_2@localhost;
Grants for mysqltest_2@localhost
GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
show grants for mysqltest_3@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
flush privileges;
create database mysqltest_1;
grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option;
select current_user();
current_user()
mysqltest_1@localhost
show databases;
Database
mysqltest_1
test
grant all privileges on `mysqltest_1`.* to mysqltest_1@localhost with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest_1'
show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT ALL PRIVILEGES ON `mysqltest\_1`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
drop database mysqltest_1;
flush privileges;
create database mysqltest;
grant INSERT, SELECT on mysqltest.* to mysqltest_1@localhost;
flush privileges;
use mysqltest;
create table t1 (id int primary key, data varchar(255));
show grants for current_user();
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, INSERT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
insert into t1 values (1, 'I can''t change it!');
update t1 set data='I can change it!' where id = 1;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
insert into t1 values (1, 'XXX') on duplicate key update data= 'I can change it!';
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
select * from t1;
id	data
1	I can't change it!
drop table t1;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
flush privileges;
create table t1 (a int, b int);
grant select (a) on t1 to mysqltest_1@localhost with grant option;
grant select (a,b) on t1 to mysqltest_2@localhost;
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'
grant select on t1 to mysqltest_3@localhost;
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'
drop table t1;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
drop database mysqltest;
use test;
create database mysqltest_1;
create table mysqltest_1.t1 (i int);
insert into mysqltest_1.t1 values (1),(2),(3);
GRANT ALL ON mysqltest_1.t1 TO mysqltest_1@'127.0.0.0/255.0.0.0';
show grants for current_user();
Grants for mysqltest_1@127.0.0.0/255.0.0.0
GRANT USAGE ON *.* TO 'mysqltest_1'@'127.0.0.0/255.0.0.0'
GRANT ALL PRIVILEGES ON `mysqltest_1`.`t1` TO 'mysqltest_1'@'127.0.0.0/255.0.0.0'
select * from t1;
i
1
2
3
REVOKE ALL ON mysqltest_1.t1 FROM mysqltest_1@'127.0.0.0/255.0.0.0';
drop table mysqltest_1.t1;
drop database mysqltest_1;
Bug#4338: mysql-test-run fails if compiled with non-latin1 character set 2004-07-08 18:54:07 +05:00			`SET NAMES binary;`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`drop database if exists mysqltest;`
more wild_compare tests 2005-03-27 15:46:06 +02:00			`drop database if exists mysqltest_1;`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`delete from mysql.tables_priv where user like 'mysqltest\_%';`
			`delete from mysql.columns_priv where user like 'mysqltest\_%';`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`flush privileges;`
			grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
			`select current_user();`
			`current_user()`
			`mysqltest_1@localhost`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
			grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
Language/consistency edits to error messages and affected test results. 2004-06-15 22:18:20 -05:00			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			`show grants for mysqltest_1@localhost;`
			`Grants for mysqltest_1@localhost`
			`GRANT USAGE ON . TO 'mysqltest_1'@'localhost'`
			GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
			`show grants for mysqltest_2@localhost;`
			`Grants for mysqltest_2@localhost`
			`GRANT USAGE ON . TO 'mysqltest_2'@'localhost'`
			GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`show grants for mysqltest_3@localhost;`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			`ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`flush privileges;`
more wild_compare tests 2005-03-27 15:46:06 +02:00			`create database mysqltest_1;`
			grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option;
			`select current_user();`
			`current_user()`
			`mysqltest_1@localhost`
			`show databases;`
			`Database`
			`mysqltest_1`
			`test`
			grant all privileges on `mysqltest_1`.* to mysqltest_1@localhost with grant option;
			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest_1'`
			`show grants for mysqltest_1@localhost;`
			`Grants for mysqltest_1@localhost`
			`GRANT USAGE ON . TO 'mysqltest_1'@'localhost'`
			GRANT ALL PRIVILEGES ON `mysqltest\_1`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`drop database mysqltest_1;`
			`flush privileges;`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`create database mysqltest;`
			`grant INSERT, SELECT on mysqltest.* to mysqltest_1@localhost;`
			`flush privileges;`
			`use mysqltest;`
			`create table t1 (id int primary key, data varchar(255));`
			`show grants for current_user();`
			`Grants for mysqltest_1@localhost`
			`GRANT USAGE ON . TO 'mysqltest_1'@'localhost'`
			GRANT SELECT, INSERT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
			`insert into t1 values (1, 'I can''t change it!');`
			`update t1 set data='I can change it!' where id = 1;`
			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'`
			`insert into t1 values (1, 'XXX') on duplicate key update data= 'I can change it!';`
			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'`
			`select * from t1;`
			`id data`
			`1 I can't change it!`
			`drop table t1;`
			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`flush privileges;`
post-merge mysql-test/r/grant2.result: new test case mysql-test/r/variables.result: don't fail w/o innodb mysql-test/t/grant2.test: new test case mysql-test/t/multi_update.test: don't fail w/o innodb mysql-test/t/variables.test: don't fail w/o innodb sql/sql_acl.cc: cleanup 2004-12-31 11:52:14 +01:00			`create table t1 (a int, b int);`
			`grant select (a) on t1 to mysqltest_1@localhost with grant option;`
			`grant select (a,b) on t1 to mysqltest_2@localhost;`
			`ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'`
			`grant select on t1 to mysqltest_3@localhost;`
			`ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'`
			`drop table t1;`
			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`delete from mysql.tables_priv where user like 'mysqltest\_%';`
			`delete from mysql.columns_priv where user like 'mysqltest\_%';`
			`flush privileges;`
			`drop database mysqltest;`
			`use test;`
Fix bug in checking of table-specific grats that caused IP/NETMASK hostnames to not be matched correctly. (Bug #3309) sql/sql_acl.cc: Use an acl_host_or_ip in the GRANT_TABLE struct instead of storing the host itself, and use compare_hostname() in testing it. This adds support for IP addresses with netmasks to table-specific grants, and results in simplified code by making use of compare_hostname() in more places. mysql-test/r/grant2.result: Add new results mysql-test/t/grant2.test: Add new regression test 2005-03-02 16:30:24 -08:00			`create database mysqltest_1;`
			`create table mysqltest_1.t1 (i int);`
			`insert into mysqltest_1.t1 values (1),(2),(3);`
			`GRANT ALL ON mysqltest_1.t1 TO mysqltest_1@'127.0.0.0/255.0.0.0';`
			`show grants for current_user();`
			`Grants for mysqltest_1@127.0.0.0/255.0.0.0`
			`GRANT USAGE ON . TO 'mysqltest_1'@'127.0.0.0/255.0.0.0'`
			GRANT ALL PRIVILEGES ON `mysqltest_1`.`t1` TO 'mysqltest_1'@'127.0.0.0/255.0.0.0'
			`select * from t1;`
			`i`
			`1`
			`2`
			`3`
			`REVOKE ALL ON mysqltest_1.t1 FROM mysqltest_1@'127.0.0.0/255.0.0.0';`
			`drop table mysqltest_1.t1;`
			`drop database mysqltest_1;`