Commit f3c6ff1f authored by Georgi Kodinov's avatar Georgi Kodinov

null-merged the fix and kept the test for bug #41354 from 5.0-bugteam

parents cd5744db a9d70703
...@@ -921,6 +921,32 @@ c4 ...@@ -921,6 +921,32 @@ c4
DROP DATABASE mysqltest1; DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2; DROP DATABASE mysqltest2;
DROP USER mysqltest_u1@localhost; DROP USER mysqltest_u1@localhost;
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE VIEW v1 AS SELECT f1, f2 FROM t1;
GRANT SELECT (f1) ON t1 TO foo;
GRANT SELECT (f1) ON v1 TO foo;
USE db1;
SELECT f1 FROM t1;
f1
SELECT f2 FROM t1;
ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 't1'
SELECT * FROM t1;
ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 't1'
SELECT f1 FROM v1;
f1
SELECT f2 FROM v1;
ERROR 42000: SELECT command denied to user 'foo'@'localhost' for column 'f2' in table 'v1'
SELECT * FROM v1;
ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'v1'
USE test;
REVOKE SELECT (f1) ON db1.t1 FROM foo;
REVOKE SELECT (f1) ON db1.v1 FROM foo;
DROP USER foo;
DROP VIEW db1.v1;
DROP TABLE db1.t1;
DROP DATABASE db1;
End of 5.0 tests. End of 5.0 tests.
DROP VIEW IF EXISTS v1; DROP VIEW IF EXISTS v1;
DROP TABLE IF EXISTS t1; DROP TABLE IF EXISTS t1;
......
...@@ -1191,6 +1191,46 @@ DROP DATABASE mysqltest1; ...@@ -1191,6 +1191,46 @@ DROP DATABASE mysqltest1;
DROP DATABASE mysqltest2; DROP DATABASE mysqltest2;
DROP USER mysqltest_u1@localhost; DROP USER mysqltest_u1@localhost;
#
# Bug #41354: Access control is bypassed when all columns of a view are
# selected by * wildcard
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE VIEW v1 AS SELECT f1, f2 FROM t1;
GRANT SELECT (f1) ON t1 TO foo;
GRANT SELECT (f1) ON v1 TO foo;
connect (addconfoo, localhost, foo,,);
connection addconfoo;
USE db1;
SELECT f1 FROM t1;
--error ER_COLUMNACCESS_DENIED_ERROR
SELECT f2 FROM t1;
--error ER_TABLEACCESS_DENIED_ERROR
SELECT * FROM t1;
SELECT f1 FROM v1;
--error ER_COLUMNACCESS_DENIED_ERROR
SELECT f2 FROM v1;
--error ER_TABLEACCESS_DENIED_ERROR
SELECT * FROM v1;
connection default;
USE test;
disconnect addconfoo;
REVOKE SELECT (f1) ON db1.t1 FROM foo;
REVOKE SELECT (f1) ON db1.v1 FROM foo;
DROP USER foo;
DROP VIEW db1.v1;
DROP TABLE db1.t1;
DROP DATABASE db1;
--echo End of 5.0 tests. --echo End of 5.0 tests.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment