mariadb/mysql-test/r/acl_roles_show_grants.result

create user 'test_user'@'localhost';
create role test_role1;
create role test_role2;
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
'test_user',
'test_role1');
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
'test_user',
'test_role2');
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
'test_role1',
'test_role2');
select user, host from mysql.user where user not like 'root';
user	host
test_role1	
test_role2	
test_user	localhost
select * from mysql.roles_mapping;
HostFk	UserFk	RoleFk
	test_role1	test_role2
localhost	test_user	test_role1
localhost	test_user	test_role2
flush privileges;
select user, host from mysql.db;
user	host
	%
	%
grant select on mysql.* to test_role2;
flush privileges;
show grants;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	NULL
set role test_role1;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	test_role1
show grants;
Grants for test_user@localhost
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role1'
GRANT USAGE ON *.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_role1'
GRANT test_role2 TO 'test_user'@'localhost'
set role none;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	NULL
show grants;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for test_user@localhost;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for test_role1;
ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
show grants for test_role2;
ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
show grants for CURRENT_USER;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for CURRENT_USER();
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for CURRENT_ROLE;
ERROR 42000: There is no such grant defined for user 'test_user' on host 'localhost'
show grants for CURRENT_ROLE();
ERROR 42000: There is no such grant defined for user 'test_user' on host 'localhost'
set role test_role2;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	test_role2
show grants;
Grants for test_user@localhost
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for test_user@localhost;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for test_role1;
Grants for test_role1
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role1'
GRANT USAGE ON *.* TO 'test_role2'
GRANT test_role2 TO 'test_role1'
show grants for test_role2;
Grants for test_role2
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role2'
show grants for CURRENT_USER;
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for CURRENT_USER();
Grants for test_user@localhost
GRANT USAGE ON *.* TO 'test_user'@'localhost'
GRANT test_role1 TO 'test_user'@'localhost'
GRANT test_role2 TO 'test_user'@'localhost'
show grants for CURRENT_ROLE;
Grants for test_role2
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role2'
show grants for CURRENT_ROLE();
Grants for test_role2
GRANT SELECT ON `mysql`.* TO 'test_role2'
GRANT USAGE ON *.* TO 'test_role2'
drop user 'test_user'@'localhost';
revoke select on mysql.* from test_role2;
drop role test_role1;
drop role test_role2;
delete from mysql.roles_mapping where RoleFk='test_role1';
delete from mysql.roles_mapping where RoleFk='test_role2';
flush privileges;
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`create user 'test_user'@'localhost';`
GRANT/REVOKE should specify role name as 'role' not as 'role'@'%' 2013-10-18 18:08:42 +02:00			`create role test_role1;`
			`create role test_role2;`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',`
			`'test_user',`
			`'test_role1');`
			`insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',`
			`'test_user',`
			`'test_role2');`
			`insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',`
			`'test_role1',`
			`'test_role2');`
			`select user, host from mysql.user where user not like 'root';`
			`user host`
			`test_role1`
			`test_role2`
			`test_user localhost`
			`select * from mysql.roles_mapping;`
			`HostFk UserFk RoleFk`
			`test_role1 test_role2`
			`localhost test_user test_role1`
			`localhost test_user test_role2`
			`flush privileges;`
			`select user, host from mysql.db;`
			`user host`
			`%`
			`%`
GRANT/REVOKE should specify role name as 'role' not as 'role'@'%' 2013-10-18 18:08:42 +02:00			`grant select on mysql.* to test_role2;`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`flush privileges;`
			`show grants;`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
CURRENT_ROLE() function 2013-10-18 15:55:26 +02:00			`select current_user(), current_role();`
			`current_user() current_role()`
