Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
mariadb
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
mariadb
Commits
7df5635f
Commit
7df5635f
authored
May 28, 2003
by
bell@sanja.is.com.ua
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
after-review fix
parent
38caf865
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
45 additions
and
44 deletions
+45
-44
sql/sql_parse.cc
sql/sql_parse.cc
+45
-44
No files found.
sql/sql_parse.cc
View file @
7df5635f
...
@@ -59,6 +59,9 @@ static void refresh_status(void);
...
@@ -59,6 +59,9 @@ static void refresh_status(void);
static
bool
append_file_to_dir
(
THD
*
thd
,
char
**
filename_ptr
,
static
bool
append_file_to_dir
(
THD
*
thd
,
char
**
filename_ptr
,
char
*
table_name
);
char
*
table_name
);
inline
bool
single_table_command_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
tables
,
int
*
res
);
const
char
*
any_db
=
"*any*"
;
// Special symbol for check_access
const
char
*
any_db
=
"*any*"
;
// Special symbol for check_access
const
char
*
command_name
[]
=
{
const
char
*
command_name
[]
=
{
...
@@ -2286,21 +2289,8 @@ mysql_execute_command(THD *thd)
...
@@ -2286,21 +2289,8 @@ mysql_execute_command(THD *thd)
if
(
check_db_used
(
thd
,
tables
))
if
(
check_db_used
(
thd
,
tables
))
goto
error
;
goto
error
;
if
(
check_access
(
thd
,
UPDATE_ACL
,
tables
->
db
,
&
tables
->
grant
.
privilege
))
if
(
single_table_command_access
(
thd
,
UPDATE_ACL
,
tables
,
&
res
))
goto
error
;
{
// Show only 1 table for check_grant
TABLE_LIST
*
subselects_tables
=
tables
->
next
;
tables
->
next
=
0
;
if
(
grant_option
&&
check_grant
(
thd
,
UPDATE_ACL
,
tables
))
goto
error
;
tables
->
next
=
subselects_tables
;
// check rights on tables of subselect (if exists)
if
(
subselects_tables
&&
(
res
=
check_table_access
(
thd
,
SELECT_ACL
,
subselects_tables
)))
goto
error
;
goto
error
;
}
if
(
select_lex
->
item_list
.
elements
!=
lex
->
value_list
.
elements
)
if
(
select_lex
->
item_list
.
elements
!=
lex
->
value_list
.
elements
)
{
{
...
@@ -2355,22 +2345,9 @@ mysql_execute_command(THD *thd)
...
@@ -2355,22 +2345,9 @@ mysql_execute_command(THD *thd)
my_bool
update
=
(
lex
->
value_list
.
elements
?
UPDATE_ACL
:
0
);
my_bool
update
=
(
lex
->
value_list
.
elements
?
UPDATE_ACL
:
0
);
ulong
privilege
=
(
lex
->
duplicates
==
DUP_REPLACE
?
ulong
privilege
=
(
lex
->
duplicates
==
DUP_REPLACE
?
INSERT_ACL
|
DELETE_ACL
:
INSERT_ACL
|
update
);
INSERT_ACL
|
DELETE_ACL
:
INSERT_ACL
|
update
);
if
(
check_access
(
thd
,
privilege
,
tables
->
db
,
&
tables
->
grant
.
privilege
))
goto
error
;
/* purecov: inspected */
{
if
(
single_table_command_access
(
thd
,
privilege
,
tables
,
&
res
))
// Show only 1 table for check_grant
TABLE_LIST
*
subselects_tables
=
tables
->
next
;
tables
->
next
=
0
;
if
(
grant_option
&&
check_grant
(
thd
,
privilege
,
tables
))
goto
error
;
goto
error
;
tables
->
next
=
subselects_tables
;
// check rights on tables of subselect (if exists)
if
(
subselects_tables
&&
(
res
=
check_table_access
(
thd
,
SELECT_ACL
,
subselects_tables
)))
goto
error
;
}
if
(
select_lex
->
item_list
.
elements
!=
lex
->
value_list
.
elements
)
if
(
select_lex
->
item_list
.
elements
!=
lex
->
value_list
.
elements
)
{
{
...
@@ -2453,22 +2430,8 @@ mysql_execute_command(THD *thd)
...
@@ -2453,22 +2430,8 @@ mysql_execute_command(THD *thd)
break
;
break
;
case
SQLCOM_DELETE
:
case
SQLCOM_DELETE
:
{
{
if
(
check_access
(
thd
,
DELETE_ACL
,
tables
->
db
,
&
tables
->
grant
.
privilege
))
if
(
single_table_command_access
(
thd
,
DELETE_ACL
,
tables
,
&
res
))
goto
error
;
/* purecov: inspected */
{
// Show only 1 table for check_grant
TABLE_LIST
*
subselects_tables
=
tables
->
next
;
tables
->
next
=
0
;
if
(
grant_option
&&
check_grant
(
thd
,
DELETE_ACL
,
tables
))
goto
error
;
tables
->
next
=
subselects_tables
;
// check rights on tables of subselect (if exists)
if
(
subselects_tables
&&
(
res
=
check_table_access
(
thd
,
SELECT_ACL
,
subselects_tables
)))
goto
error
;
goto
error
;
}
// Set privilege for the WHERE clause
// Set privilege for the WHERE clause
tables
->
grant
.
want_privilege
=
(
SELECT_ACL
&
~
tables
->
grant
.
privilege
);
tables
->
grant
.
want_privilege
=
(
SELECT_ACL
&
~
tables
->
grant
.
privilege
);
...
@@ -3128,6 +3091,44 @@ error:
...
@@ -3128,6 +3091,44 @@ error:
}
}
/*
Check grants for commands which work only with one table and all other
tables belong to subselects.
SYNOPSYS
single_table_command_access()
thd - Thread handler
privilege - asked privelage
tables - table list of command
res - pointer on result code variable
RETURN
0 - OK
1 - access denied
*/
inline
bool
single_table_command_access
(
THD
*
thd
,
ulong
privilege
,
TABLE_LIST
*
tables
,
int
*
res
)
{
if
(
check_access
(
thd
,
privilege
,
tables
->
db
,
&
tables
->
grant
.
privilege
))
return
1
;
// Show only 1 table for check_grant
TABLE_LIST
*
subselects_tables
=
tables
->
next
;
tables
->
next
=
0
;
if
(
grant_option
&&
check_grant
(
thd
,
privilege
,
tables
))
return
1
;
tables
->
next
=
subselects_tables
;
// check rights on tables of subselect (if exists)
if
(
subselects_tables
&&
(
*
res
=
check_table_access
(
thd
,
SELECT_ACL
,
subselects_tables
)))
return
1
;
return
0
;
}
/****************************************************************************
/****************************************************************************
Get the user (global) and database privileges for all used tables
Get the user (global) and database privileges for all used tables
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment