sql/sql_acl.cc

report correct errror in MODE_NO_AUTO_CREATE_USER cleanup after merge fixes mysql-test/r/grant2.result: updated after merge mysql-test/r/grant3.result: updated after merge mysql-test/r/rpl_temporary.result: sqlstate fixed mysql-test/t/grant2.test: updated after merge mysql-test/t/grant3.test: updated after merge sql/share/errmsg.txt: sqlstate fixed sql/sql_acl.cc: report correct errror in MODE_NO_AUTO_CREATE_USER cleanup

sql/sql_acl.cc
report correct errror in MODE_NO_AUTO_CREATE_USER cleanup after merge fixes mysql-test/r/grant2.result: updated after merge mysql-test/r/grant3.result: updated after merge mysql-test/r/rpl_temporary.result: sqlstate fixed mysql-test/t/grant2.test: updated after merge mysql-test/t/grant3.test: updated after merge sql/share/errmsg.txt: sqlstate fixed sql/sql_acl.cc: report correct errror in MODE_NO_AUTO_CREATE_USER cleanup
c9659f0e · unknown · d27a709f · c9659f0e · c9659f0e · c9659f0e
Commit c9659f0e authored Mar 23, 2005 by unknown
7 changed files
--- a/mysql-test/r/grant2.result
+++ b/mysql-test/r/grant2.result
@@ -31,7 +31,6 @@ select current_user;
 current_user
 mysqltest_1@localhost
 grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
-ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
 ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
 set @@sql_mode='NO_AUTO_CREATE_USER';
@@ -39,16 +38,17 @@ select @@sql_mode;
 @@sql_mode
 NO_AUTO_CREATE_USER
 grant select on `my\_1`.* to mysqltest_4@localhost with grant option;
-ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
+ERROR 42000: Can't find any matching row in the user table
 grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass'
 with grant option;
-ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT CREATE USER ON *.* TO 'mysqltest_1'@'localhost'
 GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
 show grants for mysqltest_2@localhost;
-ERROR 42000: There is no such grant defined for user 'mysqltest_2' on host 'localhost'
+Grants for mysqltest_2@localhost
+GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
+GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
 show grants for mysqltest_3@localhost;
 ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
 delete from mysql.user where user like 'mysqltest\_%';
@@ -78,9 +78,9 @@ flush privileges;
 create table t1 (a int, b int);
 grant select (a) on t1 to mysqltest_1@localhost with grant option;
 grant select (a,b) on t1 to mysqltest_2@localhost;
-ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
+ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'
 grant select on t1 to mysqltest_3@localhost;
-ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
+ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'
 drop table t1;
 delete from mysql.user where user like 'mysqltest\_%';
 delete from mysql.db where user like 'mysqltest\_%';
@@ -165,8 +165,6 @@ GRANT INSERT ON "test".* TO 'mysqltest_1'@'%'
 GRANT UPDATE (c2) ON "test"."t2" TO 'mysqltest_1'@'%'
 GRANT UPDATE ON "test"."t1" TO 'mysqltest_1'@'%'
 drop user 'mysqltest_1', 'mysqltest_3';
-grant all on test.t1 to 'mysqltest_1';
-ERROR HY000: You are not allowed to create a user with GRANT
 drop user 'mysqltest_1';
 ERROR HY000: Operation DROP USER failed for 'mysqltest_1'@'%'
 drop table t1, t2;

--- a/mysql-test/r/grant3.result
+++ b/mysql-test/r/grant3.result
@@ -6,10 +6,11 @@ delete from mysql.tables_priv where user like 'mysqltest\_%';
 delete from mysql.columns_priv where user like 'mysqltest\_%';
 flush privileges;
 create user mysqltest_1@localhost;
-grant grant option on mysql.* to mysqltest_1@localhost;
+grant create user on *.* to mysqltest_1@localhost;
 grant select on `my\_1`.* to mysqltest_1@localhost with grant option;
 grant select on `my\_1`.* to mysqltest_2@localhost;
-ERROR HY000: You are not allowed to create a user with GRANT
+ERROR 42000: You are not allowed to create a user with GRANT
+create user mysqltest_2@localhost;
 delete from mysql.user where user like 'mysqltest\_%';
 delete from mysql.db where user like 'mysqltest\_%';
 delete from mysql.tables_priv where user like 'mysqltest\_%';

