mirror of
				https://github.com/MariaDB/server.git
				synced 2025-10-26 16:38:11 +01:00 
			
		
		
		
	 78d23a3e60
			
		
	
	
	78d23a3e60
	
	
	
		
			
			when a definer for SP/view is wrong - it shold be ER_MALFORMED_DEFINER, not ER_NO_SUCH_USER when one uses current_role as a definer or grantee but there's no current role - it should be ER_INVALID_ROLE not ER_MALFORMED_DEFINER when a non-existent user is specified - it should be ER_NO_SUCH_USER, which should say "The user does not exist", not "Definer does not exist" clarify ER_CANT_CHANGE_TX_CHARACTERISTICS to say what cannot be changed
		
			
				
	
	
		
			1999 lines
		
	
	
	
		
			86 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
			
		
		
	
	
			1999 lines
		
	
	
	
		
			86 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
| drop database if exists mysqltest;
 | |
| drop view if exists v1,v2,v3;
 | |
| create user test@localhost;
 | |
| grant create view on test.* to test@localhost;
 | |
| show grants for test@localhost;
 | |
| Grants for test@localhost
 | |
| GRANT USAGE ON *.* TO `test`@`localhost`
 | |
| GRANT CREATE VIEW ON `test`.* TO `test`@`localhost`
 | |
| revoke create view on test.* from test@localhost;
 | |
| show grants for test@localhost;
 | |
| Grants for test@localhost
 | |
| GRANT USAGE ON *.* TO `test`@`localhost`
 | |
| drop user test@localhost;
 | |
| connect  root,localhost,root,,test;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create table mysqltest.t2 (a int, b int);
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on mysqltest.t1 to mysqltest_1@localhost;
 | |
| grant create view,select on test.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,test;
 | |
| connection user1;
 | |
| create definer=root@localhost view v1 as select * from mysqltest.t1;
 | |
| ERROR 42000: Access denied; you need (at least one of) the SET USER privilege(s) for this operation
 | |
| create view v1 as select * from mysqltest.t1;
 | |
| alter view v1 as select * from mysqltest.t1;
 | |
| ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table `test`.`v1`
 | |
| create or replace view v1 as select * from mysqltest.t1;
 | |
| ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table `test`.`v1`
 | |
| create view mysqltest.v2  as select * from mysqltest.t1;
 | |
| ERROR 42000: CREATE VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| create view v2 as select * from mysqltest.t2;
 | |
| ERROR 42000: ANY command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`t2`
 | |
| connection root;
 | |
| show create view v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `mysqltest`.`t1`.`a` AS `a`,`mysqltest`.`t1`.`b` AS `b` from `mysqltest`.`t1`	latin1	latin1_swedish_ci
 | |
| grant create view,drop,select on test.* to mysqltest_1@localhost;
 | |
| connection user1;
 | |
| use test;
 | |
| alter view v1 as select * from mysqltest.t1;
 | |
| create or replace view v1 as select * from mysqltest.t1;
 | |
| connection root;
 | |
| revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
 | |
| revoke all privileges on test.* from mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| drop view test.v1;
 | |
| disconnect user1;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
 | |
| grant select (c) on mysqltest.v1 to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| select c from mysqltest.v1;
 | |
| c
 | |
| select d from mysqltest.v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1'
 | |
| connection root;
 | |
| revoke all privileges on mysqltest.v1 from mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create algorithm=temptable view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
 | |
| create user mysqltest_1@localhost;
 | |
| grant select (c) on mysqltest.v1 to mysqltest_1@localhost;
 | |
| connection user1;
 | |
| select c from mysqltest.v1;
 | |
| c
 | |
| select d from mysqltest.v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1'
 | |
| connection root;
 | |
| disconnect user1;
 | |
| revoke all privileges on mysqltest.v1 from mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create table mysqltest.t2 (a int, b int);
 | |
| create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
 | |
| create algorithm=temptable view mysqltest.v2 (c,d) as select a+1,b+1 from mysqltest.t1;
 | |
| create view mysqltest.v3 (c,d) as select a+1,b+1 from mysqltest.t2;
 | |
| create algorithm=temptable view mysqltest.v4 (c,d) as select a+1,b+1 from mysqltest.t2;
 | |
| create view mysqltest.v5 (c,d) as select a+1,b+1 from mysqltest.t1;
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on mysqltest.v1 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.v2 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.v3 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.v4 to mysqltest_1@localhost;
 | |
| grant show view on mysqltest.v5 to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| select c from mysqltest.v1;
 | |
| c
 | |
| select c from mysqltest.v2;
 | |
| c
 | |
| select c from mysqltest.v3;
 | |
| c
 | |
| select c from mysqltest.v4;
 | |
| c
 | |
| select c from mysqltest.v5;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5`
 | |
| show columns from mysqltest.v1;
 | |
| Field	Type	Null	Key	Default	Extra
 | |
| c	bigint(12)	YES		NULL	
 | |
| d	bigint(12)	YES		NULL	
 | |
| show columns from mysqltest.v2;
 | |
| Field	Type	Null	Key	Default	Extra
 | |
| c	bigint(12)	YES		NULL	
 | |
| d	bigint(12)	YES		NULL	
 | |
| explain select c from mysqltest.v1;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1`
 | |
| explain select c from mysqltest.v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v2;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| explain select c from mysqltest.v3;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v3;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3`
 | |
| explain select c from mysqltest.v4;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v4;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v4`
 | |
| explain select c from mysqltest.v5;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5`
 | |
| show create view mysqltest.v5;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5`
 | |
| connection root;
 | |
| grant select on mysqltest.v5 to mysqltest_1@localhost;
 | |
| connection user1;
 | |
| show create view mysqltest.v5;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v5	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v5` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1`	latin1	latin1_swedish_ci
 | |
| explain select c from mysqltest.v1;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1`
 | |
| connection root;
 | |
| grant show view on mysqltest.v1 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.t1 to mysqltest_1@localhost;
 | |
| revoke select on mysqltest.v5 from mysqltest_1@localhost;
 | |
| disconnect user1;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| explain select c from mysqltest.v1;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t1	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| show create view mysqltest.v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1`	latin1	latin1_swedish_ci
 | |
| explain select c from mysqltest.v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v2;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| explain select c from mysqltest.v3;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v3;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3`
 | |
| explain select c from mysqltest.v4;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v4;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v4`
 | |
| explain select c from mysqltest.v5;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5`
 | |
| connection root;
 | |
| grant show view on mysqltest.* to mysqltest_1@localhost;
 | |
| disconnect user1;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| explain select c from mysqltest.v1;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t1	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| show create view mysqltest.v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1`	latin1	latin1_swedish_ci
 | |
| explain select c from mysqltest.v2;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| 2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
 | |
| show create view mysqltest.v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1`	latin1	latin1_swedish_ci
 | |
| explain select c from mysqltest.v3;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v3;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v3	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2`	latin1	latin1_swedish_ci
 | |
| explain select c from mysqltest.v4;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| show create view mysqltest.v4;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v4	CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v4` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2`	latin1	latin1_swedish_ci
 | |
| connection root;
 | |
| revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int, primary key(a));
 | |
| insert into mysqltest.t1 values (10,2), (20,3), (30,4), (40,5), (50,10);
 | |
| create table mysqltest.t2 (x int);
 | |
| insert into mysqltest.t2 values (3), (4), (5), (6);
 | |
| create table mysqltest.t3 (x int);
 | |
| insert into mysqltest.t3 values (3), (4), (5), (6);
 | |
| create view mysqltest.v1 (a,c) as select a, b+1 from mysqltest.t1;
 | |
| create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1;
 | |
| create view mysqltest.v3 (a,c) as select a, b+1 from mysqltest.t1;
 | |
| create user mysqltest_1@localhost;
 | |
| grant update (a) on mysqltest.v2 to mysqltest_1@localhost;
 | |
| grant update on mysqltest.v1 to mysqltest_1@localhost;
 | |
| grant update on mysqltest.t3 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c;
 | |
| select * from t1;
 | |
| a	b
 | |
| 13	2
 | |
| 24	3
 | |
| 35	4
 | |
| 46	5
 | |
| 50	10
 | |
| update v1 set a=a+c;
 | |
| select * from t1;
 | |
| a	b
 | |
| 16	2
 | |
| 28	3
 | |
| 40	4
 | |
| 52	5
 | |
| 61	10
 | |
| update t2,v2 set v2.a=v2.a+v2.c where t2.x=v2.c;
 | |
| select * from t1;
 | |
| a	b
 | |
| 16	2
 | |
| 31	3
 | |
| 44	4
 | |
| 57	5
 | |
| 61	10
 | |
| update v2 set a=a+c;
 | |
| select * from t1;
 | |
| a	b
 | |
| 18	2
 | |
| 34	3
 | |
| 48	4
 | |
| 62	5
 | |
| 71	10
 | |
| update t3,v3 set t3.x=t3.x+v3.c where t3.x=v3.c;
 | |
| update t2,v2 set v2.c=v2.a+v2.c where t2.x=v2.c;
 | |
| ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for column 'c' in table 'v2'
 | |
| update v2 set c=a+c;
 | |
| ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for column 'c' in table 'v2'
 | |
| update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c;
 | |
| ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3`
 | |
| update v3 set a=a+c;
 | |
| ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3`
 | |
| connection root;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int, primary key(a));
 | |
| insert into mysqltest.t1 values (1,2), (2,3), (3,4), (4,5), (5,10);
 | |
| create table mysqltest.t2 (x int);
 | |
| insert into mysqltest.t2 values (3), (4), (5), (6);
 | |
| create view mysqltest.v1 (a,c) as select a, b+1 from mysqltest.t1;
 | |
| create view mysqltest.v2 (a,c) as select a, b+1 from mysqltest.t1;
 | |
| create user mysqltest_1@localhost;
 | |
| grant delete on mysqltest.v1 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| use mysqltest;
 | |
| delete from v1 where c < 4;
 | |
| select * from t1;
 | |
| a	b
 | |
| 2	3
 | |
| 3	4
 | |
| 4	5
 | |
| 5	10
 | |
| delete v1 from t2,v1 where t2.x=v1.c;
 | |
| select * from t1;
 | |
| a	b
 | |
| 5	10
 | |
| delete v2 from t2,v2 where t2.x=v2.c;
 | |
| ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| delete from v2 where c < 4;
 | |
| ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| connection root;
 | |
| disconnect user1;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int, primary key(a));
 | |
| insert into mysqltest.t1 values (1,2), (2,3);
 | |
| create table mysqltest.t2 (x int, y int);
 | |
| insert into mysqltest.t2 values (3,4);
 | |
| create view mysqltest.v1 (a,c) as select a, b from mysqltest.t1;
 | |
| create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1;
 | |
| create user mysqltest_1@localhost;
 | |
| grant insert on mysqltest.v1 to mysqltest_1@localhost;
 | |
| grant select on mysqltest.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| use mysqltest;
 | |
| insert into v1 values (5,6);
 | |
| select * from t1;
 | |
| a	b
 | |
| 1	2
 | |
| 2	3
 | |
| 5	6
 | |
| insert into v1 select x,y from t2;
 | |
| select * from t1;
 | |
| a	b
 | |
| 1	2
 | |
| 2	3
 | |
| 5	6
 | |
| 3	4
 | |
| insert into v2 values (5,6);
 | |
| ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| insert into v2 select x,y from t2;
 | |
| ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2`
 | |
| connection root;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create table mysqltest.t2 (a int, b int);
 | |
| create user mysqltest_1@localhost;
 | |
| grant update on mysqltest.t1 to mysqltest_1@localhost;
 | |
| grant update(b) on mysqltest.t2 to mysqltest_1@localhost;
 | |
| grant create view,update on test.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,test;
 | |
| create view v1 as select * from mysqltest.t1;
 | |
| create view v2 as select b from mysqltest.t2;
 | |
| create view mysqltest.v1 as select * from mysqltest.t1;
 | |
| ERROR 42000: CREATE VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1`
 | |
| create view v3 as select a from mysqltest.t2;
 | |
| ERROR 42000: ANY command denied to user 'mysqltest_1'@'localhost' for column 'a' in table 't2'
 | |
| connection root;
 | |
| create table mysqltest.v3 (b int);
 | |
| grant create view on mysqltest.v3 to mysqltest_1@localhost;
 | |
| drop table mysqltest.v3;
 | |
| connection user1;
 | |
| create view mysqltest.v3 as select b from mysqltest.t2;
 | |
| connection root;
 | |
| grant create view, update on mysqltest.v3 to mysqltest_1@localhost;
 | |
| drop view mysqltest.v3;
 | |
| connection user1;
 | |
| create view mysqltest.v3 as select b from mysqltest.t2;
 | |
| create view v4 as select b+1 from mysqltest.t2;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'
 | |
| connection root;
 | |
| grant create view,update,select on test.* to mysqltest_1@localhost;
 | |
| connection user1;
 | |
| create view v4 as select b+1 from mysqltest.t2;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'
 | |
| connection root;
 | |
| grant update,select(b) on mysqltest.t2 to mysqltest_1@localhost;
 | |
| connection user1;
 | |
| create view v4 as select b+1 from mysqltest.t2;
 | |
| connection root;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| drop view v1,v2,v4;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int);
 | |
| create user mysqltest_1@localhost;
 | |
| grant all privileges on mysqltest.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| create view v1 as select * from t1;
 | |
| connection root;
 | |
| revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| create table mysqltest.t1 (a int, b int);
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on mysqltest.t1 to mysqltest_1@localhost;
 | |
| grant create view,select on test.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,test;
 | |
| create view v1 as select * from mysqltest.t1;
 | |
| connection root;
 | |
| show create view v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `mysqltest`.`t1`.`a` AS `a`,`mysqltest`.`t1`.`b` AS `b` from `mysqltest`.`t1`	latin1	latin1_swedish_ci
 | |
| revoke select on mysqltest.t1 from mysqltest_1@localhost;
 | |
| select * from v1;
 | |
| ERROR HY000: View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| grant select on mysqltest.t1 to mysqltest_1@localhost;
 | |
| select * from v1;
 | |
| a	b
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop view v1;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| use mysqltest;
 | |
| create table t1 (a int);
 | |
| insert into t1 values (1);
 | |
| create table t2 (s1 int);
 | |
| drop function if exists f2;
 | |
| create function f2 () returns int begin declare v int; select s1 from t2
 | |
| into v; return v; end//
 | |
| create algorithm=TEMPTABLE view v1 as select f2() from t1;
 | |
| create algorithm=MERGE view v2 as select f2() from t1;
 | |
| create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1;
 | |
| create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1;
 | |
| create SQL SECURITY INVOKER view v5 as select * from v4;
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on v1 to mysqltest_1@localhost;
 | |
| grant select on v2 to mysqltest_1@localhost;
 | |
| grant select on v3 to mysqltest_1@localhost;
 | |
| grant select on v4 to mysqltest_1@localhost;
 | |
| grant select on v5 to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| select * from v1;
 | |
| f2()
 | |
| NULL
 | |
| select * from v2;
 | |
| f2()
 | |
| NULL
 | |
| select * from v3;
 | |
| ERROR HY000: View 'mysqltest.v3' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v4;
 | |
| ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v5;
 | |
| ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| connection root;
 | |
| drop view v1, v2, v3, v4, v5;
 | |
| drop function f2;
 | |
| drop table t1, t2;
 | |
| use test;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| use mysqltest;
 | |
| create table t1 (a int);
 | |
| insert into t1 values (1);
 | |
| create table t2 (s1 int);
 | |
| drop function if exists f2;
 | |
| create function f2 () returns int begin declare v int; select s1 from t2
 | |
| into v; return v; end//
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on t1 to mysqltest_1@localhost;
 | |
| grant execute on function f2 to mysqltest_1@localhost;
 | |
| grant create view on mysqltest.* to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| create algorithm=TEMPTABLE view v1 as select f2() from t1;
 | |
| create algorithm=MERGE view v2 as select f2() from t1;
 | |
| create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1;
 | |
| create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1;
 | |
| connection root;
 | |
| create view v5 as select * from v1;
 | |
| revoke execute on function f2 from mysqltest_1@localhost;
 | |
| select * from v1;
 | |
| ERROR HY000: View 'mysqltest.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v2;
 | |
| ERROR HY000: View 'mysqltest.v2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v3;
 | |
| f2()
 | |
| NULL
 | |
| select * from v4;
 | |
| f2()
 | |
| NULL
 | |
| select * from v5;
 | |
| ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| drop view v1, v2, v3, v4, v5;
 | |
| drop function f2;
 | |
| drop table t1, t2;
 | |
| use test;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| use mysqltest;
 | |
| create table t1 (a int);
 | |
| create table v1 (a int);
 | |
| insert into t1 values (1);
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on t1 to mysqltest_1@localhost;
 | |
| grant select on v1 to mysqltest_1@localhost;
 | |
| grant create view on mysqltest.* to mysqltest_1@localhost;
 | |
| drop table v1;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| create algorithm=TEMPTABLE view v1 as select *, a as b from t1;
 | |
| create algorithm=MERGE view v2 as select *, a as b from t1;
 | |
| create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1;
 | |
| create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1;
 | |
| create view v5 as select * from v1;
 | |
| connection root;
 | |
| revoke select on t1 from mysqltest_1@localhost;
 | |
| select * from v1;
 | |
| ERROR HY000: View 'mysqltest.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v2;
 | |
| ERROR HY000: View 'mysqltest.v2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v3;
 | |
| a	b
 | |
| 1	1
 | |
| select * from v4;
 | |
| a	b
 | |
| 1	1
 | |
| select * from v5;
 | |
| ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| drop table t1;
 | |
| use test;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| use mysqltest;
 | |
| create table t1 (a int);
 | |
| insert into t1 values (1);
 | |
| create algorithm=TEMPTABLE view v1 as select *, a as b from t1;
 | |
| create algorithm=MERGE view v2 as select *, a as b from t1;
 | |
| create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1;
 | |
| create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1;
 | |
| create SQL SECURITY INVOKER view v5 as select * from v4;
 | |
| create user mysqltest_1@localhost;
 | |
| grant select on v1 to mysqltest_1@localhost;
 | |
| grant select on v2 to mysqltest_1@localhost;
 | |
| grant select on v3 to mysqltest_1@localhost;
 | |
| grant select on v4 to mysqltest_1@localhost;
 | |
| grant select on v5 to mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| select * from v1;
 | |
| a	b
 | |
| 1	1
 | |
| select * from v2;
 | |
| a	b
 | |
| 1	1
 | |
| select * from v3;
 | |
| ERROR HY000: View 'mysqltest.v3' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v4;
 | |
| ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| select * from v5;
 | |
| ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| connection root;
 | |
| drop view v1, v2, v3, v4, v5;
 | |
| drop table t1;
 | |
| use test;
 | |
| REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| create user 'test14256'@'%';
 | |
| grant all on test.* to 'test14256'@'%';
 | |
| connect  test14256,localhost,test14256,,test;
 | |
| connection test14256;
 | |
| use test;
 | |
| create view v1 as select 42;
 | |
| show create view v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42`	latin1	latin1_swedish_ci
 | |
| select definer into @v1def1 from information_schema.views
 | |
| where table_schema = 'test' and table_name='v1';
 | |
| drop view v1;
 | |
| create definer=`test14256`@`%` view v1 as select 42;
 | |
| show create view v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`test14256`@`%` SQL SECURITY DEFINER VIEW `v1` AS select 42 AS `42`	latin1	latin1_swedish_ci
 | |
| select definer into @v1def2 from information_schema.views
 | |
| where table_schema = 'test' and table_name='v1';
 | |
| drop view v1;
 | |
| select @v1def1, @v1def2, @v1def1=@v1def2;
 | |
| @v1def1	@v1def2	@v1def1=@v1def2
 | |
| test14256@%	test14256@%	1
 | |
| connection root;
 | |
| disconnect test14256;
 | |
| drop user test14256;
 | |
| connection root;
 | |
| create database mysqltest;
 | |
| use mysqltest;
 | |
| CREATE TABLE t1 (i INT);
 | |
| CREATE VIEW  v1 AS SELECT * FROM t1;
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1`	latin1	latin1_swedish_ci
 | |
| create user mysqltest_1@localhost;
 | |
| GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost;
 | |
| connect  user1,localhost,mysqltest_1,,mysqltest;
 | |
| LOCK TABLES v1 READ;
 | |
| SHOW CREATE TABLE v1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1`
 | |
| UNLOCK TABLES;
 | |
| connection root;
 | |
| use test;
 | |
| drop user mysqltest_1@localhost;
 | |
| drop database mysqltest;
 | |
| disconnect user1;
 | |
| disconnect root;
 | |
| connection default;
 | |
| create definer=some_user@`` sql security invoker view v1 as select 1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('some_user'@'%') does not exist
 | |
| create definer=some_user@localhost sql security invoker view v2 as select 1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('some_user'@'localhost') does not exist
 | |
| show create view v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`some_user`@`%` SQL SECURITY INVOKER VIEW `v1` AS select 1 AS `1`	latin1	latin1_swedish_ci
 | |
| show create view v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=UNDEFINED DEFINER=`some_user`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select 1 AS `1`	latin1	latin1_swedish_ci
 | |
| drop view v1;
 | |
| drop view v2;
 | |
| CREATE DATABASE mysqltest1;
 | |
| CREATE USER readonly@localhost;
 | |
| CREATE TABLE mysqltest1.t1 (x INT);
 | |
| INSERT INTO mysqltest1.t1 VALUES (1), (2);
 | |
| CREATE SQL SECURITY INVOKER VIEW mysqltest1.v_t1 AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_ts AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_ti AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_tu AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_tus AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_td AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW mysqltest1.v_tds AS SELECT * FROM mysqltest1.t1;
 | |
| GRANT SELECT, INSERT, UPDATE, DELETE ON mysqltest1.v_t1 TO readonly@localhost;
 | |
| GRANT SELECT ON mysqltest1.v_ts TO readonly@localhost;
 | |
| GRANT INSERT ON mysqltest1.v_ti TO readonly@localhost;
 | |
| GRANT UPDATE ON mysqltest1.v_tu TO readonly@localhost;
 | |
| GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost;
 | |
| GRANT DELETE ON mysqltest1.v_td TO readonly@localhost;
 | |
| GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost;
 | |
| connect  n1,localhost,readonly,,mysqltest1;
 | |
| connection n1;
 | |
| SELECT * FROM mysqltest1.v_t1;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| INSERT INTO mysqltest1.v_t1 VALUES(4);
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| DELETE FROM mysqltest1.v_t1 WHERE x = 1;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| UPDATE mysqltest1.v_t1 SET x = 3 WHERE x = 2;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| UPDATE mysqltest1.v_t1 SET x = 3;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| DELETE FROM mysqltest1.v_t1;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SELECT 1 FROM mysqltest1.v_t1;
 | |
| ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SELECT * FROM mysqltest1.t1;
 | |
| ERROR 42000: SELECT command denied to user 'readonly'@'localhost' for table `mysqltest1`.`t1`
 | |
| SELECT * FROM mysqltest1.v_ts;
 | |
| x
 | |
| 1
 | |
| 2
 | |
| SELECT * FROM mysqltest1.v_ts, mysqltest1.t1 WHERE mysqltest1.t1.x = mysqltest1.v_ts.x;
 | |
| ERROR 42000: SELECT command denied to user 'readonly'@'localhost' for table `mysqltest1`.`t1`
 | |
| SELECT * FROM mysqltest1.v_ti;
 | |
| ERROR 42000: SELECT command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ti`
 | |
| INSERT INTO mysqltest1.v_ts VALUES (100);
 | |
| ERROR 42000: INSERT command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ts`
 | |
| INSERT INTO mysqltest1.v_ti VALUES (100);
 | |
| UPDATE mysqltest1.v_ts SET x= 200 WHERE x = 100;
 | |
| ERROR 42000: UPDATE command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ts`
 | |
| UPDATE mysqltest1.v_ts SET x= 200;
 | |
| ERROR 42000: UPDATE command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ts`
 | |
| UPDATE mysqltest1.v_tu SET x= 200 WHERE x = 100;
 | |
| ERROR 42000: SELECT command denied to user 'readonly'@'localhost' for column 'x' in table 'v_tu'
 | |
| UPDATE mysqltest1.v_tus SET x= 200 WHERE x = 100;
 | |
| UPDATE mysqltest1.v_tu SET x= 200;
 | |
| DELETE FROM mysqltest1.v_ts WHERE x= 200;
 | |
| ERROR 42000: DELETE command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ts`
 | |
| DELETE FROM mysqltest1.v_ts;
 | |
| ERROR 42000: DELETE command denied to user 'readonly'@'localhost' for table `mysqltest1`.`v_ts`
 | |
| DELETE FROM mysqltest1.v_td WHERE x= 200;
 | |
| ERROR 42000: SELECT command denied to user 'readonly'@'localhost' for column 'x' in table 'v_td'
 | |
| DELETE FROM mysqltest1.v_tds WHERE x= 200;
 | |
| DELETE FROM mysqltest1.v_td;
 | |
| connection default;
 | |
| disconnect n1;
 | |
| DROP VIEW mysqltest1.v_tds;
 | |
| DROP VIEW mysqltest1.v_td;
 | |
| DROP VIEW mysqltest1.v_tus;
 | |
| DROP VIEW mysqltest1.v_tu;
 | |
| DROP VIEW mysqltest1.v_ti;
 | |
| DROP VIEW mysqltest1.v_ts;
 | |
| DROP VIEW mysqltest1.v_t1;
 | |
| DROP TABLE mysqltest1.t1;
 | |
| DROP USER readonly@localhost;
 | |
| DROP DATABASE mysqltest1;
 | |
| CREATE TABLE t1 (a INT PRIMARY KEY);
 | |
| INSERT INTO t1 VALUES (1), (2), (3);
 | |
| CREATE DEFINER = 'no-such-user'@localhost VIEW v AS SELECT a from t1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no-such-user'@'localhost') does not exist
 | |
| SHOW CREATE VIEW v;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v	CREATE ALGORITHM=UNDEFINED DEFINER=`no-such-user`@`localhost` SQL SECURITY DEFINER VIEW `v` AS select `test`.`t1`.`a` AS `a` from `t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no-such-user'@'localhost') does not exist
 | |
| SELECT * FROM v;
 | |
| ERROR HY000: The user specified as a definer ('no-such-user'@'localhost') does not exist
 | |
| DROP VIEW v;
 | |
| DROP TABLE t1;
 | |
| USE test;
 | |
| CREATE USER mysqltest_db1@localhost identified by 'PWD';
 | |
| GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;
 | |
| connect  session1,localhost,mysqltest_db1,PWD,"*NO-ONE*";
 | |
| CREATE SCHEMA mysqltest_db1 ;
 | |
| USE mysqltest_db1 ;
 | |
| CREATE TABLE t1 (f1 INTEGER);
 | |
| CREATE VIEW view1 AS
 | |
| SELECT * FROM t1;
 | |
| SHOW CREATE VIEW view1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| view1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view1` AS select `t1`.`f1` AS `f1` from `t1`	latin1	latin1_swedish_ci
 | |
| CREATE VIEW view2 AS
 | |
| SELECT * FROM view1;
 | |
| # Here comes a suspicious warning
 | |
| SHOW CREATE VIEW view2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| view2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view2` AS select `view1`.`f1` AS `f1` from `view1`	latin1	latin1_swedish_ci
 | |
| # But the view view2 is usable
 | |
| SELECT * FROM view2;
 | |
| f1
 | |
| CREATE VIEW view3 AS
 | |
| SELECT * FROM view2;
 | |
| SELECT * from view3;
 | |
| f1
 | |
| connection default;
 | |
| disconnect session1;
 | |
| DROP VIEW mysqltest_db1.view3;
 | |
| DROP VIEW mysqltest_db1.view2;
 | |
| DROP VIEW mysqltest_db1.view1;
 | |
| DROP TABLE mysqltest_db1.t1;
 | |
| DROP SCHEMA mysqltest_db1;
 | |
| DROP USER mysqltest_db1@localhost;
 | |
| CREATE DATABASE test1;
 | |
| CREATE DATABASE test2;
 | |
| CREATE TABLE test1.t0 (a VARCHAR(20));
 | |
| CREATE TABLE test2.t1 (a VARCHAR(20));
 | |
| CREATE VIEW  test2.t3 AS SELECT * FROM test1.t0;
 | |
| CREATE OR REPLACE VIEW test.v1 AS
 | |
| SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
 | |
| DROP VIEW test.v1;
 | |
| DROP VIEW test2.t3;
 | |
| DROP TABLE test2.t1, test1.t0;
 | |
| DROP DATABASE test2;
 | |
| DROP DATABASE test1;
 | |
| DROP VIEW IF EXISTS v1;
 | |
| DROP VIEW IF EXISTS v2;
 | |
| DROP VIEW IF EXISTS v3;
 | |
| DROP FUNCTION IF EXISTS f1;
 | |
| DROP FUNCTION IF EXISTS f2;
 | |
| DROP PROCEDURE IF EXISTS p1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v1 AS SELECT CURRENT_USER() AS cu;
 | |
| CREATE FUNCTION f1() RETURNS VARCHAR(77) SQL SECURITY INVOKER
 | |
| RETURN CURRENT_USER();
 | |
| CREATE SQL SECURITY DEFINER VIEW v2 AS SELECT f1() AS cu;
 | |
| CREATE PROCEDURE p1(OUT cu VARCHAR(77)) SQL SECURITY INVOKER
 | |
| SET cu= CURRENT_USER();
 | |
| CREATE FUNCTION f2() RETURNS VARCHAR(77) SQL SECURITY INVOKER
 | |
| BEGIN
 | |
| DECLARE cu VARCHAR(77);
 | |
| CALL p1(cu);
 | |
| RETURN cu;
 | |
| END|
 | |
| CREATE SQL SECURITY DEFINER VIEW v3 AS SELECT f2() AS cu;
 | |
| CREATE USER mysqltest_u1@localhost;
 | |
| GRANT ALL ON test.* TO mysqltest_u1@localhost;
 | |
| connect  conn1, localhost, mysqltest_u1,,;
 | |
| 
 | |
| The following tests should all return 1.
 | |
| 
 | |
| SELECT CURRENT_USER() = 'mysqltest_u1@localhost';
 | |
| CURRENT_USER() = 'mysqltest_u1@localhost'
 | |
| 1
 | |
| SELECT f1() = 'mysqltest_u1@localhost';
 | |
| f1() = 'mysqltest_u1@localhost'
 | |
| 1
 | |
| CALL p1(@cu);
 | |
| SELECT @cu = 'mysqltest_u1@localhost';
 | |
| @cu = 'mysqltest_u1@localhost'
 | |
| 1
 | |
| SELECT f2() = 'mysqltest_u1@localhost';
 | |
| f2() = 'mysqltest_u1@localhost'
 | |
| 1
 | |
| SELECT cu = 'root@localhost' FROM v1;
 | |
| cu = 'root@localhost'
 | |
| 1
 | |
| SELECT cu = 'root@localhost' FROM v2;
 | |
| cu = 'root@localhost'
 | |
| 1
 | |
| SELECT cu = 'root@localhost' FROM v3;
 | |
| cu = 'root@localhost'
 | |
| 1
 | |
| disconnect conn1;
 | |
| connection default;
 | |
| DROP VIEW v3;
 | |
| DROP FUNCTION f2;
 | |
| DROP PROCEDURE p1;
 | |
| DROP FUNCTION f1;
 | |
| DROP VIEW v2;
 | |
| DROP VIEW v1;
 | |
| DROP USER mysqltest_u1@localhost;
 | |
| connect  root,localhost,root,,;
 | |
| connection root;
 | |
| CREATE DATABASE db17254;
 | |
| USE db17254;
 | |
| CREATE TABLE t1 (f1 INT);
 | |
| INSERT INTO t1 VALUES (10),(20);
 | |
| CREATE USER def_17254@localhost;
 | |
| GRANT SELECT ON db17254.* TO def_17254@localhost;
 | |
| CREATE USER inv_17254@localhost;
 | |
| GRANT SELECT ON db17254.t1 TO inv_17254@localhost;
 | |
| GRANT CREATE VIEW ON db17254.* TO def_17254@localhost;
 | |
| connect  def,localhost,def_17254,,db17254;
 | |
| connection def;
 | |
| CREATE VIEW v1 AS SELECT * FROM t1;
 | |
| connection root;
 | |
| GRANT SELECT ON db17254.v1 TO inv_17254@localhost;
 | |
| DROP USER def_17254@localhost;
 | |
| connect  inv,localhost,inv_17254,,db17254;
 | |
| connection inv;
 | |
| for a user without SET USER
 | |
| SELECT * FROM v1;
 | |
| ERROR 28000: Access denied for user 'inv_17254'@'localhost' (using password: NO)
 | |
| disconnect inv;
 | |
| connection root;
 | |
| GRANT SET USER ON *.* TO inv_17254@localhost;
 | |
| connect  inv2,localhost,inv_17254,,db17254;
 | |
| connection inv2;
 | |
| SHOW GRANTS;
 | |
| Grants for inv_17254@localhost
 | |
| GRANT SET USER ON *.* TO `inv_17254`@`localhost`
 | |
| GRANT SELECT ON `db17254`.`v1` TO `inv_17254`@`localhost`
 | |
| GRANT SELECT ON `db17254`.`t1` TO `inv_17254`@`localhost`
 | |
| SELECT CURRENT_USER, SYSTEM_USER(), USER();
 | |
| CURRENT_USER	SYSTEM_USER()	USER()
 | |
| inv_17254@localhost	inv_17254@localhost	inv_17254@localhost
 | |
| for a user with SET USER
 | |
| SELECT * FROM v1;
 | |
| ERROR HY000: The user specified as a definer ('def_17254'@'localhost') does not exist
 | |
| disconnect inv2;
 | |
| connection root;
 | |
| for a superuser
 | |
| SELECT * FROM v1;
 | |
| ERROR HY000: The user specified as a definer ('def_17254'@'localhost') does not exist
 | |
| DROP USER inv_17254@localhost;
 | |
| DROP DATABASE db17254;
 | |
| disconnect def;
 | |
| DROP DATABASE IF EXISTS mysqltest_db1;
 | |
| DROP DATABASE IF EXISTS mysqltest_db2;
 | |
| DROP USER mysqltest_u1;
 | |
| DROP USER mysqltest_u2;
 | |
| CREATE USER mysqltest_u1@localhost;
 | |
| CREATE USER mysqltest_u2@localhost;
 | |
| CREATE DATABASE mysqltest_db1;
 | |
| CREATE DATABASE mysqltest_db2;
 | |
| GRANT ALL ON mysqltest_db1.* TO mysqltest_u1@localhost WITH GRANT OPTION;
 | |
| GRANT ALL ON mysqltest_db2.* TO mysqltest_u2@localhost;
 | |
| connect  conn1, localhost, mysqltest_u1, , mysqltest_db1;
 | |
| CREATE TABLE t1 (i INT);
 | |
| INSERT INTO t1 VALUES (1);
 | |
| CREATE VIEW v1 AS SELECT i FROM t1 WHERE 1 IN (SELECT * FROM t1);
 | |
| CREATE TABLE t2 (s CHAR(7));
 | |
| INSERT INTO t2 VALUES ('public');
 | |
| GRANT SELECT ON v1 TO mysqltest_u2@localhost;
 | |
| GRANT SELECT ON t2 TO mysqltest_u2@localhost;
 | |
| connect  conn2, localhost, mysqltest_u2, , mysqltest_db2;
 | |
| SELECT * FROM mysqltest_db1.v1, mysqltest_db1.t2;
 | |
| i	s
 | |
| 1	public
 | |
| PREPARE stmt1 FROM "SELECT * FROM mysqltest_db1.t2";
 | |
| EXECUTE stmt1;
 | |
| s
 | |
| public
 | |
| PREPARE stmt2 FROM "SELECT * FROM mysqltest_db1.v1, mysqltest_db1.t2";
 | |
| EXECUTE stmt2;
 | |
| i	s
 | |
| 1	public
 | |
| connection conn1;
 | |
| REVOKE SELECT ON t2 FROM mysqltest_u2@localhost;
 | |
| UPDATE t2 SET s = 'private' WHERE s = 'public';
 | |
| connection conn2;
 | |
| SELECT * FROM mysqltest_db1.v1, mysqltest_db1.t2;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_u2'@'localhost' for table `mysqltest_db1`.`t2`
 | |
| EXECUTE stmt1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_u2'@'localhost' for table `mysqltest_db1`.`t2`
 | |
| EXECUTE stmt2;
 | |
| ERROR 42000: SELECT command denied to user 'mysqltest_u2'@'localhost' for table `mysqltest_db1`.`t2`
 | |
| disconnect conn2;
 | |
| disconnect conn1;
 | |
| connection default;
 | |
| REVOKE ALL ON mysqltest_db1.* FROM mysqltest_u1@localhost;
 | |
| REVOKE ALL ON mysqltest_db2.* FROM mysqltest_u2@localhost;
 | |
| DROP DATABASE mysqltest_db1;
 | |
| DROP DATABASE mysqltest_db2;
 | |
| DROP USER mysqltest_u1@localhost;
 | |
| DROP USER mysqltest_u2@localhost;
 | |
| connection root;
 | |
| CREATE DATABASE db26813;
 | |
| USE db26813;
 | |
| CREATE TABLE t1(f1 INT, f2 INT);
 | |
| CREATE VIEW v1 AS SELECT f1 FROM t1;
 | |
| CREATE VIEW v2 AS SELECT f1 FROM t1;
 | |
| CREATE VIEW v3 AS SELECT f1 FROM t1;
 | |
| CREATE USER u26813@localhost;
 | |
| GRANT DROP ON db26813.v1 TO u26813@localhost;
 | |
| GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
 | |
| GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
 | |
| GRANT SELECT ON db26813.t1 TO u26813@localhost;
 | |
| connect  u1,localhost,u26813,,db26813;
 | |
| connection u1;
 | |
| ALTER VIEW v1 AS SELECT f2 FROM t1;
 | |
| ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table `db26813`.`v1`
 | |
| ALTER VIEW v2 AS SELECT f2 FROM t1;
 | |
| ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table `db26813`.`v2`
 | |
| ALTER VIEW v3 AS SELECT f2 FROM t1;
 | |
| ERROR 42000: Access denied; you need (at least one of) the SET USER privilege(s) for this operation
 | |
| connection root;
 | |
| SHOW CREATE VIEW v3;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v3	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f1` AS `f1` from `t1`	latin1	latin1_swedish_ci
 | |
| DROP USER u26813@localhost;
 | |
| DROP DATABASE db26813;
 | |
| disconnect u1;
 | |
| #
 | |
| # Bug#29908 A user can gain additional access through the ALTER VIEW.
 | |
| #
 | |
| connection root;
 | |
| CREATE DATABASE mysqltest_29908;
 | |
| USE mysqltest_29908;
 | |
| CREATE TABLE t1(f1 INT, f2 INT);
 | |
| CREATE USER u29908_1@localhost;
 | |
| CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
 | |
| CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
 | |
| SELECT f1 FROM t1;
 | |
| GRANT SELECT, DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
 | |
| GRANT SELECT, DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
 | |
| GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
 | |
| CREATE USER u29908_2@localhost;
 | |
| GRANT SELECT, DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
 | |
| GRANT SELECT, DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
 | |
| GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
 | |
| connect  u2,localhost,u29908_2,,mysqltest_29908;
 | |
| ALTER VIEW v1 AS SELECT f2 FROM t1;
 | |
| ERROR 42000: Access denied; you need (at least one of) the SET USER privilege(s) for this operation
 | |
| ALTER VIEW v2 AS SELECT f2 FROM t1;
 | |
| ERROR 42000: Access denied; you need (at least one of) the SET USER privilege(s) for this operation
 | |
| SHOW CREATE VIEW v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`	latin1	latin1_swedish_ci
 | |
| connect  u1,localhost,u29908_1,,mysqltest_29908;
 | |
| ALTER VIEW v1 AS SELECT f2 FROM t1;
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1`	latin1	latin1_swedish_ci
 | |
| ALTER VIEW v2 AS SELECT f2 FROM t1;
 | |
| SHOW CREATE VIEW v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`	latin1	latin1_swedish_ci
 | |
| connection root;
 | |
| ALTER VIEW v1 AS SELECT f1 FROM t1;
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1`	latin1	latin1_swedish_ci
 | |
| ALTER VIEW v2 AS SELECT f1 FROM t1;
 | |
| SHOW CREATE VIEW v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`	latin1	latin1_swedish_ci
 | |
| DROP USER u29908_1@localhost;
 | |
| DROP USER u29908_2@localhost;
 | |
| DROP DATABASE mysqltest_29908;
 | |
| disconnect u1;
 | |
| disconnect u2;
 | |
| #######################################################################
 | |
| DROP DATABASE IF EXISTS mysqltest1;
 | |
| DROP DATABASE IF EXISTS mysqltest2;
 | |
| CREATE DATABASE mysqltest1;
 | |
| CREATE DATABASE mysqltest2;
 | |
| CREATE TABLE mysqltest1.t1(c1 INT);
 | |
| CREATE TABLE mysqltest1.t2(c2 INT);
 | |
| CREATE TABLE mysqltest1.t3(c3 INT);
 | |
| CREATE TABLE mysqltest1.t4(c4 INT);
 | |
| INSERT INTO mysqltest1.t1 VALUES (11), (12), (13), (14);
 | |
| INSERT INTO mysqltest1.t2 VALUES (21), (22), (23), (24);
 | |
| INSERT INTO mysqltest1.t3 VALUES (31), (32), (33), (34);
 | |
| INSERT INTO mysqltest1.t4 VALUES (41), (42), (43), (44);
 | |
| CREATE USER mysqltest_u1@localhost;
 | |
| GRANT SELECT ON mysqltest1.t1 TO mysqltest_u1@localhost;
 | |
| GRANT INSERT ON mysqltest1.t2 TO mysqltest_u1@localhost;
 | |
| GRANT SELECT, UPDATE ON mysqltest1.t3 TO mysqltest_u1@localhost;
 | |
| GRANT SELECT, DELETE ON mysqltest1.t4 TO mysqltest_u1@localhost;
 | |
| GRANT ALL PRIVILEGES ON mysqltest2.* TO mysqltest_u1@localhost;
 | |
| connect  bug24040_con,localhost,mysqltest_u1,,mysqltest2;
 | |
| SELECT * FROM mysqltest1.t1;
 | |
| c1
 | |
| 11
 | |
| 12
 | |
| 13
 | |
| 14
 | |
| INSERT INTO mysqltest1.t2 VALUES(25);
 | |
| UPDATE mysqltest1.t3 SET c3 = 331 WHERE c3 = 31;
 | |
| DELETE FROM mysqltest1.t4 WHERE c4 = 44;
 | |
| CREATE VIEW v1 AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE VIEW v2 AS SELECT * FROM mysqltest1.t2;
 | |
| CREATE VIEW v3 AS SELECT * FROM mysqltest1.t3;
 | |
| CREATE VIEW v4 AS SELECT * FROM mysqltest1.t4;
 | |
| SELECT * FROM v1;
 | |
| c1
 | |
| 11
 | |
| 12
 | |
| 13
 | |
| 14
 | |
| INSERT INTO v2 VALUES(26);
 | |
| UPDATE v3 SET c3 = 332 WHERE c3 = 32;
 | |
| DELETE FROM v4 WHERE c4 = 43;
 | |
| CREATE VIEW v12 AS SELECT c1, c2 FROM mysqltest1.t1, mysqltest1.t2;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v12'
 | |
| CREATE VIEW v13 AS SELECT c1, c3 FROM mysqltest1.t1, mysqltest1.t3;
 | |
| CREATE VIEW v14 AS SELECT c1, c4 FROM mysqltest1.t1, mysqltest1.t4;
 | |
| CREATE VIEW v21 AS SELECT c2, c1 FROM mysqltest1.t2, mysqltest1.t1;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c1' in table 'v21'
 | |
| CREATE VIEW v23 AS SELECT c2, c3 FROM mysqltest1.t2, mysqltest1.t3;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c3' in table 'v23'
 | |
| CREATE VIEW v24 AS SELECT c2, c4 FROM mysqltest1.t2, mysqltest1.t4;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c4' in table 'v24'
 | |
| CREATE VIEW v31 AS SELECT c3, c1 FROM mysqltest1.t3, mysqltest1.t1;
 | |
| CREATE VIEW v32 AS SELECT c3, c2 FROM mysqltest1.t3, mysqltest1.t2;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v32'
 | |
| CREATE VIEW v34 AS SELECT c3, c4 FROM mysqltest1.t3, mysqltest1.t4;
 | |
| CREATE VIEW v41 AS SELECT c4, c1 FROM mysqltest1.t4, mysqltest1.t1;
 | |
| CREATE VIEW v42 AS SELECT c4, c2 FROM mysqltest1.t4, mysqltest1.t2;
 | |
| ERROR 42000: create view command denied to user 'mysqltest_u1'@'localhost' for column 'c2' in table 'v42'
 | |
| CREATE VIEW v43 AS SELECT c4, c3 FROM mysqltest1.t4, mysqltest1.t3;
 | |
| connection default;
 | |
| SELECT * FROM mysqltest1.t1;
 | |
| c1
 | |
| 11
 | |
| 12
 | |
| 13
 | |
| 14
 | |
| SELECT * FROM mysqltest1.t2;
 | |
| c2
 | |
| 21
 | |
| 22
 | |
| 23
 | |
| 24
 | |
| 25
 | |
| 26
 | |
| SELECT * FROM mysqltest1.t3;
 | |
| c3
 | |
| 331
 | |
| 332
 | |
| 33
 | |
| 34
 | |
| SELECT * FROM mysqltest1.t4;
 | |
| c4
 | |
| 41
 | |
| 42
 | |
| disconnect bug24040_con;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP DATABASE mysqltest2;
 | |
| DROP USER mysqltest_u1@localhost;
 | |
| CREATE DATABASE db1;
 | |
| USE db1;
 | |
| CREATE TABLE t1(f1 INT, f2 INT);
 | |
| CREATE VIEW v1 AS SELECT f1, f2 FROM t1;
 | |
| CREATE USER foo;
 | |
| GRANT SELECT (f1) ON t1 TO foo;
 | |
| GRANT SELECT (f1) ON v1 TO foo;
 | |
| connect  addconfoo, localhost, foo,,db1;
 | |
| SELECT f1 FROM t1;
 | |
| f1
 | |
| SELECT f2 FROM t1;
 | |
| ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 't1'
 | |
| SELECT * FROM t1;
 | |
| ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table `db1`.`t1`
 | |
| SELECT f1 FROM v1;
 | |
| f1
 | |
| SELECT f2 FROM v1;
 | |
| ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 'v1'
 | |
| SELECT * FROM v1;
 | |
| ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table `db1`.`v1`
 | |
| connection default;
 | |
| disconnect root;
 | |
| disconnect addconfoo;
 | |
| USE test;
 | |
| REVOKE SELECT (f1) ON db1.t1 FROM foo;
 | |
| REVOKE SELECT (f1) ON db1.v1 FROM foo;
 | |
| DROP USER foo;
 | |
| DROP VIEW db1.v1;
 | |
| DROP TABLE db1.t1;
 | |
| DROP DATABASE db1;
 | |
| connection default;
 | |
| Bug #11765687/#58677: 
 | |
| No privilege on table/view, but can know #rows / underlying table's name
 | |
| connect  root,localhost,root,,test;
 | |
| connection root;
 | |
| create database mysqltest1;
 | |
| create table mysqltest1.t1 (i int);
 | |
| create table mysqltest1.t2 (j int);
 | |
| create table mysqltest1.t3 (k int, secret int);
 | |
| create user alice@localhost;
 | |
| create user bob@localhost;
 | |
| create user cecil@localhost;
 | |
| create user dan@localhost;
 | |
| create user eugene@localhost;
 | |
| create user fiona@localhost;
 | |
| create user greg@localhost;
 | |
| create user han@localhost;
 | |
| create user inga@localhost;
 | |
| create user jamie@localhost;
 | |
| create user karl@localhost;
 | |
| create user lena@localhost;
 | |
| create user mhairi@localhost;
 | |
| create user noam@localhost;
 | |
| create user olga@localhost;
 | |
| create user pjotr@localhost;
 | |
| create user quintessa@localhost;
 | |
| grant all privileges on mysqltest1.* to alice@localhost with grant option;
 | |
| ... as alice
 | |
| connect  test11765687,localhost,alice,,mysqltest1;
 | |
| connection test11765687;
 | |
| create view v1 as select * from t1;
 | |
| create view v2 as select * from v1, t2;
 | |
| create view v3 as select k from t3;
 | |
| grant select            on mysqltest1.v1 to bob@localhost;
 | |
| grant show view         on mysqltest1.v1 to cecil@localhost;
 | |
| grant select, show view on mysqltest1.v1 to dan@localhost;
 | |
| grant select            on mysqltest1.t1 to dan@localhost;
 | |
| grant select            on mysqltest1.*  to eugene@localhost;
 | |
| grant select, show view on mysqltest1.v2 to fiona@localhost;
 | |
| grant select, show view on mysqltest1.v2 to greg@localhost;
 | |
| grant         show view on mysqltest1.v1 to greg@localhost;
 | |
| grant select(k)         on mysqltest1.t3 to han@localhost;
 | |
| grant select, show view on mysqltest1.v3 to han@localhost;
 | |
| grant select            on mysqltest1.t1 to inga@localhost;
 | |
| grant select            on mysqltest1.t2 to inga@localhost;
 | |
| grant select            on mysqltest1.v1 to inga@localhost;
 | |
| grant select, show view on mysqltest1.v2 to inga@localhost;
 | |
| grant select            on mysqltest1.t1 to jamie@localhost;
 | |
| grant select            on mysqltest1.t2 to jamie@localhost;
 | |
| grant         show view on mysqltest1.v1 to jamie@localhost;
 | |
| grant select, show view on mysqltest1.v2 to jamie@localhost;
 | |
| grant select            on mysqltest1.t1 to karl@localhost;
 | |
| grant select            on mysqltest1.t2 to karl@localhost;
 | |
| grant select, show view on mysqltest1.v1 to karl@localhost;
 | |
| grant select            on mysqltest1.v2 to karl@localhost;
 | |
| grant select            on mysqltest1.t1 to lena@localhost;
 | |
| grant select            on mysqltest1.t2 to lena@localhost;
 | |
| grant select, show view on mysqltest1.v1 to lena@localhost;
 | |
| grant         show view on mysqltest1.v2 to lena@localhost;
 | |
| grant select            on mysqltest1.t1 to mhairi@localhost;
 | |
| grant select            on mysqltest1.t2 to mhairi@localhost;
 | |
| grant select, show view on mysqltest1.v1 to mhairi@localhost;
 | |
| grant select, show view on mysqltest1.v2 to mhairi@localhost;
 | |
| grant select            on mysqltest1.t1 to noam@localhost;
 | |
| grant select, show view on mysqltest1.v1 to noam@localhost;
 | |
| grant select, show view on mysqltest1.v2 to noam@localhost;
 | |
| grant select            on mysqltest1.t2 to olga@localhost;
 | |
| grant select, show view on mysqltest1.v1 to olga@localhost;
 | |
| grant select, show view on mysqltest1.v2 to olga@localhost;
 | |
| grant select            on mysqltest1.t1 to pjotr@localhost;
 | |
| grant select            on mysqltest1.t2 to pjotr@localhost;
 | |
| grant select, show view on mysqltest1.v2 to pjotr@localhost;
 | |
| grant select, show view on mysqltest1.v1 to quintessa@localhost;
 | |
| disconnect test11765687;
 | |
| ... as bob
 | |
| connect  test11765687,localhost,bob,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v1;
 | |
| i
 | |
| explain select * from v1;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as cecil
 | |
| connect  test11765687,localhost,cecil,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v1;
 | |
| ERROR 42000: SELECT command denied to user 'cecil'@'localhost' for table `mysqltest1`.`v1`
 | |
| explain select * from v1;
 | |
| ERROR 42000: SELECT command denied to user 'cecil'@'localhost' for table `mysqltest1`.`v1`
 | |
| disconnect test11765687;
 | |
| ... as dan
 | |
| connect  test11765687,localhost,dan,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v1;
 | |
| i
 | |
| explain select * from v1;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t1	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| disconnect test11765687;
 | |
| ... as eugene
 | |
| connect  test11765687,localhost,eugene,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v1;
 | |
| i
 | |
| explain select * from v1;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as fiona
 | |
| connect  test11765687,localhost,fiona,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| show create view v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v2	CREATE ALGORITHM=UNDEFINED DEFINER=`alice`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select `v1`.`i` AS `i`,`t2`.`j` AS `j` from (`v1` join `t2`)	latin1	latin1_swedish_ci
 | |
| explain select * from t1;
 | |
| ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table `mysqltest1`.`t1`
 | |
| explain select * from v1;
 | |
| ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table `mysqltest1`.`v1`
 | |
| explain select * from t2;
 | |
| ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table `mysqltest1`.`t2`
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as greg
 | |
| connect  test11765687,localhost,greg,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v1;
 | |
| ERROR 42000: SELECT command denied to user 'greg'@'localhost' for table `mysqltest1`.`v1`
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as han
 | |
| connect  test11765687,localhost,han,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from t3;
 | |
| ERROR 42000: SELECT command denied to user 'han'@'localhost' for table `mysqltest1`.`t3`
 | |
| explain select * from t3;
 | |
| ERROR 42000: SELECT command denied to user 'han'@'localhost' for table `mysqltest1`.`t3`
 | |
| select k from t3;
 | |
| k
 | |
| explain select k from t3;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t3	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| select * from v3;
 | |
| k
 | |
| explain select * from v3;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t3	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| disconnect test11765687;
 | |
| ... as inga
 | |
| connect  test11765687,localhost,inga,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as jamie
 | |
| connect  test11765687,localhost,jamie,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as karl
 | |
| connect  test11765687,localhost,karl,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as lena
 | |
| connect  test11765687,localhost,lena,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| ERROR 42000: SELECT command denied to user 'lena'@'localhost' for table `mysqltest1`.`v2`
 | |
| explain select * from v2;
 | |
| ERROR 42000: SELECT command denied to user 'lena'@'localhost' for table `mysqltest1`.`v2`
 | |
| disconnect test11765687;
 | |
| ... as mhairi
 | |
| connect  test11765687,localhost,mhairi,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 | |
| 1	SIMPLE	t1	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| 1	SIMPLE	t2	system	NULL	NULL	NULL	NULL	0	Const row not found
 | |
| disconnect test11765687;
 | |
| ... as noam
 | |
| connect  test11765687,localhost,noam,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as olga
 | |
| connect  test11765687,localhost,olga,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as pjotr
 | |
| connect  test11765687,localhost,pjotr,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v2;
 | |
| i	j
 | |
| explain select * from v2;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as quintessa
 | |
| connect  test11765687,localhost,quintessa,,mysqltest1;
 | |
| connection test11765687;
 | |
| select * from v1;
 | |
| i
 | |
| explain select * from v1;
 | |
| ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
 | |
| disconnect test11765687;
 | |
| ... as root again at last: clean-up time!
 | |
| connection root;
 | |
| drop user alice@localhost;
 | |
| drop user bob@localhost;
 | |
| drop user cecil@localhost;
 | |
| drop user dan@localhost;
 | |
| drop user eugene@localhost;
 | |
| drop user fiona@localhost;
 | |
| drop user greg@localhost;
 | |
| drop user han@localhost;
 | |
| drop user inga@localhost;
 | |
| drop user jamie@localhost;
 | |
| drop user karl@localhost;
 | |
| drop user lena@localhost;
 | |
| drop user mhairi@localhost;
 | |
| drop user noam@localhost;
 | |
| drop user olga@localhost;
 | |
| drop user pjotr@localhost;
 | |
| drop user quintessa@localhost;
 | |
| drop database mysqltest1;
 | |
| disconnect root;
 | |
| connection default;
 | |
| select * from information_schema.table_privileges;
 | |
| GRANTEE	TABLE_CATALOG	TABLE_SCHEMA	TABLE_NAME	PRIVILEGE_TYPE	IS_GRANTABLE
 | |
| 'mariadb.sys'@'localhost'	def	mysql	global_priv	SELECT	NO
 | |
| 'mariadb.sys'@'localhost'	def	mysql	global_priv	DELETE	NO
 | |
| End of 5.0 tests.
 | |
| connection default;
 | |
| DROP VIEW IF EXISTS v1;
 | |
| DROP TABLE IF EXISTS t1;
 | |
| CREATE TABLE t1 (i INT);
 | |
| CREATE VIEW v1 AS SELECT * FROM t1;
 | |
| ALTER VIEW v1 AS SELECT * FROM t1;
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1`	latin1	latin1_swedish_ci
 | |
| ALTER DEFINER=no_such@user_1 VIEW v1 AS SELECT * FROM t1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_1') does not exist
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`no_such`@`user_1` SQL SECURITY DEFINER VIEW `v1` AS select `test`.`t1`.`i` AS `i` from `t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_1') does not exist
 | |
| ALTER ALGORITHM=MERGE VIEW v1 AS SELECT * FROM t1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_1') does not exist
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=MERGE DEFINER=`no_such`@`user_1` SQL SECURITY DEFINER VIEW `v1` AS select `test`.`t1`.`i` AS `i` from `t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_1') does not exist
 | |
| ALTER ALGORITHM=TEMPTABLE DEFINER=no_such@user_2 VIEW v1 AS SELECT * FROM t1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_2') does not exist
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=TEMPTABLE DEFINER=`no_such`@`user_2` SQL SECURITY DEFINER VIEW `v1` AS select `test`.`t1`.`i` AS `i` from `t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such'@'user_2') does not exist
 | |
| DROP VIEW v1;
 | |
| DROP TABLE t1;
 | |
| CREATE USER mysqluser1@localhost;
 | |
| CREATE DATABASE mysqltest1;
 | |
| USE mysqltest1;
 | |
| CREATE TABLE t1 ( a INT );
 | |
| CREATE TABLE t2 ( b INT );
 | |
| INSERT INTO t1 VALUES (1), (2);
 | |
| INSERT INTO t2 VALUES (1), (2);
 | |
| GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
 | |
| GRANT SELECT ON t1 TO mysqluser1@localhost;
 | |
| GRANT INSERT ON t2 TO mysqluser1@localhost;
 | |
| connect  connection1, localhost, mysqluser1, , mysqltest1;
 | |
| This would lead to failed assertion.
 | |
| CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
 | |
| SELECT * FROM v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1`
 | |
| SELECT b FROM v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1`
 | |
| disconnect connection1;
 | |
| connection default;
 | |
| DROP TABLE t1, t2;
 | |
| DROP VIEW v1;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP USER mysqluser1@localhost;
 | |
| USE test;
 | |
| End of 5.1 tests.
 | |
| CREATE USER mysqluser1@localhost;
 | |
| CREATE DATABASE mysqltest1;
 | |
| USE mysqltest1;
 | |
| CREATE TABLE t1 ( a INT, b INT );
 | |
| CREATE TABLE t2 ( a INT, b INT );
 | |
| CREATE VIEW v1 AS SELECT a, b FROM t1;
 | |
| GRANT SELECT( a ) ON v1 TO mysqluser1@localhost;
 | |
| GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost;
 | |
| connect  connection1, localhost, mysqluser1, ,mysqltest1;
 | |
| SELECT * FROM mysqltest1.v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1`
 | |
| CREATE VIEW v1 AS SELECT * FROM mysqltest1.t2;
 | |
| ERROR 42000: CREATE VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1`
 | |
| disconnect connection1;
 | |
| connection default;
 | |
| DROP TABLE t1, t2;
 | |
| DROP VIEW v1;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP USER mysqluser1@localhost;
 | |
| CREATE USER mysqluser1@localhost;
 | |
| CREATE DATABASE mysqltest1;
 | |
| USE mysqltest1;
 | |
| CREATE VIEW v1 AS SELECT * FROM information_schema.tables LIMIT 1;
 | |
| CREATE ALGORITHM = TEMPTABLE VIEW v2 AS SELECT 1 AS A;
 | |
| CREATE VIEW test.v3 AS SELECT 1 AS a;
 | |
| connection default;
 | |
| GRANT SELECT ON mysqltest1.* to mysqluser1@localhost;
 | |
| GRANT ALL ON test.* TO mysqluser1@localhost;
 | |
| connect  connection1, localhost, mysqluser1, , test;
 | |
| PREPARE stmt_v1     FROM "SELECT * FROM mysqltest1.v1";
 | |
| PREPARE stmt_v2 FROM "SELECT * FROM mysqltest1.v2";
 | |
| connection default;
 | |
| REVOKE SELECT ON mysqltest1.* FROM mysqluser1@localhost;
 | |
| connection connection1;
 | |
| EXECUTE stmt_v1;
 | |
| ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1`
 | |
| EXECUTE stmt_v2;
 | |
| ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v2`
 | |
| disconnect connection1;
 | |
| connect  connection2, localhost, mysqluser1,,;
 | |
| PREPARE stmt FROM "SELECT a FROM v3";
 | |
| EXECUTE stmt;
 | |
| a
 | |
| 1
 | |
| disconnect connection2;
 | |
| connection default;
 | |
| DROP VIEW v1, v2;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP VIEW test.v3;
 | |
| DROP USER mysqluser1@localhost;
 | |
| USE test;
 | |
| #
 | |
| # Bug#35996: SELECT + SHOW VIEW should be enough to display view 
 | |
| # definition
 | |
| #
 | |
| CREATE USER mysqluser1@localhost;
 | |
| CREATE DATABASE mysqltest1;
 | |
| CREATE DATABASE mysqltest2;
 | |
| GRANT USAGE, SELECT, CREATE VIEW, SHOW VIEW 
 | |
| ON mysqltest2.* TO mysqluser1@localhost;
 | |
| USE mysqltest1;
 | |
| CREATE TABLE t1( a INT );
 | |
| CREATE TABLE t2( a INT, b INT );
 | |
| CREATE FUNCTION f1() RETURNS INT RETURN 1;
 | |
| CREATE VIEW v1 AS SELECT 1 AS a;
 | |
| CREATE VIEW v2 AS SELECT 1 AS a, 2 AS b;
 | |
| GRANT SELECT        ON TABLE    t1 TO mysqluser1@localhost;
 | |
| GRANT SELECT (a, b) ON TABLE    t2 TO mysqluser1@localhost;
 | |
| GRANT EXECUTE       ON FUNCTION f1 TO mysqluser1@localhost;
 | |
| GRANT SELECT        ON TABLE    v1 TO mysqluser1@localhost;
 | |
| GRANT SELECT (a, b) ON TABLE    v2 TO mysqluser1@localhost;
 | |
| CREATE VIEW v_t1 AS SELECT * FROM t1;
 | |
| CREATE VIEW v_t2 AS SELECT * FROM t2;
 | |
| CREATE VIEW v_f1 AS SELECT f1() AS a;
 | |
| CREATE VIEW v_v1 AS SELECT * FROM v1;
 | |
| CREATE VIEW v_v2 AS SELECT * FROM v2;
 | |
| GRANT SELECT, SHOW VIEW ON v_t1 TO mysqluser1@localhost;
 | |
| GRANT SELECT, SHOW VIEW ON v_t2 TO mysqluser1@localhost;
 | |
| GRANT SELECT, SHOW VIEW ON v_f1 TO mysqluser1@localhost;
 | |
| GRANT SELECT, SHOW VIEW ON v_v1 TO mysqluser1@localhost;
 | |
| GRANT SELECT, SHOW VIEW ON v_v2 TO mysqluser1@localhost;
 | |
| connect  connection1, localhost, mysqluser1,, mysqltest2;
 | |
| CREATE VIEW v_mysqluser1_t1 AS SELECT * FROM mysqltest1.t1;
 | |
| CREATE VIEW v_mysqluser1_t2 AS SELECT * FROM mysqltest1.t2;
 | |
| CREATE VIEW v_mysqluser1_f1 AS SELECT mysqltest1.f1() AS a;
 | |
| CREATE VIEW v_mysqluser1_v1 AS SELECT * FROM mysqltest1.v1;
 | |
| CREATE VIEW v_mysqluser1_v2 AS SELECT * FROM mysqltest1.v2;
 | |
| SHOW CREATE VIEW mysqltest1.v_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_t2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_t2	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_t2` AS select `mysqltest1`.`t2`.`a` AS `a`,`mysqltest1`.`t2`.`b` AS `b` from `mysqltest1`.`t2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_f1` AS select `f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_v2	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_v2` AS select `v2`.`a` AS `a`,`v2`.`b` AS `b` from `mysqltest1`.`v2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_t2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t2` AS select `mysqltest1`.`t2`.`a` AS `a`,`mysqltest1`.`t2`.`b` AS `b` from `mysqltest1`.`t2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_f1` AS select `mysqltest1`.`f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v2` AS select `v2`.`a` AS `a`,`v2`.`b` AS `b` from `mysqltest1`.`v2`	latin1	latin1_swedish_ci
 | |
| connection default;
 | |
| REVOKE SELECT     ON TABLE    t1 FROM mysqluser1@localhost;
 | |
| REVOKE SELECT (a) ON TABLE    t2 FROM mysqluser1@localhost;
 | |
| REVOKE EXECUTE    ON FUNCTION f1 FROM mysqluser1@localhost;
 | |
| REVOKE SELECT     ON TABLE    v1 FROM mysqluser1@localhost;
 | |
| connection connection1;
 | |
| SHOW CREATE VIEW mysqltest1.v_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_t2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_t2	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_t2` AS select `mysqltest1`.`t2`.`a` AS `a`,`mysqltest1`.`t2`.`b` AS `b` from `mysqltest1`.`t2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_f1` AS select `f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW mysqltest1.v_v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_v2	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_v2` AS select `v2`.`a` AS `a`,`v2`.`b` AS `b` from `mysqltest1`.`v2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_t2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t2` AS select `mysqltest1`.`t2`.`a` AS `a`,`mysqltest1`.`t2`.`b` AS `b` from `mysqltest1`.`t2`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_f1` AS select `mysqltest1`.`f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| SHOW CREATE VIEW v_mysqluser1_v2;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v2` AS select `v2`.`a` AS `a`,`v2`.`b` AS `b` from `mysqltest1`.`v2`	latin1	latin1_swedish_ci
 | |
| connection default;
 | |
| # Testing the case when the views reference missing objects.
 | |
| # Obviously, there are no privileges to check for, so we
 | |
| # need only each object type once.
 | |
| DROP TABLE t1;
 | |
| DROP FUNCTION f1;
 | |
| DROP VIEW v1;
 | |
| connection connection1;
 | |
| SHOW CREATE VIEW mysqltest1.v_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW mysqltest1.v_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_f1` AS select `f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest1.v_f1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW mysqltest1.v_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest1`.`v_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest1.v_v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW v_mysqluser1_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW v_mysqluser1_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_f1` AS select `mysqltest1`.`f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_f1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW v_mysqluser1_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| connection default;
 | |
| REVOKE SHOW VIEW ON v_t1 FROM mysqluser1@localhost;
 | |
| REVOKE SHOW VIEW ON v_f1 FROM mysqluser1@localhost;
 | |
| REVOKE SHOW VIEW ON v_v1 FROM mysqluser1@localhost;
 | |
| connection connection1;
 | |
| SHOW CREATE VIEW mysqltest1.v_t1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v_t1`
 | |
| SHOW CREATE VIEW mysqltest1.v_f1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v_f1`
 | |
| SHOW CREATE VIEW mysqltest1.v_v1;
 | |
| ERROR 42000: SHOW VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v_v1`
 | |
| SHOW CREATE VIEW v_mysqluser1_t1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_t1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_t1` AS select `mysqltest1`.`t1`.`a` AS `a` from `mysqltest1`.`t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW v_mysqluser1_f1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_f1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_f1` AS select `mysqltest1`.`f1`() AS `a`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_f1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SHOW CREATE VIEW v_mysqluser1_v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v_mysqluser1_v1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqluser1`@`localhost` SQL SECURITY DEFINER VIEW `v_mysqluser1_v1` AS select `v1`.`a` AS `a` from `mysqltest1`.`v1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Warning	1356	View 'mysqltest2.v_mysqluser1_v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| disconnect connection1;
 | |
| connection default;
 | |
| DROP USER mysqluser1@localhost;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP DATABASE mysqltest2;
 | |
| USE test;
 | |
| CREATE TABLE t1( a INT );
 | |
| CREATE DEFINER = no_such_user@no_such_host VIEW v1 AS SELECT * FROM t1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such_user'@'no_such_host') does not exist
 | |
| SHOW CREATE VIEW v1;
 | |
| View	Create View	character_set_client	collation_connection
 | |
| v1	CREATE ALGORITHM=UNDEFINED DEFINER=`no_such_user`@`no_such_host` SQL SECURITY DEFINER VIEW `v1` AS select `test`.`t1`.`a` AS `a` from `t1`	latin1	latin1_swedish_ci
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('no_such_user'@'no_such_host') does not exist
 | |
| DROP TABLE t1;
 | |
| DROP VIEW v1;
 | |
| #
 | |
| # Bug #46019: ERROR 1356 When selecting from within another 
 | |
| #  view that has Group By
 | |
| #
 | |
| CREATE DATABASE mysqltest1;
 | |
| USE mysqltest1;
 | |
| CREATE TABLE t1 (a INT);
 | |
| CREATE SQL SECURITY INVOKER VIEW v1 AS SELECT a FROM t1 GROUP BY a;
 | |
| CREATE SQL SECURITY INVOKER VIEW v2 AS SELECT a FROM v1;
 | |
| CREATE USER mysqluser1;
 | |
| GRANT SELECT ON TABLE t1 TO mysqluser1;
 | |
| GRANT SELECT, SHOW VIEW ON TABLE v1 TO mysqluser1;
 | |
| GRANT SELECT, SHOW VIEW ON TABLE v2 TO mysqluser1;
 | |
| connect  mysqluser1, localhost, mysqluser1,,mysqltest1;
 | |
| SELECT a FROM v1;
 | |
| a
 | |
| SELECT a FROM v2;
 | |
| a
 | |
| connection default;
 | |
| disconnect mysqluser1;
 | |
| DROP USER mysqluser1;
 | |
| DROP DATABASE mysqltest1;
 | |
| USE test;
 | |
| #
 | |
| # Bug#47734: Assertion failed: ! is_set() when locking a view with non-existing definer
 | |
| #
 | |
| DROP VIEW IF EXISTS v1;
 | |
| CREATE DEFINER=`unknown`@`unknown` SQL SECURITY DEFINER VIEW v1 AS SELECT 1;
 | |
| Warnings:
 | |
| Note	1446	The user specified as a definer ('unknown'@'unknown') does not exist
 | |
| LOCK TABLES v1 READ;
 | |
| ERROR HY000: The user specified as a definer ('unknown'@'unknown') does not exist
 | |
| DROP VIEW v1;
 | |
| #
 | |
| # Bug #58499 "DEFINER-security view selecting from INVOKER-security view
 | |
| #             access check wrong".
 | |
| #
 | |
| # Check that we correctly handle privileges for various combinations
 | |
| # of INVOKER and DEFINER-security views using each other.
 | |
| DROP DATABASE IF EXISTS mysqltest1;
 | |
| CREATE DATABASE mysqltest1;
 | |
| USE mysqltest1;
 | |
| CREATE TABLE t1 (i INT);
 | |
| CREATE TABLE t2 (j INT);
 | |
| INSERT INTO t1 VALUES (1);
 | |
| INSERT INTO t2 VALUES (2);
 | |
| #
 | |
| # 1) DEFINER-security view uses INVOKER-security view (covers
 | |
| #    scenario originally described in the bug report).
 | |
| CREATE SQL SECURITY INVOKER VIEW v1_uses_t1 AS SELECT * FROM t1;
 | |
| CREATE SQL SECURITY INVOKER VIEW v1_uses_t2 AS SELECT * FROM t2;
 | |
| CREATE USER 'mysqluser1'@'%';
 | |
| GRANT CREATE VIEW ON mysqltest1.* TO 'mysqluser1'@'%';
 | |
| GRANT SELECT ON t1 TO 'mysqluser1'@'%';
 | |
| # To be able create 'v2_uses_t2' we also need select on t2. 
 | |
| GRANT SELECT ON t2 TO 'mysqluser1'@'%';
 | |
| GRANT SELECT ON v1_uses_t1 TO 'mysqluser1'@'%';
 | |
| GRANT SELECT ON v1_uses_t2 TO 'mysqluser1'@'%';
 | |
| connect  mysqluser1, localhost, mysqluser1,,mysqltest1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v2_uses_t1 AS SELECT * FROM v1_uses_t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v2_uses_t2 AS SELECT * FROM v1_uses_t2;
 | |
| connection default;
 | |
| CREATE USER 'mysqluser2'@'%';
 | |
| GRANT SELECT ON v2_uses_t1 TO 'mysqluser2'@'%';
 | |
| GRANT SELECT ON v2_uses_t2 TO 'mysqluser2'@'%';
 | |
| GRANT SELECT ON t2 TO 'mysqluser2'@'%';
 | |
| GRANT CREATE VIEW ON mysqltest1.* TO 'mysqluser2'@'%';
 | |
| # Make 'mysqluser1' unable to access t2.
 | |
| REVOKE SELECT ON t2 FROM 'mysqluser1'@'%';
 | |
| connect  mysqluser2, localhost, mysqluser2,,mysqltest1;
 | |
| # The below statement should succeed thanks to suid nature of v2_uses_t1.
 | |
| SELECT * FROM v2_uses_t1;
 | |
| i
 | |
| 1
 | |
| # The below statement should fail due to suid nature of v2_uses_t2.
 | |
| SELECT * FROM v2_uses_t2;
 | |
| ERROR HY000: View 'mysqltest1.v2_uses_t2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| #
 | |
| # 2) INVOKER-security view uses INVOKER-security view.
 | |
| connection default;
 | |
| DROP VIEW v2_uses_t1, v2_uses_t2;
 | |
| CREATE SQL SECURITY INVOKER VIEW v2_uses_t1 AS SELECT * FROM v1_uses_t1;
 | |
| CREATE SQL SECURITY INVOKER VIEW v2_uses_t2 AS SELECT * FROM v1_uses_t2;
 | |
| GRANT SELECT ON v2_uses_t1 TO 'mysqluser1'@'%';
 | |
| GRANT SELECT ON v2_uses_t2 TO 'mysqluser1'@'%';
 | |
| GRANT SELECT ON v1_uses_t1 TO 'mysqluser2'@'%';
 | |
| GRANT SELECT ON v1_uses_t2 TO 'mysqluser2'@'%';
 | |
| connection mysqluser1;
 | |
| # For both versions of 'v2' 'mysqluser1' privileges should be used.
 | |
| SELECT * FROM v2_uses_t1;
 | |
| i
 | |
| 1
 | |
| SELECT * FROM v2_uses_t2;
 | |
| ERROR HY000: View 'mysqltest1.v2_uses_t2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| connection mysqluser2;
 | |
| # And now for both versions of 'v2' 'mysqluser2' privileges should
 | |
| # be used.
 | |
| SELECT * FROM v2_uses_t1;
 | |
| ERROR HY000: View 'mysqltest1.v2_uses_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| SELECT * FROM v2_uses_t2;
 | |
| j
 | |
| 2
 | |
| #
 | |
| # 3) INVOKER-security view uses DEFINER-security view.
 | |
| connection default;
 | |
| DROP VIEW v1_uses_t1, v1_uses_t2;
 | |
| # To be able create 'v1_uses_t2' we also need select on t2. 
 | |
| GRANT SELECT ON t2 TO 'mysqluser1'@'%';
 | |
| connection mysqluser1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v1_uses_t1 AS SELECT * FROM t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v1_uses_t2 AS SELECT * FROM t2;
 | |
| connection default;
 | |
| # Make 'mysqluser1' unable to access t2.
 | |
| REVOKE SELECT ON t2 FROM 'mysqluser1'@'%';
 | |
| connection mysqluser2;
 | |
| # Due to suid nature of v1_uses_t1 and v1_uses_t2 the first
 | |
| # select should succeed and the second select should fail.
 | |
| SELECT * FROM v2_uses_t1;
 | |
| i
 | |
| 1
 | |
| SELECT * FROM v2_uses_t2;
 | |
| ERROR HY000: View 'mysqltest1.v2_uses_t2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| #
 | |
| # 4) DEFINER-security view uses DEFINER-security view.
 | |
| connection default;
 | |
| DROP VIEW v2_uses_t1, v2_uses_t2;
 | |
| # To be able create 'v2_uses_t2' we also need select on t2. 
 | |
| GRANT SELECT ON t2 TO 'mysqluser1'@'%';
 | |
| connection mysqluser2;
 | |
| CREATE SQL SECURITY DEFINER VIEW v2_uses_t1 AS SELECT * FROM v1_uses_t1;
 | |
| CREATE SQL SECURITY DEFINER VIEW v2_uses_t2 AS SELECT * FROM v1_uses_t2;
 | |
| connection default;
 | |
| # Make 'mysqluser1' unable to access t2.
 | |
| REVOKE SELECT ON t2 FROM 'mysqluser1'@'%';
 | |
| connection mysqluser2;
 | |
| # Again privileges of creator of innermost views should apply.
 | |
| SELECT * FROM v2_uses_t1;
 | |
| i
 | |
| 1
 | |
| SELECT * FROM v2_uses_t2;
 | |
| ERROR HY000: View 'mysqltest1.v2_uses_t2' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| disconnect mysqluser1;
 | |
| disconnect mysqluser2;
 | |
| connection default;
 | |
| USE test;
 | |
| DROP DATABASE mysqltest1;
 | |
| DROP USER 'mysqluser1'@'%';
 | |
| DROP USER 'mysqluser2'@'%';
 | |
| #
 | |
| # Test for bug #11766767 - "59957: VIEW USING MERGE PERMISSIONS
 | |
| #                           IN MULTI-TABLE UPDATE".
 | |
| #
 | |
| drop database if exists mysqltest1;
 | |
| drop database if exists mysqltest2;
 | |
| #
 | |
| # Prepare playground. 
 | |
| create database mysqltest1;
 | |
| create database mysqltest2;
 | |
| create user user_11766767;
 | |
| grant select on mysqltest1.* to user_11766767;
 | |
| grant all on mysqltest2.* to user_11766767;
 | |
| use mysqltest1;
 | |
| create table t1 (id int primary key, val varchar(20));
 | |
| insert into t1 values (1, 'test1');
 | |
| create table t11 (id int primary key);
 | |
| insert into t11 values (1);
 | |
| create algorithm=temptable view v1_temp as select * from t1;
 | |
| create algorithm=merge view v1_merge as select * from t1;
 | |
| create algorithm=temptable view v11_temp as
 | |
| select t1.id as id, t1.val as val from t1, t11 where t1.id= t11.id;
 | |
| create algorithm=merge view v11_merge as
 | |
| select t1.id as id, t1.val as val from t1, t11 where t1.id= t11.id;
 | |
| use mysqltest2;
 | |
| create table t2 (id int primary key, val varchar(20));
 | |
| insert into t2 values (1, 'test2');
 | |
| create table t21 (id int primary key);
 | |
| insert into t21 values (1);
 | |
| create algorithm=temptable view v2_temp as select * from t2;
 | |
| create algorithm=merge view v2_merge as select * from t2;
 | |
| create algorithm=temptable view v21_temp as 
 | |
| select t2.id as id, t2.val as val from t2, t21 where t2.id= t21.id;
 | |
| create algorithm=merge view v21_merge as
 | |
| select t2.id as id, t2.val as val from t2, t21 where t2.id= t21.id;
 | |
| create algorithm=temptable sql security invoker view v3_temp as
 | |
| select t1.id as id, t1.val as val from mysqltest1.t1 as t1, mysqltest1.t11 as t11
 | |
| where t1.id = t11.id;
 | |
| create algorithm=merge sql security invoker view v3_merge as
 | |
| select t1.id as id, t1.val as val from mysqltest1.t1 as t1, mysqltest1.t11 as t11
 | |
| where t1.id = t11.id;
 | |
| create sql security invoker view v31 as
 | |
| select t2.id as id, t2.val as val from mysqltest2.t2 as t2, mysqltest1.t11 as t11
 | |
| where t2.id = t11.id;
 | |
| create sql security invoker view v4 as
 | |
| select t2.id as id, t2.val as val from mysqltest2.t2 as t2, mysqltest1.v1_merge as v1
 | |
| where t2.id = v1.id;
 | |
| create sql security invoker view v41 as
 | |
| select v1.id as id, v1.val as val from mysqltest2.t2 as t2, mysqltest1.v1_merge as v1
 | |
| where t2.id = v1.id;
 | |
| create sql security invoker view v42 as
 | |
| select v2.id as id, v2.val as val from mysqltest2.t2 as t2, mysqltest2.v2_merge as v2
 | |
| where t2.id = v2.id;
 | |
| connect  conn_11766767, localhost, user_11766767,,mysqltest2;
 | |
| #
 | |
| # A) Check how we handle privilege checking in multi-update for 
 | |
| #    directly used views.
 | |
| #
 | |
| # A.1) Originally reported problem, view is used in read-only mode.
 | |
| #      This should work with only SELECT privilege for both mergeable
 | |
| #      and temptable algorithms.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v1_merge as v1 set t2.val= 'test3'
 | |
|   where t2.id= v1.id;
 | |
| update mysqltest2.t2 as t2, mysqltest1.v1_temp as v1 set t2.val= 'test4'
 | |
|   where t2.id= v1.id;
 | |
| #
 | |
| # A.2) If view is updated an UPDATE privilege on it is required.
 | |
| #      Temptable views can't be updated.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v1_merge as v1 set v1.val= 'test5'
 | |
|   where t2.id= v1.id;
 | |
| ERROR 42000: UPDATE command denied to user 'user_11766767'@'localhost' for table `mysqltest1`.`v1_merge`
 | |
| update mysqltest1.t1 as t1, mysqltest2.v2_merge as v2 set v2.val= 'test6'
 | |
|   where t1.id= v2.id;
 | |
| #
 | |
| #      Note that the below error is OK even though user lacks UPDATE
 | |
| #      privilege on v1_temp since he/she still has SELECT privilege on
 | |
| #      this view.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v1_temp as v1 set v1.val= 'test7'
 | |
|   where t2.id= v1.id;
 | |
| ERROR HY000: The target table v1 of the UPDATE is not updatable
 | |
| update mysqltest1.t1 as t1, mysqltest2.v2_temp as v2 set v2.val= 'test8'
 | |
|   where t1.id= v2.id;
 | |
| ERROR HY000: The target table v2 of the UPDATE is not updatable
 | |
| #
 | |
| # A.3) This also works for correctly for multi-table views.
 | |
| #      When usage is read-only SELECT is enough.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v11_merge as v11 set t2.val= 'test9'
 | |
|   where t2.id= v11.id;
 | |
| update mysqltest2.t2 as t2, mysqltest1.v11_temp as v11 set t2.val= 'test10'
 | |
|   where t2.id= v11.id;
 | |
| #      When one of view's tables is updated, UPDATE is required
 | |
| #      on a view.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v11_merge as v11 set v11.val= 'test11'
 | |
|   where t2.id= v11.id;
 | |
| ERROR 42000: UPDATE command denied to user 'user_11766767'@'localhost' for table `mysqltest1`.`v11_merge`
 | |
| update mysqltest1.t1 as t1, mysqltest2.v21_merge as v21 set v21.val= 'test12'
 | |
|   where t1.id= v21.id;
 | |
| #      As before, temptable views are not updateable.
 | |
| update mysqltest2.t2 as t2, mysqltest1.v11_temp as v11 set v11.val= 'test13'
 | |
|   where t2.id= v11.id;
 | |
| ERROR HY000: The target table v11 of the UPDATE is not updatable
 | |
| update mysqltest1.t1 as t1, mysqltest2.v21_temp as v21 set v21.val= 'test14'
 | |
|   where t1.id= v21.id;
 | |
| ERROR HY000: The target table v21 of the UPDATE is not updatable
 | |
| #
 | |
| # B) Now check that correct privileges are required on underlying
 | |
| #    tables. To simplify this part of test we will use SECURITY
 | |
| #    INVOKER views in it.
 | |
| #
 | |
| # B.1) In case when view is used for read only it is enough to have
 | |
| #      SELECT on its underlying tables.
 | |
| update mysqltest2.t2 as t2, mysqltest2.v3_merge as v3 set t2.val= 'test15'
 | |
|   where t2.id= v3.id;
 | |
| update mysqltest2.t2 as t2, mysqltest2.v3_temp as v3 set t2.val= 'test16'
 | |
|   where t2.id= v3.id;
 | |
| #
 | |
| # B.2) If view is updated, UPDATE privilege on the table being updated
 | |
| #      is required (since we already checked that temptable views are
 | |
| #      not updateable we don't test them here).
 | |
| update mysqltest2.t2 as t2, mysqltest2.v3_merge as v3 set v3.val= 'test17'
 | |
|   where t2.id= v3.id;
 | |
| ERROR HY000: View 'mysqltest2.v3_merge' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| update mysqltest1.t11 as t11, mysqltest2.v31 as v31 set v31.val= 'test18'
 | |
|   where t11.id= v31.id;
 | |
| #
 | |
| # C) Finally, check how we handle privilege checking in case when
 | |
| #    view is used through another view. Again we will use SECURITY
 | |
| #    INVOKER views for simplicity.
 | |
| #
 | |
| # C.1) As usual, when a view used by another view is going to be used
 | |
| #      in read-only fashion, only SELECT privilege is necessary.
 | |
| update mysqltest1.t11 as t11, mysqltest2.v4 as v4 set v4.val= 'test19'
 | |
|   where t11.id= v4.id;
 | |
| #
 | |
| # C.2) If one of underlying tables of the view is updated then
 | |
| #      UPDATE on a view is necessary.
 | |
| update mysqltest1.t11 as t11, mysqltest2.v41 as v4 set v4.val= 'test20'
 | |
|   where t11.id= v4.id;
 | |
| ERROR HY000: View 'mysqltest2.v41' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 | |
| update mysqltest1.t11 as t11, mysqltest2.v42 as v4 set v4.val= 'test20'
 | |
|   where t11.id= v4.id;
 | |
| #
 | |
| # Clean-up.
 | |
| #
 | |
| disconnect conn_11766767;
 | |
| connection default;
 | |
| drop user user_11766767;
 | |
| drop database mysqltest1;
 | |
| drop database mysqltest2;
 | |
| #
 | |
| # MDEV-33119 User is case insensitive in INFORMATION_SCHEMA.VIEWS
 | |
| #
 | |
| USE test;
 | |
| CREATE USER foo;
 | |
| CREATE USER FOO;
 | |
| GRANT SELECT ON test.* TO foo;
 | |
| GRANT SELECT ON test.* TO FOO;
 | |
| CREATE DEFINER=foo SQL SECURITY INVOKER VIEW v1 AS SELECT 1 AS c1;
 | |
| connect  FOO, localhost, FOO, , test;
 | |
| connection FOO;
 | |
| SELECT CURRENT_USER;
 | |
| CURRENT_USER
 | |
| FOO@%
 | |
| SELECT * FROM INFORMATION_SCHEMA.VIEWS;
 | |
| TABLE_CATALOG	def
 | |
| TABLE_SCHEMA	test
 | |
| TABLE_NAME	v1
 | |
| VIEW_DEFINITION	
 | |
| CHECK_OPTION	NONE
 | |
| IS_UPDATABLE	NO
 | |
| DEFINER	foo@%
 | |
| SECURITY_TYPE	INVOKER
 | |
| CHARACTER_SET_CLIENT	latin1
 | |
| COLLATION_CONNECTION	latin1_swedish_ci
 | |
| ALGORITHM	UNDEFINED
 | |
| disconnect FOO;
 | |
| connection default;
 | |
| DROP VIEW v1;
 | |
| DROP USER foo;
 | |
| DROP USER FOO;
 | |
| # End of 10.5 tests
 | |
| # Check that a user without access to the schema 'foo' cannot query
 | |
| # a JSON_TABLE view in that schema.
 | |
| CREATE SCHEMA foo;
 | |
| CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt;
 | |
| CREATE USER foo@localhost;
 | |
| GRANT SELECT on test.* to foo@localhost;
 | |
| connect  con1,localhost,foo,,;
 | |
| SELECT * FROM foo.v;
 | |
| ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table `foo`.`v`
 | |
| #
 | |
| # Clean-up.
 | |
| #
 | |
| connection default;
 | |
| disconnect con1;
 | |
| drop user foo@localhost;
 | |
| drop schema foo;
 | |
| # End of 10.6 tests
 |