mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-18 04:53:01 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
85528 commits 2784 branches 343 tags 1.6 GiB
Commit graph

85528 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vicențiu Ciorbaru
8c7ca88a6c Added comment for database privilege checks. 2013-10-18 06:34:18 -07:00
Vicențiu Ciorbaru
f2ab661999 Added SHOW GRANTS recursive role print. 
The output is not completely correct due to recursive role grants not
being completly implemented. However, this will help with testing the
implementation of set role with recursive grants.
 2013-10-18 06:34:07 -07:00
Vicențiu Ciorbaru
3436691899 Refactored get_role_access into a generic traverse function. 
The function now performs a DEPTH FIRST SEARCH on the role graph.

At various key points: on_start, on_open, on_cycle, on_finish,
the function calls one of the corresponding functions passed as parameters.
 2013-10-18 06:22:17 -07:00
Vicențiu Ciorbaru
1bfc610dc7 Added show role grants functionality to the mysql_show_grants function. 2013-10-18 06:17:47 -07:00
Vicențiu Ciorbaru
0fea3316dd Refactored mysql_show_grants table and column privilege print into a separate 
function.

The function will be used to help print roles privileges recursively.
 2013-10-18 06:17:19 -07:00
Vicențiu Ciorbaru
d611407529 Refactored mysql_show_grants database privilege print into a separate 
function.

The function will be used to help print roles privileges recursively.
 2013-10-18 06:15:50 -07:00
Vicențiu Ciorbaru
4a9832680c Refactored mysql_show_grants global privilege print into a separate 
function.

The function will be used to help print roles privileges recursively.
 2013-10-18 06:09:30 -07:00
Vicențiu Ciorbaru
2826399e64 Fixed failing test due to wrong display order 2013-10-18 06:01:01 -07:00
Vicențiu Ciorbaru
daf0345a7b Added recursive database roles privilege propagation. 
The privileges are not correctly updated via grant commands yet.
 2013-10-18 06:00:48 -07:00
Vicențiu Ciorbaru
766ae81aa4 Fixed bug that caused rename user test case to fail. 
The bug was caused by not renaming the role if it was previously
modified by the handle_grant_struct(ROLE_ACL,...) call.

The same function used find_acl_role and would search for the already
renamed role when it handled ROLES_MAPPINGS_HASH. This caused it to not rename
the role/user correctly.
 2013-10-18 05:41:52 -07:00
Vicențiu Ciorbaru
1fe9272479 Removed no longer used error message. 2013-10-18 05:41:43 -07:00
Vicențiu Ciorbaru
3fa2cb2126 Updated error message in case the user table's format is not up to date and can 
not support roles
 2013-10-18 05:41:34 -07:00
Vicențiu Ciorbaru
ce4851c3d0 Reworked the implementation of create role and drop role. 
Also fixed issue with drop role not clearing internal memory entry
for that role. The issue was due to a condition introduced in handle_grant_data

