2013-10-18 05:52:29 +02:00
|
|
|
#create a user with no privileges
|
|
|
|
create user 'test_user'@'localhost';
|
|
|
|
|
|
|
|
create user 'r_sel'@'';
|
|
|
|
create user 'r_ins'@'';
|
|
|
|
create user 'r_upd'@'';
|
|
|
|
create user 'r_del'@'';
|
|
|
|
create user 'r_crt'@'';
|
|
|
|
create user 'r_drp'@'';
|
|
|
|
create user 'r_rld'@'';
|
|
|
|
update mysql.user set Select_priv='Y' where user like 'r_sel';
|
|
|
|
update mysql.user set Insert_priv='Y' where user like 'r_ins';
|
|
|
|
update mysql.user set Update_priv='Y' where user like 'r_upd';
|
|
|
|
update mysql.user set Delete_priv='Y' where user like 'r_del';
|
|
|
|
update mysql.user set Create_priv='Y' where user like 'r_crt';
|
|
|
|
update mysql.user set Drop_priv ='Y' where user like 'r_drp';
|
|
|
|
update mysql.user set Reload_priv='Y' where user like 'r_rld';
|
|
|
|
|
|
|
|
update mysql.user set is_role='Y' where user like 'r\_%';
|
|
|
|
|
|
|
|
select * from mysql.user where user='r_sel';
|
|
|
|
select * from mysql.user where user='r_ins';
|
|
|
|
select * from mysql.user where user='r_upd';
|
|
|
|
select * from mysql.user where user='r_del';
|
|
|
|
select * from mysql.user where user='r_crt';
|
|
|
|
select * from mysql.user where user='r_drp';
|
|
|
|
select * from mysql.user where user='r_rld';
|
|
|
|
|
|
|
|
#####################################
|
|
|
|
#set up roles mapping
|
|
|
|
#####################################
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_sel');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_ins');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_upd');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_del');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_crt');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_drp');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
|
|
'test_user',
|
|
|
|
'r_rld');
|
|
|
|
flush privileges;
|
|
|
|
|
|
|
|
change_user 'test_user';
|
|
|
|
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
select * from mysql.roles_mapping;
|
|
|
|
|
2013-10-18 15:17:47 +02:00
|
|
|
--sorted_result
|
2013-10-18 05:52:29 +02:00
|
|
|
show grants;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
set role r_sel;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 15:17:47 +02:00
|
|
|
--sorted_result
|
2013-10-18 05:52:29 +02:00
|
|
|
show grants;
|
2013-10-18 15:01:01 +02:00
|
|
|
--sorted_result
|
2013-10-18 05:52:29 +02:00
|
|
|
select * from mysql.roles_mapping;
|
|
|
|
|
|
|
|
set role r_ins;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 15:17:47 +02:00
|
|
|
--sorted_result
|
2013-10-18 05:52:29 +02:00
|
|
|
show grants;
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
select * from mysql.roles_mapping;
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_sel',
|
|
|
|
'r_rld');
|
|
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
|
|
flush privileges;
|
|
|
|
set role r_rld;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
flush privileges;
|
|
|
|
set role r_sel;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
flush privileges;
|
|
|
|
set role none;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
|
|
flush privileges;
|
|
|
|
|
|
|
|
set role r_ins;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_sel',
|
|
|
|
'r_upd');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_sel',
|
|
|
|
'r_del');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_sel',
|
|
|
|
'r_crt');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_sel',
|
|
|
|
'r_drp');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
|
|
'r_del',
|
|
|
|
'r_ins');
|
|
|
|
set role r_rld;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
flush privileges;
|
|
|
|
set role r_sel;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
update mysql.roles_mapping set RoleFk='r_ins' where RoleFk='r_ins_wrong';
|
|
|
|
flush privileges;
|
|
|
|
set role r_sel;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
|
|
|
|
create table mysql.random_test_table (id INT);
|
|
|
|
insert into mysql.random_test_table values (1);
|
2013-10-18 15:01:01 +02:00
|
|
|
--sorted_result
|
2013-10-18 05:52:29 +02:00
|
|
|
select * from mysql.random_test_table;
|
|
|
|
delete from mysql.roles_mapping where RoleFk='r_ins';
|
|
|
|
flush privileges;
|
|
|
|
set role r_sel;
|
2013-10-18 15:55:26 +02:00
|
|
|
select current_user(), current_role();
|
2013-10-18 05:52:29 +02:00
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
insert into mysql.random_test_table values (1);
|
|
|
|
drop table mysql.random_test_table;
|
|
|
|
|
|
|
|
change_user 'root';
|
|
|
|
delete from mysql.user where user like 'r\_%';
|
|
|
|
delete from mysql.roles_mapping where RoleFk like 'r\_%';
|
|
|
|
flush privileges;
|
|
|
|
drop user 'test_user'@'localhost';
|