mirror of
https://github.com/MariaDB/server.git
synced 2025-01-20 05:52:27 +01:00
93e11dce94
now we return different error message if user doesn't have SELECT grants mysql-test/r/partition_grant.result: test result mysql-test/t/partition_grant.test: testcase sql/mysql_priv.h: no_errors parameter added to check_single_table_access() sql/partition_info.cc: access rights control added to the print_no_partition() sql/share/errmsg.txt: message added sql/sql_base.cc: no_errors parameter added to check_single_table_access() sql/sql_parse.cc: no_errors parameter added to check_single_table_access()
81 lines
2.2 KiB
Text
81 lines
2.2 KiB
Text
-- source include/have_partition.inc
|
|
# Grant tests not performed with embedded server
|
|
-- source include/not_embedded.inc
|
|
|
|
--disable_warnings
|
|
drop schema if exists mysqltest_1;
|
|
--enable_warnings
|
|
|
|
|
|
#
|
|
# Bug #17139: ALTER TABLE ... DROP PARTITION should require DROP privilege
|
|
#
|
|
|
|
create schema mysqltest_1;
|
|
use mysqltest_1;
|
|
|
|
create table t1 (a int) partition by list (a) (partition p1 values in (1), partition p2 values in (2), partition p3 values in (3));
|
|
insert into t1 values (1),(2);
|
|
|
|
# We don't have DROP USER IF EXISTS. Use this workaround to
|
|
# cleanup possible grants for mysqltest_1 left by previous tests
|
|
# and ensure consistent results of SHOW GRANTS command below.
|
|
--disable_warnings
|
|
grant usage on *.* to mysqltest_1@localhost;
|
|
revoke all privileges on *.* from mysqltest_1@localhost;
|
|
--enable_warnings
|
|
|
|
grant select,alter on mysqltest_1.* to mysqltest_1@localhost;
|
|
|
|
connect (conn1,localhost,mysqltest_1,,mysqltest_1);
|
|
show grants for current_user;
|
|
alter table t1 add b int;
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
alter table t1 drop partition p2;
|
|
disconnect conn1;
|
|
|
|
connection default;
|
|
grant drop on mysqltest_1.* to mysqltest_1@localhost;
|
|
|
|
connect (conn2,localhost,mysqltest_1,,mysqltest_1);
|
|
alter table t1 drop partition p2;
|
|
disconnect conn2;
|
|
|
|
connection default;
|
|
revoke alter on mysqltest_1.* from mysqltest_1@localhost;
|
|
|
|
connect (conn3,localhost,mysqltest_1,,mysqltest_1);
|
|
--error ER_TABLEACCESS_DENIED_ERROR
|
|
alter table t1 drop partition p3;
|
|
disconnect conn3;
|
|
|
|
connection default;
|
|
|
|
revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
|
|
drop table t1;
|
|
|
|
#
|
|
# Bug #23675 Partitions: possible security breach via alter
|
|
#
|
|
|
|
create table t1 (s1 int);
|
|
insert into t1 values (1);
|
|
grant alter on mysqltest_1.* to mysqltest_1@localhost;
|
|
connect (conn4,localhost,mysqltest_1,,mysqltest_1);
|
|
connection conn4;
|
|
--error 1514
|
|
alter table t1 partition by list (s1) (partition p1 values in (2));
|
|
connection default;
|
|
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
|
|
disconnect conn4;
|
|
connect (conn5,localhost,mysqltest_1,,mysqltest_1);
|
|
--error 1514
|
|
alter table t1 partition by list (s1) (partition p1 values in (2));
|
|
disconnect conn5;
|
|
connection default;
|
|
drop table t1;
|
|
|
|
drop user mysqltest_1@localhost;
|
|
drop schema mysqltest_1;
|
|
|
|
--echo End of 5.1 tests
|