now we allow to careate VIEW without any privileges on view columns (except...

now we allow to careate VIEW without any privileges on view columns (except create view privilege) (BUG#5152) mysql-test/r/view.result: now we allow to careate VIEW without any privileges on view columns (except create view privilege) test of blocking try of getting more privileges on colemn with vierw using mysql-test/t/view.test: now we allow to careate VIEW without any privileges on view columns (except create view privilege) test of blocking try of getting more privileges on colemn with vierw using sql/sql_view.cc: now we allow to careate VIEW without any privileges on view columns (except create view privilege)

now we allow to careate VIEW without any privileges on view columns (except...
now we allow to careate VIEW without any privileges on view columns (except create view privilege) (BUG#5152) mysql-test/r/view.result: now we allow to careate VIEW without any privileges on view columns (except create view privilege) test of blocking try of getting more privileges on colemn with vierw using mysql-test/t/view.test: now we allow to careate VIEW without any privileges on view columns (except create view privilege) test of blocking try of getting more privileges on colemn with vierw using sql/sql_view.cc: now we allow to careate VIEW without any privileges on view columns (except create view privilege)
f284ce04 · unknown · 29ec367e · f284ce04 · f284ce04 · f284ce04
Commit f284ce04 authored Sep 17, 2004 by unknown
Show whitespace changes
Inline Side-by-side

Showing with 23 additions and 29 deletions

mysql-test/r/view.result mysql-test/r/view.result +7 -4

mysql-test/t/view.test mysql-test/t/view.test +14 -6

sql/sql_view.cc sql/sql_view.cc +2 -19

No files found.
--- a/mysql-test/r/view.result
+++ b/mysql-test/r/view.result
@@ -922,14 +922,17 @@ create table mysqltest.v3 (b int);
 grant create view on mysqltest.v3 to mysqltest_1@localhost;
 drop table mysqltest.v3;
 create view mysqltest.v3 as select b from mysqltest.t2;
-ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
-create table mysqltest.v3 (b int);
 grant create view, update on mysqltest.v3 to mysqltest_1@localhost;
-drop table mysqltest.v3;
+drop view mysqltest.v3;
 create view mysqltest.v3 as select b from mysqltest.t2;
-grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
+grant create view, update, insert on mysqltest.v3 to mysqltest_1@localhost;
 drop view mysqltest.v3;
 create view mysqltest.v3 as select b from mysqltest.t2;
+ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 'v3'
+create table mysqltest.v3 (b int);
+grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
+drop table mysqltest.v3;
+create view mysqltest.v3 as select b from mysqltest.t2;
 ERROR 42000: create view command denied to user 'mysqltest_1'@'localhost' for table 'v3'
 create view v4 as select b+1 from mysqltest.t2;
 ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't2'

--- a/mysql-test/t/view.test
+++ b/mysql-test/t/view.test
@@ -804,29 +804,37 @@ create view mysqltest.v1 as select * from mysqltest.t1;
 -- error 1143
 create view v3 as select a from mysqltest.t2;

-# give CRETEA VIEW privileges but without any privileges for result colemn
+# give CRETEA VIEW privileges (without any privileges for result colemn)
 connection root;
 create table mysqltest.v3 (b int);
 grant create view on mysqltest.v3 to mysqltest_1@localhost;
 drop table mysqltest.v3;
 connection user1;
-- error 1143
 create view mysqltest.v3 as select b from mysqltest.t2;

-# give UPDATE privileges -> create works
+# give UPDATE privileges
 connection root;
-create table mysqltest.v3 (b int);
 grant create view, update on mysqltest.v3 to mysqltest_1@localhost;
-drop table mysqltest.v3;
+drop view mysqltest.v3;
 connection user1;
 create view mysqltest.v3 as select b from mysqltest.t2;

+# give UPDATE and INSERT privilege (to get more privileges then anderlying
+# table)
+connection root;
+grant create view, update, insert on mysqltest.v3 to mysqltest_1@localhost;
+drop view mysqltest.v3;
+connection user1;
+-- error 1143
+create view mysqltest.v3 as select b from mysqltest.t2;
+

 # If give other privileges for VIEW then underlaying table have =>
 # creation prohibited
 connection root;
+create table mysqltest.v3 (b int);
 grant select(b) on mysqltest.v3 to mysqltest_1@localhost;
-drop view mysqltest.v3;
+drop table mysqltest.v3;
 connection user1;
 -- error 1142
 create view mysqltest.v3 as select b from mysqltest.t2;

--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -245,10 +245,9 @@ int mysql_create_view(THD *thd,
      if ((fld= item->filed_for_view_update()))
      {
        /*
-          There are no any privileges on VIEW column or there are
-          some other privileges then we have for underlaying table
+          Do we have more privilegeson view field then underlying table field
        */
-        if (priv == 0 || (~fld->have_privileges & priv))
+        if ((~fld->have_privileges & priv))
        {
          /* VIEW column has more privileges */
          my_printf_error(ER_COLUMNACCESS_DENIED_ERROR,
@@ -262,22 +261,6 @@ int mysql_create_view(THD *thd,
          DBUG_RETURN(-1);
        }
      }
-      else
-      {
-        if (!(priv & SELECT_ACL))
-        {
-          /* user have not privilege to SELECT expression */
-          my_printf_error(ER_COLUMNACCESS_DENIED_ERROR,
-                          ER(ER_COLUMNACCESS_DENIED_ERROR),
-                          MYF(0),
-                          "select",
-                          thd->priv_user,
-                          thd->host_or_ip,
-                          item->name,
-                          view->real_name);
-          DBUG_RETURN(-1);
-        }
-      }
    }
  }
 #endif