SHOW CREATE VIEW (TABLE) privilege now reqiere show create privilege

(BUG#4777)


mysql-test/r/view.result:
  fixed SHOW CREATE VIEW privileges requrements
mysql-test/t/view.test:
  fixed SHOW CREATE VIEW privileges requrements
sql/sql_acl.cc:
  fixed command name

mysql-test/r/view.result

@@ -287,41 +287,39 @@ d	bigint(20)	YES		NULL
 explain select c from mysqltest.v1;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v1;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1'
 explain select c from mysqltest.v2;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v2;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2'
 explain select c from mysqltest.v3;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v3;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3'
 explain select c from mysqltest.v4;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v4;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4'
 grant select on mysqltest.t1 to mysqltest_1@localhost;
 explain select c from mysqltest.v1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	t1	system	NULL	NULL	NULL	NULL	0	const row not found
 show create table mysqltest.v1;
-Table	Create Table
-v1	CREATE VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1'
 explain select c from mysqltest.v2;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	const row not found
 2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
 show create table mysqltest.v2;
-Table	Create Table
-v2	CREATE ALGORITHM=TEMPTABLE VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2'
 explain select c from mysqltest.v3;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v3;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3'
 explain select c from mysqltest.v4;
 ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 show create table mysqltest.v4;
-ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
+ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4'
 grant show view on mysqltest.* to mysqltest_1@localhost;
 explain select c from mysqltest.v1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra

mysql-test/t/view.test

@@ -267,19 +267,19 @@ show columns from mysqltest.v2;
 # but explain/show do not
 -- error 1345
 explain select c from mysqltest.v1;
--- error 1345
+-- error 1142
 show create table mysqltest.v1;
 -- error 1345
 explain select c from mysqltest.v2;
--- error 1345
+-- error 1142
 show create table mysqltest.v2;
 -- error 1345
 explain select c from mysqltest.v3;
--- error 1345
+-- error 1142
 show create table mysqltest.v3;
 -- error 1345
 explain select c from mysqltest.v4;
--- error 1345
+-- error 1142
 show create table mysqltest.v4;
 
 # allow to see one of underlaing table
@@ -288,17 +288,19 @@ grant select on mysqltest.t1 to mysqltest_1@localhost;
 connection user1;
 # EXPLAIN of view on above table works
 explain select c from mysqltest.v1;
+-- error 1142
 show create table mysqltest.v1;
 explain select c from mysqltest.v2;
+-- error 1142
 show create table mysqltest.v2;
 # but other EXPLAINs do not
 -- error 1345
 explain select c from mysqltest.v3;
--- error 1345
+-- error 1142
 show create table mysqltest.v3;
 -- error 1345
 explain select c from mysqltest.v4;
--- error 1345
+-- error 1142
 show create table mysqltest.v4;
 
 # allow to see any view in mysqltest database

sql/sql_acl.cc

@@ -2873,7 +2873,7 @@ err:
     else if (want_access & CREATE_VIEW_ACL)
       command= "create view";
     else if (want_access & SHOW_VIEW_ACL)
-      command= "show view";
+      command= "show create view";
     net_printf(thd,ER_TABLEACCESS_DENIED_ERROR,
 	       command,
 	       thd->priv_user,

sql/sql_view.cc

@@ -624,16 +624,20 @@ mysql_make_view(File_parser *parser, TABLE_LIST *table)
       check rights to run commands (EXPLAIN SELECT & SHOW CREATE) which show
       underlaying tables
     */
-    if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe) ||
-        old_lex->sql_command == SQLCOM_SHOW_CREATE)
+    if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe))
     {
       if (check_table_access(thd, SELECT_ACL, view_tables, 1) &&
-          check_table_access(thd, SHOW_VIEW_ACL, view_tables, 1))
+          check_table_access(thd, SHOW_VIEW_ACL, table, 1))
       {
         my_error(ER_VIEW_NO_EXPLAIN, MYF(0));
         goto err;
       }
     }
+    else if (old_lex->sql_command == SQLCOM_SHOW_CREATE)
+    {
+      if (check_table_access(thd, SHOW_VIEW_ACL, table, 0))
+        goto err;
+    }
 
     /* move SQL_NO_CACHE & Co to whole query */
     old_lex->safe_to_cache_query= (old_lex->safe_to_cache_query &&