Commit abb1afba authored by unknown's avatar unknown

Merge mysql.com:/home/hf/work/31960/my51-31960

into  mysql.com:/home/hf/work/31868/my51-31868


sql/sql_parse.cc:
  Auto merged
sql/mysql_priv.h:
  merging
parents 3ae44c90 ee21ace7
...@@ -679,7 +679,9 @@ extern my_decimal decimal_zero; ...@@ -679,7 +679,9 @@ extern my_decimal decimal_zero;
void free_items(Item *item); void free_items(Item *item);
void cleanup_items(Item *item); void cleanup_items(Item *item);
class THD; class THD;
void close_thread_tables(THD *thd); void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
#ifndef NO_EMBEDDED_ACCESS_CHECKS
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables); bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables);
bool check_single_table_access(THD *thd, ulong privilege, bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables, bool no_errors); TABLE_LIST *tables, bool no_errors);
...@@ -688,6 +690,24 @@ bool check_routine_access(THD *thd,ulong want_access,char *db,char *name, ...@@ -688,6 +690,24 @@ bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table); bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list); bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list);
bool check_some_routine_access(THD *thd, const char *db, const char *name, bool is_proc); bool check_some_routine_access(THD *thd, const char *db, const char *name, bool is_proc);
#else
inline bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables)
{ return false; }
inline bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables, bool no_errors)
{ return false; }
inline bool check_routine_access(THD *thd,ulong want_access,char *db,
char *name, bool is_proc, bool no_errors)
{ return false; }
inline bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table)
{ return false; }
inline bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list)
{ return false; }
inline bool check_some_routine_access(THD *thd, const char *db,
const char *name, bool is_proc)
{ return false; }
#endif /*NO_EMBEDDED_ACCESS_CHECKS*/
bool multi_update_precheck(THD *thd, TABLE_LIST *tables); bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
bool multi_delete_precheck(THD *thd, TABLE_LIST *tables); bool multi_delete_precheck(THD *thd, TABLE_LIST *tables);
bool mysql_multi_update_prepare(THD *thd); bool mysql_multi_update_prepare(THD *thd);
...@@ -991,11 +1011,27 @@ void kill_mysql(void); ...@@ -991,11 +1011,27 @@ void kill_mysql(void);
void close_connection(THD *thd, uint errcode, bool lock); void close_connection(THD *thd, uint errcode, bool lock);
bool reload_acl_and_cache(THD *thd, ulong options, TABLE_LIST *tables, bool reload_acl_and_cache(THD *thd, ulong options, TABLE_LIST *tables,
bool *write_to_binlog); bool *write_to_binlog);
#ifndef NO_EMBEDDED_ACCESS_CHECKS
bool check_access(THD *thd, ulong access, const char *db, ulong *save_priv, bool check_access(THD *thd, ulong access, const char *db, ulong *save_priv,
bool no_grant, bool no_errors, bool schema_db); bool no_grant, bool no_errors, bool schema_db);
bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables, bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
bool no_errors); bool no_errors);
bool check_global_access(THD *thd, ulong want_access); bool check_global_access(THD *thd, ulong want_access);
#else
inline bool check_access(THD *thd, ulong access, const char *db,
ulong *save_priv, bool no_grant, bool no_errors,
bool schema_db)
{
if (save_priv)
*save_priv= GLOBAL_ACLS;
return false;
}
inline bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
bool no_errors)
{ return false; }
inline bool check_global_access(THD *thd, ulong want_access)
{ return false; }
#endif /*NO_EMBEDDED_ACCESS_CHECKS*/
/* /*
Support routine for SQL parser on partitioning syntax Support routine for SQL parser on partitioning syntax
......
...@@ -3890,14 +3890,12 @@ create_sp_error: ...@@ -3890,14 +3890,12 @@ create_sp_error:
thd->server_status|= SERVER_MORE_RESULTS_EXISTS; thd->server_status|= SERVER_MORE_RESULTS_EXISTS;
} }
#ifndef NO_EMBEDDED_ACCESS_CHECKS
if (check_routine_access(thd, EXECUTE_ACL, if (check_routine_access(thd, EXECUTE_ACL,
sp->m_db.str, sp->m_name.str, TRUE, FALSE)) sp->m_db.str, sp->m_name.str, TRUE, FALSE))
{ {
thd->net.no_send_ok= save_no_send_ok; thd->net.no_send_ok= save_no_send_ok;
goto error; goto error;
} }
#endif
select_limit= thd->variables.select_limit; select_limit= thd->variables.select_limit;
thd->variables.select_limit= HA_POS_ERROR; thd->variables.select_limit= HA_POS_ERROR;
...@@ -4577,6 +4575,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables) ...@@ -4577,6 +4575,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
} }
#ifndef NO_EMBEDDED_ACCESS_CHECKS
/* /*
Check grants for commands which work only with one table. Check grants for commands which work only with one table.
...@@ -4694,7 +4693,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -4694,7 +4693,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
bool dont_check_global_grants, bool no_errors, bool schema_db) bool dont_check_global_grants, bool no_errors, bool schema_db)
{ {
Security_context *sctx= thd->security_ctx; Security_context *sctx= thd->security_ctx;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
ulong db_access; ulong db_access;
/* /*
GRANT command: GRANT command:
...@@ -4707,7 +4705,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -4707,7 +4705,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
*/ */
bool db_is_pattern= (test(want_access & GRANT_ACL) && bool db_is_pattern= (test(want_access & GRANT_ACL) &&
dont_check_global_grants); dont_check_global_grants);
#endif
ulong dummy; ulong dummy;
DBUG_ENTER("check_access"); DBUG_ENTER("check_access");
DBUG_PRINT("enter",("db: %s want_access: %lu master_access: %lu", DBUG_PRINT("enter",("db: %s want_access: %lu master_access: %lu",
...@@ -4746,9 +4743,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -4746,9 +4743,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
} }
} }
#ifdef NO_EMBEDDED_ACCESS_CHECKS
DBUG_RETURN(0);
#else
if ((sctx->master_access & want_access) == want_access) if ((sctx->master_access & want_access) == want_access)
{ {
/* /*
...@@ -4806,7 +4800,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -4806,7 +4800,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
thd->db : thd->db :
"unknown"))); /* purecov: tested */ "unknown"))); /* purecov: tested */
DBUG_RETURN(TRUE); /* purecov: tested */ DBUG_RETURN(TRUE); /* purecov: tested */
#endif /* NO_EMBEDDED_ACCESS_CHECKS */
} }
...@@ -4831,16 +4824,12 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, ...@@ -4831,16 +4824,12 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
bool check_global_access(THD *thd, ulong want_access) bool check_global_access(THD *thd, ulong want_access)
{ {
#ifdef NO_EMBEDDED_ACCESS_CHECKS
return 0;
#else
char command[128]; char command[128];
if ((thd->security_ctx->master_access & want_access)) if ((thd->security_ctx->master_access & want_access))
return 0; return 0;
get_privilege_desc(command, sizeof(command), want_access); get_privilege_desc(command, sizeof(command), want_access);
my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command); my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
return 1; return 1;
#endif /* NO_EMBEDDED_ACCESS_CHECKS */
} }
...@@ -4930,9 +4919,7 @@ bool ...@@ -4930,9 +4919,7 @@ bool
check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables, check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
bool no_errors) bool no_errors)
{ {
#ifndef NO_EMBEDDED_ACCESS_CHECKS
TABLE_LIST *org_tables= tables; TABLE_LIST *org_tables= tables;
#endif
TABLE_LIST *first_not_own_table= thd->lex->first_not_own_table(); TABLE_LIST *first_not_own_table= thd->lex->first_not_own_table();
Security_context *sctx= thd->security_ctx, *backup_ctx= thd->security_ctx; Security_context *sctx= thd->security_ctx, *backup_ctx= thd->security_ctx;
/* /*
...@@ -5019,11 +5006,7 @@ check_routine_access(THD *thd, ulong want_access,char *db, char *name, ...@@ -5019,11 +5006,7 @@ check_routine_access(THD *thd, ulong want_access,char *db, char *name,
0, no_errors, 0)) 0, no_errors, 0))
return TRUE; return TRUE;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
return check_grant_routine(thd, want_access, tables, is_proc, no_errors); return check_grant_routine(thd, want_access, tables, is_proc, no_errors);
#else
return FALSE;
#endif
} }
...@@ -5113,6 +5096,7 @@ bool check_merge_table_access(THD *thd, char *db, ...@@ -5113,6 +5096,7 @@ bool check_merge_table_access(THD *thd, char *db,
return error; return error;
} }
#endif /*NO_EMBEDDED_ACCESS_CHECKS*/
/**************************************************************************** /****************************************************************************
Check stack size; Send error if there isn't enough stack to continue Check stack size; Send error if there isn't enough stack to continue
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment