Merge mysql.com:/home/kgeorge/mysql/5.0/clean

into mysql.com:/home/kgeorge/mysql/5.0/B20363
2025-01-31 11:01:52 +01:00 · 2006-06-12 18:28:04 +03:00 · 2006-06-12 18:28:04 +03:00 · 31ed3fd396
commit 31ed3fd396
parent 3f19b05bb0 e7daa49761
3 changed files with 76 additions and 1 deletions
--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@ -618,3 +618,32 @@ ERROR HY000: There is no 'no-such-user'@'localhost' registered
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+CREATE USER mysqltest_db1@localhost identified by 'PWD';
+GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;
+CREATE SCHEMA mysqltest_db1 ;
+USE mysqltest_db1 ;
+CREATE TABLE t1 (f1 INTEGER);
+CREATE VIEW view1 AS
+SELECT * FROM t1;
+SHOW CREATE VIEW view1;
+View	Create View
+view1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view1` AS select `t1`.`f1` AS `f1` from `t1`
+CREATE VIEW view2 AS
+SELECT * FROM view1;
+# Here comes a suspicious warning
+SHOW CREATE VIEW view2;
+View	Create View
+view2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view2` AS select `view1`.`f1` AS `f1` from `view1`
+# But the view view2 is usable
+SELECT * FROM view2;
+f1
+CREATE VIEW view3 AS
+SELECT * FROM view2;
+SELECT * from view3;
+f1
+DROP VIEW mysqltest_db1.view3;
+DROP VIEW mysqltest_db1.view2;
+DROP VIEW mysqltest_db1.view1;
+DROP TABLE mysqltest_db1.t1;
+DROP SCHEMA mysqltest_db1;
+DROP USER mysqltest_db1@localhost;
--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@ -807,3 +807,42 @@ SELECT * FROM v;
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+
+#
+# Bug#20363: Create view on just created view is now denied
+#
+eval CREATE USER mysqltest_db1@localhost identified by 'PWD';
+eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;
+
+# The session with the non root user is needed.
+--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
+connect (session1,localhost,mysqltest_db1,PWD,test);
+
+CREATE SCHEMA mysqltest_db1 ;
+USE mysqltest_db1 ;
+
+CREATE TABLE t1 (f1 INTEGER);
+
+CREATE VIEW view1 AS
+SELECT * FROM t1;
+SHOW CREATE VIEW view1;
+
+CREATE VIEW view2 AS
+SELECT * FROM view1;
+--echo # Here comes a suspicious warning
+SHOW CREATE VIEW view2;
+--echo # But the view view2 is usable
+SELECT * FROM view2;
+
+CREATE VIEW view3 AS
+SELECT * FROM view2;
+
+SELECT * from view3;
+
+connection default;
+DROP VIEW mysqltest_db1.view3;
+DROP VIEW mysqltest_db1.view2;
+DROP VIEW mysqltest_db1.view1;
+DROP TABLE mysqltest_db1.t1;
+DROP SCHEMA mysqltest_db1;
+DROP USER mysqltest_db1@localhost;
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@ -5004,7 +5004,14 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
  if (all_tables->security_ctx)
    thd->security_ctx= all_tables->security_ctx;

-  if (check_access(thd, privilege, all_tables->db,
+  const char *db_name;
+  if ((all_tables->view || all_tables->field_translation) &&
+      !all_tables->schema_table)
+    db_name= all_tables->view_db.str;
+  else
+    db_name= all_tables->db;
+
+  if (check_access(thd, privilege, db_name,
 		   &all_tables->grant.privilege, 0, 0,
                   test(all_tables->schema_table)))
    goto deny;