mirror of
https://github.com/MariaDB/server.git
synced 2025-10-22 23:57:48 +02:00
eeb00ceffd
Follow-up patch with adjustments of test files and updates of result files for tests. Some of tests were rewritten slighlty. Everywhere where common pattern used: ----- CREATE USER userA; --connect con1 ... userA ... <sql statements...> --disconnect con1 DROP USER userA; ----- the DROP USER statement has been eclosed into the directive --disable_warnings --enable_warnings This change is caused by the race conddition between --disconnect and DROP USER since a number of currently running sessions established on behalf the user being dropped is counted by holding the rw_lock THD_list_iterator::lock that is not acquired on execution the DROP USER statement but the lock is taken as the last step on handling disconnection (when the client is already sending the next statement). Therefore, for the cases where the command --disconnect precedes the DROP USER statement we hide the possible warnings about presence of active sessions for the user being deleted to make tests deterministic.
62 lines
1.8 KiB
Text
62 lines
1.8 KiB
Text
#
|
|
# MDEV-10744 Roles are not fully case-sensitive
|
|
#
|
|
#
|
|
# Test creating two case-different roles.
|
|
#
|
|
create user test_user@'%';
|
|
create role test_ROLE;
|
|
create role test_role;
|
|
#
|
|
# Test if mysql.user has the roles created.
|
|
#
|
|
select user, host from mysql.user where is_role='y' and user like 'test%';
|
|
User Host
|
|
test_ROLE
|
|
test_role
|
|
create database secret_db;
|
|
create table secret_db.t1 (secret varchar(100));
|
|
insert into secret_db.t1 values ("Some Secret P4ssw0rd");
|
|
grant select on secret_db.* to test_role;
|
|
grant test_role to test_user;
|
|
show grants for test_user;
|
|
Grants for test_user@%
|
|
GRANT `test_role` TO `test_user`@`%`
|
|
GRANT USAGE ON *.* TO `test_user`@`%`
|
|
#
|
|
# Now test the UPPER case role.
|
|
#
|
|
grant test_ROLE to test_user;
|
|
grant insert on secret_db.t1 to test_ROLE;
|
|
show grants for test_user;
|
|
Grants for test_user@%
|
|
GRANT `test_role` TO `test_user`@`%`
|
|
GRANT `test_ROLE` TO `test_user`@`%`
|
|
GRANT USAGE ON *.* TO `test_user`@`%`
|
|
connect test_user,localhost,test_user;
|
|
#
|
|
# Test users privileges when interacting with those roles;
|
|
#
|
|
show tables from secret_db;
|
|
ERROR 42000: Access denied for user 'test_user'@'%' to database 'secret_db'
|
|
set role test_ROLE;
|
|
show tables from secret_db;
|
|
Tables_in_secret_db
|
|
t1
|
|
select * from secret_db.t1;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `secret_db`.`t1`
|
|
insert into secret_db.t1 values ("|-|4><");
|
|
set role test_role;
|
|
select * from secret_db.t1 order by secret;
|
|
secret
|
|
|-|4><
|
|
Some Secret P4ssw0rd
|
|
insert into secret_db.t1 values ("|_33T|-|4><");
|
|
ERROR 42000: INSERT command denied to user 'test_user'@'localhost' for table `secret_db`.`t1`
|
|
connection default;
|
|
drop role test_ROLE;
|
|
drop role test_role;
|
|
drop user test_user;
|
|
Warnings:
|
|
Note 4226 Dropped users ['test_user'@'%'] have active connections. Use KILL CONNECTION if they should not be used anymore.
|
|
drop database secret_db;
|