- 18 Oct, 2013 40 commits
-
-
Sergei Golubchik authored
-
Sergei Golubchik authored
CREATE ROLE xxx WITH ADMIN yyy GRANT xxx TO yyy WITH ADMIN OPTION REVOKE ADMIN OPTION FOR xxx FROM yyy
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
sql/sp.cc: don't split "user@host" string in db_load_routine, because the caller needs to generate it from user and host. instead pass user and host directly into db_load_routine sql/sql_parse.cc: 1. REVOKE ALL doesn't need invoker. 2. make sp_process_definer() reusable sql/sql_trigger.cc: don't duplicate the code from sp_process_definer(), reuse it sql/sql_view.cc: don't duplicate the code from sp_process_definer(), reuse it
-
Sergei Golubchik authored
* work as documented, use CURRENT_USER() * move the check for ER_PASSWORD_ANONYMOUS_USER where it can actually work
-
Sergei Golubchik authored
than an empty host '' is the same as any-host wildcard '%'. Replace '' with '%' in the parser (for GRANT ... foo@'') and when loading grant tables. Side effect: one cannot have foo@'' and foo@'%' both at the same time (but one can have foo@'%' and foo@'%%')
-
Sergei Golubchik authored
-
Vicențiu Ciorbaru authored
Also fixed possible memory exploit by repeteadly calling: GRANT role to user; where role was already granted to user.
-
Vicențiu Ciorbaru authored
should deal with users, while role related functions should deal with roles.
-
Vicențiu Ciorbaru authored
TODO: Privilege checks are not done upon executing the command.
-
Vicențiu Ciorbaru authored
Fixed segmentation fault caused in traverse_role_graph by previous commit
-
Vicențiu Ciorbaru authored
was halted on a cycle detect. Now the to_clear array is populated during the open event and not the close event.
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
-
Sergei Golubchik authored
because parser might modify the lex->user (e.g. set lex->user-password). switch to use LEX_STRING current_user string, and also change other similar constants to be LEX_STRING's for consistency.
-
Sergei Golubchik authored
-
Sergei Golubchik authored
mysql-test/r/acl_roles_show_grants.result: one can do SHOW GRANTS for himself mysql-test/t/acl_roles_set_role-table-column-priv.test: correct error message mysql-test/t/acl_roles_show_grants.test: one can SHOW GRANTS for himself sql/sql_acl.cc: bugfixing: * don't assign with && - it can shortcut and the second assignment won't be executed * correct the test in check_grant_all_columns() - want_access should not be modified * sql/sql_cmd.h.OTHER: add new commands at the end sql/sql_db.cc: don't call acl_get() if all privileges are already satisfied (crashes when run with --skip-grants, because acl data stuctures aren't initialized) sql/sql_parse.cc: * test for current_user in get_current_user() * map explicitly specified user@host to current_user
-
Sergei Golubchik authored
-
Vicențiu Ciorbaru authored
The command only currenty affects in memory data structures. Writing to the roles_mapping table needs to be implemented.
-
Vicențiu Ciorbaru authored
The warnings present in the set_role_routine-simple testcase will be removed when reworking the grant privilege to call.
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
to the hash_columns' original elements (GRANT_COLUMN)
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
Also updated tests to reflect new show grants functionality.
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
The output is not completely correct due to recursive role grants not being completly implemented. However, this will help with testing the implementation of set role with recursive grants.
-
Vicențiu Ciorbaru authored
The function now performs a DEPTH FIRST SEARCH on the role graph. At various key points: on_start, on_open, on_cycle, on_finish, the function calls one of the corresponding functions passed as parameters.
-
Vicențiu Ciorbaru authored
-
Vicențiu Ciorbaru authored
function. The function will be used to help print roles privileges recursively.
-
Vicențiu Ciorbaru authored
function. The function will be used to help print roles privileges recursively.
-