Commit c7e756f9 authored by serg@sergbook.mysql.com's avatar serg@sergbook.mysql.com

merged

parents 2aa98f89 12bf7dcd
...@@ -121,7 +121,7 @@ create database mysqltest; ...@@ -121,7 +121,7 @@ create database mysqltest;
create table mysqltest.t1 (a int,b int,c int); create table mysqltest.t1 (a int,b int,c int);
grant all on mysqltest.t1 to mysqltest_1@localhost; grant all on mysqltest.t1 to mysqltest_1@localhost;
alter table t1 rename t2; alter table t1 rename t2;
ERROR 42000: insert command denied to user 'mysqltest_1'@'localhost' for table 't2' ERROR 42000: INSERT,CREATE command denied to user: 'mysqltest_1@localhost' for table 't2'
revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
delete from mysql.user where user=_binary'mysqltest_1'; delete from mysql.user where user=_binary'mysqltest_1';
drop database mysqltest; drop database mysqltest;
......
...@@ -134,7 +134,7 @@ a b c a ...@@ -134,7 +134,7 @@ a b c a
1 1 1 test.t1 1 1 1 test.t1
2 2 2 test.t1 2 2 2 test.t1
select * from t2; select * from t2;
ERROR 42000: select command denied to user 'mysqltest_2'@'localhost' for table 't2' ERROR 42000: SELECT command denied to user: 'mysqltest_2@localhost' for table 't2'
show status like "Qcache_queries_in_cache"; show status like "Qcache_queries_in_cache";
Variable_name Value Variable_name Value
Qcache_queries_in_cache 6 Qcache_queries_in_cache 6
...@@ -148,7 +148,7 @@ select "user3"; ...@@ -148,7 +148,7 @@ select "user3";
user3 user3
user3 user3
select * from t1; select * from t1;
ERROR 42000: select command denied to user 'mysqltest_3'@'localhost' for column 'b' in table 't1' ERROR 42000: SELECT command denied to user: 'mysqltest_3@localhost' for column 'b' in table 't1'
select a from t1; select a from t1;
a a
1 1
...@@ -156,7 +156,7 @@ a ...@@ -156,7 +156,7 @@ a
select c from t1; select c from t1;
ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1' ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1'
select * from t2; select * from t2;
ERROR 42000: select command denied to user 'mysqltest_3'@'localhost' for table 't2' ERROR 42000: SELECT command denied to user: 'mysqltest_3@localhost' for table 't2'
select mysqltest.t1.c from test.t1,mysqltest.t1; select mysqltest.t1.c from test.t1,mysqltest.t1;
ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1' ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for column 'c' in table 't1'
show status like "Qcache_queries_in_cache"; show status like "Qcache_queries_in_cache";
......
...@@ -2256,6 +2256,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, ...@@ -2256,6 +2256,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list,
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
if (!revoke_grant)
{
if (columns.elements && !revoke_grant) if (columns.elements && !revoke_grant)
{ {
TABLE *table; TABLE *table;
...@@ -2267,19 +2269,25 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, ...@@ -2267,19 +2269,25 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list,
while ((column = column_iter++)) while ((column = column_iter++))
{ {
uint unused_field_idx= NO_CACHED_FIELD_INDEX; uint unused_field_idx= NO_CACHED_FIELD_INDEX;
if (!find_field_in_table(thd,table,column->column.ptr(), Field *f= find_field_in_table(thd,table,column->column.ptr(),
column->column.length(),0,0, column->column.length(),1,0,&unused_field_idx);
&unused_field_idx)) if (!f)
{ {
my_error(ER_BAD_FIELD_ERROR, MYF(0), my_error(ER_BAD_FIELD_ERROR, MYF(0),
column->column.c_ptr(), table_list->alias); column->column.c_ptr(), table_list->alias);
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
if (f == (Field*)-1)
{
DBUG_RETURN(-1);
}
column_priv|= column->rights; column_priv|= column->rights;
} }
close_thread_tables(thd); close_thread_tables(thd);
} }
else if (!(rights & CREATE_ACL) && !revoke_grant) else
{
if (!(rights & CREATE_ACL))
{ {
char buf[FN_REFLEN]; char buf[FN_REFLEN];
sprintf(buf,"%s/%s/%s.frm",mysql_data_home, table_list->db, sprintf(buf,"%s/%s/%s.frm",mysql_data_home, table_list->db,
...@@ -2291,6 +2299,17 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, ...@@ -2291,6 +2299,17 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list,
DBUG_RETURN(-1); DBUG_RETURN(-1);
} }
} }
if (table_list->grant.want_privilege)
{
char command[128];
get_privilege_desc(command, sizeof(command),
table_list->grant.want_privilege);
my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
command, thd->priv_user, thd->host_or_ip, table_list->alias);
DBUG_RETURN(-1);
}
}
}
/* open the mysql.tables_priv and mysql.columns_priv tables */ /* open the mysql.tables_priv and mysql.columns_priv tables */
...@@ -2773,25 +2792,8 @@ err: ...@@ -2773,25 +2792,8 @@ err:
rw_unlock(&LOCK_grant); rw_unlock(&LOCK_grant);
if (!no_errors) // Not a silent skip of table if (!no_errors) // Not a silent skip of table
{ {
const char *command=""; char command[128];
if (want_access & SELECT_ACL) get_privilege_desc(command, sizeof(command), want_access);
command= "select";
else if (want_access & INSERT_ACL)
command= "insert";
else if (want_access & UPDATE_ACL)
command= "update";
else if (want_access & DELETE_ACL)
command= "delete";
else if (want_access & DROP_ACL)
command= "drop";
else if (want_access & CREATE_ACL)
command= "create";
else if (want_access & ALTER_ACL)
command= "alter";
else if (want_access & INDEX_ACL)
command= "index";
else if (want_access & GRANT_ACL)
command= "grant";
net_printf(thd,ER_TABLEACCESS_DENIED_ERROR, net_printf(thd,ER_TABLEACCESS_DENIED_ERROR,
command, command,
thd->priv_user, thd->priv_user,
...@@ -2906,11 +2908,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table) ...@@ -2906,11 +2908,8 @@ bool check_grant_all_columns(THD *thd, ulong want_access, TABLE *table)
err: err:
rw_unlock(&LOCK_grant); rw_unlock(&LOCK_grant);
err2: err2:
const char *command= ""; char command[128];
if (want_access & SELECT_ACL) get_privilege_desc(command, sizeof(command), want_access);
command= "select";
else if (want_access & INSERT_ACL)
command= "insert";
my_printf_error(ER_COLUMNACCESS_DENIED_ERROR, my_printf_error(ER_COLUMNACCESS_DENIED_ERROR,
ER(ER_COLUMNACCESS_DENIED_ERROR), ER(ER_COLUMNACCESS_DENIED_ERROR),
MYF(0), MYF(0),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment