Commit 9cd80779 authored by Vicențiu Ciorbaru's avatar Vicențiu Ciorbaru Committed by Sergei Golubchik

Added cascading role renames to the roles_mappings table.

TODO: Use an index search on the table, instead of scanning through it.
parent 1676658b
...@@ -6614,23 +6614,23 @@ static int handle_roles_mappings_table(TABLE *table, bool drop, ...@@ -6614,23 +6614,23 @@ static int handle_roles_mappings_table(TABLE *table, bool drop,
LEX_USER *user_from, LEX_USER *user_to) LEX_USER *user_from, LEX_USER *user_to)
{ {
/* /*
First we need to find out if the user_from represents a user, or a role. The first thing that needs to be checked is what we are renaming,
a user, or a role. In order to do this, perform a hash lookup over
acl_roles to find if a key exists.
If the user_from has a hostname different than '' it can not be a role. If the renaming involves renaming a role, all entries
If the user_from has an empty hostname, it _could_ be a role, but it is (HostFK, UserFk) that match user_from will be renamed,
not mandatory. as well as all RoleFk entries that match.
In this case perform a quick lookup in acl_roles to see if Otherwise, only matching (HostFk, UserFk) will be renamed.
it is already there. If it is not found, then the user fields are updated,
otherwise the role field gets updated.
*/ */
DBUG_ENTER("handle_roles_mappings_table"); DBUG_ENTER("handle_roles_mappings_table");
int error; int error;
int result= 0; int result= 0;
bool is_role= FALSE;
THD *thd= current_thd; THD *thd= current_thd;
const char *host, *user, *role; const char *host, *user, *role;
my_bool is_role= FALSE;
Field *host_field= table->field[0]; Field *host_field= table->field[0];
Field *user_field= table->field[1]; Field *user_field= table->field[1];
Field *role_field= table->field[2]; Field *role_field= table->field[2];
...@@ -6638,14 +6638,10 @@ static int handle_roles_mappings_table(TABLE *table, bool drop, ...@@ -6638,14 +6638,10 @@ static int handle_roles_mappings_table(TABLE *table, bool drop,
if (!user_from->host.length && find_acl_role(user_from->user.str)) if (!user_from->host.length && find_acl_role(user_from->user.str))
is_role= TRUE; is_role= TRUE;
/* DBUG_PRINT("info", ("Rewriting %s entry in roles_mappings table: %s %s",
Check if user_to is a valid role. If it is not a valid role, the change is_role ? "role" : "user",
fails. user_from->user.str,
*/ user_from->host.str));
if (is_role && user_to && user_to->host.length)
DBUG_RETURN(-1);
table->use_all_columns(); table->use_all_columns();
if ((error= table->file->ha_rnd_init(1))) if ((error= table->file->ha_rnd_init(1)))
{ {
...@@ -6662,23 +6658,18 @@ static int handle_roles_mappings_table(TABLE *table, bool drop, ...@@ -6662,23 +6658,18 @@ static int handle_roles_mappings_table(TABLE *table, bool drop,
DBUG_PRINT("info", ("scan error: %d", error)); DBUG_PRINT("info", ("scan error: %d", error));
continue; continue;
} }
if (!is_role)
{
if (! (host= get_field(thd->mem_root, host_field))) if (! (host= get_field(thd->mem_root, host_field)))
host= ""; host= "";
if (! (user= get_field(thd->mem_root, user_field))) if (! (user= get_field(thd->mem_root, user_field)))
user= ""; user= "";
if (strcmp(user_from->user.str, user) || if (!(strcmp(user_from->user.str, user) ||
my_strcasecmp(system_charset_info, user_from->host.str, host)) my_strcasecmp(system_charset_info, user_from->host.str, host)))
continue;
result= ((drop || user_to) && result= ((drop || user_to) &&
modify_grant_table(table, host_field, user_field, user_to)) ? modify_grant_table(table, host_field, user_field, user_to)) ?
-1 : result ? result : 1; /* Error or keep result or found. */ -1 : result ? result : 1; /* Error or keep result or found. */
} if (is_role)
else
{ {
if (! (role= get_field(thd->mem_root, role_field))) if (! (role= get_field(thd->mem_root, role_field)))
role= ""; role= "";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment