mariadb/mysql-test/r/grant2.result

SET NAMES binary;
drop database if exists mysqltest;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
select current_user();
current_user()
mysqltest_1@localhost
select current_user;
current_user
mysqltest_1@localhost
grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
show grants for mysqltest_2@localhost;
Grants for mysqltest_2@localhost
GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
show grants for mysqltest_3@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
flush privileges;
create database mysqltest;
grant INSERT, SELECT on mysqltest.* to mysqltest_1@localhost;
flush privileges;
use mysqltest;
create table t1 (id int primary key, data varchar(255));
show grants for current_user();
Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
GRANT SELECT, INSERT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
use mysqltest;
insert into t1 values (1, 'I can''t change it!');
update t1 set data='I can change it!' where id = 1;
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
insert into t1 values (1, 'XXX') on duplicate key update data= 'I can change it!';
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
select * from t1;
id	data
1	I can't change it!
drop table t1;
drop database mysqltest;
use test;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
flush privileges;
Bug#4338: mysql-test-run fails if compiled with non-latin1 character set 2004-07-08 18:54:07 +05:00			`SET NAMES binary;`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`drop database if exists mysqltest;`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`delete from mysql.tables_priv where user like 'mysqltest\_%';`
			`delete from mysql.columns_priv where user like 'mysqltest\_%';`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`flush privileges;`
			grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
			`select current_user();`
			`current_user()`
			`mysqltest_1@localhost`
WL1368: SHOW GRANTS FOR CURRENT USER 'SHOW GRANTS' syntax is added 'SHOW GRANTS FOR CURRENT_USER' syntax is added 'SHOW GRANTS FOR CURRENT_USER()' syntax is added CURRENT_USER without parens in expressions(SELECT CURRENT_USER;) mysql-test/r/grant2.result: WL1368: SHOW GRANTS FOR CURRENT USER mysql-test/r/grant_cache.result: WL1368: SHOW GRANTS FOR CURRENT USER mysql-test/t/grant2.test: WL1368: SHOW GRANTS FOR CURRENT USER mysql-test/t/grant_cache.test: WL1368: SHOW GRANTS FOR CURRENT USER sql/lex.h: WL1368: SHOW GRANTS FOR CURRENT USER sql/sql_yacc.yy: WL1368: SHOW GRANTS FOR CURRENT USER 2004-04-05 17:55:26 +05:00			`select current_user;`
			`current_user`
			`mysqltest_1@localhost`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
			grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
Language/consistency edits to error messages and affected test results. 2004-06-15 22:18:20 -05:00			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			`show grants for mysqltest_1@localhost;`
			`Grants for mysqltest_1@localhost`
			`GRANT USAGE ON . TO 'mysqltest_1'@'localhost'`
			GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
			`show grants for mysqltest_2@localhost;`
			`Grants for mysqltest_2@localhost`
			`GRANT USAGE ON . TO 'mysqltest_2'@'localhost'`
			GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`show grants for mysqltest_3@localhost;`
now GRANT db.* ... compares patterns correctly to prevent privilege escalation 2003-07-22 22:21:23 +02:00			`ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'`
wild_compare fun: bug in GRANT db_pattern.* ... 2003-07-22 22:00:51 +02:00			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`flush privileges;`
Fix for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later. 2004-10-20 16:04:43 +04:00			`create database mysqltest;`
			`grant INSERT, SELECT on mysqltest.* to mysqltest_1@localhost;`
			`flush privileges;`
			`use mysqltest;`
			`create table t1 (id int primary key, data varchar(255));`
			`show grants for current_user();`
			`Grants for mysqltest_1@localhost`
			`GRANT USAGE ON . TO 'mysqltest_1'@'localhost'`
			GRANT SELECT, INSERT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
			`use mysqltest;`
			`insert into t1 values (1, 'I can''t change it!');`
			`update t1 set data='I can change it!' where id = 1;`
			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'`
			`insert into t1 values (1, 'XXX') on duplicate key update data= 'I can change it!';`
			`ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'`
			`select * from t1;`
			`id data`
			`1 I can't change it!`
			`drop table t1;`
			`drop database mysqltest;`
			`use test;`
			`delete from mysql.user where user like 'mysqltest\_%';`
			`delete from mysql.db where user like 'mysqltest\_%';`
			`flush privileges;`