Implement fine-grained control over access to stored procedures
Privileges are cached (same way as existing table/column privs)
mysql-test/include/system_db_struct.inc:
WL#925 - Privileges for stored routines
New system table: procs_priv
mysql-test/r/connect.result:
WL#925 - Privileges for stored routines
New system table: procs_priv
mysql-test/r/grant.result:
WL#925 - Privileges for stored routines
user table has additional privilege attributes
SHOW PRIVILEGES amended
mysql-test/r/grant2.result:
Fix result
mysql-test/r/information_schema.result:
WL#925 - Privileges for stored routines
New system table procs_priv
New user privileges
mysql-test/r/show_check.result:
Fix result
mysql-test/r/sp-security.result:
WL#925 - Privileges for stored routines
Fix existing tests to work with new privileges
New tests for new privileges
mysql-test/r/sp.result:
WL#925 - Privileges for stored routines
Fix SHOW PRIVILEGES results
mysql-test/r/system_mysql_db.result:
WL#925 - Privileges for stored routines
New system table: procs_priv
user and db tables have new privilege attributes
mysql-test/t/grant2.test:
Fix test
mysql-test/t/show_check.test:
Fix test
mysql-test/t/sp-security.test:
WL#925 - Privileges for stored routines
Allow existing tests to run with new privilege checks
New tests for privileges
mysql-test/t/system_mysql_db_fix.test:
WL#925 - Privileges for stored routines
New system table: procs_priv
scripts/mysql_create_system_tables.sh:
WL#925 - Privileges for stored routines
db and user has new privilege attributes
new system table: procs_priv
scripts/mysql_fix_privilege_tables.sql:
WL#925 - Privileges for stored routines
new system table: procs_priv
scripts/mysql_install_db.sh:
WL#925 - Privileges for stored routines
Amend comment
sql/item_func.cc:
WL#925 - Privileges for stored routines
Privilege check for stored FUNCTION routine
sql/lex.h:
WL#925 - Privileges for stored routines
new token ROUTINE
sql/mysql_priv.h:
WL#925 - Privileges for stored routines
New function: check_procedure_access()
sql/mysqld.cc:
WL#925 - Privileges for stored routines
system option automatic-sp-privileges
sql/set_var.cc:
WL#925 - Privileges for stored routines
system option automatic-sp-privileges
sql/share/errmsg.txt:
WL#925 - Privileges for stored routines
rename errormessage to conform:
ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR
New error messages
ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL
sql/sp.cc:
WL#925 - Privileges for stored routines
new function: sp_exists_routine()
sql/sp.h:
WL#925 - Privileges for stored routines
new function: sp_exists_routine()
sql/sql_acl.cc:
WL#925 - Privileges for stored routines
Implementation for SP privileges.
Privileges are cached in memory hash.
New functions:
mysql_procedure_grant()
check_grant_procedure()
sp_revoke_privileges()
sp_grant_privileges()
sql/sql_acl.h:
WL#925 - Privileges for stored routines
New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL
Alter confusing bit-segments to be shifted
New macros: fix_rights_for_procedure() get_rights_for_procedure()
New functions:
mysql_procedure_grant()
check_grant_procedure()
sp_grant_privileges()
sp_revoke_privileges()
sql/sql_lex.h:
WL#925 - Privileges for stored routines
new all_privileges attribute in LEX
sql/sql_parse.cc:
WL#925 - Privileges for stored routines
Remove function: check_sp_definer_access()
Add handling for SP grants/revokes
Add privilege checks for stored procedure invocation
sql/sql_show.cc:
WL#925 - Privileges for stored routines
update result for SHOW PRIVILEGES
sql/sql_yacc.yy:
WL#925 - Privileges for stored routines
New token ROUTINE
rename some rules
handle CREATE ROUTINE / ALTER ROUTINE privileges
Removed the support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
mysql-test/r/sp-error.result:
Removed test for renaming procedures with alter.
mysql-test/r/sp.result:
Removed test for renaming procedures with alter.
mysql-test/t/sp-error.test:
Removed test for renaming procedures with alter.
mysql-test/t/sp.test:
Removed test for renaming procedures with alter.
sql/sp.cc:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sp.h:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sql_parse.cc:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
sql/sql_yacc.yy:
Removed support for renaming SPs. It's non-standard, conflicted with a standard
syntax, and was a bit broken anyway.
