diff --git a/mysql-test/r/view.result b/mysql-test/r/view.result index 00ad31d546f..155147b81e1 100644 --- a/mysql-test/r/view.result +++ b/mysql-test/r/view.result @@ -287,41 +287,39 @@ d bigint(20) YES NULL explain select c from mysqltest.v1; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v1; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1' explain select c from mysqltest.v2; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v2; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2' explain select c from mysqltest.v3; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v3; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3' explain select c from mysqltest.v4; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v4; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4' grant select on mysqltest.t1 to mysqltest_1@localhost; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 PRIMARY t1 system NULL NULL NULL NULL 0 const row not found show create table mysqltest.v1; -Table Create Table -v1 CREATE VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v1' explain select c from mysqltest.v2; id select_type table type possible_keys key key_len ref rows Extra 1 PRIMARY system NULL NULL NULL NULL 0 const row not found 2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table show create table mysqltest.v2; -Table Create Table -v2 CREATE ALGORITHM=TEMPTABLE VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v2' explain select c from mysqltest.v3; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v3; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v3' explain select c from mysqltest.v4; ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create table mysqltest.v4; -ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table +ERROR 42000: show create view command denied to user 'mysqltest_1'@'localhost' for table 'v4' grant show view on mysqltest.* to mysqltest_1@localhost; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra diff --git a/mysql-test/t/view.test b/mysql-test/t/view.test index 4c348e0b9d8..b76d40bea01 100644 --- a/mysql-test/t/view.test +++ b/mysql-test/t/view.test @@ -267,19 +267,19 @@ show columns from mysqltest.v2; # but explain/show do not -- error 1345 explain select c from mysqltest.v1; --- error 1345 +-- error 1142 show create table mysqltest.v1; -- error 1345 explain select c from mysqltest.v2; --- error 1345 +-- error 1142 show create table mysqltest.v2; -- error 1345 explain select c from mysqltest.v3; --- error 1345 +-- error 1142 show create table mysqltest.v3; -- error 1345 explain select c from mysqltest.v4; --- error 1345 +-- error 1142 show create table mysqltest.v4; # allow to see one of underlaing table @@ -288,17 +288,19 @@ grant select on mysqltest.t1 to mysqltest_1@localhost; connection user1; # EXPLAIN of view on above table works explain select c from mysqltest.v1; +-- error 1142 show create table mysqltest.v1; explain select c from mysqltest.v2; +-- error 1142 show create table mysqltest.v2; # but other EXPLAINs do not -- error 1345 explain select c from mysqltest.v3; --- error 1345 +-- error 1142 show create table mysqltest.v3; -- error 1345 explain select c from mysqltest.v4; --- error 1345 +-- error 1142 show create table mysqltest.v4; # allow to see any view in mysqltest database diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index e7b4772c3ab..b4d2e9e1c76 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -2873,7 +2873,7 @@ err: else if (want_access & CREATE_VIEW_ACL) command= "create view"; else if (want_access & SHOW_VIEW_ACL) - command= "show view"; + command= "show create view"; net_printf(thd,ER_TABLEACCESS_DENIED_ERROR, command, thd->priv_user, diff --git a/sql/sql_view.cc b/sql/sql_view.cc index 178c01687b0..38ba3afee6e 100644 --- a/sql/sql_view.cc +++ b/sql/sql_view.cc @@ -624,16 +624,20 @@ mysql_make_view(File_parser *parser, TABLE_LIST *table) check rights to run commands (EXPLAIN SELECT & SHOW CREATE) which show underlaying tables */ - if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe) || - old_lex->sql_command == SQLCOM_SHOW_CREATE) + if ((old_lex->sql_command == SQLCOM_SELECT && old_lex->describe)) { if (check_table_access(thd, SELECT_ACL, view_tables, 1) && - check_table_access(thd, SHOW_VIEW_ACL, view_tables, 1)) + check_table_access(thd, SHOW_VIEW_ACL, table, 1)) { my_error(ER_VIEW_NO_EXPLAIN, MYF(0)); goto err; } } + else if (old_lex->sql_command == SQLCOM_SHOW_CREATE) + { + if (check_table_access(thd, SHOW_VIEW_ACL, table, 0)) + goto err; + } /* move SQL_NO_CACHE & Co to whole query */ old_lex->safe_to_cache_query= (old_lex->safe_to_cache_query &&