mirror of
https://github.com/MariaDB/server.git
synced 2025-01-27 17:33:44 +01:00
107 lines
2.9 KiB
Text
107 lines
2.9 KiB
Text
#
|
|
# Test user to check if we can grant the created role to it.
|
|
#
|
|
create user test_user;
|
|
#
|
|
# First create the role.
|
|
#
|
|
SET @createRole = 'CREATE ROLE developers';
|
|
PREPARE stmtCreateRole FROM @createRole;
|
|
EXECUTE stmtCreateRole;
|
|
#
|
|
# Test to see if the role is created.
|
|
#
|
|
SELECT user, host,is_role FROM mysql.user
|
|
WHERE user = 'developers';
|
|
user host is_role
|
|
developers Y
|
|
SHOW GRANTS;
|
|
Grants for root@localhost
|
|
GRANT developers TO 'root'@'localhost' WITH ADMIN OPTION
|
|
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
|
|
GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
|
|
# Test reexecution.
|
|
EXECUTE stmtCreateRole;
|
|
ERROR HY000: Operation CREATE ROLE failed for 'developers'
|
|
#
|
|
# Now grant the role to the test user.
|
|
#
|
|
SET @grantRole = 'GRANT developers to test_user';
|
|
PREPARE stmtGrantRole FROM @grantRole;
|
|
EXECUTE stmtGrantRole;
|
|
# Test reexecution.
|
|
EXECUTE stmtGrantRole;
|
|
#
|
|
# We should see 2 entries in the roles_mapping table.
|
|
#
|
|
SELECT * FROM mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
% test_user developers N
|
|
localhost root developers Y
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT developers TO 'test_user'@'%'
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
#
|
|
# Test revoking a role.
|
|
#
|
|
SET @revokeRole = 'REVOKE developers FROM test_user';
|
|
PREPARE stmtRevokeRole FROM @revokeRole;
|
|
EXECUTE stmtRevokeRole;
|
|
EXECUTE stmtRevokeRole;
|
|
ERROR HY000: Cannot revoke role 'developers' from: 'test_user'@'%'.
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
EXECUTE stmtGrantRole;
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT developers TO 'test_user'@'%'
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
EXECUTE stmtRevokeRole;
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
#
|
|
# Now drop the role.
|
|
#
|
|
SET @dropRole = 'DROP ROLE developers';
|
|
PREPARE stmtDropRole FROM @dropRole;
|
|
EXECUTE stmtDropRole;
|
|
#
|
|
# Check both user and roles_mapping table for traces of our role.
|
|
#
|
|
SELECT user, host,is_role FROM mysql.user
|
|
WHERE user = 'developers';
|
|
user host is_role
|
|
SELECT * FROM mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
SHOW GRANTS;
|
|
Grants for root@localhost
|
|
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
|
|
GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
#
|
|
# Test reexecution.
|
|
#
|
|
EXECUTE stmtCreateRole;
|
|
SELECT user, host,is_role FROM mysql.user
|
|
WHERE user = 'developers';
|
|
user host is_role
|
|
developers Y
|
|
SELECT * FROM mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
localhost root developers Y
|
|
SHOW GRANTS;
|
|
Grants for root@localhost
|
|
GRANT developers TO 'root'@'localhost' WITH ADMIN OPTION
|
|
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
|
|
GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
|
|
SHOW GRANTS FOR test_user;
|
|
Grants for test_user@%
|
|
GRANT USAGE ON *.* TO 'test_user'@'%'
|
|
EXECUTE stmtDropRole;
|
|
# Cleanup.
|
|
DROP USER test_user;
|