mariadb/mysql-test/suite/roles/grant_role_auto_create_user.test
Sergei Golubchik 5f2b07efc7 minor cleanup
2013-12-25 21:21:47 +01:00

121 lines
3.3 KiB
Text

#
# MDEV-5221 User auto-creation does not work upon GRANT <role>
#
--source include/not_embedded.inc
create database db;
create role auto_create;
grant all on db.* to auto_create;
grant auto_create to foo@localhost;
grant auto_create to bar@localhost identified by 'baz';
# Test if the users have been created and the role has been granted to them
--connect (con1,localhost,foo,,)
set role 'auto_create';
use db;
create table t1 (i int);
--disconnect con1
--connect (con1,localhost,bar,baz,)
set role auto_create;
use db;
insert into t1 values (1);
--disconnect con1
--connection default
drop user foo@localhost, bar@localhost;
set sql_mode = 'no_auto_create_user';
--error ER_PASSWORD_NO_MATCH
grant auto_create to foo@localhost;
grant auto_create to bar@localhost identified by 'baz';
select user, host from mysql.user where user = 'bar';
set sql_mode = '';
--connect (con1,localhost,bar,baz,)
set role auto_create;
use db;
drop table t1;
--disconnect con1
--connection default
create user foo@localhost;
# test all possible cases with a user who has no rights to grant the role
--connect (con1, localhost, foo,,)
set sql_mode = '';
#try and grant roles, no rights however
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to bar2@localhost;
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to foo2@localhost;
set sql_mode = 'no_auto_create_user';
#try and grant roles, no rights however
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to bar2@localhost;
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to foo2@localhost identified by 'pass';
--disconnect con1
--connection default
grant auto_create to foo@localhost;
--connect (con1, localhost, foo,,)
#we now have the role granted to us, but we don't have insert privileges,
#we should not be able to create a new user
set sql_mode = '';
#also test that we can not grant a role without admin option
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to bar@localhost;
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to bar2@localhost;
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to foo2@localhost identified by 'pass';
set sql_mode = 'no_auto_create_user';
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to bar2@localhost;
--error ER_ACCESS_DENIED_NO_PASSWORD_ERROR
grant auto_create to foo2@localhost identified by 'pass';
#test that we can grant a role with admin option to an existing user, but not
#create one
--connection default
grant auto_create to foo@localhost with admin option;
--disconnect con1
--connect (con1, localhost, foo,,)
#we now have the role granted to us, but we don't have insert privileges,
#we should not be able to create a new user
set sql_mode = '';
#also test that we can grant a role with admin option
grant auto_create to bar@localhost;
#test that we don't create users if we don't have insert privileges
--error ER_CANT_CREATE_USER_WITH_GRANT
grant auto_create to bar2@localhost;
--error ER_CANT_CREATE_USER_WITH_GRANT
grant auto_create to foo2@localhost identified by 'pass';
set sql_mode = 'no_auto_create_user';
--error ER_PASSWORD_NO_MATCH
grant auto_create to bar2@localhost;
--error ER_CANT_CREATE_USER_WITH_GRANT
grant auto_create to foo2@localhost identified by 'pass';
--connection default
drop user foo@localhost;
drop user bar@localhost;
drop role auto_create;
drop database db;