mirror of
https://github.com/MariaDB/server.git
synced 2025-01-18 13:02:28 +01:00
f7aeb6f9fd
view definer information syntax/storage/replication fixed SOURCE field of .frm mysql-test/r/func_in.result: definer information added to CREATE VIEW mysql-test/r/lowercase_view.result: definer information added to CREATE VIEW mysql-test/r/mysqldump.result: definer information added to CREATE VIEW mysql-test/r/rpl_view.result: check log of queries mysql-test/r/skip_grants.result: --skip-grants do not allow use user information mysql-test/r/sql_mode.result: definer information added to CREATE VIEW mysql-test/r/temp_table.result: definer information added to CREATE VIEW mysql-test/r/view.result: definer information added to CREATE VIEW test of storing/restoring definer information mysql-test/r/view_grant.result: test of grant check of definer information definer information added to CREATE VIEW mysql-test/t/rpl_view.test: check log of queries mysql-test/t/skip_grants.test: --skip-grants do not allow use user information mysql-test/t/view.test: test of storing/restoring definer information mysql-test/t/view_grant.test: test of grant check of definer information sql/mysql_priv.h: CREATE/ALTER VIEW print support set current user as definer procedure sql/share/errmsg.txt: new errors/warnings sql/sql_acl.cc: make find_acl_user public to allow to check user sql/sql_acl.h: make find_acl_user public to allow to check user sql/sql_lex.h: storing definer information sql/sql_parse.cc: send CREATE/ALTER VIEW for replication with full list of options set current user as definer procedure sql/sql_show.cc: new CREATE VIEW options printed sql/sql_view.cc: check of definer clause changes in .frm file definer information storage support now we store only original SELECT in SOURCE field of .frm sql/sql_yacc.yy: definer information sintax support getting SOURCE field information for .frm sql/table.h: definer information storage
309 lines
14 KiB
Text
309 lines
14 KiB
Text
grant create view on test.* to test@localhost;
|
|
show grants for test@localhost;
|
|
Grants for test@localhost
|
|
GRANT USAGE ON *.* TO 'test'@'localhost'
|
|
GRANT CREATE VIEW ON `test`.* TO 'test'@'localhost'
|
|
revoke create view on test.* from test@localhost;
|
|
show grants for test@localhost;
|
|
Grants for test@localhost
|
|
GRANT USAGE ON *.* TO 'test'@'localhost'
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int);
|
|
create table mysqltest.t2 (a int, b int);
|
|
grant select on mysqltest.t1 to mysqltest_1@localhost;
|
|
grant create view,select on test.* to mysqltest_1@localhost;
|
|
create definer=root@localhost view v1 as select * from mysqltest.t1;
|
|
ERROR HY000: You need the SUPER privilege for creation view with root@localhost definer
|
|
create view v1 as select * from mysqltest.t1;
|
|
alter view v1 as select * from mysqltest.t1;
|
|
ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 'v1'
|
|
create or replace view v1 as select * from mysqltest.t1;
|
|
ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 'v1'
|
|
create view mysqltest.v2 as select * from mysqltest.t1;
|
|
ERROR 42000: CREATE VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
create view v2 as select * from mysqltest.t2;
|
|
ERROR 42000: ANY command denied to user 'mysqltest_1'@'localhost' for table 't2'
|
|
show create view v1;
|
|
View Create View
|
|
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_1`@`localhost` SQL SECURITY DEFINER VIEW `test`.`v1` AS select `mysqltest`.`t1`.`a` AS `a`,`mysqltest`.`t1`.`b` AS `b` from `mysqltest`.`t1`
|
|
grant create view,drop,select on test.* to mysqltest_1@localhost;
|
|
use test;
|
|
alter view v1 as select * from mysqltest.t1;
|
|
create or replace view v1 as select * from mysqltest.t1;
|
|
revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
|
|
revoke all privileges on test.* from mysqltest_1@localhost;
|
|
drop database mysqltest;
|
|
drop view test.v1;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int);
|
|
create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
|
|
grant select (c) on mysqltest.v1 to mysqltest_1@localhost;
|
|
select c from mysqltest.v1;
|
|
c
|
|
select d from mysqltest.v1;
|
|
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1'
|
|
revoke all privileges on mysqltest.v1 from mysqltest_1@localhost;
|
|
delete from mysql.user where user='mysqltest_1';
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int);
|
|
create algorithm=temptable view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
|
|
grant select (c) on mysqltest.v1 to mysqltest_1@localhost;
|
|
select c from mysqltest.v1;
|
|
c
|
|
select d from mysqltest.v1;
|
|
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1'
|
|
revoke all privileges on mysqltest.v1 from mysqltest_1@localhost;
|
|
delete from mysql.user where user='mysqltest_1';
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int);
