mirror of
https://github.com/MariaDB/server.git
synced 2025-01-19 21:42:35 +01:00
88 lines
2.4 KiB
Text
88 lines
2.4 KiB
Text
create user 'test_user'@'localhost';
|
|
create role test_role1;
|
|
create role test_role2;
|
|
create role test_role3;
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
'test_user',
|
|
'test_role1');
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('localhost',
|
|
'test_user',
|
|
'test_role3');
|
|
|
|
insert into mysql.roles_mapping (HostFk, UserFk, RoleFk) values ('',
|
|
'test_role1',
|
|
'test_role2');
|
|
--sorted_result
|
|
select user, host from mysql.user where user not like 'root';
|
|
--sorted_result
|
|
select * from mysql.roles_mapping;
|
|
|
|
create function mysql.test_func (s CHAR(20))
|
|
returns CHAR(50) DETERMINISTIC
|
|
return concat('Test string: ',s);
|
|
|
|
|
|
delimiter |;
|
|
create procedure mysql.test_proc (OUT param1 INT)
|
|
begin
|
|
select COUNT(*) into param1 from mysql.roles_mapping;
|
|
end|
|
|
delimiter ;|
|
|
|
|
|
|
grant execute on function mysql.test_func to test_role2@'';
|
|
grant execute on procedure mysql.test_proc to test_role2@'';
|
|
|
|
grant execute on mysql.* to test_role3@'';
|
|
|
|
flush privileges;
|
|
|
|
change_user 'test_user';
|
|
--sorted_result
|
|
show grants;
|
|
|
|
--error ER_DBACCESS_DENIED_ERROR
|
|
use mysql;
|
|
select current_user(), current_role();
|
|
set role test_role1;
|
|
select current_user(), current_role();
|
|
use mysql;
|
|
|
|
call test_proc(@a);
|
|
SELECT @a;
|
|
|
|
SELECT test_func('AABBCCDD');
|
|
|
|
--sorted_result
|
|
show grants;
|
|
set role none;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
|
|
--error ER_PROCACCESS_DENIED_ERROR
|
|
call test_proc(@a);
|
|
|
|
--error ER_PROCACCESS_DENIED_ERROR
|
|
SELECT test_func('AABBCCDD');
|
|
|
|
set role test_role3;
|
|
select current_user(), current_role();
|
|
--sorted_result
|
|
show grants;
|
|
call test_proc(@a);
|
|
SELECT @a;
|
|
|
|
SELECT test_func('AABBCCDD');
|
|
|
|
change_user 'root';
|
|
drop user 'test_user'@'localhost';
|
|
revoke execute on function mysql.test_func from test_role2@'';
|
|
revoke execute on procedure mysql.test_proc from test_role2@'';
|
|
revoke execute on mysql.* from test_role3@'';
|
|
delete from mysql.user where user like'test_%';
|
|
delete from mysql.roles_mapping where RoleFk like 'test%';
|
|
drop function mysql.test_func;
|
|
drop procedure mysql.test_proc;
|
|
flush privileges;
|