Also added some related security tests and corrected related error messages.
mysql-test/r/sp-error.result:
New test case for BUG#3339, and updated results for other modified error messages.
mysql-test/r/sp-security.result:
Added tests for creating procedures in another database with and wihout
access rights.
mysql-test/t/sp-error.test:
New test case for BUG#3339.
mysql-test/t/sp-security.test:
Added tests for creating procedures in another database with and wihout
access rights.
sql/sp.cc:
Check existance (and access rights) for database when creating a stored routine.
sql/sp.h:
New error return value for sp_create_* functions, for non existing database.
sql/sql_parse.cc:
Check error return for create stored routine (non existing database),
and corrected the error output for some other commands. (Use qualified
name, not just name.)
This fixes part of BUG#3229: Stored procedure comment causes packets out of order.
sql/sp.cc:
Fixed proper restoring of current db on errors.
sql/sp.h:
Fixed proper restoring of current db on errors.
sql/sp_head.cc:
Fixed proper restoring of current db on errors.
Phase 4 (final): Remove associated stored procedures when a database is dropped.
mysql-test/r/sp-security.result:
drop database now deletes associated SPs.
mysql-test/r/sp.result:
drop database now deletes associated SPs.
mysql-test/t/sp-security.test:
drop database now deletes associated SPs.
mysql-test/t/sp.test:
drop database now deletes associated SPs.
sql/sp.cc:
New function for deleting all SPs associated with a database.
sql/sp.h:
New function for deleting all SPs associated with a database.
sql/sp_cache.cc:
New function for just invalidating all SP caches (when dropping a database).
sql/sp_cache.h:
New function for just invalidating all SP caches (when dropping a database).
sql/sql_db.cc:
When dropping a database, also delete all associated SPs.
Phase 2: Make SPs belong to a DB, and use qualified names.
As a side effect, using USE in an SP is no longer allowed.
(It just doesn't work otherwise.)
include/mysqld_error.h:
New error code (USE is no longer allowed in a stored procedure).
include/sql_state.h:
New error state (USE is no longer allowed in a stored procedure).
mysql-test/r/sp-error.result:
Updated result for test of USE in SP (not allowed now).
mysql-test/r/sp-security.result:
Updated test results for new db column and qualified procedured names.
mysql-test/r/sp.result:
Updated results for USE in SP (as it's no longer allowed), and
for new db column in status result.
mysql-test/t/sp-error.test:
Moved test of USE in SP from sp.test (as it's no longer allowed).
mysql-test/t/sp-security.test:
Ajusted tests for new db column and qualified procedured names.
mysql-test/t/sp.test:
Moved test of USE in SP to sp-error.test (as it's no longer allowed).
Adjusted tests for new db column in status result.
sql/mysql_priv.h:
mysql_change_db() now has optional arguments for use by SP with qualified names.
sql/share/czech/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/danish/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/dutch/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/english/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/estonian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/french/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/german/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/greek/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/hungarian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/italian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/japanese/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/korean/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/norwegian-ny/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/norwegian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/polish/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/portuguese/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/romanian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/russian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/serbian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/slovak/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/spanish/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/swedish/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/share/ukrainian/errmsg.txt:
New error message: USE is not allowed in a stored procedure.
sql/sp.cc:
SPs are now "belong" to a DB and may have qualified names.
New functions for changing DB ("use") when parsing and invoking SPs.
sql/sp.h:
New functions for changing DB ("use") when parsing and invoking SPs.
sql/sp_cache.cc:
Use the qualified name in the SP cache.
sql/sp_head.cc:
New function for allocating a qualified SP name (used in sql_yacc.yy).
Change DB when executing an SP (if needed).
Moved thd_mem_root swap functions from sp_head.h.
sql/sp_head.h:
New function for allocating a qualified SP name (used in sql_yacc.yy).
Moved thd_mem_root swap functions to sp_head.cc.
sql/sql_db.cc:
mysql_change_db() now has optional arguments for use by SP with qualified names
(for use when reading an SP from database and executing it); also allow "unusing"
a database, i.e. setting thd->thd to "".
sql/sql_yacc.yy:
Initialize qualfied SP names correctly.
USE is no longer allowed in an SP.
