2005-11-10 22:25:03 +03:00
|
|
|
# Test case(s) in this file contain(s) GRANT/REVOKE statements, which are not
|
|
|
|
# supported in embedded server. So, this test should not be run on embedded
|
|
|
|
# server.
|
|
|
|
|
|
|
|
-- source include/not_embedded.inc
|
|
|
|
|
|
|
|
###########################################################################
|
|
|
|
#
|
|
|
|
# Tests for WL#2818:
|
|
|
|
# - Check that triggers are executed under the authorization of the definer.
|
|
|
|
# - Check DEFINER clause of CREATE TRIGGER statement;
|
|
|
|
# - Check that SUPER privilege required to create a trigger with different
|
|
|
|
# definer.
|
|
|
|
# - Check that if the user specified as DEFINER does not exist, a warning
|
|
|
|
# is emitted.
|
|
|
|
# - Check that the definer of a trigger does not exist, the trigger will
|
|
|
|
# not be activated.
|
|
|
|
# - Check that SHOW TRIGGERS statement provides "Definer" column.
|
2006-01-24 20:15:12 +03:00
|
|
|
# - Check that if trigger contains NEW/OLD variables, the definer must have
|
|
|
|
# SELECT privilege on the subject table (aka BUG#15166/BUG#15196).
|
2005-11-10 22:25:03 +03:00
|
|
|
#
|
|
|
|
# Let's also check that user name part of definer can contain '@' symbol (to
|
|
|
|
# check that triggers are not affected by BUG#13310 "incorrect user parsing
|
|
|
|
# by SP").
|
|
|
|
#
|
|
|
|
###########################################################################
|
|
|
|
|
|
|
|
#
|
|
|
|
# Prepare environment.
|
|
|
|
#
|
|
|
|
|
|
|
|
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
FLUSH PRIVILEGES;
|
|
|
|
|
|
|
|
--disable_warnings
|
|
|
|
DROP DATABASE IF EXISTS mysqltest_db1;
|
|
|
|
--enable_warnings
|
|
|
|
|
|
|
|
CREATE DATABASE mysqltest_db1;
|
|
|
|
|
|
|
|
CREATE USER mysqltest_dfn@localhost;
|
|
|
|
CREATE USER mysqltest_inv@localhost;
|
|
|
|
|
|
|
|
GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
|
2006-02-01 13:28:45 +03:00
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
CREATE TABLE t1(num_value INT);
|
|
|
|
CREATE TABLE t2(user_str TEXT);
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
2006-11-21 10:25:10 +02:00
|
|
|
GRANT INSERT, DROP ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
|
|
|
|
GRANT INSERT, DROP ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
|
2006-02-01 13:28:45 +03:00
|
|
|
|
|
|
|
#
|
|
|
|
# Check that the user must have TRIGGER privilege to create a trigger.
|
|
|
|
#
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER trg1 AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
INSERT INTO t2 VALUES(CURRENT_USER());
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check that the user must have TRIGGER privilege to drop a trigger.
|
|
|
|
#
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
CREATE TRIGGER trg1 AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
INSERT INTO t2 VALUES(CURRENT_USER());
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
REVOKE TRIGGER ON mysqltest_db1.t1 FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
DROP TRIGGER trg1;
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check that the definer must have TRIGGER privilege to activate a trigger.
|
|
|
|
#
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES(0);
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
INSERT INTO t1 VALUES(0);
|
|
|
|
|
|
|
|
# Cleanup for further tests.
|
|
|
|
DROP TRIGGER trg1;
|
2006-06-01 11:53:27 +02:00
|
|
|
TRUNCATE TABLE t1;
|
|
|
|
TRUNCATE TABLE t2;
|
2006-02-01 13:28:45 +03:00
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
REVOKE SUPER ON *.* FROM mysqltest_dfn@localhost;
|
|
|
|
|
2005-11-10 22:25:03 +03:00
|
|
|
#
|
|
|
|
# Check that triggers are executed under the authorization of the definer:
|
|
|
|
# - create two tables under "definer";
|
|
|
|
# - grant all privileges on the test db to "definer";
|
|
|
|
# - grant all privileges on the first table to "invoker";
|
|
|
|
# - grant only select privilege on the second table to "invoker";
|
|
|
|
# - create a trigger, which inserts a row into the second table after
|
|
|
|
# inserting into the first table.
|
|
|
|
# - insert a row into the first table under "invoker". A row also should be
|
|
|
|
# inserted into the second table.
|
|
|
|
#
|
|
|
|
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
CREATE TRIGGER trg1 AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
INSERT INTO t2 VALUES(CURRENT_USER());
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
# Setup definer's privileges.
|
|
|
|
|
|
|
|
GRANT ALL PRIVILEGES ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
|
|
|
|
GRANT ALL PRIVILEGES ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
# Setup invoker's privileges.
|
|
|
|
|
|
|
|
GRANT ALL PRIVILEGES ON mysqltest_db1.t1
|
|
|
|
TO 'mysqltest_inv'@localhost;
|
|
|
|
|
|
|
|
GRANT SELECT ON mysqltest_db1.t2
|
|
|
|
TO 'mysqltest_inv'@localhost;
|
|
|
|
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
INSERT INTO t1 VALUES(1);
|
|
|
|
|
|
|
|
SELECT * FROM t1;
|
|
|
|
SELECT * FROM t2;
|
|
|
|
|
|
|
|
--connect (wl2818_invoker_con,localhost,mysqltest_inv,,mysqltest_db1)
|
|
|
|
--connection wl2818_invoker_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_invoker_con
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
INSERT INTO t1 VALUES(2);
|
|
|
|
|
|
|
|
SELECT * FROM t1;
|
|
|
|
SELECT * FROM t2;
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check that if definer lost some privilege required to execute (activate) a
|
|
|
|
# trigger, the trigger will not be activated:
|
|
|
|
# - create a trigger on insert into the first table, which will insert a row
|
|
|
|
# into the second table;
|
|
|
|
# - revoke INSERT privilege on the second table from the definer;
|
|
|
|
# - insert a row into the first table;
|
|
|
|
# - check that an error has been risen;
|
|
|
|
# - check that no row has been inserted into the second table;
|
|
|
|
#
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
REVOKE INSERT ON mysqltest_db1.t2 FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--connection wl2818_invoker_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_invoker_con
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES(3);
|
|
|
|
|
|
|
|
SELECT * FROM t1;
|
|
|
|
SELECT * FROM t2;
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check DEFINER clause of CREATE TRIGGER statement.
|
|
|
|
#
|
|
|
|
# - Check that SUPER privilege required to create a trigger with different
|
|
|
|
# definer:
|
|
|
|
# - try to create a trigger with DEFINER="definer@localhost" under
|
|
|
|
# "invoker";
|
|
|
|
# - analyze error code;
|
|
|
|
# - Check that if the user specified as DEFINER does not exist, a warning is
|
|
|
|
# emitted:
|
|
|
|
# - create a trigger with DEFINER="non_existent_user@localhost" from
|
|
|
|
# "definer";
|
|
|
|
# - check that a warning emitted;
|
|
|
|
# - Check that the definer of a trigger does not exist, the trigger will not
|
|
|
|
# be activated:
|
|
|
|
# - activate just created trigger;
|
|
|
|
# - check error code;
|
|
|
|
#
|
|
|
|
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
DROP TRIGGER trg1;
|
|
|
|
|
|
|
|
# Check that SUPER is required to specify different DEFINER.
|
2006-02-01 13:28:45 +03:00
|
|
|
|
|
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
|
|
CREATE DEFINER='mysqltest_inv'@'localhost'
|
|
|
|
TRIGGER trg1 BEFORE INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @new_sum = 0;
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
|
|
|
GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
--disconnect wl2818_definer_con
|
|
|
|
--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
|
|
|
|
--connection wl2818_definer_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: wl2818_definer_con
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
CREATE DEFINER='mysqltest_inv'@'localhost'
|
|
|
|
TRIGGER trg1 BEFORE INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @new_sum = 0;
|
|
|
|
|
|
|
|
# Create with non-existent user.
|
|
|
|
|
|
|
|
CREATE DEFINER='mysqltest_nonexs'@'localhost'
|
|
|
|
TRIGGER trg2 AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @new_sum = 0;
|
|
|
|
|
|
|
|
# Check that trg2 will not be activated.
|
|
|
|
|
2006-03-09 21:00:45 +03:00
|
|
|
--error ER_NO_SUCH_USER
|
2005-11-10 22:25:03 +03:00
|
|
|
INSERT INTO t1 VALUES(6);
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check that SHOW TRIGGERS statement provides "Definer" column.
|
|
|
|
#
|
|
|
|
|
|
|
|
SHOW TRIGGERS;
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check that weird definer values do not break functionality. I.e. check the
|
|
|
|
# following definer values:
|
|
|
|
# - '';
|
|
|
|
# - '@';
|
|
|
|
# - '@abc@def@@';
|
|
|
|
# - '@hostname';
|
|
|
|
# - '@abc@def@@@hostname';
|
|
|
|
#
|
|
|
|
|
|
|
|
DROP TRIGGER trg1;
|
|
|
|
DROP TRIGGER trg2;
|
|
|
|
|
|
|
|
CREATE TRIGGER trg1 BEFORE INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @a = 1;
|
|
|
|
|
|
|
|
CREATE TRIGGER trg2 AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @a = 2;
|
|
|
|
|
|
|
|
CREATE TRIGGER trg3 BEFORE UPDATE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @a = 3;
|
|
|
|
|
|
|
|
CREATE TRIGGER trg4 AFTER UPDATE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @a = 4;
|
|
|
|
|
|
|
|
CREATE TRIGGER trg5 BEFORE DELETE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @a = 5;
|
|
|
|
|
2007-02-24 08:18:57 +01:00
|
|
|
# Replace definers with the "weird" definers
|
2007-12-12 18:19:24 +01:00
|
|
|
let MYSQLD_DATADIR= `select @@datadir`;
|
2007-02-24 08:18:57 +01:00
|
|
|
perl;
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
2007-12-12 18:19:24 +01:00
|
|
|
my $fname= "$ENV{'MYSQLD_DATADIR'}/mysqltest_db1/t1.TRG";
|
2007-02-24 08:18:57 +01:00
|
|
|
open(FILE, "<", $fname) or die;
|
|
|
|
my @content= grep($_ !~ /^definers=/, <FILE>);
|
|
|
|
close FILE;
|
|
|
|
open(FILE, ">", $fname) or die;
|
2007-02-26 09:24:03 +01:00
|
|
|
# Use binary file mode to avoid CR/LF's being added on windows
|
|
|
|
binmode FILE;
|
2007-02-24 08:18:57 +01:00
|
|
|
print FILE @content;
|
|
|
|
print FILE "definers='' '\@' '\@abc\@def\@\@' '\@hostname' '\@abcdef\@\@\@hostname'\n";
|
|
|
|
close FILE;
|
|
|
|
EOF
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
--echo
|
|
|
|
|
|
|
|
SELECT trigger_name, definer FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
|
|
|
|
|
|
|
|
--echo
|
|
|
|
|
|
|
|
SELECT * FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
|
|
|
|
|
|
|
|
#
|
|
|
|
# Cleanup
|
|
|
|
#
|
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
DROP USER mysqltest_dfn@localhost;
|
|
|
|
DROP USER mysqltest_inv@localhost;
|
|
|
|
|
|
|
|
DROP DATABASE mysqltest_db1;
|
|
|
|
|
2006-02-06 15:23:17 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
###########################################################################
|
|
|
|
#
|
|
|
|
# BUG#15166: Wrong update [was: select/update] permissions required to execute
|
|
|
|
# triggers.
|
|
|
|
#
|
|
|
|
# BUG#15196: Wrong select permission required to execute triggers.
|
|
|
|
#
|
|
|
|
###########################################################################
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
#
|
|
|
|
# Prepare environment.
|
|
|
|
#
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
FLUSH PRIVILEGES;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--disable_warnings
|
|
|
|
DROP DATABASE IF EXISTS mysqltest_db1;
|
|
|
|
--enable_warnings
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE DATABASE mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# Tables for tesing table-level privileges:
|
|
|
|
CREATE TABLE t1(col CHAR(20)); # table for "read-value" trigger
|
|
|
|
CREATE TABLE t2(col CHAR(20)); # table for "write-value" trigger
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# Tables for tesing column-level privileges:
|
|
|
|
CREATE TABLE t3(col CHAR(20)); # table for "read-value" trigger
|
|
|
|
CREATE TABLE t4(col CHAR(20)); # table for "write-value" trigger
|
|
|
|
|
|
|
|
CREATE USER mysqltest_u1@localhost;
|
|
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_u1@localhost;
|
2006-02-06 15:23:17 +03:00
|
|
|
GRANT TRIGGER ON mysqltest_db1.* TO mysqltest_u1@localhost;
|
2006-01-24 20:15:12 +03:00
|
|
|
|
|
|
|
SET @mysqltest_var = NULL;
|
|
|
|
|
|
|
|
--connect (bug15166_u1_con,localhost,mysqltest_u1,,mysqltest_db1)
|
|
|
|
|
|
|
|
# parsing (CREATE TRIGGER) time:
|
|
|
|
# - check that nor SELECT either UPDATE is required to execute triggger w/o
|
|
|
|
# NEW/OLD variables.
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
GRANT DELETE ON mysqltest_db1.* TO mysqltest_u1@localhost;
|
|
|
|
SHOW GRANTS FOR mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection bug15166_u1_con
|
2005-11-10 22:25:03 +03:00
|
|
|
--echo
|
2006-01-24 20:15:12 +03:00
|
|
|
--echo ---> connection: bug15166_u1_con
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t1_trg_after_delete AFTER DELETE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = 'Hello, world!';
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# parsing (CREATE TRIGGER) time:
|
|
|
|
# - check that UPDATE is not enough to read the value;
|
|
|
|
# - check that UPDATE is required to modify the value;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
GRANT UPDATE ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
GRANT UPDATE(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection bug15166_u1_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: bug15166_u1_con
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - table-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t1_trg_err_1 BEFORE INSERT ON t1
|
2005-11-10 22:25:03 +03:00
|
|
|
FOR EACH ROW
|
2006-01-24 20:15:12 +03:00
|
|
|
SET @mysqltest_var = NEW.col;
|
|
|
|
DROP TRIGGER t1_trg_err_1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t1_trg_err_2 BEFORE DELETE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = OLD.col;
|
|
|
|
DROP TRIGGER t1_trg_err_2;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t2_trg_before_insert BEFORE INSERT ON t2
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = 't2_trg_before_insert';
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - column-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t3_trg_err_1 BEFORE INSERT ON t3
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = NEW.col;
|
|
|
|
DROP TRIGGER t3_trg_err_1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t3_trg_err_2 BEFORE DELETE ON t3
|
2005-11-10 22:25:03 +03:00
|
|
|
FOR EACH ROW
|
2006-01-24 20:15:12 +03:00
|
|
|
SET @mysqltest_var = OLD.col;
|
|
|
|
DROP TRIGGER t3_trg_err_2;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t4_trg_before_insert BEFORE INSERT ON t4
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = 't4_trg_before_insert';
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# parsing (CREATE TRIGGER) time:
|
|
|
|
# - check that SELECT is required to read the value;
|
|
|
|
# - check that SELECT is not enough to modify the value;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE UPDATE ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE UPDATE ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE UPDATE(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE UPDATE(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT(col) on mysqltest_db1.t3 TO mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT(col) on mysqltest_db1.t4 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection bug15166_u1_con
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: bug15166_u1_con
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - table-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t1_trg_after_insert AFTER INSERT ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = NEW.col;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t1_trg_after_update AFTER UPDATE ON t1
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = OLD.col;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t2_trg_err_1 BEFORE UPDATE ON t2
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = 't2_trg_err_1';
|
|
|
|
DROP TRIGGER t2_trg_err_1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t2_trg_err_2 BEFORE UPDATE ON t2
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = CONCAT(OLD.col, '(updated)');
|
|
|
|
DROP TRIGGER t2_trg_err_2;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - column-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t3_trg_after_insert AFTER INSERT ON t3
|
2005-11-10 22:25:03 +03:00
|
|
|
FOR EACH ROW
|
2006-01-24 20:15:12 +03:00
|
|
|
SET @mysqltest_var = NEW.col;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
CREATE TRIGGER t3_trg_after_update AFTER UPDATE ON t3
|
|
|
|
FOR EACH ROW
|
|
|
|
SET @mysqltest_var = OLD.col;
|
|
|
|
|
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t4_trg_err_1 BEFORE UPDATE ON t4
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = 't4_trg_err_1';
|
|
|
|
DROP TRIGGER t4_trg_err_1;
|
|
|
|
|
|
|
|
# TODO: check privileges at CREATE TRIGGER time.
|
|
|
|
# --error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
CREATE TRIGGER t4_trg_err_2 BEFORE UPDATE ON t4
|
|
|
|
FOR EACH ROW
|
|
|
|
SET NEW.col = CONCAT(OLD.col, '(updated)');
|
|
|
|
DROP TRIGGER t4_trg_err_2;
|
|
|
|
|
|
|
|
# execution time:
|
|
|
|
# - check that UPDATE is not enough to read the value;
|
|
|
|
# - check that UPDATE is required to modify the value;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection default
|
2005-11-10 22:25:03 +03:00
|
|
|
--echo
|
2006-01-24 20:15:12 +03:00
|
|
|
--echo ---> connection: default
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
use mysqltest_db1;
|
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE SELECT ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE SELECT ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE SELECT(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE SELECT(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
|
|
|
|
GRANT UPDATE(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - table-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES('line1');
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
SELECT * FROM t1;
|
|
|
|
SELECT @mysqltest_var;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
INSERT INTO t2 VALUES('line2');
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
SELECT * FROM t2;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - column-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t3 VALUES('t3_line1');
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
SELECT * FROM t3;
|
|
|
|
SELECT @mysqltest_var;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
INSERT INTO t4 VALUES('t4_line2');
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
SELECT * FROM t4;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# execution time:
|
|
|
|
# - check that SELECT is required to read the value;
|
|
|
|
# - check that SELECT is not enough to modify the value;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--connection default
|
|
|
|
--echo
|
|
|
|
--echo ---> connection: default
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
use mysqltest_db1;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE UPDATE ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE UPDATE ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
REVOKE UPDATE(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
|
|
|
|
REVOKE UPDATE(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
|
|
|
|
GRANT SELECT(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
# - table-level privileges
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
INSERT INTO t1 VALUES('line3');
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
SELECT * FROM t1;
|
|
|
|
SELECT @mysqltest_var;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t2 VALUES('line4');
|
|
|
|
|
|
|
|
SELECT * FROM t2;
|
|
|
|
|
|
|
|
# - column-level privileges
|
|
|
|
|
|
|
|
INSERT INTO t3 VALUES('t3_line2');
|
|
|
|
|
|
|
|
SELECT * FROM t3;
|
|
|
|
SELECT @mysqltest_var;
|
|
|
|
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t4 VALUES('t4_line2');
|
|
|
|
|
|
|
|
SELECT * FROM t4;
|
|
|
|
|
|
|
|
# execution time:
|
|
|
|
# - check that nor SELECT either UPDATE is required to execute triggger w/o
|
|
|
|
# NEW/OLD variables.
|
|
|
|
|
|
|
|
DELETE FROM t1;
|
|
|
|
|
|
|
|
SELECT @mysqltest_var;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
#
|
2006-01-24 20:15:12 +03:00
|
|
|
# Cleanup.
|
2005-11-10 22:25:03 +03:00
|
|
|
#
|
|
|
|
|
2006-01-24 20:15:12 +03:00
|
|
|
DROP USER mysqltest_u1@localhost;
|
2005-11-10 22:25:03 +03:00
|
|
|
|
|
|
|
DROP DATABASE mysqltest_db1;
|
2006-05-12 13:55:21 +04:00
|
|
|
|
|
|
|
|
|
|
|
#
|
|
|
|
# Test for bug #14635 Accept NEW.x as INOUT parameters to stored
|
|
|
|
# procedures from within triggers
|
|
|
|
#
|
|
|
|
# We require UPDATE privilege when NEW.x passed as OUT parameter, and
|
|
|
|
# SELECT and UPDATE when NEW.x passed as INOUT parameter.
|
|
|
|
#
|
|
|
|
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
|
|
|
|
FLUSH PRIVILEGES;
|
|
|
|
|
|
|
|
--disable_warnings
|
|
|
|
DROP DATABASE IF EXISTS mysqltest_db1;
|
|
|
|
--enable_warnings
|
|
|
|
|
|
|
|
CREATE DATABASE mysqltest_db1;
|
|
|
|
USE mysqltest_db1;
|
|
|
|
|
|
|
|
CREATE TABLE t1 (i1 INT);
|
|
|
|
CREATE TABLE t2 (i1 INT);
|
|
|
|
|
|
|
|
CREATE USER mysqltest_dfn@localhost;
|
|
|
|
CREATE USER mysqltest_inv@localhost;
|
|
|
|
|
2006-05-18 13:35:15 +02:00
|
|
|
GRANT EXECUTE, CREATE ROUTINE, TRIGGER ON *.* TO mysqltest_dfn@localhost;
|
2006-05-12 13:55:21 +04:00
|
|
|
GRANT INSERT ON mysqltest_db1.* TO mysqltest_inv@localhost;
|
|
|
|
|
|
|
|
connect (definer,localhost,mysqltest_dfn,,mysqltest_db1);
|
|
|
|
connect (invoker,localhost,mysqltest_inv,,mysqltest_db1);
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
CREATE PROCEDURE p1(OUT i INT) DETERMINISTIC NO SQL SET i = 3;
|
|
|
|
CREATE PROCEDURE p2(INOUT i INT) DETERMINISTIC NO SQL SET i = i * 5;
|
|
|
|
|
|
|
|
# Check that having no privilege won't work.
|
|
|
|
connection definer;
|
|
|
|
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
|
|
|
|
CALL p1(NEW.i1);
|
|
|
|
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
|
|
|
|
CALL p2(NEW.i1);
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES (7);
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t2 VALUES (11);
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP TRIGGER t2_bi;
|
|
|
|
DROP TRIGGER t1_bi;
|
|
|
|
|
|
|
|
# Check that having only SELECT privilege is not enough.
|
|
|
|
connection default;
|
|
|
|
GRANT SELECT ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
|
|
|
|
CALL p1(NEW.i1);
|
|
|
|
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
|
|
|
|
CALL p2(NEW.i1);
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES (13);
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t2 VALUES (17);
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
REVOKE SELECT ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP TRIGGER t2_bi;
|
|
|
|
DROP TRIGGER t1_bi;
|
|
|
|
|
|
|
|
# Check that having only UPDATE privilege is enough for OUT parameter,
|
|
|
|
# but not for INOUT parameter.
|
|
|
|
connection default;
|
|
|
|
GRANT UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
|
|
|
|
CALL p1(NEW.i1);
|
|
|
|
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
|
|
|
|
CALL p2(NEW.i1);
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
INSERT INTO t1 VALUES (19);
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t2 VALUES (23);
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
REVOKE UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP TRIGGER t2_bi;
|
|
|
|
DROP TRIGGER t1_bi;
|
|
|
|
|
|
|
|
# Check that having SELECT and UPDATE privileges is enough.
|
|
|
|
connection default;
|
|
|
|
GRANT SELECT, UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
|
|
|
|
CALL p1(NEW.i1);
|
|
|
|
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
|
|
|
|
CALL p2(NEW.i1);
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
INSERT INTO t1 VALUES (29);
|
|
|
|
INSERT INTO t2 VALUES (31);
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
REVOKE SELECT, UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP TRIGGER t2_bi;
|
|
|
|
DROP TRIGGER t1_bi;
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
DROP PROCEDURE p2;
|
|
|
|
DROP PROCEDURE p1;
|
|
|
|
|
|
|
|
# Check that late procedure redefining won't open a security hole.
|
|
|
|
connection default;
|
|
|
|
GRANT UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
CREATE PROCEDURE p1(OUT i INT) DETERMINISTIC NO SQL SET i = 37;
|
|
|
|
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
|
|
|
|
CALL p1(NEW.i1);
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
INSERT INTO t1 VALUES (41);
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP PROCEDURE p1;
|
|
|
|
CREATE PROCEDURE p1(IN i INT) DETERMINISTIC NO SQL SET @v1 = i + 43;
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES (47);
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP PROCEDURE p1;
|
|
|
|
CREATE PROCEDURE p1(INOUT i INT) DETERMINISTIC NO SQL SET i = i + 51;
|
|
|
|
|
|
|
|
connection invoker;
|
|
|
|
--error ER_COLUMNACCESS_DENIED_ERROR
|
|
|
|
INSERT INTO t1 VALUES (53);
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
DROP PROCEDURE p1;
|
|
|
|
REVOKE UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
|
|
|
|
|
|
|
|
connection definer;
|
|
|
|
DROP TRIGGER t1_bi;
|
|
|
|
|
|
|
|
# Cleanup.
|
|
|
|
disconnect definer;
|
|
|
|
disconnect invoker;
|
|
|
|
connection default;
|
|
|
|
DROP USER mysqltest_inv@localhost;
|
|
|
|
DROP USER mysqltest_dfn@localhost;
|
|
|
|
DROP TABLE t2;
|
|
|
|
DROP TABLE t1;
|
|
|
|
DROP DATABASE mysqltest_db1;
|
|
|
|
USE test;
|
|
|
|
|
|
|
|
--echo End of 5.0 tests.
|
2007-11-29 09:42:26 -02:00
|
|
|
|
|
|
|
#
|
|
|
|
# Bug#23713 LOCK TABLES + CREATE TRIGGER + FLUSH TABLES WITH READ LOCK = deadlock
|
|
|
|
#
|
|
|
|
|
2007-12-12 19:44:14 -02:00
|
|
|
--disable_warnings
|
|
|
|
drop table if exists t1;
|
|
|
|
--enable_warnings
|
2007-11-29 09:42:26 -02:00
|
|
|
create table t1 (i int);
|
|
|
|
connect (flush,localhost,root,,test,,);
|
|
|
|
connection default;
|
|
|
|
--echo connection: default
|
|
|
|
lock tables t1 write;
|
|
|
|
connection flush;
|
|
|
|
--echo connection: flush
|
|
|
|
--send flush tables with read lock;
|
|
|
|
connection default;
|
|
|
|
--echo connection: default
|
|
|
|
let $wait_condition=
|
|
|
|
select count(*) = 1 from information_schema.processlist
|
Initial import of WL#3726 "DDL locking for all metadata objects".
Backport of:
------------------------------------------------------------
revno: 2630.4.1
committer: Dmitry Lenev <dlenev@mysql.com>
branch nick: mysql-6.0-3726-w
timestamp: Fri 2008-05-23 17:54:03 +0400
message:
WL#3726 "DDL locking for all metadata objects".
After review fixes in progress.
------------------------------------------------------------
This is the first patch in series. It transforms the metadata
locking subsystem to use a dedicated module (mdl.h,cc). No
significant changes in the locking protocol.
The import passes the test suite with the exception of
deprecated/removed 6.0 features, and MERGE tables. The latter
are subject to a fix by WL#4144.
Unfortunately, the original changeset comments got lost in a merge,
thus this import has its own (largely insufficient) comments.
This patch fixes Bug#25144 "replication / binlog with view breaks".
Warning: this patch introduces an incompatible change:
Under LOCK TABLES, it's no longer possible to FLUSH a table that
was not locked for WRITE.
Under LOCK TABLES, it's no longer possible to DROP a table or
VIEW that was not locked for WRITE.
******
Backport of:
------------------------------------------------------------
revno: 2630.4.2
committer: Dmitry Lenev <dlenev@mysql.com>
branch nick: mysql-6.0-3726-w
timestamp: Sat 2008-05-24 14:03:45 +0400
message:
WL#3726 "DDL locking for all metadata objects".
After review fixes in progress.
******
Backport of:
------------------------------------------------------------
revno: 2630.4.3
committer: Dmitry Lenev <dlenev@mysql.com>
branch nick: mysql-6.0-3726-w
timestamp: Sat 2008-05-24 14:08:51 +0400
message:
WL#3726 "DDL locking for all metadata objects"
Fixed failing Windows builds by adding mdl.cc to the lists
of files needed to build server/libmysqld on Windows.
******
Backport of:
------------------------------------------------------------
revno: 2630.4.4
committer: Dmitry Lenev <dlenev@mysql.com>
branch nick: mysql-6.0-3726-w
timestamp: Sat 2008-05-24 21:57:58 +0400
message:
WL#3726 "DDL locking for all metadata objects".
Fix for assert failures in kill.test which occured when one
tried to kill ALTER TABLE statement on merge table while it
was waiting in wait_while_table_is_used() for other connections
to close this table.
These assert failures stemmed from the fact that cleanup code
in this case assumed that temporary table representing new
version of table was open with adding to THD::temporary_tables
list while code which were opening this temporary table wasn't
always fulfilling this.
This patch changes code that opens new version of table to
always do this linking in. It also streamlines cleanup process
for cases when error occurs while we have new version of table
open.
******
WL#3726 "DDL locking for all metadata objects"
Add libmysqld/mdl.cc to .bzrignore.
******
Backport of:
------------------------------------------------------------
revno: 2630.4.6
committer: Dmitry Lenev <dlenev@mysql.com>
branch nick: mysql-6.0-3726-w
timestamp: Sun 2008-05-25 00:33:22 +0400
message:
WL#3726 "DDL locking for all metadata objects".
Addition to the fix of assert failures in kill.test caused by
changes for this worklog.
Make sure we close the new table only once.
.bzrignore:
Add libmysqld/mdl.cc
libmysqld/CMakeLists.txt:
Added mdl.cc to the list of files needed for building of libmysqld.
libmysqld/Makefile.am:
Added files implementing new meta-data locking subsystem to the server.
mysql-test/include/handler.inc:
Use separate connection for waiting while threads performing DDL
operations conflicting with open HANDLER tables reach blocked
state. This is required because now we check and close tables open
by HANDLER statements in this connection conflicting with DDL in
another each time open_tables() is called and thus select from I_S
which is used for waiting will unblock DDL operations if issued
from connection with open HANDLERs.
mysql-test/r/create.result:
Adjusted test case after change in implementation of CREATE TABLE
... SELECT. We no longer have special check in open_table() which
catches the case when we select from the table created. Instead we
rely on unique_table() call which happens after opening and
locking all tables.
mysql-test/r/flush.result:
FLUSH TABLES WITH READ LOCK can no longer happen under LOCK
TABLES. Updated test accordingly.
mysql-test/r/flush_table.result:
Under LOCK TABLES we no longer allow to do FLUSH TABLES for tables
locked for read. Updated test accordingly.
mysql-test/r/handler_innodb.result:
Use separate connection for waiting while threads performing DDL
operations conflicting with open HANDLER tables reach blocked
state. This is required because now we check and close tables open
by HANDLER statements in this connection conflicting with DDL in
another each time open_tables() is called and thus select from I_S
which is used for waiting will unblock DDL operations if issued
from connection with open HANDLERs.
mysql-test/r/handler_myisam.result:
Use separate connection for waiting while threads performing DDL
operations conflicting with open HANDLER tables reach blocked
state. This is required because now we check and close tables open
by HANDLER statements in this connection conflicting with DDL in
another each time open_tables() is called and thus select from I_S
which is used for waiting will unblock DDL operations if issued
from connection with open HANDLERs.
mysql-test/r/information_schema.result:
Additional test for WL#3726 "DDL locking for all metadata
objects". Check that we use high-priority metadata lock requests
when filling I_S tables.
Rearrange tests to match 6.0 better (fewer merge conflicts).
mysql-test/r/kill.result:
Added tests checking that DDL and DML statements waiting for
metadata locks can be interrupted by KILL command.
mysql-test/r/lock.result:
One no longer is allowed to do DROP VIEW under LOCK TABLES even if
this view is locked by LOCK TABLES. The problem is that in such
situation write locks on view are not mutually exclusive so
upgrading metadata lock which is required for dropping of view
will lead to deadlock.
mysql-test/r/partition_column_prune.result:
Update results (same results in 6.0), WL#3726
mysql-test/r/partition_pruning.result:
Update results (same results in 6.0), WL#3726
mysql-test/r/ps_ddl.result:
We no longer invalidate prepared CREATE TABLE ... SELECT statement
if target table changes. This is OK since it is not strictly
necessary.
The first change is wrong, is caused by FLUSH TABLE
now flushing all unused tables. This is a regression that
Dmitri fixed in 6.0 in a follow up patch.
mysql-test/r/sp.result:
Under LOCK TABLES we no longer allow accessing views which were
not explicitly locked. To access view we need to obtain metadata
lock on it and doing this under LOCK TABLES may lead to deadlocks.
mysql-test/r/view.result:
One no longer is allowed to do DROP VIEW under LOCK TABLES even if
this view is locked by LOCK TABLES. The problem is that in such
situation even "write locks" on view are not mutually exclusive so
upgrading metadata lock which is required for dropping of view
will lead to deadlock
mysql-test/r/view_grant.result:
ALTER VIEW implementation was changed to open a view only after
checking that user which does alter has appropriate privileges on
it. This means that in case when user's privileges are
insufficient for this we won't check that new view definer is the
same as original one or user performing alter has SUPER privilege.
Adjusted test case accordingly.
mysql-test/r/view_multi.result:
Added test case for bug#25144 "replication / binlog with view
breaks".
mysql-test/suite/rpl/t/disabled.def:
Disable test for deprecated features (they don't work with new MDL).
mysql-test/t/create.test:
Adjusted test case after change in implementation of CREATE TABLE
... SELECT. We no longer have special check in open_table() which
catches the case when we select from the table created. Instead we
rely on unique_table() call which happens after opening and
locking all tables.
mysql-test/t/disabled.def:
Disable merge.test, subject of WL#4144
mysql-test/t/flush.test:
FLUSH TABLES WITH READ LOCK can no longer happen under LOCK
TABLES. Updated test accordingly.
mysql-test/t/flush_table.test:
Under LOCK TABLES we no longer allow to do FLUSH TABLES for tables
locked for read. Updated test accordingly.
mysql-test/t/information_schema.test:
Additional test for WL#3726 "DDL locking for all metadata
objects". Check that we use high-priority metadata lock requests
when filling I_S tables.
Rearrange the results for easier merges with 6.0.
mysql-test/t/kill.test:
Added tests checking that DDL and DML statements waiting for
metadata locks can be interrupted by KILL command.
mysql-test/t/lock.test:
One no longer is allowed to do DROP VIEW under LOCK TABLES even if
this view is locked by LOCK TABLES. The problem is that in such
situation write locks on view are not mutually exclusive so
upgrading metadata lock which is required for dropping of view
will lead to deadlock.
mysql-test/t/lock_multi.test:
Adjusted test case to the changes of status in various places
caused by change in implementation FLUSH TABLES WITH READ LOCK,
which is now takes global metadata lock before flushing tables and
therefore waits on at these places.
mysql-test/t/ps_ddl.test:
We no longer invalidate prepared CREATE TABLE ... SELECT statement
if target table changes. This is OK since it is not strictly
necessary.
The first change is wrong, is caused by FLUSH TABLE
now flushing all unused tables. This is a regression that
Dmitri fixed in 6.0 in a follow up patch.
mysql-test/t/sp.test:
Under LOCK TABLES we no longer allow accessing views which were
not explicitly locked. To access view we need to obtain metadata
lock on it and doing this under LOCK TABLES may lead to deadlocks.
mysql-test/t/trigger_notembedded.test:
Adjusted test case to the changes of status in various places
caused by change in implementation FLUSH TABLES WITH READ LOCK,
which is now takes global metadata lock before flushing tables and
therefore waits on at these places.
mysql-test/t/view.test:
One no longer is allowed to do DROP VIEW under LOCK TABLES even if
this view is locked by LOCK TABLES. The problem is that in such
situation even "write locks" on view are not mutually exclusive so
upgrading metadata lock which is required for dropping of view
will lead to deadlock.
mysql-test/t/view_grant.test:
ALTER VIEW implementation was changed to open a view only after
checking that user which does alter has appropriate privileges on
it. This means that in case when user's privileges are
insufficient for this we won't check that new view definer is the
same as original one or user performing alter has SUPER privilege.
Adjusted test case accordingly.
mysql-test/t/view_multi.test:
Added test case for bug#25144 "replication / binlog with view
breaks".
sql/CMakeLists.txt:
Added mdl.cc to the list of files needed for building of server.
sql/Makefile.am:
Added files implementing new meta-data locking subsystem to the
server.
sql/event_db_repository.cc:
Allocate metadata lock requests objects (MDL_LOCK) on execution
memory root in cases when TABLE_LIST objects is also allocated
there or on stack.
sql/ha_ndbcluster.cc:
Adjusted code to work nicely with new metadata locking subsystem.
close_cached_tables() no longer has wait_for_placeholder argument.
Instead of relying on this parameter and related behavior FLUSH
TABLES WITH READ LOCK now takes global shared metadata lock.
sql/ha_ndbcluster_binlog.cc:
Adjusted code to work with new metadata locking subsystem.
close_cached_tables() no longer has wait_for_placeholder argument.
Instead of relying on this parameter and related behavior FLUSH
TABLES WITH READ LOCK now takes global shared metadata lock.
sql/handler.cc:
update_frm_version():
Directly update TABLE_SHARE::mysql_version member instead of
going through all TABLE instances for this table (old code was a
legacy from pre-table-definition-cache days).
sql/lock.cc:
Use new metadata locking subsystem. Threw away most of functions
related to name locking as now one is supposed to use metadata
locking API instead. In lock_global_read_lock() and
unlock_global_read_lock() in order to avoid problems with global
read lock sneaking in at the moment when we perform FLUSH TABLES
or ALTER TABLE under LOCK TABLES and when tables being reopened
are protected only by metadata locks we also have to take global
shared meta data lock.
sql/log_event.cc:
Adjusted code to work with new metadata locking subsystem. For
tables open by slave thread for applying RBR events allocate
memory for lock request object in the same chunk of memory as
TABLE_LIST objects for them. In order to ensure that we keep these
objects around until tables are open always close tables before
calling Relay_log_info::clear_tables_to_lock(). Use new auxiliary
Relay_log_info::slave_close_thread_tables() method to enforce
this.
sql/log_event_old.cc:
Adjusted code to work with new metadata locking subsystem. Since
for tables open by slave thread for applying RBR events memory for
lock request object is allocated in the same chunk of memory as
TABLE_LIST objects for them we have to ensure that we keep these
objects around until tables are open. To ensure this we always
close tables before calling
Relay_log_info::clear_tables_to_lock(). To enfore this we use
new auxiliary Relay_log_info::slave_close_thread_tables()
method.
sql/mdl.cc:
Implemented new metadata locking subsystem and API described in
WL3726 "DDL locking for all metadata objects".
sql/mdl.h:
Implemented new metadata locking subsystem and API described in
WL3726 "DDL locking for all metadata objects".
sql/mysql_priv.h:
- close_thread_tables()/close_tables_for_reopen() now has one more
argument which indicates that metadata locks should be released
but not removed from the context in order to be used later in
mdl_wait_for_locks() and tdc_wait_for_old_version().
- close_cached_table() routine is no longer public.
- Thread waiting in wait_while_table_is_used() can be now killed
so this function returns boolean to make caller aware of such
situation.
- We no longer have table cache as separate entity instead used
and unused TABLE instances are linked to TABLE_SHARE objects in
table definition cache.
- Now third argument of open_table() is also used for requesting
table repair or auto-discovery of table's new definition. So its
type was changed from bool to enum.
- Added tdc_open_view() function for opening view by getting its
definition from disk (and table cache in future).
- reopen_name_locked_table() no longer needs "link_in" argument as
now we have exclusive metadata locks instead of dummy TABLE
instances when this function is called.
- find_locked_table() now takes head of list of TABLE instances
instead of always scanning through THD::open_tables list. Also
added find_write_locked_table() auxiliary.
- reopen_tables(), close_cached_tables() no longer have
mark_share_as_old and wait_for_placeholder arguments. Instead of
relying on this parameters and related behavior FLUSH TABLES
WITH READ LOCK now takes global shared metadata lock.
- We no longer need drop_locked_tables() and
abort_locked_tables().
- mysql_ha_rm_tables() now always assume that LOCK_open is not
acquired by caller.
- Added notify_thread_having_shared_lock() callback invoked by
metadata locking subsystem when acquiring an exclusive lock, for
each thread that has a conflicting shared metadata lock.
- Introduced expel_table_from_cache() as replacement for
remove_table_from_cache() (the main difference is that this new
function assumes that caller follows metadata locking protocol
and never waits).
- Threw away most of functions related to name locking. One should
use new metadata locking subsystem and API instead.
sql/mysqld.cc:
Got rid of call initializing/deinitializing table cache since now
it is embedded into table definition cache. Added calls for
initializing/ deinitializing metadata locking subsystem.
sql/rpl_rli.cc:
Introduced auxiliary Relay_log_info::slave_close_thread_tables()
method which is used for enforcing that we always close tables
open for RBR before deallocating TABLE_LIST elements and MDL_LOCK
objects for them.
sql/rpl_rli.h:
Introduced auxiliary Relay_log_info::slave_close_thread_tables()
method which is used for enforcing that we always close tables
open for RBR before deallocating TABLE_LIST elements and MDL_LOCK
objects for them.
sql/set_var.cc:
close_cached_tables() no longer has wait_for_placeholder argument.
Instead of relying on this parameter and related behavior FLUSH
TABLES WITH READ LOCK now takes global shared metadata lock.
sql/sp_head.cc:
For tables added to the statement's table list by prelocking
algorithm we allocate these objects either on the same memory as
corresponding table list elements or on THD::locked_tables_root
(if we are building table list for LOCK TABLES).
sql/sql_acl.cc:
Allocate metadata lock requests objects (MDL_LOCK) on execution
memory root in cases when we use stack TABLE_LIST objects to open
tables. Got rid of redundant code by using unlock_locked_tables()
function.
sql/sql_base.cc:
Changed code to use new MDL subsystem. Got rid of separate table
cache. Now used and unused TABLE instances are linked to the
TABLE_SHAREs in table definition cache.
check_unused():
Adjusted code to the fact that we no longer have separate table
cache. Removed dead code.
table_def_free():
Free TABLE instances referenced from TABLE_SHARE objects before
destroying table definition cache.
get_table_share():
Added assert which ensures that noone will be able to access
table (and its share) without acquiring some kind of metadata
lock first.
close_handle_and_leave_table_as_lock():
Adjusted code to the fact that TABLE instances now are linked to
list in TABLE_SHARE.
list_open_tables():
Changed this function to use table definition cache instead of
table cache.
free_cache_entry():
Unlink freed TABLE elements from the list of all TABLE instances
for the table in TABLE_SHARE.
kill_delayed_thread_for_table():
Added auxiliary for killing delayed insert threads for
particular table.
close_cached_tables():
Got rid of wait_for_refresh argument as we now rely on global
shared metadata lock to prevent FLUSH WITH READ LOCK sneaking in
when we are reopening tables. Heavily reworked this function to
use new MDL code and not to rely on separate table cache entity.
close_open_tables():
We no longer have separate table cache.
close_thread_tables():
Release metadata locks after closing all tables. Added skip_mdl
argument which allows us not to remove metadata lock requests
from the context in case when we are going to use this requests
later in mdl_wait_for_locks() and tdc_wait_for_old_versions().
close_thread_table()/close_table_for_reopen():
Since we no longer have separate table cache and all TABLE
instances are linked to TABLE_SHARE objects in table definition
cache we have to link/unlink TABLE object to/from appropriate
lists in the share.
name_lock_locked_table():
Moved redundant code to find_write_locked_table() function and
adjusted code to the fact that wait_while_table_is_used() can
now return with an error if our thread is killed.
reopen_table_entry():
We no longer need "link_in" argument as with MDL we no longer
call this function with dummy TABLE object pre-allocated and
added to the THD::open_tables. Also now we add newly-open TABLE
instance to the list of share's used TABLE instances.
table_cache_insert_placeholder():
Got rid of name-locking legacy.
lock_table_name_if_not_cached():
Moved to sql_table.cc the only place where it is used. It was
also reimplemented using new MDL API.
open_table():
- Reworked this function to use new MDL subsystem.
- Changed code to deal with table definition cache directly
instead of going through separate table cache.
- Now third argument is also used for requesting table repair
or auto-discovery of table's new definition. So its type was
changed from bool to enum.
find_locked_table()/find_write_locked_table():
Accept head of list of TABLE objects as first argument and use
this list instead of always searching in THD::open_tables list.
Also added auxiliary for finding write-locked locked tables.
reopen_table():
Adjusted function to work with new MDL subsystem and to properly
manuipulate with lists of used/unused TABLE instaces in
TABLE_SHARE.
reopen_tables():
Removed mark_share_as_old parameter. Instead of relying on it
and related behavior FLUSH TABLES WITH READ LOCK now takes
global shared metadata lock. Changed code after removing
separate table cache.
drop_locked_tables()/abort_locked_tables():
Got rid of functions which are no longer needed.
unlock_locked_tables():
Moved this function from sql_parse.cc and changed it to release
memory which was used for allocating metadata lock requests for
tables open and locked by LOCK TABLES.
tdc_open_view():
Intoduced function for opening a view by getting its definition
from disk (and table cache in future).
reopen_table_entry():
Introduced function for opening table definitions while holding
exclusive metatadata lock on it.
open_unireg_entry():
Got rid of this function. Most of its functionality is relocated
to open_table() and open_table_fini() functions, and some of it
to reopen_table_entry() and tdc_open_view(). Also code
resposible for auto-repair and auto-discovery of tables was
moved to separate function.
open_table_entry_fini():
Introduced function which contains common actions which finalize
process of TABLE object creation.
auto_repair_table():
Moved code responsible for auto-repair of table being opened
here.
handle_failed_open_table_attempt()
Moved code responsible for handling failing attempt to open
table to one place (retry due to lock conflict/old version,
auto-discovery and repair).
open_tables():
- Flush open HANDLER tables if they have old version of if there
is conflicting metadata lock against them (before this moment
we had this code in open_table()).
- When we open view which should be processed via derived table
on the second execution of prepared statement or stored
routine we still should call open_table() for it in order to
obtain metadata lock on it and prepare its security context.
- In cases when we discover that some special handling of
failure to open table is needed call
handle_failed_open_table_attempt() which handles all such
scenarios.
open_ltable():
Handling of various special scenarios of failure to open a table
was moved to separate handle_failed_open_table_attempt()
function.
remove_db_from_cache():
Removed this function as it is no longer used.
notify_thread_having_shared_lock():
Added callback which is invoked by MDL subsystem when acquiring
an exclusive lock, for each thread that has a conflicting shared
metadata lock.
expel_table_from_cache():
Introduced function for removing unused TABLE instances. Unlike
remove_table_from_cache() it relies on caller following MDL
protocol and having appropriate locks when calling it and thus
does not do any waiting if table is still in use.
tdc_wait_for_old_version():
Added function which allows open_tables() to wait in cases when
we discover that we should back-off due to presence of old
version of table.
abort_and_upgrade_lock():
Use new MDL calls.
mysql_wait_completed_table():
Got rid of unused function.
open_system_tables_for_read/for_update()/performance_schema_table():
Allocate MDL_LOCK objects on execution memory root in cases when
TABLE_LIST objects for corresponding tables is allocated on
stack.
close_performance_schema_table():
Release metadata locks after closing tables.
******
Use I_P_List for free/used tables list in the table share.
sql/sql_binlog.cc:
Use Relay_log_info::slave_close_thread_tables() method to enforce
that we always close tables open for RBR before deallocating
TABLE_LIST elements and MDL_LOCK objects for them.
sql/sql_class.cc:
Added meta-data locking contexts as part of Open_tables_state
context. Also introduced THD::locked_tables_root memory root
which is to be used for allocating MDL_LOCK objects for tables in
LOCK TABLES statement (end of lifetime for such objects is UNLOCK
TABLES so we can't use statement or execution root for them).
sql/sql_class.h:
Added meta-data locking contexts as part of Open_tables_state
context. Also introduced THD::locked_tables_root memory root
which is to be used for allocating MDL_LOCK objects for tables in
LOCK TABLES statement (end of lifetime for such objects is UNLOCK
TABLES so we can't use statement or execution root for them).
Note: handler_mdl_context and locked_tables_root and
mdl_el_root will be removed by subsequent patches.
sql/sql_db.cc:
mysql_rm_db() does not really need to call remove_db_from_cache()
as it drops each table in the database using
mysql_rm_table_part2(), which performs all necessary operations on
table (definition) cache.
sql/sql_delete.cc:
Use the new metadata locking API for TRUNCATE.
sql/sql_handler.cc:
Changed HANDLER implementation to use new metadata locking
subsystem. Note that MDL_LOCK objects for HANDLER tables are
allocated in the same chunk of heap memory as TABLE_LIST object
for those tables.
sql/sql_insert.cc:
mysql_insert():
find_locked_table() now takes head of list of TABLE object as
its argument instead of always scanning through THD::open_tables
list.
handle_delayed_insert():
Allocate metadata lock request object for table open by delayed
insert thread on execution memroot. create_table_from_items():
We no longer allocate dummy TABLE objects for tables being
created if they don't exist. As consequence
reopen_name_locked_table() no longer has link_in argument.
open_table() now has one more argument which is not relevant for
temporary tables.
sql/sql_parse.cc:
- Moved unlock_locked_tables() routine to sql_base.cc and made
available it in other files. Got rid of some redundant code by
using this function.
- Replaced boolean TABLE_LIST::create member with enum
open_table_type member.
- Use special memory root for allocating MDL_LOCK objects for
tables open and locked by LOCK TABLES (these object should live
till UNLOCK TABLES so we can't allocate them on statement nor
execution memory root). Also properly set metadata lock
upgradability attribure for those tables.
- Under LOCK TABLES it is no longer allowed to flush tables which
are not write-locked as this breaks metadata locking protocol
and thus potentially might lead to deadlock.
- Added auxiliary adjust_mdl_locks_upgradability() function.
sql/sql_partition.cc:
Adjusted code to the fact that reopen_tables() no longer has
"mark_share_as_old" argument. Got rid of comments which are no
longer true.
sql/sql_plist.h:
Added I_P_List template class for parametrized intrusive doubly
linked lists and I_P_List_iterator for corresponding iterator.
Unlike for I_List<> list elements of such list can participate in
several lists. Unlike List<> such lists are doubly-linked and
intrusive.
sql/sql_plugin.cc:
Allocate metadata lock requests objects (MDL_LOCK) on execution
memory root in cases when we use stack TABLE_LIST objects to open
tables.
sql/sql_prepare.cc:
Replaced boolean TABLE_LIST::create member with enum
open_table_type member. This allows easily handle situation in
which instead of opening the table we want only to take exclusive
metadata lock on it.
sql/sql_rename.cc:
Use new metadata locking subsystem in implementation of RENAME
TABLE.
sql/sql_servers.cc:
Allocate metadata lock requests objects (MDL_LOCK) on execution
memory root in cases when we use stack TABLE_LIST objects to open
tables. Got rid of redundant code by using unlock_locked_tables()
function.
sql/sql_show.cc:
Acquire shared metadata lock when we are getting information for
I_S table directly from TABLE_SHARE without doing full-blown table
open. We use high priority lock request in this situation in
order to avoid deadlocks.
Also allocate metadata lock requests objects (MDL_LOCK) on
execution memory root in cases when TABLE_LIST objects are also
allocated there
sql/sql_table.cc:
mysql_rm_table():
Removed comment which is no longer relevant.
mysql_rm_table_part2():
Now caller of mysql_ha_rm_tables() should not own LOCK_open.
Adjusted code to use new metadata locking subsystem instead of
name-locks.
lock_table_name_if_not_cached():
Moved this function from sql_base.cc to this file and
reimplemented it using metadata locking API.
mysql_create_table():
Adjusted code to use new MDL API.
wait_while_table_is_used():
Changed function to use new MDL subsystem. Made thread waiting
in it killable (this also led to introduction of return value so
caller can distinguish successful executions from situations
when waiting was aborted).
close_cached_tables():
Thread waiting in this function is killable now. As result it
has return value for distinguishing between succes and failure.
Got rid of redundant boradcast_refresh() call.
prepare_for_repair():
Use MDL subsystem instead of name-locks.
mysql_admin_table():
mysql_ha_rm_tables() now always assumes that caller doesn't own
LOCK_open.
mysql_repair_table():
We should mark all elements of table list as requiring
upgradable metadata locks.
mysql_create_table_like():
Use new MDL subsystem instead of name-locks.
create_temporary_tables():
We don't need to obtain metadata locks when creating temporary
table.
mysql_fast_or_online_alter_table():
Thread waiting in wait_while_table_is_used() is now killable.
mysql_alter_table():
Adjusted code to work with new MDL subsystem and to the fact
that threads waiting in what_while_table_is_used() and
close_cached_table() are now killable.
sql/sql_test.cc:
We no longer have separate table cache. TABLE instances are now
associated with/linked to TABLE_SHARE objects in table definition
cache.
sql/sql_trigger.cc:
Adjusted code to work with new metadata locking subsystem. Also
reopen_tables() no longer has mark_share_as_old argument (Instead
of relying on this parameter and related behavior FLUSH TABLES
WITH READ LOCK now takes global shared metadata lock).
sql/sql_udf.cc:
Allocate metadata lock requests objects (MDL_LOCK) on execution
memory root in cases when we use stack TABLE_LIST objects to open
tables.
sql/sql_update.cc:
Adjusted code to work with new meta-data locking subsystem.
sql/sql_view.cc:
Added proper meta-data locking to implementations of
CREATE/ALTER/DROP VIEW statements. Now we obtain exclusive
meta-data lock on a view before creating/ changing/dropping it.
This ensures that all concurrent statements that use this view
will finish before our statement will proceed and therefore we
will get correct order of statements in the binary log.
Also ensure that TABLE_LIST::mdl_upgradable attribute is properly
propagated for underlying tables of view.
sql/table.cc:
Added auxiliary alloc_mdl_locks() function for allocating metadata
lock request objects for all elements of table list.
sql/table.h:
TABLE_SHARE:
Got rid of unused members. Introduced members for storing lists
of used and unused TABLE objects for this share.
TABLE:
Added members for linking TABLE objects into per-share lists of
used and unused TABLE instances. Added member for holding
pointer to metadata lock for this table.
TABLE_LIST:
Replaced boolean TABLE_LIST::create member with enum
open_table_type member. This allows easily handle situation in
which instead of opening the table we want only to take
exclusive meta-data lock on it (we need this in order to handle
ALTER VIEW and CREATE VIEW statements).
Introduced new mdl_upgradable member for marking elements of
table list for which we need to take upgradable shared metadata
lock instead of plain shared metadata lock. Added pointer for
holding pointer to MDL_LOCK for the table.
Added auxiliary alloc_mdl_locks() function for allocating metadata
lock requests objects for all elements of table list. Added
auxiliary set_all_mdl_upgradable() function for marking all
elements in table list as requiring upgradable metadata locks.
storage/myisammrg/ha_myisammrg.cc:
Allocate MDL_LOCK objects for underlying tables of MERGE table.
To be reworked once Ingo pushes his patch for WL4144.
2009-11-30 18:55:03 +03:00
|
|
|
where state = "Waiting for table";
|
2007-11-29 09:42:26 -02:00
|
|
|
--source include/wait_condition.inc
|
|
|
|
create trigger t1_bi before insert on t1 for each row begin end;
|
|
|
|
unlock tables;
|
|
|
|
connection flush;
|
|
|
|
--echo connection: flush
|
|
|
|
--reap
|
|
|
|
unlock tables;
|
|
|
|
connection default;
|
|
|
|
select * from t1;
|
|
|
|
drop table t1;
|
|
|
|
disconnect flush;
|
|
|
|
|
2009-06-25 15:52:50 +05:00
|
|
|
#
|
|
|
|
# Bug#45412 SHOW CREATE TRIGGER does not require privileges to disclose trigger data
|
|
|
|
#
|
|
|
|
CREATE DATABASE db1;
|
|
|
|
CREATE TABLE db1.t1 (a char(30)) ENGINE=MEMORY;
|
|
|
|
CREATE TRIGGER db1.trg AFTER INSERT ON db1.t1 FOR EACH ROW
|
|
|
|
INSERT INTO db1.t1 VALUES('Some very sensitive data goes here');
|
|
|
|
|
|
|
|
CREATE USER 'no_rights'@'localhost';
|
|
|
|
REVOKE ALL ON *.* FROM 'no_rights'@'localhost';
|
|
|
|
FLUSH PRIVILEGES;
|
|
|
|
|
|
|
|
connect (con1,localhost,no_rights,,);
|
|
|
|
SELECT trigger_name FROM INFORMATION_SCHEMA.TRIGGERS
|
|
|
|
WHERE trigger_schema = 'db1';
|
|
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
|
|
SHOW CREATE TRIGGER db1.trg;
|
|
|
|
|
|
|
|
connection default;
|
|
|
|
disconnect con1;
|
|
|
|
DROP USER 'no_rights'@'localhost';
|
|
|
|
DROP DATABASE db1;
|
|
|
|
|
2007-11-29 09:42:26 -02:00
|
|
|
--echo End of 5.1 tests.
|