|
|
create table mysqltest.t2 (a int, b int);
|
|
create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1;
|
|
create algorithm=temptable view mysqltest.v2 (c,d) as select a+1,b+1 from mysqltest.t1;
|
|
create view mysqltest.v3 (c,d) as select a+1,b+1 from mysqltest.t2;
|
|
create algorithm=temptable view mysqltest.v4 (c,d) as select a+1,b+1 from mysqltest.t2;
|
|
grant select on mysqltest.v1 to mysqltest_1@localhost;
|
|
grant select on mysqltest.v2 to mysqltest_1@localhost;
|
|
grant select on mysqltest.v3 to mysqltest_1@localhost;
|
|
grant select on mysqltest.v4 to mysqltest_1@localhost;
|
|
select c from mysqltest.v1;
|
|
c
|
|
select c from mysqltest.v2;
|
|
c
|
|
select c from mysqltest.v3;
|
|
c
|
|
select c from mysqltest.v4;
|
|
c
|
|
show columns from mysqltest.v1;
|
|
Field Type Null Key Default Extra
|
|
c bigint(12) YES NULL
|
|
d bigint(12) YES NULL
|
|
show columns from mysqltest.v2;
|
|
Field Type Null Key Default Extra
|
|
c bigint(12) YES NULL
|
|
d bigint(12) YES NULL
|
|
explain select c from mysqltest.v1;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v1;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1'
|
|
explain select c from mysqltest.v2;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v2;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
explain select c from mysqltest.v3;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v3;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3'
|
|
explain select c from mysqltest.v4;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v4;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4'
|
|
grant select on mysqltest.t1 to mysqltest_1@localhost;
|
|
explain select c from mysqltest.v1;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY t1 system NULL NULL NULL NULL 0 const row not found
|
|
show create view mysqltest.v1;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1'
|
|
explain select c from mysqltest.v2;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY <derived2> system NULL NULL NULL NULL 0 const row not found
|
|
2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table
|
|
show create view mysqltest.v2;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
explain select c from mysqltest.v3;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v3;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3'
|
|
explain select c from mysqltest.v4;
|
|
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
|
|
show create view mysqltest.v4;
|
|
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4'
|
|
grant show view on mysqltest.* to mysqltest_1@localhost;
|
|
explain select c from mysqltest.v1;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY t1 system NULL NULL NULL NULL 0 const row not found
|
|
show create view mysqltest.v1;
|
|
View Create View
|
|
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
|
|
explain select c from mysqltest.v2;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY <derived2> system NULL NULL NULL NULL 0 const row not found
|
|
2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table
|
|
show create view mysqltest.v2;
|
|
View Create View
|
|
v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1`
|
|
explain select c from mysqltest.v3;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY t2 system NULL NULL NULL NULL 0 const row not found
|
|
show create view mysqltest.v3;
|
|
View Create View
|
|
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2`
|
|
explain select c from mysqltest.v4;
|
|
id select_type table type possible_keys key key_len ref rows Extra
|
|
1 PRIMARY <derived2> system NULL NULL NULL NULL 0 const row not found
|
|
2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table
|
|
show create view mysqltest.v4;
|
|
View Create View
|
|
v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2`
|
|
revoke all privileges on mysqltest.* from mysqltest_1@localhost;
|
|
delete from mysql.user where user='mysqltest_1';
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int, primary key(a));
|
|
insert into mysqltest.t1 values (10,2), (20,3), (30,4), (40,5), (50,10);
|
|
create table mysqltest.t2 (x int);
|
|
insert into mysqltest.t2 values (3), (4), (5), (6);
|
|
create view mysqltest.v1 (a,c) as select a, b+1 from mysqltest.t1;
|
|
create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1;
|
|
create view mysqltest.v3 (a,c) as select a, b+1 from mysqltest.t1;
|
|
grant update (a) on mysqltest.v2 to mysqltest_1@localhost;
|
|
grant update on mysqltest.v1 to mysqltest_1@localhost;
|
|
grant select on mysqltest.* to mysqltest_1@localhost;
|
|
use mysqltest;
|
|
update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c;
|
|
select * from t1;
|
|
a b
|
|
13 2
|
|
24 3
|
|
35 4
|
|
46 5
|
|
50 10
|
|
update v1 set a=a+c;
|
|
select * from t1;
|
|
a b
|
|
16 2
|
|
28 3
|
|
40 4
|
|
52 5
|
|
61 10
|
|
update t2,v2 set v2.a=v2.a+v2.c where t2.x=v2.c;
|
|
select * from t1;
|
|
a b
|
|
16 2
|
|
31 3
|
|
44 4
|
|
57 5
|
|
61 10
|
|
update v2 set a=a+c;
|
|
select * from t1;
|
|
a b
|
|
18 2
|
|
34 3
|
|
48 4
|
|
62 5
|
|
71 10
|
|
update t2,v2 set v2.c=v2.a+v2.c where t2.x=v2.c;
|
|
ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for column 'c' in table 'v2'
|
|
update v2 set c=a+c;
|
|
ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for column 'c' in table 'v2'
|
|
update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c;
|
|
ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table 'v3'
|
|
update v3 set a=a+c;
|
|
ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table 'v3'
|
|
use test;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int, primary key(a));
|
|
insert into mysqltest.t1 values (1,2), (2,3), (3,4), (4,5), (5,10);
|
|
create table mysqltest.t2 (x int);
|
|
insert into mysqltest.t2 values (3), (4), (5), (6);
|
|
create view mysqltest.v1 (a,c) as select a, b+1 from mysqltest.t1;
|
|
create view mysqltest.v2 (a,c) as select a, b+1 from mysqltest.t1;
|
|
grant delete on mysqltest.v1 to mysqltest_1@localhost;
|
|
grant select on mysqltest.* to mysqltest_1@localhost;
|
|
use mysqltest;
|
|
delete from v1 where c < 4;
|
|
select * from t1;
|
|
a b
|
|
2 3
|
|
3 4
|
|
4 5
|
|
5 10
|
|
delete v1 from t2,v1 where t2.x=v1.c;
|
|
select * from t1;
|
|
a b
|
|
5 10
|
|
delete v2 from t2,v2 where t2.x=v2.c;
|
|
ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
delete from v2 where c < 4;
|
|
ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
use test;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int, primary key(a));
|
|
insert into mysqltest.t1 values (1,2), (2,3);
|
|
create table mysqltest.t2 (x int, y int);
|
|
insert into mysqltest.t2 values (3,4);
|
|
create view mysqltest.v1 (a,c) as select a, b from mysqltest.t1;
|
|
create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1;
|
|
grant insert on mysqltest.v1 to mysqltest_1@localhost;
|
|
grant select on mysqltest.* to mysqltest_1@localhost;
|
|
use mysqltest;
|
|
insert into v1 values (5,6);
|
|
select * from t1;
|
|
a b
|
|
1 2
|
|
2 3
|
|
5 6
|
|
insert into v1 select x,y from t2;
|
|
select * from t1;
|
|
a b
|
|
1 2
|
|
2 3
|
|
5 6
|
|
3 4
|
|
insert into v2 values (5,6);
|
|
ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
insert into v2 select x,y from t2;
|
|
ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table 'v2'
|
|
use test;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
|
|
drop database mysqltest;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int, b int);
|
|
create table mysqltest.t2 (a int, b int);
|
|
grant update on mysqltest.t1 to mysqltest_1@localhost;
|
|
grant update(b) on mysqltest.t2 to mysqltest_1@localhost;
|
|
grant create view,update on test.* to mysqltest_1@localhost;
|
|
create view v1 as select * from mysqltest.t1;
|
|
create view v2 as select b from mysqltest.t2;
|
|
create view mysqltest.v1 as select * from mysqltest.t1;
|
|
ERROR 42000: CREATE VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1'
|
|
create view v3 as select a from mysqltest.t2;
|
|
ERROR 42000: ANY command denied to user 'mysqltest_1'@'localhost' for column 'a' in table 't2'
|
|
create table mysqltest.v3 (b int);
|
|
grant create view on mysqltest.v3 to mysqltest_1@localhost;
|
|
drop table mysqltest.v3;
|
|
create view mysqltest.v3 as select b from mysqltest.t2;
|
|
grant create view, update on mysqltest.v3 to mysqltest_1@localhost;
|
|
drop view mysqltest.v3;
|
|
create view mysqltest.v3 as select b from mysqltest.t2;
|
|
grant create view, update, insert on mysqltest.v3 to mysqltest_1@localhost;
|
|
drop view mysqltest.v3;
|
|
create view mysqltest.v3 as select b from mysqltest.t2;
|
|
ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
|
|
create table mysqltest.v3 (b int);
|
|
grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
|
|
drop table mysqltest.v3;
|
|
create view mysqltest.v3 as select b from mysqltest.t2;
|
|
ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
|
|
create view v4 as select b+1 from mysqltest.t2;
|
|
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'
|
|
grant create view,update,select on test.* to mysqltest_1@localhost;
|
|
create view v4 as select b+1 from mysqltest.t2;
|
|
ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'
|
|
grant update,select(b) on mysqltest.t2 to mysqltest_1@localhost;
|
|
create view v4 as select b+1 from mysqltest.t2;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
|
|
drop database mysqltest;
|
|
drop view v1,v2,v4;
|
|
create database mysqltest;
|
|
create table mysqltest.t1 (a int);
|
|
grant all privileges on mysqltest.* to mysqltest_1@localhost;
|
|
use mysqltest;
|
|
create view v1 as select * from t1;
|
|
revoke all privileges on mysqltest.* from mysqltest_1@localhost;
|
|
drop database mysqltest;
|