Updated testsuite to also check the possible error conditions.
 2013-10-18 05:41:25 -07:00
Vicențiu Ciorbaru
db850c525f Added CREATE ROLE support as well as DROP ROLE support. 2013-10-18 05:41:13 -07:00
Vicențiu Ciorbaru
81b2856e10 Refactored yacc grammar to make use of named constants. 2013-10-18 05:16:38 -07:00
Vicențiu Ciorbaru
3566f317c0 Added simple database privilege test for roles. 2013-10-18 05:13:33 -07:00
Vicențiu Ciorbaru
ccd0c39cf4 Fixed crash caused by dereferencing null pointer. The comparison is no longer necessary there. 2013-10-18 05:13:22 -07:00
Vicențiu Ciorbaru
84a2f06fb2 Fixed always true condition that caused crash on database initialisation. 2013-10-18 05:11:40 -07:00
Vicențiu Ciorbaru
c4c09afb18 Fixed _always_ true condition 2013-10-18 05:11:31 -07:00
Vicențiu Ciorbaru
fe521dc28e Implemented _non recursive_ role specific grants for table/column level privileges 2013-10-18 05:11:16 -07:00
Vicențiu Ciorbaru
2060937353 Grant privilege on *.* to role@''; now updates in memory data structures; 
Revoke privilege on *.* to role@''; also works
 2013-10-18 04:47:55 -07:00
Vicențiu Ciorbaru
3d17d94cd6 Added GRANT privilege ON database.table TO role; functionality 2013-10-18 04:43:09 -07:00
Vicențiu Ciorbaru
01d4f47ef5 Added GRANT privilege ON database.* TO role; functionality 2013-10-18 04:41:18 -07:00
Vicențiu Ciorbaru
dcc9fd4c8e Implemented syntax recognition for REVOKE ROLE 2013-10-18 04:41:06 -07:00
Vicențiu Ciorbaru
ec92a4e0ff Implemented syntax recognition for DROP ROLE 2013-10-18 04:36:25 -07:00
Vicențiu Ciorbaru
fac8c9ef43 Added optional if not exists for create role. 2013-10-18 04:35:36 -07:00
Vicențiu Ciorbaru
51c631c2ae Implemented syntax recognition for CREATE ROLE 2013-10-18 04:35:18 -07:00
Vicențiu Ciorbaru
a57cdcd69a Changed GRANT ROLE to use SQLCOM_GRANT_ROLE 2013-10-18 04:29:40 -07:00
Vicențiu Ciorbaru
336ec901f4 Removed not needed GRANT privilege TO 2013-10-18 04:29:22 -07:00
Vicențiu Ciorbaru
d40d356606 Added syntax detection for the GRANT role TO {user | role } command. 
Also added syntax for GRANT privilege TO { role } command
 2013-10-18 04:29:01 -07:00
Vicențiu Ciorbaru
dcf76e6514 Added a more complicated test for recursive role grants. 2013-10-17 20:52:29 -07:00
Vicențiu Ciorbaru
9272e34a90 Minor test update to eliminate random row order. 2013-10-17 20:52:21 -07:00
Vicențiu Ciorbaru
871f6e1631 Removed leftover comment. 2013-10-17 20:52:12 -07:00
Vicențiu Ciorbaru
a0a8f50895 Added a test for acl_roles to test renaming of roles/ usernames 2013-10-17 20:52:04 -07:00
Vicențiu Ciorbaru
9fa7f1fcd6 Added cascading role renames to the roles_mappings table. 
TODO: Use an index search on the table, instead of scanning through it.
 2013-10-17 20:51:55 -07:00
Vicențiu Ciorbaru
1007b9232b Added cascading updates from role renames. Also works if a role has been granted to a role. 
This change only updates _in memory_ structures.
 2013-10-17 20:51:46 -07:00
Vicențiu Ciorbaru
2755c342e6 Added extra comments to explain the ACL_USER_BASE flags usage, as well as fix an issue with get_role_access. 
The bug caused roles rights to not be propagated if a push on the stack happened. The newly finished neighbour
was never reevaluated.
 2013-10-17 20:51:37 -07:00
Vicențiu Ciorbaru
f37168d40b Split ACL_USER into ACL_USER_BASE and ACL_USER 
ACL_ROLE now inherits ACL_USER_BASE
 2013-10-17 20:51:28 -07:00
Vicențiu Ciorbaru
00f4f408ea Minor update on tests. 
Fixed possible failing condition due to different order of table rows
 2013-10-17 20:51:19 -07:00
Vicențiu Ciorbaru
68214d21a0 Fixed failing tests due to wrong delete in the testsuite. 2013-10-17 20:51:10 -07:00
Vicențiu Ciorbaru
540673f046 Fixed comment indentation 2013-10-17 20:51:01 -07:00
Vicențiu Ciorbaru
221558efd5 Extended ACL_USER to create ACL_ROLE. 
Moved fields corresponding to role entries to the ACL_ROLE class.
 2013-10-17 20:50:51 -07:00
Vicențiu Ciorbaru
7faba82bab Fixed wrong IS_ROLE check. 2013-10-17 20:50:42 -07:00
Vicențiu Ciorbaru
0624020a76 Implemented the detection of the final access bits of a role via a DEPTH FIRST SEARCH 
from the grant role to role graph.
 2013-10-17 20:50:33 -07:00
Vicențiu Ciorbaru
b4f3ba2643 Added testcase to check that granting a role to a role works. 2013-10-17 20:50:24 -07:00
Vicențiu Ciorbaru
f22a50b2f9 Added rights propagation for granting a role to a role 2013-10-17 20:50:15 -07:00
Vicențiu Ciorbaru
82a5464a6c Removed unused hash search. 2013-10-17 20:50:06 -07:00
Vicențiu Ciorbaru
9dcc6430b8 Modified add_role_user_mapping to also handle granting a role to a role. 2013-10-17 20:49:56 -07:00
Vicențiu Ciorbaru
c968a59d6e Added a reset_role_grants function specific for roles. The function also 
resets the initial role access bits.
 2013-10-17 20:49:47 -07:00
Vicențiu Ciorbaru
aa4657f872 Added comment to justify error message 2013-10-17 20:49:38 -07:00