Bug#25482 GRANT statements are not replicated if you use "replicate-ignore-table"

 - GRANT and REVOKE statments didn't have the "updating" flag set and
   thus statements with a table specified would not replicate if
   slave filtering rules where turned on.
   For example "GRANT ... ON test.t1 TO ..." would not replicate.
parent 0238179d
...@@ -14,3 +14,106 @@ SELECT * FROM t4; ...@@ -14,3 +14,106 @@ SELECT * FROM t4;
a a
DROP TABLE t1; DROP TABLE t1;
DROP TABLE t4; DROP TABLE t4;
**** Test case for BUG#25482 ****
**** Adding GRANTS on master ****
create table test.t1(a int);
create table test.t4(a int);
GRANT SELECT ON test.t1 TO mysqltest1@localhost;
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
GRANT select, update, insert, references on t1
to mysqltest2@localhost;
GRANT SELECT ON test.* TO mysqltest3@localhost;
GRANT INSERT ON test.t4 TO mysqltest3@localhost;
GRANT select(a), update(a), insert(a), references(a) on t4
to mysqltest3@localhost;
create database mysqltest2;
create table mysqltest2.t2 (id int);
GRANT SELECT ON mysqltest2.t2 TO mysqltest4@localhost IDENTIFIED BY 'pass';
insert into mysql.user (user, host) values ("mysqltest5", "somehost");
GRANT SELECT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON test.* TO mysqltest6@localhost;
GRANT INSERT ON test.t1 TO mysqltest6@localhost;
show grants for mysqltest1@localhost;
Grants for mysqltest1@localhost
GRANT USAGE ON *.* TO 'mysqltest1'@'localhost'
GRANT SELECT ON `test`.`t1` TO 'mysqltest1'@'localhost'
show grants for mysqltest2@localhost;
Grants for mysqltest2@localhost
GRANT USAGE ON *.* TO 'mysqltest2'@'localhost'
GRANT SELECT, INSERT, UPDATE, REFERENCES ON `test`.`t1` TO 'mysqltest2'@'localhost'
GRANT INSERT ON `test`.`t4` TO 'mysqltest2'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT SELECT (a), INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
GRANT SELECT ON `mysqltest2`.`t2` TO 'mysqltest4'@'localhost'
show grants for mysqltest6@localhost;
Grants for mysqltest6@localhost
GRANT SELECT, INSERT ON *.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.`t1` TO 'mysqltest6'@'localhost'
flush privileges;
show grants for mysqltest5@somehost;
Grants for mysqltest5@somehost
GRANT USAGE ON *.* TO 'mysqltest5'@'somehost'
**** Checking grants on slave ****
show grants for mysqltest2@localhost;
Grants for mysqltest2@localhost
GRANT USAGE ON *.* TO 'mysqltest2'@'localhost'
GRANT INSERT ON `test`.`t4` TO 'mysqltest2'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT SELECT (a), INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
GRANT SELECT ON `mysqltest2`.`t2` TO 'mysqltest4'@'localhost'
show grants for mysqltest5@somehost;
Grants for mysqltest5@somehost
GRANT USAGE ON *.* TO 'mysqltest5'@'somehost'
show grants for mysqltest6@localhost;
Grants for mysqltest6@localhost
GRANT SELECT, INSERT ON *.* TO 'mysqltest6'@'localhost'
GRANT INSERT ON `test`.* TO 'mysqltest6'@'localhost'
show grants for mysqltest1@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest1' on host 'localhost'
**** Revoking grants on master ****
REVOKE SELECT ON test.t1 FROM mysqltest1@localhost;
REVOKE SELECT ON mysqltest2.t2 FROM mysqltest4@localhost;
REVOKE select(a) on t4
from mysqltest3@localhost;
show grants for mysqltest1@localhost;
Grants for mysqltest1@localhost
GRANT USAGE ON *.* TO 'mysqltest1'@'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
**** Checking grants on slave ****
show grants for mysqltest1@localhost;
ERROR 42000: There is no such grant defined for user 'mysqltest1' on host 'localhost'
show grants for mysqltest3@localhost;
Grants for mysqltest3@localhost
GRANT USAGE ON *.* TO 'mysqltest3'@'localhost'
GRANT SELECT ON `test`.* TO 'mysqltest3'@'localhost'
GRANT INSERT, INSERT (a), UPDATE (a), REFERENCES (a) ON `test`.`t4` TO 'mysqltest3'@'localhost'
show grants for mysqltest4@localhost;
Grants for mysqltest4@localhost
GRANT USAGE ON *.* TO 'mysqltest4'@'localhost' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7'
drop table t1, t4, mysqltest2.t2;
drop database mysqltest2;
delete from mysql.user where user like "mysqltest%";
delete from mysql.db where user like "mysqltest%";
delete from mysql.tables_priv where user like "mysqltest%";
delete from mysql.columns_priv where user like "mysqltest%";
...@@ -26,3 +26,101 @@ SELECT * FROM t4; ...@@ -26,3 +26,101 @@ SELECT * FROM t4;
connection master; connection master;
DROP TABLE t1; DROP TABLE t1;
DROP TABLE t4; DROP TABLE t4;
#
# Bug#25482 GRANT statements are not replicated if
# you use "replicate-ignore-table"
#
--echo **** Test case for BUG#25482 ****
--echo **** Adding GRANTS on master ****
connection master;
create table test.t1(a int);
create table test.t4(a int);
# Simple user that should not replicate
GRANT SELECT ON test.t1 TO mysqltest1@localhost;
# Partial replicate
GRANT INSERT ON test.t4 TO mysqltest2@localhost;
GRANT select, update, insert, references on t1
to mysqltest2@localhost;
# Partial replicate 2
GRANT SELECT ON test.* TO mysqltest3@localhost;
GRANT INSERT ON test.t4 TO mysqltest3@localhost;
GRANT select(a), update(a), insert(a), references(a) on t4
to mysqltest3@localhost;
# Create another database and table
create database mysqltest2;
create table mysqltest2.t2 (id int);
# Create a grant that should replicate
GRANT SELECT ON mysqltest2.t2 TO mysqltest4@localhost IDENTIFIED BY 'pass';
# Create a grant manually
insert into mysql.user (user, host) values ("mysqltest5", "somehost");
# Partial replicate 3 with *.*
GRANT SELECT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON *.* TO mysqltest6@localhost;
GRANT INSERT ON test.* TO mysqltest6@localhost;
GRANT INSERT ON test.t1 TO mysqltest6@localhost;
show grants for mysqltest1@localhost;
show grants for mysqltest2@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
show grants for mysqltest6@localhost;
flush privileges;
show grants for mysqltest5@somehost;
sync_slave_with_master;
--echo **** Checking grants on slave ****
# Check that grants are replicated to slave
show grants for mysqltest2@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
show grants for mysqltest5@somehost;
show grants for mysqltest6@localhost;
# mysqltest1 should not be on slave
--error 1141
show grants for mysqltest1@localhost;
--echo **** Revoking grants on master ****
connection master;
REVOKE SELECT ON test.t1 FROM mysqltest1@localhost;
REVOKE SELECT ON mysqltest2.t2 FROM mysqltest4@localhost;
REVOKE select(a) on t4
from mysqltest3@localhost;
show grants for mysqltest1@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
sync_slave_with_master;
--echo **** Checking grants on slave ****
# mysqltest1 should not be on slave
--error 1141
show grants for mysqltest1@localhost;
show grants for mysqltest3@localhost;
show grants for mysqltest4@localhost;
# Cleanup
connection master;
drop table t1, t4, mysqltest2.t2;
drop database mysqltest2;
delete from mysql.user where user like "mysqltest%";
delete from mysql.db where user like "mysqltest%";
delete from mysql.tables_priv where user like "mysqltest%";
delete from mysql.columns_priv where user like "mysqltest%";
sync_slave_with_master;
...@@ -5926,7 +5926,8 @@ opt_table: ...@@ -5926,7 +5926,8 @@ opt_table:
| table_ident | table_ident
{ {
LEX *lex=Lex; LEX *lex=Lex;
if (!lex->current_select->add_table_to_list(lex->thd, $1,NULL,0)) if (!lex->current_select->add_table_to_list(lex->thd, $1,NULL,
TL_OPTION_UPDATING))
YYABORT; YYABORT;
if (lex->grant == GLOBAL_ACLS) if (lex->grant == GLOBAL_ACLS)
lex->grant = TABLE_ACLS & ~GRANT_ACL; lex->grant = TABLE_ACLS & ~GRANT_ACL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment