Skip to content

M
MariaDB
Commit 2ba70f69 authored by Sergei Golubchik's avatar Sergei Golubchik
Browse files
Options

cleanup: reduce code duplication

parent 0b5b2f86
Hide whitespace changes
Inline Side-by-side
Showing with 21 additions and 45 deletions
sql/sql_acl.cc
View file @ 2ba70f69
......@@ -7130,6 +7130,17 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
}
static void check_grant_column_int(GRANT_TABLE *grant_table, const char *name,
uint length, ulong *want_access)
{
if (grant_table)
{
GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length);
if (grant_column)
*want_access&= ~grant_column->rights;
}
}
/*
Check column rights in given security context
......@@ -7152,9 +7163,6 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
const char *db_name, const char *table_name,
const char *name, uint length, Security_context *sctx)
{
GRANT_TABLE *grant_table;
GRANT_TABLE *grant_table_role;
GRANT_COLUMN *grant_column;
ulong want_access= grant->want_privilege & ~grant->privilege;
DBUG_ENTER("check_grant_column");
DBUG_PRINT("enter", ("table: %s want_access: %lu", table_name, want_access));
......@@ -7179,45 +7187,18 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
grant->version= grant_version; /* purecov: inspected */
}
grant_table= grant->grant_table_user;
grant_table_role= grant->grant_table_role;
if (!grant_table && !grant_table_role)
goto err;
check_grant_column_int(grant->grant_table_user, name, length, &want_access);
check_grant_column_int(grant->grant_table_role, name, length, &want_access);
if (grant_table)
{
grant_column= column_hash_search(grant_table, name, length);
if (grant_column)
{
want_access&= ~grant_column->rights;
}
}
if (grant_table_role)
{
grant_column= column_hash_search(grant_table_role, name, length);
if (grant_column)
{
want_access&= ~grant_column->rights;
}
}
mysql_rwlock_unlock(&LOCK_grant);
if (!want_access)
{
mysql_rwlock_unlock(&LOCK_grant);
DBUG_RETURN(0);
}
err:
mysql_rwlock_unlock(&LOCK_grant);
char command[128];
get_privilege_desc(command, sizeof(command), want_access);
/* TODO perhaps error should print current rolename aswell */
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
command,
sctx->priv_user,
sctx->host_or_ip,
name,
table_name);
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), command, sctx->priv_user,
sctx->host_or_ip, name, table_name);
DBUG_RETURN(1);
}
......
sql/sql_base.cc
View file @ 2ba70f69
......@@ -8306,15 +8306,11 @@ bool setup_tables(THD *thd, Name_resolution_context *context,
FALSE ok; In this case *map will include the chosen index
TRUE error
*/
bool setup_tables_and_check_access(THD *thd,
Name_resolution_context *context,
bool setup_tables_and_check_access(THD *thd, Name_resolution_context *context,
List<TABLE_LIST> *from_clause,
TABLE_LIST *tables,
List<TABLE_LIST> &leaves,
bool select_insert,
ulong want_access_first,
ulong want_access,
bool full_table_list)
TABLE_LIST *tables, List<TABLE_LIST> &leaves,
bool select_insert, ulong want_access_first,
ulong want_access, bool full_table_list)
{
DBUG_ENTER("setup_tables_and_check_access");
......
sql/sql_update.cc
View file @ 2ba70f69
......@@ -1119,8 +1119,7 @@ bool mysql_prepare_update(THD *thd, TABLE_LIST *table_list,
DBUG_RETURN(TRUE);
if (setup_tables_and_check_access(thd, &select_lex->context,
&select_lex->top_join_list,
table_list,
&select_lex->top_join_list, table_list,
select_lex->leaf_tables,
FALSE, UPDATE_ACL, SELECT_ACL, TRUE) ||
setup_conds(thd, table_list, select_lex->leaf_tables, conds) ||
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7