diff --git a/mysql-test/r/show_check.result b/mysql-test/r/show_check.result index 5a5eb025353..b54d4b5a342 100644 --- a/mysql-test/r/show_check.result +++ b/mysql-test/r/show_check.result @@ -362,3 +362,41 @@ t1 HEAP Fixed 0 5 # # # 5 NULL NULL NULL NULL latin1_swedish_ci NULL t2 HEAP Fixed 0 5 # # # 5 NULL NULL NULL NULL latin1_swedish_ci NULL t3 HEAP Fixed 0 9 # # # 9 NULL NULL NULL NULL latin1_swedish_ci NULL drop table t1, t2, t3; +create database test_$1; +show create database test_$1; +Database Create Database +test_$1 CREATE DATABASE `test_$1` /*!40100 DEFAULT CHARACTER SET latin1 */ +create table test_$1.t1(a int); +insert into test_$1.t1 values(1); +grant select on `test_$1`.* to mysqltest_1@localhost; +grant usage on `test_$1`.* to mysqltest_2@localhost; +grant drop on `test_$1`.* to mysqltest_3@localhost; +select * from t1; +a +1 +show create database test_$1; +Database Create Database +test_$1 CREATE DATABASE `test_$1` /*!40100 DEFAULT CHARACTER SET latin1 */ +drop table t1; +ERROR 42000: Access denied for user: 'mysqltest_1'@'localhost' to database 'test_$1' +drop database test_$1; +ERROR 42000: Access denied for user: 'mysqltest_1'@'localhost' to database 'test_$1' +select * from test_$1.t1; +ERROR 42000: Access denied for user: 'mysqltest_2'@'localhost' to database 'test_$1' +show create database test_$1; +ERROR 42000: Access denied for user: 'mysqltest_2'@'localhost' to database 'test_$1' +drop table test_$1.t1; +ERROR 42000: Access denied for user: 'mysqltest_2'@'localhost' to database 'test_$1' +drop database test_$1; +ERROR 42000: Access denied for user: 'mysqltest_2'@'localhost' to database 'test_$1' +select * from test_$1.t1; +ERROR 42000: Access denied for user: 'mysqltest_3'@'localhost' to database 'test_$1' +show create database test_$1; +ERROR 42000: Access denied for user: 'mysqltest_3'@'localhost' to database 'test_$1' +drop table test_$1.t1; +drop database test_$1; +delete from mysql.user +where user='mysqltest_1' || user='mysqltest_2' || user='mysqltest_3'; +delete from mysql.db +where user='mysqltest_1' || user='mysqltest_2' || user='mysqltest_3'; +flush privileges; diff --git a/mysql-test/t/show_check.test b/mysql-test/t/show_check.test index 638626a7456..b0307af19bb 100644 --- a/mysql-test/t/show_check.test +++ b/mysql-test/t/show_check.test @@ -256,3 +256,51 @@ delete from t3 where a=5; show table status; drop table t1, t2, t3; + +# +# Test for bug #3342 SHOW CREATE DATABASE seems to require DROP privilege +# + +create database test_$1; +show create database test_$1; +create table test_$1.t1(a int); +insert into test_$1.t1 values(1); +grant select on `test_$1`.* to mysqltest_1@localhost; +grant usage on `test_$1`.* to mysqltest_2@localhost; +grant drop on `test_$1`.* to mysqltest_3@localhost; + +connect (con1,localhost,mysqltest_1,,test_$1); +connection con1; +select * from t1; +show create database test_$1; +--error 1044 +drop table t1; +--error 1044 +drop database test_$1; + +connect (con2,localhost,mysqltest_2,,test); +connection con2; +--error 1044 +select * from test_$1.t1; +--error 1044 +show create database test_$1; +--error 1044 +drop table test_$1.t1; +--error 1044 +drop database test_$1; + +connect (con3,localhost,mysqltest_3,,test); +connection con3; +--error 1044 +select * from test_$1.t1; +--error 1044 +show create database test_$1; +drop table test_$1.t1; +drop database test_$1; + +connection default; +delete from mysql.user +where user='mysqltest_1' || user='mysqltest_2' || user='mysqltest_3'; +delete from mysql.db +where user='mysqltest_1' || user='mysqltest_2' || user='mysqltest_3'; +flush privileges; diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index e1a300501dc..7adc216556e 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -3135,7 +3135,7 @@ mysql_execute_command(THD *thd) net_printf(thd,ER_WRONG_DB_NAME, lex->name); break; } - if (check_access(thd,DROP_ACL,lex->name,0,1,0)) + if (check_access(thd,SELECT_ACL,lex->name,0,1,0)) break; if (thd->locked_tables || thd->active_transaction()) {