CURRENT_ROLE() should return NULL, not "NONE" 2013-10-18 18:09:08 +02:00			`test_user@localhost NULL`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`set role test_role1;`
CURRENT_ROLE() function 2013-10-18 15:55:26 +02:00			`select current_user(), current_role();`
			`current_user() current_role()`
			`test_user@localhost test_role1`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`show grants;`
			`Grants for test_user@localhost`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role1'`
			`GRANT USAGE ON . TO 'test_role2'`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_role1'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`set role none;`
CURRENT_ROLE() function 2013-10-18 15:55:26 +02:00			`select current_user(), current_role();`
			`current_user() current_role()`
CURRENT_ROLE() should return NULL, not "NONE" 2013-10-18 18:09:08 +02:00			`test_user@localhost NULL`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`show grants;`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for test_user@localhost;`
Fixes for mysql-test failures mysql-test/r/acl_roles_show_grants.result: one can do SHOW GRANTS for himself mysql-test/t/acl_roles_set_role-table-column-priv.test: correct error message mysql-test/t/acl_roles_show_grants.test: one can SHOW GRANTS for himself sql/sql_acl.cc: bugfixing: * don't assign with && - it can shortcut and the second assignment won't be executed * correct the test in check_grant_all_columns() - want_access should not be modified * sql/sql_cmd.h.OTHER: add new commands at the end sql/sql_db.cc: don't call acl_get() if all privileges are already satisfied (crashes when run with --skip-grants, because acl data stuctures aren't initialized) sql/sql_parse.cc: * test for current_user in get_current_user() * map explicitly specified user@host to current_user 2013-10-18 17:10:51 +02:00			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
cannot use lex->grant_user= &current_user, where LEX_USER current_user is a global constant, because parser might modify the lex->user (e.g. set lex->user-password). switch to use LEX_STRING current_user string, and also change other similar constants to be LEX_STRING's for consistency. 2013-10-18 17:17:56 +02:00			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`show grants for test_role1;`
			`ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'`
			`show grants for test_role2;`
			`ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'`
			`show grants for CURRENT_USER;`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for CURRENT_USER();`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for CURRENT_ROLE;`
			`ERROR 42000: There is no such grant defined for user 'test_user' on host 'localhost'`
			`show grants for CURRENT_ROLE();`
			`ERROR 42000: There is no such grant defined for user 'test_user' on host 'localhost'`
			`set role test_role2;`
CURRENT_ROLE() function 2013-10-18 15:55:26 +02:00			`select current_user(), current_role();`
			`current_user() current_role()`
			`test_user@localhost test_role2`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`show grants;`
			`Grants for test_user@localhost`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role2'`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for test_user@localhost;`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for test_role1;`
			`Grants for test_role1`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role1'`
			`GRANT USAGE ON . TO 'test_role2'`
			`GRANT test_role2 TO 'test_role1'`
			`show grants for test_role2;`
			`Grants for test_role2`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role2'`
			`show grants for CURRENT_USER;`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for CURRENT_USER();`
			`Grants for test_user@localhost`
			`GRANT USAGE ON . TO 'test_user'@'localhost'`
			`GRANT test_role1 TO 'test_user'@'localhost'`
			`GRANT test_role2 TO 'test_user'@'localhost'`
			`show grants for CURRENT_ROLE;`
			`Grants for test_role2`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role2'`
			`show grants for CURRENT_ROLE();`
			`Grants for test_role2`
			GRANT SELECT ON `mysql`.* TO 'test_role2'
			`GRANT USAGE ON . TO 'test_role2'`
			`drop user 'test_user'@'localhost';`
GRANT/REVOKE should specify role name as 'role' not as 'role'@'%' 2013-10-18 18:08:42 +02:00			`revoke select on mysql.* from test_role2;`
			`drop role test_role1;`
			`drop role test_role2;`
Implemented SHOW GRANTS functionality 2013-10-18 15:40:25 +02:00			`delete from mysql.roles_mapping where RoleFk='test_role1';`
			`delete from mysql.roles_mapping where RoleFk='test_role2';`
			`flush privileges;`