mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 03:52:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysql-test/main/sp-security-debug.test
Alexander Barkov 36eba98817 MDEV-19123 Change default charset from latin1 to utf8mb4 
Changing the default server character set from latin1 to utf8mb4.
2024-07-11 10:21:07 +04:00

368 lines
7.6 KiB
Text
Raw Blame History

#
# Testing SQL SECURITY of stored procedures (DEBUGG binaries)
#
--source include/have_debug.inc
# Can't test with embedded server that doesn't support grants
--source include/not_embedded.inc
--source include/default_charset.inc
set @@global.collation_server=@@session.collation_server;
--echo #
--echo # MDEV-29167: new db-level SHOW CREATE ROUTINE privilege
--echo #
--echo ###
--echo ### SHOW-Like commad test
--echo ###
SET @save_sql_mode=@@sql_mode;
--echo #
--echo ### Prepare functions for the test and SHOW-like by owner
--echo #
create database test_db;
use test_db;
create procedure test_db.sp() select 1;
show procedure code test_db.sp;
CREATE FUNCTION test_db.fn() RETURNS INT RETURN 1;
show function code test_db.fn;
SET sql_mode=ORACLE;
DELIMITER $$;
CREATE PACKAGE test_db.pk AS
FUNCTION pkf() RETURN INT;
PROCEDURE pkp();
END;
$$
CREATE PACKAGE BODY test_db.pk AS
pkv INT:=1;
PROCEDURE pkhp() AS
BEGIN
SELECT pkv FROM DUAL;
END;
FUNCTION pkhf() RETURN INT AS
BEGIN
RETURN pkv;
END;
PROCEDURE pkp() AS
BEGIN
CALL pkhp();
END;
FUNCTION pkf() RETURN INT AS
BEGIN
RETURN pkhf();
END;
BEGIN
pkv:=2;
END;
$$
DELIMITER ;$$
SET sql_mode=@save_sql_mode;
--error ER_PARSE_ERROR
show package code test_db.pk;
show package body code test_db.pk;
use test;
--echo ###
--echo ### Pre-"SHOW-CREATE-ROUTINE" behaviour tests
--echo ###
--echo #
--echo ### Rights on mysql.proc
--echo #
create user user@localhost;
grant all privileges on mysql.* to user@localhost;
grant all privileges on test.* to user@localhost;
connect conn1, localhost, user, , test;
show procedure code test_db.sp;
show function code test_db.fn;
show package body code test_db.pk;
connection default;
disconnect conn1;
revoke all privileges on mysql.* from user@localhost;
--echo #
--echo ### No privileges
--echo #
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show procedure code test_db.sp;
--error ER_SP_DOES_NOT_EXIST
show function code test_db.fn;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
--echo #
--echo ### Execute provilege PROCEDURE/FUNCTION
--echo #
grant execute on procedure test_db.sp to user@localhost;
grant execute on function test_db.fn to user@localhost;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show procedure code test_db.sp;
--error ER_SP_DOES_NOT_EXIST
show function code test_db.fn;
connection default;
disconnect conn1;
revoke execute on procedure test_db.sp from user@localhost;
revoke execute on function test_db.fn from user@localhost;
--echo #
--echo ### Execute provilege PACKAGE+ PACKAGE BODY-
--echo #
SET sql_mode=ORACLE;
grant execute on package test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke execute on package test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
--echo #
--echo ### Execute provilege PACKAGE- PACKAGE BODY+
--echo #
SET sql_mode=ORACLE;
grant execute on package body test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke execute on package body test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
--echo #
--echo ### Alter routine provilege PROCEDURE/FUNCTION
--echo #
grant alter routine on procedure test_db.sp to user@localhost;
grant alter routine on function test_db.fn to user@localhost;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show procedure code test_db.sp;
--error ER_SP_DOES_NOT_EXIST
show function code test_db.fn;
connection default;
disconnect conn1;
revoke alter routine on procedure test_db.sp from user@localhost;
revoke alter routine on function test_db.fn from user@localhost;
--echo #
--echo ### Alter routine provilege PACKAGE+ PACKAGE BODY-
--echo #
SET sql_mode=ORACLE;
grant alter routine on package test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke alter routine on package test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
--echo #
--echo ### Alter routine provilege PACKAGE+ PACKAGE BODY-
--echo #
SET sql_mode=ORACLE;
grant alter routine on package body test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke alter routine on package body test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
--echo ###
--echo ### SHOW CREATE PROCEDURE tests
--echo ###
--echo #
--echo ### Global "show create routine" test
--echo #
grant show create routine on *.* to user@localhost;
show grants for user@localhost;
connect conn1, localhost, user, , test;
show procedure code test_db.sp;
show function code test_db.fn;
show package body code test_db.pk;
connection default;
disconnect conn1;
revoke show create routine on *.* from user@localhost;
--echo #
--echo ### DB-level "show create routine" but other DB test
--echo #
grant show create routine on db_test.* to user@localhost;
show grants for user@localhost;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show procedure code test_db.sp;
--error ER_SP_DOES_NOT_EXIST
show function code test_db.fn;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
revoke show create routine on db_test.* from user@localhost;
--echo #
--echo ### DB-level "show create routine" test
--echo #
grant show create routine on test_db.* to user@localhost;
show grants for user@localhost;
connect conn1, localhost, user, , test;
show procedure code test_db.sp;
show function code test_db.fn;
show package body code test_db.pk;
connection default;
disconnect conn1;
revoke show create routine on test_db.* from user@localhost;
--echo #
--echo ### Routine-level "show create routine" PROCEDURE and FUNCTION
--echo #
grant show create routine on procedure test_db.sp to user@localhost;
grant show create routine on function test_db.fn to user@localhost;
connect conn1, localhost, user, , test;
show procedure code test_db.sp;
show function code test_db.fn;
connection default;
disconnect conn1;
revoke show create routine on procedure test_db.sp from user@localhost;
revoke show create routine on function test_db.fn from user@localhost;
--echo #
--echo ### Routine-level "show create routine" PACKAGE+ PACKAGE BODY-
--echo #
SET sql_mode=ORACLE;
grant show create routine on package test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
--error ER_SP_DOES_NOT_EXIST
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke show create routine on package test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
--echo #
--echo ### Routine-level "show create routine" PACKAGE- PACKAGE BODY+
--echo #
SET sql_mode=ORACLE;
grant show create routine on package body test_db.pk to user@localhost;
SET sql_mode=@save_sql_mode;
connect conn1, localhost, user, , test;
show package body code test_db.pk;
connection default;
disconnect conn1;
SET sql_mode=ORACLE;
revoke show create routine on package body test_db.pk from user@localhost;
SET sql_mode=@save_sql_mode;
drop database test_db;
drop user user@localhost;
--echo #
--echo # End of 11.3 tests
--echo #
Reference in a new issue View git blame Copy permalink