Phase 1: Introduced sp_name class, for qualified name support.
sql/item_func.cc:
Introduced sp_name class; moved some methods from item_func.h.
sql/item_func.h:
Introduced sp_name class; moved some methods to item_func.cc.
sql/sp.cc:
Introduced sp_name class, for qualified name support.
sql/sp.h:
Introduced sp_name class, for qualified name support.
sql/sp_cache.cc:
Introduced sp_name class, for qualified name support.
sql/sp_cache.h:
Introduced sp_name class, for qualified name support.
sql/sp_head.cc:
Introduced sp_name class, for qualified name support.
sql/sp_head.h:
Introduced sp_name class, for qualified name support.
sql/sql_lex.h:
Introduced sp_name class, for qualified name support.
sql/sql_parse.cc:
Introduced sp_name class, for qualified name support.
sql/sql_yacc.yy:
Introduced sp_name class, for qualified name support.
make characteristics (and SHOW) work right, we had to separate the old
definition blob in the mysql.proc table into separate fields for parameters,
return type, and body, and handle the characteristics (like SQL SECURITY)
separately... and then reassemble the CREATE string for parsing, of course.
This is rather ugly, mostly the parser bit. (Hopefully that will be better
with the new parser.)
Docs/sp-imp-spec.txt:
Separated the definitions string of the procedure into different columns
in the mysql.proc schema.
mysql-test/r/sp.result:
New characteristics tests.
mysql-test/t/sp.test:
New characteristics tests.
scripts/mysql_create_system_tables.sh:
Separated the definitions string of the procedure into different columns
in the mysql.proc schema.
scripts/mysql_fix_privilege_tables.sql:
Separated the definitions string of the procedure into different columns
in the mysql.proc schema.
sql/sp.cc:
Separated the definitions string of the procedure into different columns.
Rewrote much of the code related this (have a assemble the definition
string from its different parts now) and the way characteristics are now
handled, in order to make ALTER actually work.
sql/sp.h:
Changed prototypes.
sql/sp_head.cc:
Rewrote much of the code related to the new mysql.proc schema with separate
definition fields (have to assemble the definition string from its different
parts now) and the way characteristics are now handled, in order to make ALTER
actually work.
sql/sp_head.h:
Separated the different parts of the definition strings: name, parameters,
return type (for functions) and body.
sql/sql_yacc.yy:
Separated the different parts of the definition strings: name, parameters,
return type (for functions) and body.
This is ugly and messy; hopefully there's a more elegant way to do this
when the new parser is installed.
Also made the parsing and handling of SP characteristics
more general and extendable, and added a few ch:istics.
Docs/sp-imp-spec.txt:
Updated spec with new schema.
Docs/sp-implemented.txt:
Added info about ALTER and SHOW.
mysql-test/r/sp.result:
Minor change in SHOW FUNCTION|PROCEDURE STATUS output.
scripts/mysql_create_system_tables.sh:
New mysql.proc schema.
scripts/mysql_fix_privilege_tables.sql:
New mysql.proc schema.
sql/lex.h:
New lex words for SP characteristics.
sql/sp.cc:
New mysql.proc schema.
Also made the characteristics handling slightly more extendable.
sql/sp.h:
Made the characteristics handling slightly more extendable.
sql/sp_head.cc:
Made the characteristics handling slightly more extendable.
sql/sp_head.h:
Made the characteristics handling slightly more extendable.
sql/sql_lex.h:
Made the characteristics handling slightly more extendable.
sql/sql_parse.cc:
Made the characteristics handling slightly more extendable.
sql/sql_yacc.yy:
Made the characteristics handling slightly more extendable
and made the parsing of characteristics more general, and
added a few new dito. (LANGUAGE SQL, and [NOT] DETERMINISTIC
for starters).
- dropped routines should not show up in status
- error handling for non-existing routines
+ some cleanup.
mysql-test/r/sp-error.result:
Test SHOW CREATE PROCEDURE for non-existing procedure.
mysql-test/r/sp.result:
Additional SHOW FUNCTION/PROCEDURE STATUS calls (make sure they don't show
after being dropped).
mysql-test/t/sp-error.test:
Test SHOW CREATE PROCEDURE for non-existing procedure.
mysql-test/t/sp.test:
Additional SHOW FUNCTION/PROCEDURE STATUS calls (make sure they don't show
after being dropped).
sql/sp.cc:
Fixed bug in SHOW ... STATUS after a routine has been dropped,
and fixed the error return codes (for correct error handling).
Also some general cleanup.
sql/sp.h:
Fixed prefix for external functions (should be sp_, not db_).
sql/sql_parse.cc:
Fixed error handling in SHOW CREATE PROCEDURE/FUNCTION.
WL#1263: Support for the attributes COMMENT and SUID
in CREATE/ALTER PROCEDURE/FUNCTION
include/mysqld_error.h:
Error code for 'alter procedure'
mysql-test/r/sp-error.result:
Test for WL#1241&WL#1263
mysql-test/r/sp.result:
Test for WL#1241&WL#1263
mysql-test/t/sp-error.test:
Test for WL#1241&WL#1263
mysql-test/t/sp.test:
Test for WL#1241&WL#1263
sql/share/czech/errmsg.txt:
Error massage for 'alter procedure'
sql/share/danish/errmsg.txt:
Error massage for 'alter procedure'
sql/share/dutch/errmsg.txt:
Error massage for 'alter procedure'
sql/share/english/errmsg.txt:
Error massage for 'alter procedure'
sql/share/estonian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/french/errmsg.txt:
Error massage for 'alter procedure'
sql/share/german/errmsg.txt:
Error massage for 'alter procedure'
sql/share/greek/errmsg.txt:
Error massage for 'alter procedure'
sql/share/hungarian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/italian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/japanese/errmsg.txt:
Error massage for 'alter procedure'
sql/share/korean/errmsg.txt:
Error massage for 'alter procedure'
sql/share/norwegian-ny/errmsg.txt:
Error massage for 'alter procedure'
sql/share/norwegian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/polish/errmsg.txt:
Error massage for 'alter procedure'
sql/share/portuguese/errmsg.txt:
Error massage for 'alter procedure'
sql/share/romanian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/russian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/serbian/errmsg.txt:
Error massage for 'alter procedure'
sql/share/slovak/errmsg.txt:
Error massage for 'alter procedure'
sql/share/spanish/errmsg.txt:
Error massage for 'alter procedure'
sql/share/swedish/errmsg.txt:
Error massage for 'alter procedure'
sql/share/ukrainian/errmsg.txt:
Error massage for 'alter procedure'
Had to add a cahing mechanism which is in parts an ugly kludge, but it will be
reworked once the real SP caching is implemented.
mysql-test/r/sp.result:
New function tests.
mysql-test/t/sp.test:
New function tests.
sql/sp.cc:
Big rehack of mysql.proc table usage strategy and adding a function cache
mechanism, since we need to read used functions from the db before doing anything else
when executing a query. (This cache is temporary and will probably be replaced by
the real thing later.)
sql/sp.h:
New (temporary) FUNCTION caching functions.
sql/sp_head.cc:
Fixed some bugs in the function and procedure execution.
Disabled some data collections that's not used at the moment.
sql/sp_head.h:
Fixed some bugs in the function and procedure execution.
Disabled some data collections that's not used at the moment.
sql/sql_class.h:
Added SP function cache list to thd.
sql/sql_lex.cc:
Added SP function name list to lex.
sql/sql_lex.h:
Added SP function name list to lex.
sql/sql_parse.cc:
Read used FUNCTIONs from db and cache them in thd before doing anything else
in a query execution. (This is necessary since we can't open mysql.proc during
query execution.)
sql/sql_yacc.yy:
Collect used function names in lex.
various known problems, but good enough for a checkpoint commit.
mysql-test/r/sp.result:
New tests for invoking simple FUNCTIONs.
mysql-test/t/sp.test:
New tests for invoking simple FUNCTIONs.
sql/item_func.cc:
New Item_func_sp for stored FUNCTIONs.
sql/item_func.h:
New Item_func_sp for stored FUNCTIONs.
sql/sp.cc:
Close mysql.proc table earlier so recursive find_function calls work.
Added temporary sp_function_exists() function for checking without parsing.
sql/sp.h:
Added temporary sp_function_exists() function for checking without parsing.
sql/sp_head.cc:
New code for executing a FUNCTION. (And reworked some of the old code in the process.)
sql/sp_head.h:
New code for executing a FUNCTION.
sql/sp_rcontext.h:
Added result slot for FUNCTIONs.
sql/sql_lex.cc:
Added check for stored FUNCTION, analogous to UDFs.
sql/sql_parse.cc:
sp_head::execute was renamed into execute_procedure.
sql/sql_yacc.yy:
Added parsing of stored FUNCTION invocation and code generation for RETURN statement.
Expanded the mysql.proc table, reworked the find/create/drop functions
completely, added new functions for FUNCTIONs (lotta functions here :),
got rid of some unnecessary use of Item_strings while at it. Extended
the parser correspondingly, and fiddled around a bit to make SP FUNCTIONs
coexist with UDFs.
Can now CREATE and DROP FUNCTIONs. Invoking yet to come...
Docs/sp-implemented.txt:
Updated with info about CASCADE/RESTICT and METHOD, and some answers to questions.
include/mysqld_error.h:
New error message for misuse of RETURN.
mysql-test/install_test_db.sh:
Added enum field to mysql.proc to distinguish between FUNCTION and PROCEDURE.
mysql-test/r/sp.result:
New test for creating and dropping FUNCTIONS.
mysql-test/t/sp.test:
New test for creating and dropping FUNCTIONS.
scripts/mysql_install_db.sh:
Added enum field to mysql.proc to distinguish between FUNCTION and PROCEDURE.
sql/lex.h:
De-UDFed some symbol names, as they are now used for SPs as well.
Added RETURN_SYM.
sql/share/czech/errmsg.txt:
New error message for misuse of RETURN.
sql/share/danish/errmsg.txt:
New error message for misuse of RETURN.
sql/share/dutch/errmsg.txt:
New error message for misuse of RETURN.
sql/share/english/errmsg.txt:
New error message for misuse of RETURN.
sql/share/estonian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/french/errmsg.txt:
New error message for misuse of RETURN.
sql/share/german/errmsg.txt:
New error message for misuse of RETURN.
sql/share/greek/errmsg.txt:
New error message for misuse of RETURN.
sql/share/hungarian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/italian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/japanese/errmsg.txt:
New error message for misuse of RETURN.
sql/share/korean/errmsg.txt:
New error message for misuse of RETURN.
sql/share/norwegian-ny/errmsg.txt:
New error message for misuse of RETURN.
sql/share/norwegian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/polish/errmsg.txt:
New error message for misuse of RETURN.
sql/share/portuguese/errmsg.txt:
New error message for misuse of RETURN.
sql/share/romanian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/russian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/serbian/errmsg.txt:
New error message for misuse of RETURN.
sql/share/slovak/errmsg.txt:
New error message for misuse of RETURN.
sql/share/spanish/errmsg.txt:
New error message for misuse of RETURN.
sql/share/swedish/errmsg.txt:
New error message for misuse of RETURN.
sql/share/ukrainian/errmsg.txt:
New error message for misuse of RETURN.
sql/sp.cc:
Major rehack to accomodate FUNCTIONs, and to make it easier to add
future in-memory cache of prepared SPs.
sql/sp.h:
Major rehack to accomodate FUNCTIONs, and to make it easier to add
future in-memory cache of prepared SPs.
sql/sp_head.cc:
Now creates FUNCTIONs too. (And got rid of some unnecessary Item_string use.)
sql/sp_head.h:
Now creates FUNCTIONs too. (And got rid of some unnecessary Item_string use.)
sql/sql_lex.h:
New stored FUNCTION commands.
sql/sql_parse.cc:
Added FUNCTION support ("drop" merged with the old UDF code), and made some
additional changes for better error handling (following the sp.cc rehacking).
sql/sql_yacc.yy:
Some former UDF specific symbols renamed.
Added CREATE FUNCTION parsing.
DROP FUNCTION had to be partly merged with the old UDF code, because of the similar
syntax.
RETURN statement added, but still a no-op.
for future work.
Docs/sp-imp-spec.txt:
Started on the FUNCTION parts...
Docs/sp-implemented.txt:
Added som info on SET behaviour, and added Open questions.
sql/sp.cc:
Renamed functions.
sql/sp.h:
Renamed functions.
sql/sql_parse.cc:
Renamed functions.
Fixed backpatching of forward jumps.
Implemented LOOP, WHILE, REPEAT (temporarily known as SPREPEAT).
Known bug: Expression evaluation still not quite ok (e.g. "x > 0"),
which is why IF and CASE is not yet implemented.
sql/Makefile.am:
Added new sp.h/sp.cc file.
sql/item.h:
New deferred result_type() method in Item_splocal.
sql/lex.h:
Temporary fix until REPEAT conflict is solved. Use SPREPEAT for now.
sql/sp_head.cc:
Moved create/find/drop functions to sp.cc.
Fixed the backpatch stuff.
(Also removed some dead code and updated comments.)
sql/sp_head.h:
Moved create/find/drop declarations to sp.h.
Fixed the backpatch stuff.
sql/sp_pcontext.h:
New method: last_label().
sql/sql_parse.cc:
Include sp.h.
sql/sql_yacc.yy:
Fixed backpatching of forward jumps.
Implemented LOOP, WHILE, and REPEAT. (Note: SPREPEAT for now.)