mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 03:52:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysql-test/main/public_basic.result
Oleksandr Byelkin 22491e627a MDEV-30154: Assertion `strcasecmp(rolename, public_name.str) || acl_public == role' failed in acl_update_role on GRANT ... TO PUBLIC 
Reset of acl_public was made too early (before saving it to restore in case
of error).
2023-01-03 10:17:42 +01:00

122 lines
4.1 KiB
Text
Raw Blame History

#
# MDEV-5215 Granted to PUBLIC
#
SHOW GRANTS FOR PUBLIC;
Grants for PUBLIC
# it is not PUBLIC but an user
# (this should work as it allowed for roles for example)
create user PUBLIC;
create user PUBLIC@localhost;
GRANT SELECT on test.* to PUBLIC@localhost;
drop user PUBLIC@localhost;
drop user PUBLIC;
select * from mysql.global_priv where user="PUBLIC" ;
Host User Priv
GRANT SELECT on test.* to PUBLIC;
GRANT SELECT on mysql.db to PUBLIC;
select * from mysql.global_priv where user="PUBLIC" ;
Host User Priv
PUBLIC {"access":0,"version_id":VERSION,"is_role":true}
SHOW GRANTS FOR PUBLIC;
Grants for PUBLIC
GRANT SELECT ON `test`.* TO PUBLIC
GRANT SELECT ON `mysql`.`db` TO PUBLIC
GRANT UPDATE on test.* to PUBLIC;
grant update on mysql.db to public;
show grants for public;
Grants for PUBLIC
GRANT SELECT, UPDATE ON `test`.* TO PUBLIC
GRANT SELECT, UPDATE ON `mysql`.`db` TO PUBLIC
revoke select on test.* from public;
REVOKE SELECT on mysql.db from PUBLIC;
SHOW GRANTS FOR PUBLIC;
Grants for PUBLIC
GRANT UPDATE ON `test`.* TO PUBLIC
GRANT UPDATE ON `mysql`.`db` TO PUBLIC
REVOKE UPDATE on test.* from PUBLIC;
REVOKE UPDATE on mysql.db from PUBLIC;
SHOW GRANTS FOR PUBLIC;
Grants for PUBLIC
GRANT XXXXXX TO CURRENT_USER;
ERROR OP000: Invalid role specification `XXXXXX`
# following should fail with the same error as above
GRANT PUBLIC TO CURRENT_USER;
ERROR OP000: Invalid role specification `PUBLIC`
revoke xxxxxx from current_user;
ERROR OP000: Invalid role specification `xxxxxx`
# following should fail with the same error as above
revoke public from current_user;
ERROR OP000: Invalid role specification `PUBLIC`
drop role XXXXXX;
ERROR HY000: Operation DROP ROLE failed for 'XXXXXX'
# following should fail with the same error as above
drop role public;
ERROR HY000: Operation DROP ROLE failed for PUBLIC
SET ROLE XXXXXX;
ERROR OP000: Invalid role specification `XXXXXX`
# following should fail with the same error as above
SET ROLE PUBLIC;
ERROR OP000: Invalid role specification `PUBLIC`
SET DEFAULT ROLE XXXXXX;
ERROR OP000: Invalid role specification `XXXXXX`
# following should fail with the same error as above
SET DEFAULT ROLE PUBLIC;
ERROR OP000: Invalid role specification `PUBLIC`
set default role public;
ERROR OP000: Invalid role specification `PUBLIC`
#
# check prohibition of change security context to PUBLIC
#
# be sure that we have PUBLIC
GRANT SELECT on test.* to PUBLIC;
# try with a view
create table t1( a int);
create definer = PUBLIC view v1 as select * from t1;
ERROR OP000: Invalid role specification `PUBLIC`
drop table t1;
# try with a stored procedure
create definer='PUBLIC' PROCEDURE p1() SELECT 1;
ERROR OP000: Invalid role specification `PUBLIC`
# this test cleanup
revoke select on test.* from public;
#
# check autocreation of PUBLIC on GRANT role TO PUBLIC
#
# make sure that the privilege will be added automatically
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
create role roletest;
grant roletest to public;
drop role roletest;
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
grant select on mysql.global_priv to public;
revoke select on mysql.global_priv from public;
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
grant select (user) on mysql.global_priv to public;
revoke select (user) on mysql.global_priv from public;
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
grant execute on procedure mtr.add_suppression to public;
revoke execute on procedure mtr.add_suppression from public;
#
# MDEV-30154: Assertion `strcasecmp(rolename, public_name.str) ||
# acl_public == role' failed in acl_update_role on GRANT ... TO PUBLIC
#
call mtr.add_suppression("Can't open and lock privilege tables");
USE test;
GRANT SELECT ON *.* TO PUBLIC;
LOCK TABLES mysql.time_zone WRITE,mysql.proc WRITE;
FLUSH PRIVILEGES;
ERROR HY000: Table 'db' was not locked with LOCK TABLES
LOCK TABLE nonexisting WRITE;
ERROR 42S02: Table 'test.nonexisting' doesn't exist
GRANT SELECT ON *.* TO PUBLIC;
REVOKE SELECT ON *.* FROM PUBLIC;
#
# End of 10.11 test
#
# clean up
delete from mysql.global_priv where user="PUBLIC";
flush privileges;
Reference in a new issue View git blame Copy permalink