Commit 132ef2e2 authored by Alexander Nozdrin's avatar Alexander Nozdrin

A backporting patch for WL#4300 (Define privileges for tablespaces).

Original revision in 6.0:
------------------------------------------------------------
revno: 2630.13.11
committer: Alexander Nozdrin <alik@mysql.com>
branch nick: 6.0-rt-wl4300
timestamp: Thu 2008-07-24 11:44:21 +0400
message:
  A patch for WL#4300: Define privileges for tablespaces.
------------------------------------------------------------

per-file messages:
  mysql-test/r/grant.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/ps.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/r/system_mysql_db.result
    Update result file: new columm 'Create_tablespace_priv' has been added to mysql.user.
  mysql-test/suite/falcon/r/falcon_tablespace_priv.result
    Test case for WL#4300.
  mysql-test/suite/falcon/t/falcon_tablespace_priv.test
    Test case for WL#4300.
  mysql-test/suite/ndb/r/ndb_dd_ddl.result
    Test case for WL#4300.
  mysql-test/suite/ndb/t/ndb_dd_ddl.test
    Test case for WL#4300.
  scripts/mysql_system_tables.sql
    New columm 'Create_tablespace_priv' has been added to mysql.user.
  scripts/mysql_system_tables_data.sql
    'CREATE TABLESPACE' is granted by default to the root user.
  scripts/mysql_system_tables_fix.sql
    Grant 'CREATE TABLESPACE' privilege during system table upgrade
    if a user had SUPER privilege.
  sql/sql_acl.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_acl.h
    Added CREATE TABLESPACE privilege.
  sql/sql_parse.cc
    Check global 'CREATE TABLESPACE' privilege for the following SQL statements:
      - CREATE | ALTER | DROP TABLESPACE
      - CREATE | ALTER | DROP LOGFILE GROUP
  sql/sql_show.cc
    Added CREATE TABLESPACE privilege.
  sql/sql_yacc.yy
    Added CREATE TABLESPACE privilege.
parent ae6d9a1c
...@@ -13,8 +13,8 @@ GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3 ...@@ -13,8 +13,8 @@ GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3
GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost' GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
grant delete on mysqltest.* to mysqltest_1@localhost; grant delete on mysqltest.* to mysqltest_1@localhost;
select * from mysql.user where user="mysqltest_1"; select * from mysql.user where user="mysqltest_1";
Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections
localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED EDH-RSA-DES-CBC3-SHA 0 0 0 0 localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N SPECIFIED EDH-RSA-DES-CBC3-SHA 0 0 0 0
show grants for mysqltest_1@localhost; show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA' GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA'
...@@ -44,15 +44,15 @@ delete from mysql.user where user='mysqltest_1'; ...@@ -44,15 +44,15 @@ delete from mysql.user where user='mysqltest_1';
flush privileges; flush privileges;
grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10; grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10;
select * from mysql.user where user="mysqltest_1"; select * from mysql.user where user="mysqltest_1";
Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections
localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 0 0 0 localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 0 0 0
show grants for mysqltest_1@localhost; show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10
grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30; grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20 max_connections_per_hour 30;
select * from mysql.user where user="mysqltest_1"; select * from mysql.user where user="mysqltest_1";
Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections
localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 0 localhost mysqltest_1 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N 10 20 30 0
show grants for mysqltest_1@localhost; show grants for mysqltest_1@localhost;
Grants for mysqltest_1@localhost Grants for mysqltest_1@localhost
GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30
...@@ -483,6 +483,7 @@ Show view Tables To see views with SHOW CREATE VIEW ...@@ -483,6 +483,7 @@ Show view Tables To see views with SHOW CREATE VIEW
Shutdown Server Admin To shut down the server Shutdown Server Admin To shut down the server
Super Server Admin To use KILL thread, SET GLOBAL, CHANGE MASTER, etc. Super Server Admin To use KILL thread, SET GLOBAL, CHANGE MASTER, etc.
Trigger Tables To use triggers Trigger Tables To use triggers
Create tablespace Server Admin To create/alter/drop tablespaces
Update Tables To update existing rows Update Tables To update existing rows
Usage Server Admin No privileges - allow connect only Usage Server Admin No privileges - allow connect only
create database mysqltest; create database mysqltest;
......
...@@ -1194,13 +1194,13 @@ SET @aux= "SELECT COUNT(*) ...@@ -1194,13 +1194,13 @@ SET @aux= "SELECT COUNT(*)
prepare my_stmt from @aux; prepare my_stmt from @aux;
execute my_stmt; execute my_stmt;
COUNT(*) COUNT(*)
39 40
execute my_stmt; execute my_stmt;
COUNT(*) COUNT(*)
39 40
execute my_stmt; execute my_stmt;
COUNT(*) COUNT(*)
39 40
deallocate prepare my_stmt; deallocate prepare my_stmt;
drop procedure if exists p1| drop procedure if exists p1|
drop table if exists t1| drop table if exists t1|
......
...@@ -110,6 +110,7 @@ user CREATE TABLE `user` ( ...@@ -110,6 +110,7 @@ user CREATE TABLE `user` (
`Create_user_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_user_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Event_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Event_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Trigger_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Trigger_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`Create_tablespace_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N',
`ssl_type` enum('','ANY','X509','SPECIFIED') CHARACTER SET utf8 NOT NULL DEFAULT '', `ssl_type` enum('','ANY','X509','SPECIFIED') CHARACTER SET utf8 NOT NULL DEFAULT '',
`ssl_cipher` blob NOT NULL, `ssl_cipher` blob NOT NULL,
`x509_issuer` blob NOT NULL, `x509_issuer` blob NOT NULL,
......
...@@ -236,3 +236,79 @@ engine ndb; ...@@ -236,3 +236,79 @@ engine ndb;
ERROR HY000: Failed to drop TABLESPACE ERROR HY000: Failed to drop TABLESPACE
drop logfile group lg1 drop logfile group lg1
engine ndb; engine ndb;
# -----------------------------------------------------------------
# End 5.1 test
# -----------------------------------------------------------------
# --
# -- WL#4300
# --
GRANT CREATE TABLESPACE ON *.* TO mysqltest_u1@localhost;
DROP DATABASE IF EXISTS mysqltest2;
CREATE DATABASE mysqltest2;
GRANT ALL PRIVILEGES ON mysqltest2.* TO mysqltest_u2@localhost;
# -- Connection: mysqltest_u1@localhost
# -- Grants for mysqltest_u1@localhost:
SHOW GRANTS;
Grants for mysqltest_u1@localhost
GRANT CREATE TABLESPACE ON *.* TO 'mysqltest_u1'@'localhost'
# -- Check CREATE LOGFILE GROUP...
CREATE LOGFILE GROUP lg1
ADD UNDOFILE 'undofile.dat'
INITIAL_SIZE 1M
UNDO_BUFFER_SIZE = 1M
ENGINE = NDB;
# -- Check ALTER LOGFILE GROUP...
ALTER LOGFILE GROUP lg1
ADD UNDOFILE 'undofile02.dat'
INITIAL_SIZE 1M
ENGINE = NDB;
# -- Check CREATE TABLESPACE...
CREATE TABLESPACE ts1
ADD DATAFILE 'datafile.dat'
USE LOGFILE GROUP lg1
INITIAL_SIZE 1M
ENGINE = NDB;
# -- Check ALTER TABLESPACE...
ALTER TABLESPACE ts1
DROP DATAFILE 'datafile.dat'
INITIAL_SIZE 1M
ENGINE = NDB;
# -- Connection: mysqltest_u2@localhost
# -- Grants for mysqltest_u2@localhost:
SHOW GRANTS;
Grants for mysqltest_u2@localhost
GRANT USAGE ON *.* TO 'mysqltest_u2'@'localhost'
GRANT ALL PRIVILEGES ON `mysqltest2`.* TO 'mysqltest_u2'@'localhost'
CREATE TABLE t1(c INT) TABLESPACE ts1;
DROP TABLE t1;
# -- Connection: mysqltest_u1@localhost
# -- Check DROP TABLESPACE...
DROP TABLESPACE ts1
ENGINE = NDB;
# -- Check DROP LOGFILE GROUP...
DROP LOGFILE GROUP lg1
ENGINE = NDB;
# -- Connection: root@localhost
DROP USER mysqltest_u1@localhost;
DROP USER mysqltest_u2@localhost;
# -----------------------------------------------------------------
# End 6.0 test
# -----------------------------------------------------------------
...@@ -367,4 +367,103 @@ engine ndb; ...@@ -367,4 +367,103 @@ engine ndb;
--exec rm $MYSQLTEST_VARDIR/tmp/t1.frm --exec rm $MYSQLTEST_VARDIR/tmp/t1.frm
# End 5.1 test --echo
--echo # -----------------------------------------------------------------
--echo # End 5.1 test
--echo # -----------------------------------------------------------------
--echo
--echo # --
--echo # -- WL#4300: Define privileges for tablespaces.
--echo # --
GRANT CREATE TABLESPACE ON *.* TO mysqltest_u1@localhost;
--echo
--disable_warnings
DROP DATABASE IF EXISTS mysqltest2;
--enable_warnings
CREATE DATABASE mysqltest2;
GRANT ALL PRIVILEGES ON mysqltest2.* TO mysqltest_u2@localhost;
--echo
--echo # -- Connection: mysqltest_u1@localhost
--echo
--connect(con1, localhost, mysqltest_u1,,)
--echo # -- Grants for mysqltest_u1@localhost:
SHOW GRANTS;
--echo
--echo # -- Check CREATE LOGFILE GROUP...
CREATE LOGFILE GROUP lg1
ADD UNDOFILE 'undofile.dat'
INITIAL_SIZE 1M
UNDO_BUFFER_SIZE = 1M
ENGINE = NDB;
--echo
--echo # -- Check ALTER LOGFILE GROUP...
ALTER LOGFILE GROUP lg1
ADD UNDOFILE 'undofile02.dat'
INITIAL_SIZE 1M
ENGINE = NDB;
--echo
--echo # -- Check CREATE TABLESPACE...
CREATE TABLESPACE ts1
ADD DATAFILE 'datafile.dat'
USE LOGFILE GROUP lg1
INITIAL_SIZE 1M
ENGINE = NDB;
--echo
--echo # -- Check ALTER TABLESPACE...
ALTER TABLESPACE ts1
DROP DATAFILE 'datafile.dat'
INITIAL_SIZE 1M
ENGINE = NDB;
--echo
--echo # -- Connection: mysqltest_u2@localhost
--echo
--connect(con2, localhost, mysqltest_u2,,mysqltest2)
--echo # -- Grants for mysqltest_u2@localhost:
SHOW GRANTS;
CREATE TABLE t1(c INT) TABLESPACE ts1;
DROP TABLE t1;
--echo
--echo # -- Connection: mysqltest_u1@localhost
--echo
--connection con1
--echo
--echo # -- Check DROP TABLESPACE...
DROP TABLESPACE ts1
ENGINE = NDB;
--echo
--echo # -- Check DROP LOGFILE GROUP...
DROP LOGFILE GROUP lg1
ENGINE = NDB;
--echo
--echo # -- Connection: root@localhost
--echo
--connection default
--disconnect con1
DROP USER mysqltest_u1@localhost;
DROP USER mysqltest_u2@localhost;
--echo
--echo # -----------------------------------------------------------------
--echo # End 6.0 test
--echo # -----------------------------------------------------------------
...@@ -13,7 +13,7 @@ set @had_db_table= @@warning_count != 0; ...@@ -13,7 +13,7 @@ set @had_db_table= @@warning_count != 0;
CREATE TABLE IF NOT EXISTS host ( Host char(60) binary DEFAULT '' NOT NULL, Db char(64) binary DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, PRIMARY KEY Host (Host,Db) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Host privileges; Merged with database privileges'; CREATE TABLE IF NOT EXISTS host ( Host char(60) binary DEFAULT '' NOT NULL, Db char(64) binary DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, PRIMARY KEY Host (Host,Db) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Host privileges; Merged with database privileges';
CREATE TABLE IF NOT EXISTS user ( Host char(60) binary DEFAULT '' NOT NULL, User char(16) binary DEFAULT '' NOT NULL, Password char(41) character set latin1 collate latin1_bin DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Reload_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Shutdown_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Process_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, File_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_db_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Super_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_slave_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_client_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT '' NOT NULL, ssl_cipher BLOB NOT NULL, x509_issuer BLOB NOT NULL, x509_subject BLOB NOT NULL, max_questions int(11) unsigned DEFAULT 0 NOT NULL, max_updates int(11) unsigned DEFAULT 0 NOT NULL, max_connections int(11) unsigned DEFAULT 0 NOT NULL, max_user_connections int(11) unsigned DEFAULT 0 NOT NULL, PRIMARY KEY Host (Host,User) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Users and global privileges'; CREATE TABLE IF NOT EXISTS user ( Host char(60) binary DEFAULT '' NOT NULL, User char(16) binary DEFAULT '' NOT NULL, Password char(41) character set latin1 collate latin1_bin DEFAULT '' NOT NULL, Select_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Insert_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Update_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Delete_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Drop_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Reload_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Shutdown_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Process_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, File_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Grant_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, References_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Index_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_db_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Super_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tmp_table_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Lock_tables_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_slave_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Repl_client_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Show_view_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, Create_tablespace_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL, ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT '' NOT NULL, ssl_cipher BLOB NOT NULL, x509_issuer BLOB NOT NULL, x509_subject BLOB NOT NULL, max_questions int(11) unsigned DEFAULT 0 NOT NULL, max_updates int(11) unsigned DEFAULT 0 NOT NULL, max_connections int(11) unsigned DEFAULT 0 NOT NULL, max_user_connections int(11) unsigned DEFAULT 0 NOT NULL, PRIMARY KEY Host (Host,User) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='Users and global privileges';
-- Remember for later if user table already existed -- Remember for later if user table already existed
set @had_user_table= @@warning_count != 0; set @had_user_table= @@warning_count != 0;
......
...@@ -21,9 +21,9 @@ DROP TABLE tmp_db; ...@@ -21,9 +21,9 @@ DROP TABLE tmp_db;
-- from local machine if "users" table didn't exist before -- from local machine if "users" table didn't exist before
CREATE TEMPORARY TABLE tmp_user LIKE user; CREATE TEMPORARY TABLE tmp_user LIKE user;
set @current_hostname= @@hostname; set @current_hostname= @@hostname;
INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0 FROM dual WHERE LOWER( @current_hostname) != 'localhost'; REPLACE INTO tmp_user SELECT @current_hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0 FROM dual WHERE LOWER( @current_hostname) != 'localhost';
REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0); REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
INSERT INTO tmp_user (host,user) VALUES ('localhost',''); INSERT INTO tmp_user (host,user) VALUES ('localhost','');
INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE LOWER(@current_hostname ) != 'localhost'; INSERT INTO tmp_user (host,user) SELECT @current_hostname,'' FROM dual WHERE LOWER(@current_hostname ) != 'localhost';
INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0; INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
......
...@@ -540,6 +540,18 @@ ALTER TABLE tables_priv MODIFY Table_priv set('Select','Insert','Update','Delete ...@@ -540,6 +540,18 @@ ALTER TABLE tables_priv MODIFY Table_priv set('Select','Insert','Update','Delete
UPDATE user SET Trigger_priv=Super_priv WHERE @hadTriggerPriv = 0; UPDATE user SET Trigger_priv=Super_priv WHERE @hadTriggerPriv = 0;
#
# user.Create_tablespace_priv
#
SET @hadCreateTablespacePriv := 0;
SELECT @hadCreateTablespacePriv :=1 FROM user WHERE Create_tablespace_priv LIKE '%';
ALTER TABLE user ADD Create_tablespace_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL AFTER Trigger_priv;
ALTER TABLE user MODIFY Create_tablespace_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL AFTER Trigger_priv;
UPDATE user SET Create_tablespace_priv = Super_priv WHERE @hadCreateTablespacePriv = 0;
# Activate the new, possible modified privilege tables # Activate the new, possible modified privilege tables
# This should not be needed, but gives us some extra testing that the above # This should not be needed, but gives us some extra testing that the above
# changes was correct # changes was correct
......
...@@ -4467,13 +4467,13 @@ static const char *command_array[]= ...@@ -4467,13 +4467,13 @@ static const char *command_array[]=
"ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES", "ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES",
"LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT", "LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT",
"CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE", "CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE",
"CREATE USER", "EVENT", "TRIGGER" "CREATE USER", "EVENT", "TRIGGER", "CREATE TABLESPACE"
}; };
static uint command_lengths[]= static uint command_lengths[]=
{ {
6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9, 6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9,
14, 13, 11, 5, 7 14, 13, 11, 5, 7, 17
}; };
......
...@@ -43,6 +43,7 @@ ...@@ -43,6 +43,7 @@
#define CREATE_USER_ACL (1L << 25) #define CREATE_USER_ACL (1L << 25)
#define EVENT_ACL (1L << 26) #define EVENT_ACL (1L << 26)
#define TRIGGER_ACL (1L << 27) #define TRIGGER_ACL (1L << 27)
#define CREATE_TABLESPACE_ACL (1L << 28)
/* /*
don't forget to update don't forget to update
1. static struct show_privileges_st sys_privileges[] 1. static struct show_privileges_st sys_privileges[]
...@@ -79,7 +80,8 @@ ...@@ -79,7 +80,8 @@
REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \ REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \
CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \ CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \
EXECUTE_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | CREATE_PROC_ACL | \ EXECUTE_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | CREATE_PROC_ACL | \
ALTER_PROC_ACL | CREATE_USER_ACL | EVENT_ACL | TRIGGER_ACL) ALTER_PROC_ACL | CREATE_USER_ACL | EVENT_ACL | TRIGGER_ACL | \
CREATE_TABLESPACE_ACL)
#define DEFAULT_CREATE_PROC_ACLS \ #define DEFAULT_CREATE_PROC_ACLS \
(ALTER_PROC_ACL | EXECUTE_ACL) (ALTER_PROC_ACL | EXECUTE_ACL)
......
...@@ -4899,7 +4899,7 @@ create_sp_error: ...@@ -4899,7 +4899,7 @@ create_sp_error:
res= mysql_xa_recover(thd); res= mysql_xa_recover(thd);
break; break;
case SQLCOM_ALTER_TABLESPACE: case SQLCOM_ALTER_TABLESPACE:
if (check_access(thd, ALTER_ACL, thd->db, 0, 1, 0, thd->db ? is_schema_db(thd->db) : 0)) if (check_global_access(thd, CREATE_TABLESPACE_ACL))
break; break;
if (!(res= mysql_alter_tablespace(thd, lex->alter_tablespace_info))) if (!(res= mysql_alter_tablespace(thd, lex->alter_tablespace_info)))
my_ok(thd); my_ok(thd);
......
...@@ -310,6 +310,7 @@ static struct show_privileges_st sys_privileges[]= ...@@ -310,6 +310,7 @@ static struct show_privileges_st sys_privileges[]=
{"Shutdown","Server Admin", "To shut down the server"}, {"Shutdown","Server Admin", "To shut down the server"},
{"Super","Server Admin","To use KILL thread, SET GLOBAL, CHANGE MASTER, etc."}, {"Super","Server Admin","To use KILL thread, SET GLOBAL, CHANGE MASTER, etc."},
{"Trigger","Tables", "To use triggers"}, {"Trigger","Tables", "To use triggers"},
{"Create tablespace", "Server Admin", "To create/alter/drop tablespaces"},
{"Update", "Tables", "To update existing rows"}, {"Update", "Tables", "To update existing rows"},
{"Usage","Server Admin","No privileges - allow connect only"}, {"Usage","Server Admin","No privileges - allow connect only"},
{NullS, NullS, NullS} {NullS, NullS, NullS}
......
...@@ -12721,6 +12721,7 @@ object_privilege: ...@@ -12721,6 +12721,7 @@ object_privilege:
| CREATE USER { Lex->grant |= CREATE_USER_ACL; } | CREATE USER { Lex->grant |= CREATE_USER_ACL; }
| EVENT_SYM { Lex->grant |= EVENT_ACL;} | EVENT_SYM { Lex->grant |= EVENT_ACL;}
| TRIGGER_SYM { Lex->grant |= TRIGGER_ACL; } | TRIGGER_SYM { Lex->grant |= TRIGGER_ACL; }
| CREATE TABLESPACE { Lex->grant |= CREATE_TABLESPACE_ACL; }
; ;
opt_and: opt_and:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment