Merge tnurnberg@bk-internal.mysql.com:/home/bk/mysql-5.1-maint

into  mysql.com:/scratch/tnurnberg/20901/51-20901
parents 5a42bb96 b7599f4b
...@@ -763,6 +763,44 @@ t2 CREATE TABLE `t2` ( ...@@ -763,6 +763,44 @@ t2 CREATE TABLE `t2` (
drop table t1, t2; drop table t1, t2;
create table t1(a set("a,b","c,d") not null); create table t1(a set("a,b","c,d") not null);
ERROR 22007: Illegal set 'a,b' value found during parsing ERROR 22007: Illegal set 'a,b' value found during parsing
create database mysqltest;
use mysqltest;
grant create on mysqltest.* to mysqltest@localhost;
create table t1 (i INT);
insert into t1 values (1);
ERROR 42000: INSERT command denied to user 'mysqltest'@'localhost' for table 't1'
create table t2 (i INT);
create table t4 (i INT);
grant select, insert on mysqltest.t2 to mysqltest@localhost;
grant insert on mysqltest.t4 to mysqltest@localhost;
grant create, insert on mysqltest.t5 to mysqltest@localhost;
grant create, insert on mysqltest.t6 to mysqltest@localhost;
flush privileges;
insert into t2 values (1);
create table if not exists t1 select * from t2;
ERROR 42000: INSERT command denied to user 'mysqltest'@'localhost' for table 't1'
create table if not exists t3 select * from t2;
ERROR 42000: INSERT command denied to user 'mysqltest'@'localhost' for table 't3'
create table if not exists t4 select * from t2;
Warnings:
Note 1050 Table 't4' already exists
create table if not exists t5 select * from t2;
create table t6 select * from t2;
create table t7 select * from t2;
ERROR 42000: INSERT command denied to user 'mysqltest'@'localhost' for table 't7'
create table t4 select * from t2;
ERROR 42S01: Table 't4' already exists
create table t1 select * from t2;
ERROR 42000: INSERT command denied to user 'mysqltest'@'localhost' for table 't1'
drop table t1,t2,t4,t5,t6;
revoke create on mysqltest.* from mysqltest@localhost;
revoke select, insert on mysqltest.t2 from mysqltest@localhost;
revoke insert on mysqltest.t4 from mysqltest@localhost;
revoke create, insert on mysqltest.t5 from mysqltest@localhost;
revoke create, insert on mysqltest.t6 from mysqltest@localhost;
flush privileges;
drop database mysqltest;
use test;
create table t1 (i int) engine=myisam max_rows=100000000000; create table t1 (i int) engine=myisam max_rows=100000000000;
show create table t1; show create table t1;
Table Create Table Table Create Table
......
...@@ -658,6 +658,82 @@ drop table t1, t2; ...@@ -658,6 +658,82 @@ drop table t1, t2;
--error 1367 --error 1367
create table t1(a set("a,b","c,d") not null); create table t1(a set("a,b","c,d") not null);
#
# Bug #20901 - CREATE privilege is enough to insert into a table
#
create database mysqltest;
use mysqltest;
grant create on mysqltest.* to mysqltest@localhost;
create table t1 (i INT);
connect (user1,localhost,mysqltest,,mysqltest);
connection user1;
# show we don't have INSERT
--error 1142
insert into t1 values (1);
# show we have CREATE
create table t2 (i INT);
create table t4 (i INT);
connection default;
grant select, insert on mysqltest.t2 to mysqltest@localhost;
grant insert on mysqltest.t4 to mysqltest@localhost;
# to specify ACLs for non-existent objects, must explictly |CREATE
grant create, insert on mysqltest.t5 to mysqltest@localhost;
grant create, insert on mysqltest.t6 to mysqltest@localhost;
flush privileges;
connection user1;
insert into t2 values (1);
# CREATE IF NOT EXISTS...SELECT, t1 exists, no INSERT, must fail
--error 1142
create table if not exists t1 select * from t2;
# CREATE IF NOT EXISTS...SELECT, no t3 yet, no INSERT, must fail
--error 1142
create table if not exists t3 select * from t2;
# CREATE IF NOT EXISTS...SELECT, t4 exists, have INSERT, must succeed
create table if not exists t4 select * from t2;
# CREATE IF NOT EXISTS...SELECT, no t5 yet, have INSERT, must succeed
create table if not exists t5 select * from t2;
# CREATE...SELECT, no t6 yet, have INSERT, must succeed
create table t6 select * from t2;
# CREATE...SELECT, no t7 yet, no INSERT, must fail
--error 1142
create table t7 select * from t2;
# CREATE...SELECT, t4 exists, have INSERT, must still fail (exists)
--error 1050
create table t4 select * from t2;
# CREATE...SELECT, t1 exists, no INSERT, must fail
--error 1142
create table t1 select * from t2;
connection default;
drop table t1,t2,t4,t5,t6;
revoke create on mysqltest.* from mysqltest@localhost;
revoke select, insert on mysqltest.t2 from mysqltest@localhost;
revoke insert on mysqltest.t4 from mysqltest@localhost;
revoke create, insert on mysqltest.t5 from mysqltest@localhost;
revoke create, insert on mysqltest.t6 from mysqltest@localhost;
flush privileges;
disconnect user1;
drop database mysqltest;
use test;
# End of 4.1 tests # End of 4.1 tests
......
...@@ -6980,8 +6980,15 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables, ...@@ -6980,8 +6980,15 @@ bool create_table_precheck(THD *thd, TABLE_LIST *tables,
bool error= TRUE; // Error message is given bool error= TRUE; // Error message is given
DBUG_ENTER("create_table_precheck"); DBUG_ENTER("create_table_precheck");
/*
Require CREATE [TEMPORARY] privilege on new table; for
CREATE TABLE ... SELECT, also require INSERT.
*/
want_priv= ((lex->create_info.options & HA_LEX_CREATE_TMP_TABLE) ? want_priv= ((lex->create_info.options & HA_LEX_CREATE_TMP_TABLE) ?
CREATE_TMP_ACL : CREATE_ACL); CREATE_TMP_ACL : CREATE_ACL) |
(select_lex->item_list.elements ? INSERT_ACL : 0);
if (check_access(thd, want_priv, create_table->db, if (check_access(thd, want_priv, create_table->db,
&create_table->grant.privilege, 0, 0, &create_table->grant.privilege, 0, 0,
test(create_table->schema_table)) || test(create_table->schema_table)) ||
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment