mirror of
https://github.com/MariaDB/server.git
synced 2025-10-31 10:56:12 +01:00
212fad1b7e
MTR .result files currently do not contain output to indicate if a change_user command has been executed in the corresponding .test files. Record change_user command in the following format in MTR output only if disable_query_log is set to false: change_user <user>,<password>,<db>; All new code of the whole pull request, including one or several files that are either new files or modified ones, are contributed under the BSD-new license. I am contributing on behalf of my employer Amazon Web Services, Inc.
73 lines
2.6 KiB
Text
73 lines
2.6 KiB
Text
create user test_user@localhost;
|
|
create role test_role1;
|
|
create role test_role2;
|
|
grant test_role1 to test_user@localhost;
|
|
grant test_role2 to test_role1;
|
|
select user, host from mysql.user where user not like 'root';
|
|
User Host
|
|
mariadb.sys localhost
|
|
test_role1
|
|
test_role2
|
|
test_user localhost
|
|
select * from mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
test_role1 test_role2 N
|
|
localhost root test_role1 Y
|
|
localhost root test_role2 Y
|
|
localhost test_user test_role1 N
|
|
grant select (Role) on mysql.roles_mapping to test_role2;
|
|
change_user test_user,,;
|
|
select * from mysql.roles_mapping;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `mysql`.`roles_mapping`
|
|
show grants;
|
|
Grants for test_user@localhost
|
|
GRANT USAGE ON *.* TO `test_user`@`localhost`
|
|
GRANT `test_role1` TO `test_user`@`localhost`
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost NULL
|
|
set role test_role1;
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost test_role1
|
|
show grants;
|
|
Grants for test_user@localhost
|
|
GRANT SELECT (`Role`) ON `mysql`.`roles_mapping` TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_role1`
|
|
GRANT USAGE ON *.* TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_user`@`localhost`
|
|
GRANT `test_role1` TO `test_user`@`localhost`
|
|
GRANT `test_role2` TO `test_role1`
|
|
select * from mysql.roles_mapping;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for column 'Host' in table 'roles_mapping'
|
|
select Role from mysql.roles_mapping;
|
|
Role
|
|
test_role1
|
|
test_role1
|
|
test_role2
|
|
test_role2
|
|
show grants;
|
|
Grants for test_user@localhost
|
|
GRANT SELECT (`Role`) ON `mysql`.`roles_mapping` TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_role1`
|
|
GRANT USAGE ON *.* TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_user`@`localhost`
|
|
GRANT `test_role1` TO `test_user`@`localhost`
|
|
GRANT `test_role2` TO `test_role1`
|
|
use mysql;
|
|
set role none;
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost NULL
|
|
select Role from mysql.roles_mapping;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `mysql`.`roles_mapping`
|
|
change_user root,,;
|
|
drop user 'test_user'@'localhost';
|
|
select * from mysql.tables_priv;
|
|
Host Db User Table_name Grantor Timestamp Table_priv Column_priv
|
|
localhost mysql mariadb.sys global_priv root@localhost 0000-00-00 00:00:00 Select,Delete
|
|
mysql test_role2 roles_mapping root@localhost 0000-00-00 00:00:00 Select
|
|
revoke select on mysql.roles_mapping from test_role2;
|
|
delete from mysql.user where user like'test_%';
|
|
delete from mysql.roles_mapping where Role like 'test%';
|
|
flush privileges;
|