mirror of
https://github.com/MariaDB/server.git
synced 2025-01-19 13:32:33 +01:00
b88150c96e
he has SELECT and INSERT privileges for table with primary key" Now we set lex->duplicates= DUP_UPDATE right in parser if INSERT has ON DUPLICATE KEY UPDATE clause, this simplifies insert_precheck() function (this also fixes a bug) and some other code. mysql-test/r/grant2.result: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" mysql-test/t/grant2.test: Added test for bug #6173 "One can circumvent missing UPDATE privilege if he has SELECT and INSERT privileges for table with primary key" sql/mysql_priv.h: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause. sql/sql_parse.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_prepare.cc: insert_precheck() don't need "update" parameter any longer since now we set lex->duplicates to DUP_UPDATE if INSERT has ON DUPLICATE KEY UPDATE clause, so it can determine whenever it is needed to require UPDATE_ACL by itself. Also calling of mysql_insert() is simplified. sql/sql_yacc.yy: It is better to set Lex->duplicates= DUP_UPDATE right in parser if we have INSERT with ON DUPLICATE KEY UPDATE clause, rather doing this later.
54 lines
2.3 KiB
Text
54 lines
2.3 KiB
Text
SET NAMES binary;
|
|
drop database if exists mysqltest;
|
|
delete from mysql.user where user like 'mysqltest\_%';
|
|
delete from mysql.db where user like 'mysqltest\_%';
|
|
delete from mysql.tables_priv where user like 'mysqltest\_%';
|
|
delete from mysql.columns_priv where user like 'mysqltest\_%';
|
|
flush privileges;
|
|
grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
|
|
select current_user();
|
|
current_user()
|
|
mysqltest_1@localhost
|
|
select current_user;
|
|
current_user
|
|
mysqltest_1@localhost
|
|
grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
|
|
grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
|
|
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
|
|
show grants for mysqltest_1@localhost;
|
|
Grants for mysqltest_1@localhost
|
|
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
|
|
GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
|
|
show grants for mysqltest_2@localhost;
|
|
Grants for mysqltest_2@localhost
|
|
GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
|
|
GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
|
|
show grants for mysqltest_3@localhost;
|
|
ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
|
|
delete from mysql.user where user like 'mysqltest\_%';
|
|
delete from mysql.db where user like 'mysqltest\_%';
|
|
flush privileges;
|
|
create database mysqltest;
|
|
grant INSERT, SELECT on mysqltest.* to mysqltest_1@localhost;
|
|
flush privileges;
|
|
use mysqltest;
|
|
create table t1 (id int primary key, data varchar(255));
|
|
show grants for current_user();
|
|
Grants for mysqltest_1@localhost
|
|
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
|
|
GRANT SELECT, INSERT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
|
|
use mysqltest;
|
|
insert into t1 values (1, 'I can''t change it!');
|
|
update t1 set data='I can change it!' where id = 1;
|
|
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
|
|
insert into t1 values (1, 'XXX') on duplicate key update data= 'I can change it!';
|
|
ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest'
|
|
select * from t1;
|
|
id data
|
|
1 I can't change it!
|
|
drop table t1;
|
|
drop database mysqltest;
|
|
use test;
|
|
delete from mysql.user where user like 'mysqltest\_%';
|
|
delete from mysql.db where user like 'mysqltest\_%';
|
|
flush privileges;
|