Implement table-level TRIGGER privilege to control access to triggers.
Before this path global SUPER privilege was used for this purpose, that
was the big security problem.
In details, before this patch SUPER privilege was required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger (if the
definer loses SUPER privilege, all its triggers become unavailable);
This patch changes the behaviour in the following way:
- TRIGGER privilege on the subject table for trigger is required:
- for the user at CREATE TRIGGER time to create a new trigger;
- for the user at DROP TRIGGER time to drop the existing trigger;
- for the definer at trigger activation time to execute the trigger
(if the definer loses TRIGGER privilege on the subject table, all its
triggers on this table become unavailable).
- SUPER privilege is still required:
- for the user at CREATE TRIGGER time to explicitly set the trigger
definer to the user other than CURRENT_USER().
When the server works with database of the previous version (w/o TRIGGER
privilege), or if the database is being upgraded from the previous versions,
TRIGGER privilege is granted to whose users, who have CREATE privilege.
post-review change - use pointer instead of copy on the stack.
WL#1034 (Internal CRON)
This patch adds INFORMATION_SCHEMA.EVENTS table with the following format:
EVENT_CATALOG - MYSQL_TYPE_STRING (Always NULL)
EVENT_SCHEMA - MYSQL_TYPE_STRING (the database)
EVENT_NAME - MYSQL_TYPE_STRING (the name)
DEFINER - MYSQL_TYPE_STRING (user@host)
EVENT_BODY - MYSQL_TYPE_STRING (the body from mysql.event)
EVENT_TYPE - MYSQL_TYPE_STRING ("ONE TIME" | "RECURRING")
EXECUTE_AT - MYSQL_TYPE_TIMESTAMP (set for "ONE TIME" otherwise NULL)
INTERVAL_VALUE - MYSQL_TYPE_LONG (set for RECURRING otherwise NULL)
INTERVAL_FIELD - MYSQL_TYPE_STRING (set for RECURRING otherwise NULL)
SQL_MODE - MYSQL_TYPE_STRING (for now NULL)
STARTS - MYSQL_TYPE_TIMESTAMP (starts from mysql.event)
ENDS - MYSQL_TYPE_TIMESTAMP (ends from mysql.event)
STATUS - MYSQL_TYPE_STRING (ENABLED | DISABLED)
ON_COMPLETION - MYSQL_TYPE_STRING (NOT PRESERVE | PRESERVE)
CREATED - MYSQL_TYPE_TIMESTAMP
LAST_ALTERED - MYSQL_TYPE_TIMESTAMP
LAST_EXECUTED - MYSQL_TYPE_TIMESTAMP
EVENT_COMMENT - MYSQL_TYPE_STRING
SQL_MODE is NULL for now, because the value is still not stored in mysql.event .
Support will be added as a fix for another bug.
This patch also adds SHOW [FULL] EVENTS [FROM db] [LIKE pattern]
1. SHOW EVENTS shows always only the events on the same user,
because the PK of mysql.event is (definer, db, name) several
users may have event with the same name -> no information disclosure.
2. SHOW FULL EVENTS - shows the events (in the current db as SHOW EVENTS)
of all users. The user has to have PROCESS privilege, if not then
SHOW FULL EVENTS behave like SHOW EVENTS.
3. If [FROM db] is specified then this db is considered.
4. Event names can be filtered with LIKE pattern.
SHOW EVENTS returns table with the following columns, which are subset of
the data which is returned by SELECT * FROM I_S.EVENTS
Db
Name
Definer
Type
Execute at
Interval value
Interval field
Starts
Ends
Status
Don't display charsets/collations with HIDDEN flag.
ctype-utf8.c:
Adding HIDDEN flag to "filename"
Changeing ID to 17 which was previosly
used by deprecated "win1251", removed in 4.1.
charset-def.c:
Adding "filename" as a hidden charset, for test purposes.
m_ctype.h:
Adding MY_CS_HIDDEN flag,
to hide charsets and collations from
being displayed in SHOW.
Optimised version of ADD/DROP/REORGANIZE partitions for
non-NDB storage engines.
New syntax to handle REBUILD/OPTIMIZE/ANALYZE/CHECK/REPAIR partitions
Quite a few bug fixes
There are two main idea of this fix:
- introduce a common function for server and client to split user value
(<user name>@<host name>) into user name and host name parts;
- dump DEFINER clause in correct format in mysqldump.
The patch adds DYNAMIC_ARRAY all_status_vars, which is now the
sole source of status information for SHOW STATUS. Status
variables can be added to and removed from the array dynamically.
SHOW STATUS command uses this array instead of static array
from mysqld.cc
Compatibility with the old, global list of status variables is
preserved in init_server_components(), where this global list is
simply appended to all_status_vars.
(MySQL plugin interface: status variables)
adding SHOW_FUNC, removing SHOW_some_specific_value,
only generic SHOW_LONG/SHOW_CHAR/etc are recognized.
changing to use SHOW_FUNC instead of ha_update_statistics
which makes it possible to run RENAME TABLE
on old tables when upgrading from 5.0.
TODO: A stored procedure to rename all tables and
databases with old name format into new format,
it will simplify upgrade.
sql_table.cc:
Making old tables seen with "#mysql50#" prefix.
Adding warning into .err log when an old name is found.
sql_show.cc:
Skip non-directories before filename_to_tablename
call, to avoid unnecessary warnings.
strfunc.cc:
Adding "error" argument to strconvert()
mysql_priv.h:
Adding "error" agrument to strconvert()
- Encoding itself, implemented as a charset
"filename". Originally planned to use '.'
as an escape character, but now changed to '@'
for two reasons: "ls" does not return
file names starting with '.' considering them
as a kind of hidden files; some platforms
do not allow several dots in a file name.
- replacing many calls of my_snprintf() and
strnxmov() to the new build_table_filename().
- Adding MY_APPEND_EXT mysys flag, to append
an extention rather that replace it.
- Replacing all numeric constants in fn_format
flag arguments to their mysys definitions, e.g.
MY_UNPACK_FILENAME,
- Predictability in several function/methods:
when a table name can appear with or withot .frm
extension. Some functions/methods were changed
so accept names strictly with .frm, other - strictly
without .frm extensions. Several DBUG_ASSERTs were
added to check whether an extension is passed.
Many files:
table name to file name encoding
mysql_priv.h:
Prototypes for new table name encoding tools.
ctype-utf8.c:
Implementing "filename" charset for
table name to file name encoding.
row0mysql.c:
Fixing table name prefix.
mf_format.c:
Adding MY_APPEND_EXT processing.
Many files:
Fixing tests.
my_sys.h:
Adding new flag to append rather than replace an extension.
m_ctype.h:
Adding "filename" charset definition.
1) Fixes breakage in embedded server build for XMLPath push.
2) Hides PARTITION engine from view.
3) Add ENGINES information schema (and it should now be clear from this patch on how to turn any show command into an information schema).
Bug#14387 SHOW COLUMNS doesn't work on temporary tables.
Bug#15224 SHOW INDEX from temporary table doesn't work.
Restore thd->temporary_tables to be able to process
temporary tables(only for 'show index' & 'show columns').
This should be changed when processing of temporary tables for
I_S tables will be done.
