mirror of
https://github.com/MariaDB/server.git
synced 2025-10-08 00:39:14 +02:00
eeb00ceffd
Follow-up patch with adjustments of test files and updates of result files for tests. Some of tests were rewritten slighlty. Everywhere where common pattern used: ----- CREATE USER userA; --connect con1 ... userA ... <sql statements...> --disconnect con1 DROP USER userA; ----- the DROP USER statement has been eclosed into the directive --disable_warnings --enable_warnings This change is caused by the race conddition between --disconnect and DROP USER since a number of currently running sessions established on behalf the user being dropped is counted by holding the rw_lock THD_list_iterator::lock that is not acquired on execution the DROP USER statement but the lock is taken as the last step on handling disconnection (when the client is already sending the next statement). Therefore, for the cases where the command --disconnect precedes the DROP USER statement we hide the possible warnings about presence of active sessions for the user being deleted to make tests deterministic.
124 lines
3.3 KiB
Text
124 lines
3.3 KiB
Text
--source include/not_embedded.inc
|
|
|
|
--disable_cursor_protocol
|
|
select priv into @root_priv from mysql.global_priv where user='root' and host='localhost';
|
|
--enable_cursor_protocol
|
|
|
|
select * from mysql.user where user = 'root' and host = 'localhost';
|
|
--echo # Test syntax
|
|
--echo #
|
|
--echo # These 2 selects should have no changes from the first one.
|
|
alter user CURRENT_USER;
|
|
select * from mysql.user where user = 'root' and host = 'localhost';
|
|
alter user CURRENT_USER();
|
|
select * from mysql.user where user = 'root' and host = 'localhost';
|
|
|
|
create user foo;
|
|
select * from mysql.user where user = 'foo';
|
|
alter user foo;
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
--echo #
|
|
--echo # Test READ_ONLY privilege works correctly with a read only database.
|
|
--echo #
|
|
|
|
SET @start_read_only = @@global.read_only;
|
|
SET GLOBAL read_only=1;
|
|
grant create user on *.* to foo;
|
|
|
|
--echo # Currently no READ_ONLY ADMIN privileges.
|
|
connect (a, localhost, foo);
|
|
select @@global.read_only;
|
|
|
|
--error ER_OPTION_PREVENTS_STATEMENT
|
|
alter user foo;
|
|
|
|
--echo # Grant READ_ONLY ADMIN privilege to the user.
|
|
connection default;
|
|
grant READ_ONLY ADMIN on *.* to foo;
|
|
|
|
--echo # We now have READ_ONLY ADMIN privilege. We should be able to run alter user.
|
|
connect (b, localhost, foo);
|
|
alter user foo;
|
|
|
|
connection default;
|
|
SET GLOBAL read_only = @start_read_only;
|
|
|
|
|
|
--echo #
|
|
--echo # Test inexistant user.
|
|
--echo #
|
|
|
|
--error ER_CANNOT_USER
|
|
alter user boo;
|
|
--echo #--warning ER_CANNOT_USER
|
|
alter user if exists boo;
|
|
|
|
|
|
--echo #
|
|
--echo # Test password related altering.
|
|
--echo #
|
|
|
|
alter user foo identified by 'something';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified by 'something2';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified by password 'invalid';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
--error ER_CANNOT_USER
|
|
alter user foo identified with 'somecoolplugin';
|
|
show warnings;
|
|
|
|
alter user foo identified with 'mysql_old_password';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified with 'mysql_old_password' using '0123456789ABCDEF';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
|
|
--echo #
|
|
--echo # Test ssl related altering.
|
|
--echo #
|
|
|
|
alter user foo identified by 'something' require SSL;
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified by 'something' require X509;
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
alter user foo identified by 'something'
|
|
require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
|
|
select * from mysql.user where user = 'foo';
|
|
|
|
|
|
--echo #
|
|
--echo # Test resource limits altering.
|
|
--echo #
|
|
|
|
alter user foo with MAX_QUERIES_PER_HOUR 10
|
|
MAX_UPDATES_PER_HOUR 20
|
|
MAX_CONNECTIONS_PER_HOUR 30
|
|
MAX_USER_CONNECTIONS 40;
|
|
select * from mysql.user where user = 'foo';
|
|
drop user foo;
|
|
|
|
--echo #
|
|
--echo # Bug #29882299: ALTER USER ... IDENTIFIED WITH ... BY ... SHOULD BE A PRIVILEGED OPERATION
|
|
--echo #
|
|
create user foo@localhost;
|
|
--connect x,localhost,foo
|
|
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
|
alter user current_user identified with 'something';
|
|
--connection default
|
|
--disconnect x
|
|
--disable_warnings
|
|
drop user foo@localhost;
|
|
--enable_warnings
|
|
|
|
update mysql.global_priv set priv=@root_priv where user='root' and host='localhost';
|