--- a/mysql-test/r/rpl_temporary.result
+++ b/mysql-test/r/rpl_temporary.result
@@ -7,12 +7,12 @@ start slave;
 reset master;
 SET @save_select_limit=@@session.sql_select_limit;
 SET @@session.sql_select_limit=10, @@session.pseudo_thread_id=100;
-ERROR HY000: Access denied; you need the SUPER privilege for this operation
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
 SELECT @@session.sql_select_limit = @save_select_limit;
 @@session.sql_select_limit = @save_select_limit
 1
 SET @@session.sql_select_limit=10, @@session.sql_log_bin=0;
-ERROR HY000: Access denied; you need the SUPER privilege for this operation
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
 SELECT @@session.sql_select_limit = @save_select_limit;
 @@session.sql_select_limit = @save_select_limit
 1

--- a/mysql-test/t/grant2.test
+++ b/mysql-test/t/grant2.test
@@ -57,7 +57,6 @@ connect (user1,localhost,mysqltest_1,,);
 connection user1;
 select current_user();
 select current_user;
--error 1211
 grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
 --error 1044
 grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
@@ -67,14 +66,16 @@ grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
 #
 set @@sql_mode='NO_AUTO_CREATE_USER';
 select @@sql_mode;
--error 1211
+#
+# GRANT without IDENTIFIED BY does not create new users
+#
+--error 1133
 grant select on `my\_1`.* to mysqltest_4@localhost with grant option;
 grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass'
 with grant option;
 disconnect user1;
 connection default;
 show grants for mysqltest_1@localhost;
--error 1141
 show grants for mysqltest_2@localhost;
 --error 1141
 show grants for mysqltest_3@localhost;
@@ -116,9 +117,9 @@ create table t1 (a int, b int);
 grant select (a) on t1 to mysqltest_1@localhost with grant option;
 connect (mrugly, localhost, mysqltest_1,,mysqltest);
 connection mrugly;
--error 1211
+--error 1143
 grant select (a,b) on t1 to mysqltest_2@localhost;
--error 1211
+--error 1142
 grant select on t1 to mysqltest_3@localhost;
 disconnect mrugly;
@@ -177,10 +178,6 @@ select host,db,user,table_name from mysql.tables_priv where user like 'mysqltest
 select host,db,user,table_name,column_name from mysql.columns_priv where user like 'mysqltest_%' order by host,db,user,table_name,column_name;
 show grants for 'mysqltest_1';
 drop user 'mysqltest_1', 'mysqltest_3';
-#
-# Grant must not create user
--error 1410
-grant all on test.t1 to 'mysqltest_1';
 --error 1396
 drop user 'mysqltest_1';
 #

--- a/mysql-test/t/grant3.test
+++ b/mysql-test/t/grant3.test
@@ -16,12 +16,13 @@ delete from mysql.columns_priv where user like 'mysqltest\_%';
 flush privileges;
 create user mysqltest_1@localhost;
-grant grant option on mysql.* to mysqltest_1@localhost;
+grant create user on *.* to mysqltest_1@localhost;
 grant select on `my\_1`.* to mysqltest_1@localhost with grant option;
 connect (user_a,localhost,mysqltest_1,,);
 connection user_a;
 --error 1410
 grant select on `my\_1`.* to mysqltest_2@localhost;
+create user mysqltest_2@localhost;
 disconnect user_a;
 connection default;

--- a/sql/share/errmsg.txt
+++ b/sql/share/errmsg.txt
@@ -4637,7 +4637,7 @@ ER_USER_LIMIT_REACHED 42000
 	rus " '%-.64s'    '%s' ( : %ld)"
 	spa "Usuario '%-.64s' ha excedido el recurso '%s' (actual valor: %ld)"
 	swe "Anvndare '%-.64s' har verskridit '%s' (nuvarande vrde: %ld)"
-ER_SPECIFIC_ACCESS_DENIED_ERROR  
+ER_SPECIFIC_ACCESS_DENIED_ERROR 42000 
 	nla "Toegang geweigerd. U moet het %-.128s privilege hebben voor deze operatie"
 	eng "Access denied; you need the %-.128s privilege for this operation"
 	ger "Befehl nicht zulssig. Hierfr wird die Berechtigung %-.128s bentigt"
@@ -5332,5 +5332,5 @@ ER_STARTUP
 	eng "%s: ready for connections.\nVersion: '%s'  socket: '%s'  port: %d  %s"
 ER_LOAD_FROM_FIXED_SIZE_ROWS_TO_VAR
        eng "Can't load value from file with fixed size rows to variable"
-ER_CANT_CREATE_USER_WITH_GRANT
+ER_CANT_CREATE_USER_WITH_GRANT 42000
 	eng "You are not allowed to create a user with GRANT"
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -1586,7 +1586,7 @@ static bool test_if_create_new_users(THD *thd)
 static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo,
 			      ulong rights, bool revoke_grant,
-			      bool create_user)
+			      bool can_create_user, bool no_auto_create)
 {
  int error = -1;
  bool old_row_exists=0;
@@ -1640,8 +1640,12 @@ static int replace_user_table(THD *thd, TABLE *table, const LEX_USER &combo,
      see also test_if_create_new_users()
    */
-    else if (((thd->variables.sql_mode & MODE_NO_AUTO_CREATE_USER) &&
+    else if (!password_len && no_auto_create)
-              !password_len) || !create_user)
+    {
+      my_error(ER_PASSWORD_NO_MATCH, MYF(0), combo.user.str, combo.host.str);
+      goto end;
+    }
+    else if (!can_create_user)
    {
      my_error(ER_CANT_CREATE_USER_WITH_GRANT, MYF(0),
               thd->user, thd->host_or_ip);
@@ -2724,7 +2728,8 @@ bool mysql_table_grant(THD *thd, TABLE_LIST *table_list,
    /* Create user if needed */
    pthread_mutex_lock(&acl_cache->lock);
    error=replace_user_table(thd, tables[0].table, *Str,
-			     0, revoke_grant, create_new_users);
+			     0, revoke_grant, create_new_users,
+                             thd->variables.sql_mode & MODE_NO_AUTO_CREATE_USER);
    pthread_mutex_unlock(&acl_cache->lock);
    if (error)
    {
@@ -2929,7 +2934,8 @@ bool mysql_procedure_grant(THD *thd, TABLE_LIST *table_list,
    /* Create user if needed */
    pthread_mutex_lock(&acl_cache->lock);
    error=replace_user_table(thd, tables[0].table, *Str,
-			     0, revoke_grant, create_new_users);
+			     0, revoke_grant, create_new_users,
+                             thd->variables.sql_mode & MODE_NO_AUTO_CREATE_USER);
    pthread_mutex_unlock(&acl_cache->lock);
    if (error)
    {
@@ -3053,11 +3059,9 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list,
      result= -1;
      continue;
    }
-    if ((replace_user_table(thd,
+    if (replace_user_table(thd, tables[0].table, *Str,
-			    tables[0].table,
+                           (!db ? rights : 0), revoke_grant, create_new_users,
-			    *Str,
+                           thd->variables.sql_mode & MODE_NO_AUTO_CREATE_USER))
-			    (!db ? rights : 0), revoke_grant,
-			    create_new_users)))
      result= -1;
    else if (db)
    {
@@ -4826,13 +4830,11 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list)
    }
    sql_mode= thd->variables.sql_mode;
-    thd->variables.sql_mode&= ~MODE_NO_AUTO_CREATE_USER;
+    if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0))
-    if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1))
    {
      append_user(&wrong_users, user_name);
      result= TRUE;
    }
-    thd->variables.sql_mode= sql_mode;
  }
  VOID(pthread_mutex_unlock(&acl_cache->lock));
@@ -4988,7 +4990,7 @@ bool mysql_revoke_all(THD *thd,  List <LEX_USER> &list)
    }
    if (replace_user_table(thd, tables[0].table,
-			   *lex_user, ~0, 1, 0))
+                           *lex_user, ~0, 1, 0, 0))
    {
      result= -1;
      continue;