mirror of
https://github.com/MariaDB/server.git
synced 2025-01-17 20:42:30 +01:00
9a1fed13ee
The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
423 lines
13 KiB
Text
423 lines
13 KiB
Text
stop slave;
|
|
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
|
reset master;
|
|
reset slave;
|
|
drop table if exists t1,t2,t3,t4,t5,t6,t7,t8,t9;
|
|
start slave;
|
|
drop database if exists mysqltest1;
|
|
create database mysqltest1;
|
|
use mysqltest1;
|
|
create table t1 (a varchar(100));
|
|
use mysqltest1;
|
|
create procedure foo()
|
|
begin
|
|
declare b int;
|
|
set b = 8;
|
|
insert into t1 values (b);
|
|
insert into t1 values (unix_timestamp());
|
|
end|
|
|
select * from mysql.proc where name='foo' and db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
mysqltest1 foo PROCEDURE foo SQL CONTAINS_SQL NO DEFINER begin
|
|
declare b int;
|
|
set b = 8;
|
|
insert into t1 values (b);
|
|
insert into t1 values (unix_timestamp());
|
|
end root@localhost # #
|
|
select * from mysql.proc where name='foo' and db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
mysqltest1 foo PROCEDURE foo SQL CONTAINS_SQL NO DEFINER begin
|
|
declare b int;
|
|
set b = 8;
|
|
insert into t1 values (b);
|
|
insert into t1 values (unix_timestamp());
|
|
end root@localhost # #
|
|
set timestamp=1000000000;
|
|
call foo();
|
|
select * from t1;
|
|
a
|
|
8
|
|
1000000000
|
|
select * from t1;
|
|
a
|
|
8
|
|
1000000000
|
|
delete from t1;
|
|
create procedure foo2()
|
|
select * from mysqltest1.t1;
|
|
call foo2();
|
|
a
|
|
alter procedure foo2 contains sql;
|
|
drop table t1;
|
|
create table t1 (a int);
|
|
create table t2 like t1;
|
|
create procedure foo3()
|
|
deterministic
|
|
insert into t1 values (15);
|
|
grant CREATE ROUTINE, EXECUTE on mysqltest1.* to "zedjzlcsjhd"@127.0.0.1;
|
|
grant SELECT on mysqltest1.t1 to "zedjzlcsjhd"@127.0.0.1;
|
|
grant SELECT, INSERT on mysqltest1.t2 to "zedjzlcsjhd"@127.0.0.1;
|
|
SELECT 1;
|
|
1
|
|
1
|
|
create procedure foo4()
|
|
deterministic
|
|
begin
|
|
insert into t2 values(3);
|
|
insert into t1 values (5);
|
|
end|
|
|
call foo4();
|
|
Got one of the listed errors
|
|
call foo3();
|
|
show warnings;
|
|
Level Code Message
|
|
call foo4();
|
|
Got one of the listed errors
|
|
alter procedure foo4 sql security invoker;
|
|
call foo4();
|
|
show warnings;
|
|
Level Code Message
|
|
select * from t1;
|
|
a
|
|
15
|
|
5
|
|
select * from t2;
|
|
a
|
|
3
|
|
3
|
|
3
|
|
select * from t1;
|
|
a
|
|
15
|
|
5
|
|
select * from t2;
|
|
a
|
|
3
|
|
3
|
|
3
|
|
delete from t2;
|
|
alter table t2 add unique (a);
|
|
drop procedure foo4;
|
|
create procedure foo4()
|
|
deterministic
|
|
begin
|
|
insert into t2 values(20),(20);
|
|
end|
|
|
call foo4();
|
|
ERROR 23000: Duplicate entry '20' for key 1
|
|
show warnings;
|
|
Level Code Message
|
|
Error 1062 Duplicate entry '20' for key 1
|
|
select * from t2;
|
|
a
|
|
20
|
|
select * from t2;
|
|
a
|
|
20
|
|
select * from mysql.proc where name="foo4" and db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
mysqltest1 foo4 PROCEDURE foo4 SQL CONTAINS_SQL YES DEFINER begin
|
|
insert into t2 values(20),(20);
|
|
end root@localhost # #
|
|
drop procedure foo4;
|
|
select * from mysql.proc where name="foo4" and db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
select * from mysql.proc where name="foo4" and db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
drop procedure foo;
|
|
drop procedure foo2;
|
|
drop procedure foo3;
|
|
create function fn1(x int)
|
|
returns int
|
|
begin
|
|
insert into t1 values (x);
|
|
return x+2;
|
|
end|
|
|
ERROR HY000: This function has none of DETERMINISTIC, NO SQL, or READS SQL DATA in its declaration and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable)
|
|
create function fn1(x int)
|
|
returns int
|
|
deterministic
|
|
begin
|
|
insert into t1 values (x);
|
|
return x+2;
|
|
end|
|
|
delete t1,t2 from t1,t2;
|
|
select fn1(20);
|
|
fn1(20)
|
|
22
|
|
insert into t2 values(fn1(21));
|
|
select * from t1;
|
|
a
|
|
21
|
|
20
|
|
select * from t2;
|
|
a
|
|
23
|
|
select * from t1;
|
|
a
|
|
21
|
|
20
|
|
select * from t2;
|
|
a
|
|
23
|
|
drop function fn1;
|
|
create function fn1()
|
|
returns int
|
|
no sql
|
|
begin
|
|
return unix_timestamp();
|
|
end|
|
|
alter function fn1 contains sql;
|
|
ERROR HY000: This function has none of DETERMINISTIC, NO SQL, or READS SQL DATA in its declaration and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable)
|
|
delete from t1;
|
|
set timestamp=1000000000;
|
|
insert into t1 values(fn1());
|
|
create function fn2()
|
|
returns int
|
|
no sql
|
|
begin
|
|
return unix_timestamp();
|
|
end|
|
|
ERROR HY000: You do not have the SUPER privilege and binary logging is enabled (you *might* want to use the less safe log_bin_trust_function_creators variable)
|
|
set global log_bin_trust_routine_creators=1;
|
|
Warnings:
|
|
Warning 1287 'log_bin_trust_routine_creators' is deprecated; use 'log_bin_trust_function_creators' instead
|
|
set global log_bin_trust_function_creators=0;
|
|
set global log_bin_trust_function_creators=1;
|
|
set global log_bin_trust_function_creators=1;
|
|
create function fn2()
|
|
returns int
|
|
no sql
|
|
begin
|
|
return unix_timestamp();
|
|
end|
|
|
create function fn3()
|
|
returns int
|
|
not deterministic
|
|
reads sql data
|
|
begin
|
|
return 0;
|
|
end|
|
|
select fn3();
|
|
fn3()
|
|
0
|
|
select * from mysql.proc where db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
mysqltest1 fn1 FUNCTION fn1 SQL NO_SQL NO DEFINER int(11) begin
|
|
return unix_timestamp();
|
|
end root@localhost # #
|
|
mysqltest1 fn2 FUNCTION fn2 SQL NO_SQL NO DEFINER int(11) begin
|
|
return unix_timestamp();
|
|
end zedjzlcsjhd@localhost # #
|
|
mysqltest1 fn3 FUNCTION fn3 SQL READS_SQL_DATA NO DEFINER int(11) begin
|
|
return 0;
|
|
end root@localhost # #
|
|
select * from t1;
|
|
a
|
|
1000000000
|
|
use mysqltest1;
|
|
select * from t1;
|
|
a
|
|
1000000000
|
|
select * from mysql.proc where db='mysqltest1';
|
|
db name type specific_name language sql_data_access is_deterministic security_type param_list returns body definer created modified sql_mode comment
|
|
mysqltest1 fn1 FUNCTION fn1 SQL NO_SQL NO DEFINER int(11) begin
|
|
return unix_timestamp();
|
|
end root@localhost # #
|
|
mysqltest1 fn2 FUNCTION fn2 SQL NO_SQL NO DEFINER int(11) begin
|
|
return unix_timestamp();
|
|
end zedjzlcsjhd@localhost # #
|
|
mysqltest1 fn3 FUNCTION fn3 SQL READS_SQL_DATA NO DEFINER int(11) begin
|
|
return 0;
|
|
end root@localhost # #
|
|
delete from t2;
|
|
alter table t2 add unique (a);
|
|
drop function fn1;
|
|
create function fn1(x int)
|
|
returns int
|
|
begin
|
|
insert into t2 values(x),(x);
|
|
return 10;
|
|
end|
|
|
do fn1(100);
|
|
Warnings:
|
|
Error 1062 Duplicate entry '100' for key 1
|
|
select fn1(20);
|
|
ERROR 23000: Duplicate entry '20' for key 1
|
|
select * from t2;
|
|
a
|
|
20
|
|
100
|
|
select * from t2;
|
|
a
|
|
20
|
|
100
|
|
create trigger trg before insert on t1 for each row set new.a= 10;
|
|
ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
|
delete from t1;
|
|
create trigger trg before insert on t1 for each row set new.a= 10;
|
|
insert into t1 values (1);
|
|
select * from t1;
|
|
a
|
|
10
|
|
select * from t1;
|
|
a
|
|
10
|
|
delete from t1;
|
|
drop trigger trg;
|
|
insert into t1 values (1);
|
|
select * from t1;
|
|
a
|
|
1
|
|
show binlog events in 'master-bin.000001' from 98;
|
|
Log_name Pos Event_type Server_id End_log_pos Info
|
|
master-bin.000001 # Query 1 # drop database if exists mysqltest1
|
|
master-bin.000001 # Query 1 # create database mysqltest1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; create table t1 (a varchar(100))
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` procedure foo()
|
|
begin
|
|
declare b int;
|
|
set b = 8;
|
|
insert into t1 values (b);
|
|
insert into t1 values (unix_timestamp());
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values ( NAME_CONST('b',8))
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values (unix_timestamp())
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` procedure foo2()
|
|
select * from mysqltest1.t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; alter procedure foo2 contains sql
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop table t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; create table t1 (a int)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; create table t2 like t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` procedure foo3()
|
|
deterministic
|
|
insert into t1 values (15)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; grant CREATE ROUTINE, EXECUTE on mysqltest1.* to "zedjzlcsjhd"@127.0.0.1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; grant SELECT on mysqltest1.t1 to "zedjzlcsjhd"@127.0.0.1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; grant SELECT, INSERT on mysqltest1.t2 to "zedjzlcsjhd"@127.0.0.1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`zedjzlcsjhd`@`127.0.0.1` procedure foo4()
|
|
deterministic
|
|
begin
|
|
insert into t2 values(3);
|
|
insert into t1 values (5);
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t2 values(3)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values (15)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t2 values(3)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; alter procedure foo4 sql security invoker
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t2 values(3)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values (5)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t2
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; alter table t2 add unique (a)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop procedure foo4
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` procedure foo4()
|
|
deterministic
|
|
begin
|
|
insert into t2 values(20),(20);
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t2 values(20),(20)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop procedure foo4
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop procedure foo
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop procedure foo2
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop procedure foo3
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` function fn1(x int)
|
|
returns int
|
|
deterministic
|
|
begin
|
|
insert into t1 values (x);
|
|
return x+2;
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete t1,t2 from t1,t2
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; SELECT `fn1`(20)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t2 values(fn1(21))
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop function fn1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` function fn1()
|
|
returns int
|
|
no sql
|
|
begin
|
|
return unix_timestamp();
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values(fn1())
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`zedjzlcsjhd`@`127.0.0.1` function fn2()
|
|
returns int
|
|
no sql
|
|
begin
|
|
return unix_timestamp();
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` function fn3()
|
|
returns int
|
|
not deterministic
|
|
reads sql data
|
|
begin
|
|
return 0;
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t2
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; alter table t2 add unique (a)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop function fn1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` function fn1(x int)
|
|
returns int
|
|
begin
|
|
insert into t2 values(x),(x);
|
|
return 10;
|
|
end
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; SELECT `fn1`(100)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; SELECT `fn1`(20)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; CREATE DEFINER=`root`@`localhost` trigger trg before insert on t1 for each row set new.a= 10
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values (1)
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; delete from t1
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; drop trigger trg
|
|
master-bin.000001 # Query 1 # use `mysqltest1`; insert into t1 values (1)
|
|
select * from t1;
|
|
a
|
|
1
|
|
create procedure foo()
|
|
not deterministic
|
|
reads sql data
|
|
select * from t1;
|
|
call foo();
|
|
a
|
|
1
|
|
drop procedure foo;
|
|
drop function fn1;
|
|
drop database mysqltest1;
|
|
drop user "zedjzlcsjhd"@127.0.0.1;
|
|
use test;
|
|
use test;
|
|
drop function if exists f1;
|
|
create function f1() returns int reads sql data
|
|
begin
|
|
declare var integer;
|
|
declare c cursor for select a from v1;
|
|
open c;
|
|
fetch c into var;
|
|
close c;
|
|
return var;
|
|
end|
|
|
create view v1 as select 1 as a;
|
|
create table t1 (a int);
|
|
insert into t1 (a) values (f1());
|
|
select * from t1;
|
|
a
|
|
1
|
|
drop view v1;
|
|
drop function f1;
|
|
select * from t1;
|
|
a
|
|
1
|
|
DROP PROCEDURE IF EXISTS p1;
|
|
DROP TABLE IF EXISTS t1;
|
|
CREATE TABLE t1(col VARCHAR(10));
|
|
CREATE PROCEDURE p1(arg VARCHAR(10))
|
|
INSERT INTO t1 VALUES(arg);
|
|
CALL p1('test');
|
|
SELECT * FROM t1;
|
|
col
|
|
test
|
|
SELECT * FROM t1;
|
|
col
|
|
test
|
|
DROP PROCEDURE p1;
|
|
drop table t1;
|