mirror of
https://github.com/MariaDB/server.git
synced 2025-01-17 20:42:30 +01:00
395c8ca708
SYSTEM_INVISIBLE or COMPLETELY_INVISIBLE This commit does multiple things to solve this mdev 1st add field into the parameter of check_column_grant_in_table_ref, so that we can find out field invisibility. 2nd If field->invisible >= INVISIBLE_SYSTEM skip access check and simple grant access.
68 lines
1.2 KiB
Text
68 lines
1.2 KiB
Text
create user user_1;
|
|
show grants for user_1;
|
|
Grants for user_1@%
|
|
GRANT USAGE ON *.* TO 'user_1'@'%'
|
|
# create user
|
|
create database d;
|
|
use d;
|
|
|
|
#System_Invisible
|
|
create table t1(a int) with system versioning;
|
|
insert into t1 values(1);
|
|
select a from t1;
|
|
a
|
|
1
|
|
select count(row_start) from t1;
|
|
count(row_start)
|
|
1
|
|
grant insert(a) on t1 to user_1;
|
|
grant update(a) on t1 to user_1;
|
|
grant select(a) on t1 to user_1;
|
|
grant delete on t1 to user_1;
|
|
connect con1, localhost, user_1,,test;
|
|
connection con1;
|
|
select user();
|
|
user()
|
|
user_1@localhost
|
|
use d;
|
|
select * from t1;
|
|
a
|
|
1
|
|
insert into t1 values(2);
|
|
select * from t1;
|
|
a
|
|
1
|
|
2
|
|
insert into t1(a) values(3);
|
|
select * from t1;
|
|
a
|
|
1
|
|
2
|
|
3
|
|
select a from t1;
|
|
a
|
|
1
|
|
2
|
|
3
|
|
select count(row_start) from t1;
|
|
count(row_start)
|
|
3
|
|
delete from t1 where a =1;
|
|
update t1 set a=1 where a=3;
|
|
select * from t1;
|
|
a
|
|
2
|
|
1
|
|
connection default;
|
|
REVOKE ALL PRIVILEGES, GRANT OPTION FROM user_1;
|
|
connection con1;
|
|
select * from t1;
|
|
ERROR 42000: SELECT command denied to user 'user_1'@'localhost' for table 't1'
|
|
select count(row_start) from t1;
|
|
ERROR 42000: SELECT command denied to user 'user_1'@'localhost' for table 't1'
|
|
disconnect con1;
|
|
|
|
#Cleanup
|
|
connection default;
|
|
drop user user_1;
|
|
drop database d;
|