Commit 75ca0554 authored by gkodinov@mysql.com's avatar gkodinov@mysql.com

Bug #20482: failure on Create join view with sources views/tables in different

            schemas
The function check_one_table_access() called to check access to tables in 
SELECT/INSERT/UPDATE was doing additional checks/modifications that don't hold
in the context of setup_tables_and_check_access().
That's why the check_one_table() was split into two : the functionality needed by
setup_tables_and_check_access() into check_single_table_access() and the rest of 
the functionality stays in check_one_table_access() that is made to call the new
check_single_table_access() function.
parent ee2e2d0c
......@@ -618,3 +618,15 @@ ERROR HY000: There is no 'no-such-user'@'localhost' registered
DROP VIEW v;
DROP TABLE t1;
USE test;
CREATE DATABASE test1;
CREATE DATABASE test2;
CREATE TABLE test1.t0 (a VARCHAR(20));
CREATE TABLE test2.t1 (a VARCHAR(20));
CREATE VIEW test2.t3 AS SELECT * FROM test1.t0;
CREATE OR REPLACE VIEW test.v1 AS
SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
DROP VIEW test.v1;
DROP VIEW test2.t3;
DROP TABLE test2.t1, test1.t0;
DROP DATABASE test2;
DROP DATABASE test1;
......@@ -807,3 +807,24 @@ SELECT * FROM v;
DROP VIEW v;
DROP TABLE t1;
USE test;
#
# BUG#20482: failure on Create join view with sources views/tables
# in different schemas
#
--disable_warnings
CREATE DATABASE test1;
CREATE DATABASE test2;
--enable_warnings
CREATE TABLE test1.t0 (a VARCHAR(20));
CREATE TABLE test2.t1 (a VARCHAR(20));
CREATE VIEW test2.t3 AS SELECT * FROM test1.t0;
CREATE OR REPLACE VIEW test.v1 AS
SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
DROP VIEW test.v1;
DROP VIEW test2.t3;
DROP TABLE test2.t1, test1.t0;
DROP DATABASE test2;
DROP DATABASE test1;
......@@ -513,6 +513,8 @@ class THD;
void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
bool check_one_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables);
bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *tables);
bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
bool is_proc, bool no_errors);
bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
......
......@@ -4545,7 +4545,7 @@ bool setup_tables_and_check_access(THD *thd,
for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf)
if (leaves_tmp->belong_to_view &&
check_one_table_access(thd, want_access, leaves_tmp))
check_single_table_access(thd, want_access, leaves_tmp))
{
tables->hide_view_error(thd);
return TRUE;
......
......@@ -4978,11 +4978,10 @@ mysql_execute_command(THD *thd)
/*
Check grants for commands which work only with one table and all other
tables belonging to subselects or implicitly opened tables.
Check grants for commands which work only with one table.
SYNOPSIS
check_one_table_access()
check_single_table_access()
thd Thread handler
privilege requested privilege
all_tables global table list of query
......@@ -4992,7 +4991,8 @@ mysql_execute_command(THD *thd)
1 - access denied, error is sent to client
*/
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
bool check_single_table_access(THD *thd, ulong privilege,
TABLE_LIST *all_tables)
{
Security_context * backup_ctx= thd->security_ctx;
......@@ -5010,19 +5010,41 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
goto deny;
thd->security_ctx= backup_ctx;
return 0;
deny:
thd->security_ctx= backup_ctx;
return 1;
}
/*
Check grants for commands which work only with one table and all other
tables belonging to subselects or implicitly opened tables.
SYNOPSIS
check_one_table_access()
thd Thread handler
privilege requested privilege
all_tables global table list of query
RETURN
0 - OK
1 - access denied, error is sent to client
*/
bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
{
if (check_single_table_access (thd,privilege,all_tables))
return 1;
/* Check rights on tables of subselects and implictly opened tables */
TABLE_LIST *subselects_tables;
if ((subselects_tables= all_tables->next_global))
{
if ((check_table_access(thd, SELECT_ACL, subselects_tables, 0)))
goto deny;
return 1;
}
return 0;
deny:
thd->security_ctx= backup_ctx;
return 1;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment