Merge mysql.com:/home/hf/work/31960/my51-31960

into mysql.com:/home/hf/work/31868/my51-31868

Merge mysql.com:/home/hf/work/31960/my51-31960
into mysql.com:/home/hf/work/31868/my51-31868
a66f6223 · holyfoot/hf@hfmain.(none) · 7435683d · dc2f1c3d · a66f6223 · a66f6223
Commit a66f6223 authored Nov 20, 2007 by holyfoot/hf@hfmain.(none)
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 19 deletions

sql/mysql_priv.h sql/mysql_priv.h +37 -1

sql/sql_parse.cc sql/sql_parse.cc +2 -18

No files found.
--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@@ -679,7 +679,9 @@ extern my_decimal decimal_zero;
 void free_items(Item *item);
 void cleanup_items(Item *item);
 class THD;
-void close_thread_tables(THD *thd);
+void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
+
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
 bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables);
 bool check_single_table_access(THD *thd, ulong privilege,
 			   TABLE_LIST *tables, bool no_errors);
@@ -688,6 +690,24 @@ bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
 bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
 bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list);
 bool check_some_routine_access(THD *thd, const char *db, const char *name, bool is_proc);
+#else
+inline bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables)
+{ return false; }
+inline bool check_single_table_access(THD *thd, ulong privilege,
+			   TABLE_LIST *tables, bool no_errors)
+{ return false; }
+inline bool check_routine_access(THD *thd,ulong want_access,char *db,
+                                 char *name, bool is_proc, bool no_errors)
+{ return false; }
+inline bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table)
+{ return false; }
+inline bool check_merge_table_access(THD *thd, char *db, TABLE_LIST *table_list)
+{ return false; }
+inline bool check_some_routine_access(THD *thd, const char *db,
+                                      const char *name, bool is_proc)
+{ return false; }
+#endif /*NO_EMBEDDED_ACCESS_CHECKS*/
+
 bool multi_update_precheck(THD *thd, TABLE_LIST *tables);
 bool multi_delete_precheck(THD *thd, TABLE_LIST *tables);
 bool mysql_multi_update_prepare(THD *thd);
@@ -991,11 +1011,27 @@ void kill_mysql(void);
 void close_connection(THD *thd, uint errcode, bool lock);
 bool reload_acl_and_cache(THD *thd, ulong options, TABLE_LIST *tables, 
                          bool *write_to_binlog);
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
 bool check_access(THD *thd, ulong access, const char *db, ulong *save_priv,
 		  bool no_grant, bool no_errors, bool schema_db);
 bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
 			bool no_errors);
 bool check_global_access(THD *thd, ulong want_access);
+#else
+inline bool check_access(THD *thd, ulong access, const char *db,
+                         ulong *save_priv, bool no_grant, bool no_errors,
+                         bool schema_db)
+{
+  if (save_priv)
+    *save_priv= GLOBAL_ACLS;
+  return false;
+}
+inline bool check_table_access(THD *thd, ulong want_access, TABLE_LIST *tables,
+			bool no_errors)
+{ return false; }
+inline bool check_global_access(THD *thd, ulong want_access)
+{ return false; }
+#endif /*NO_EMBEDDED_ACCESS_CHECKS*/

 /*
  Support routine for SQL parser on partitioning syntax

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -3890,14 +3890,12 @@ mysql_execute_command(THD *thd)
 	  thd->server_status|= SERVER_MORE_RESULTS_EXISTS;
 	}

-#ifndef NO_EMBEDDED_ACCESS_CHECKS
 	if (check_routine_access(thd, EXECUTE_ACL,
 				 sp->m_db.str, sp->m_name.str, TRUE, FALSE))
 	{
 	  thd->net.no_send_ok= save_no_send_ok;
 	  goto error;
 	}
-#endif
 	select_limit= thd->variables.select_limit;
 	thd->variables.select_limit= HA_POS_ERROR;

@@ -4577,6 +4575,7 @@ static bool execute_sqlcom_select(THD *thd, TABLE_LIST *all_tables)
 }


+#ifndef NO_EMBEDDED_ACCESS_CHECKS
 /*
  Check grants for commands which work only with one table.

@@ -4694,7 +4693,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
 	     bool dont_check_global_grants, bool no_errors, bool schema_db)
 {
  Security_context *sctx= thd->security_ctx;
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
  ulong db_access;
  /*
    GRANT command:
@@ -4707,7 +4705,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
  */
  bool  db_is_pattern= (test(want_access & GRANT_ACL) &&
                        dont_check_global_grants);
-#endif
  ulong dummy;
  DBUG_ENTER("check_access");
  DBUG_PRINT("enter",("db: %s  want_access: %lu  master_access: %lu",
@@ -4746,9 +4743,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
    }
  }

-#ifdef NO_EMBEDDED_ACCESS_CHECKS
-  DBUG_RETURN(0);
-#else
  if ((sctx->master_access & want_access) == want_access)
  {
    /*
@@ -4806,7 +4800,6 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
                         thd->db :
                         "unknown")));          /* purecov: tested */
  DBUG_RETURN(TRUE);				/* purecov: tested */
-#endif /* NO_EMBEDDED_ACCESS_CHECKS */
 }


@@ -4831,16 +4824,12 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,

 bool check_global_access(THD *thd, ulong want_access)
 {
-#ifdef NO_EMBEDDED_ACCESS_CHECKS
-  return 0;
-#else
  char command[128];
  if ((thd->security_ctx->master_access & want_access))
    return 0;
  get_privilege_desc(command, sizeof(command), want_access);
  my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
  return 1;
-#endif /* NO_EMBEDDED_ACCESS_CHECKS */
 }


@@ -4930,9 +4919,7 @@ bool
 check_table_access(THD *thd, ulong want_access,TABLE_LIST *tables,
 		   bool no_errors)
 {
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
  TABLE_LIST *org_tables= tables;
-#endif
  TABLE_LIST *first_not_own_table= thd->lex->first_not_own_table();
  Security_context *sctx= thd->security_ctx, *backup_ctx= thd->security_ctx;
  /*
@@ -5019,11 +5006,7 @@ check_routine_access(THD *thd, ulong want_access,char *db, char *name,
 			0, no_errors, 0))
    return TRUE;
  
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
    return check_grant_routine(thd, want_access, tables, is_proc, no_errors);
-#else
-  return FALSE;
-#endif
 }


@@ -5113,6 +5096,7 @@ bool check_merge_table_access(THD *thd, char *db,
  return error;
 }

+#endif /*NO_EMBEDDED_ACCESS_CHECKS*/

 /****************************************************************************
 	Check stack size; Send error if there isn't enough stack to continue