Bug #23556: TRUNCATE TABLE still maps to DELETE

 - TRUNCATE requires DROP privilege, not DELETE
parent 98911707
......@@ -972,4 +972,24 @@ REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
ERROR HY000: String '1234567890abcdefGHIKL' is too long for user name (should be no longer than 16)
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
ERROR HY000: String '1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY' is too long for host name (should be no longer than 60)
CREATE USER bug23556@localhost;
CREATE DATABASE bug23556;
GRANT SELECT ON bug23556.* TO bug23556@localhost;
USE bug23556;
CREATE TABLE t1 (a INT PRIMARY KEY);
INSERT INTO t1 VALUES (1),(2),(3),(4),(5);
GRANT DELETE ON t1 TO bug23556@localhost;
USE bug23556;
TRUNCATE t1;
ERROR 42000: DROP command denied to user 'bug23556'@'localhost' for table 't1'
USE bug23556;
REVOKE DELETE ON t1 FROM bug23556@localhost;
GRANT DROP ON t1 TO bug23556@localhost;
USE bug23556;
TRUNCATE t1;
USE bug23556;
DROP TABLE t1;
USE test;
DROP DATABASE bug23556;
DROP USER bug23556@localhost;
End of 5.0 tests
......@@ -14,8 +14,8 @@ CREATE TABLE t1(num_value INT);
CREATE TABLE t2(user_str TEXT);
---> connection: default
GRANT INSERT, DELETE ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
GRANT INSERT, DELETE ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
GRANT INSERT, DROP ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
GRANT INSERT, DROP ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
---> connection: default
GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
......
......@@ -863,4 +863,39 @@ REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
--error ER_WRONG_STRING_LENGTH
REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
#
# BUG#23556: TRUNCATE TABLE still maps to DELETE
#
CREATE USER bug23556@localhost;
CREATE DATABASE bug23556;
GRANT SELECT ON bug23556.* TO bug23556@localhost;
connect (bug23556,localhost,bug23556,,bug23556);
connection default;
USE bug23556;
CREATE TABLE t1 (a INT PRIMARY KEY); INSERT INTO t1 VALUES (1),(2),(3),(4),(5);
GRANT DELETE ON t1 TO bug23556@localhost;
connection bug23556;
USE bug23556;
--error ER_TABLEACCESS_DENIED_ERROR
TRUNCATE t1;
connection default;
USE bug23556;
REVOKE DELETE ON t1 FROM bug23556@localhost;
GRANT DROP ON t1 TO bug23556@localhost;
connection bug23556;
USE bug23556;
TRUNCATE t1;
connection default;
USE bug23556;
DROP TABLE t1;
USE test;
DROP DATABASE bug23556;
DROP USER bug23556@localhost;
--echo End of 5.0 tests
......@@ -60,8 +60,8 @@ CREATE TABLE t2(user_str TEXT);
--echo
--echo ---> connection: default
GRANT INSERT, DELETE ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
GRANT INSERT, DELETE ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
GRANT INSERT, DROP ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
GRANT INSERT, DROP ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
#
# Check that the user must have TRIGGER privilege to create a trigger.
......
......@@ -3508,7 +3508,7 @@ end_with_restore_list:
break;
}
DBUG_ASSERT(first_table == all_tables && first_table != 0);
if (check_one_table_access(thd, DELETE_ACL, all_tables))
if (check_one_table_access(thd, DROP_ACL, all_tables))
goto error;
/*
Don't allow this within a transaction because we want to use
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment