Mirrors
/
mariadb
mirror of https://github.com/MariaDB/server
3
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
203082 Commits
3261 Branches
1092 Tags
1.2 GiB
Tree: 78d23a3e60
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '78d23a3e60'
${ noResults }
mariadb/mysql-test/main/sp-security.test

1681 lines
42 KiB
Raw Normal View History

WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Cleanup tests and results after merge from 4.1 of embedded server testing cleanups. mysql-test/r/innodb.result: Update results mysql-test/r/insert_select-binlog.result: Update results mysql-test/r/mix_innodb_myisam_binlog.result: Update results mysql-test/r/ps_1general.result: Update results mysql-test/r/ps_grant.result: Update results mysql-test/r/view.result: Update results mysql-test/t/client_xml.test: Skip test with embedded server mysql-test/t/flush_read_lock_kill.test: Skip test with embedded server mysql-test/t/grant3.test: Skip test with embedded server mysql-test/t/information_schema.test: Skip test with embedded server mysql-test/t/innodb.test: Fix up filenames mysql-test/t/multi_update.test: Skip test with embedded server mysql-test/t/mysqlshow.test: Skip test with embedded server mysql-test/t/ps_1general.test: Move grant-related tests to ps_grant, and fix cleanup of filename mysql-test/t/ps_grant.test: Add additional tests mysql-test/t/sp-security.test: Skip test with embedded server mysql-test/t/user_limits.test: Skip test with embedded server mysql-test/t/view.test: Split grant-related tests to new test file view_grant
21 years ago
Updated mtr files to support different compiled in options This allows one to run the test suite even if any of the following options are changed: - character-set-server - collation-server - join-cache-level - log-basename - max-allowed-packet - optimizer-switch - query-cache-size and query-cache-type - skip-name-resolve - table-definition-cache - table-open-cache - Some innodb options etc Changes: - Don't print out the value of system variables as one can't depend on them to being constants. - Don't set global variables to 'default' as the default may not be the same as the test was started with if there was an additional option file. Instead save original value and reset it at end of test. - Test that depends on the latin1 character set should include default_charset.inc or set the character set to latin1 - Test that depends on the original optimizer switch, should include default_optimizer_switch.inc - Test that depends on the value of a specific system variable should set it in the test (like optimizer_use_condition_selectivity) - Split subselect3.test into subselect3.test and subselect3.inc to make it easier to set and reset system variables. - Added .opt files for test that required specfic options that could be changed by external configuration files. - Fixed result files in rockdsb & tokudb that had not been updated for a while.
6 years ago
MDEV-19123 Change default charset from latin1 to utf8mb4 Changing the default server character set from latin1 to utf8mb4.
1 year ago
Cleanup tests and results after merge from 4.1 of embedded server testing cleanups. mysql-test/r/innodb.result: Update results mysql-test/r/insert_select-binlog.result: Update results mysql-test/r/mix_innodb_myisam_binlog.result: Update results mysql-test/r/ps_1general.result: Update results mysql-test/r/ps_grant.result: Update results mysql-test/r/view.result: Update results mysql-test/t/client_xml.test: Skip test with embedded server mysql-test/t/flush_read_lock_kill.test: Skip test with embedded server mysql-test/t/grant3.test: Skip test with embedded server mysql-test/t/information_schema.test: Skip test with embedded server mysql-test/t/innodb.test: Fix up filenames mysql-test/t/multi_update.test: Skip test with embedded server mysql-test/t/mysqlshow.test: Skip test with embedded server mysql-test/t/ps_1general.test: Move grant-related tests to ps_grant, and fix cleanup of filename mysql-test/t/ps_grant.test: Add additional tests mysql-test/t/sp-security.test: Skip test with embedded server mysql-test/t/user_limits.test: Skip test with embedded server mysql-test/t/view.test: Split grant-related tests to new test file view_grant
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
- fixed the "sp-security" test case: drop any possible already existing table to avoid failing if a previous test failure left the t1 table around mysql-test/t/sp-security.test: - drop any possible already existing table to avoid failing if a previous test failure left the t1 table around
21 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for bug#57061 "User without privilege on routine can discover its existence". The problem was that user without any privileges on routine was able to find out whether it existed or not. DROP FUNCTION and DROP PROCEDURE statements were checking if routine being dropped existed and reported ER_SP_DOES_NOT_EXIST error/warning before checking if user had enough privileges to drop it. This patch solves this problem by changing code not to check if routine exists before checking if user has enough privileges to drop it. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist. This change also simplifies one of upcoming patches refactoring global read lock implementation. mysql-test/r/grant.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/r/sp-security.result: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. mysql-test/suite/funcs_1/r/innodb_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/memory_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/myisam_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/storedproc/storedproc_06.inc: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/t/grant.test: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/t/sp-security.test: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. sql/sp.cc: Removed sp_routine_exists_in_table() which is no longer used. sql/sp.h: Removed sp_routine_exists_in_table() which is no longer used. sql/sql_parse.cc: When dropping routine we no longer check if routine exists before checking if user has enough privileges to do so. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist.
15 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for bug#57061 "User without privilege on routine can discover its existence". The problem was that user without any privileges on routine was able to find out whether it existed or not. DROP FUNCTION and DROP PROCEDURE statements were checking if routine being dropped existed and reported ER_SP_DOES_NOT_EXIST error/warning before checking if user had enough privileges to drop it. This patch solves this problem by changing code not to check if routine exists before checking if user has enough privileges to drop it. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist. This change also simplifies one of upcoming patches refactoring global read lock implementation. mysql-test/r/grant.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/r/sp-security.result: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. mysql-test/suite/funcs_1/r/innodb_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/memory_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/myisam_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/storedproc/storedproc_06.inc: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/t/grant.test: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/t/sp-security.test: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. sql/sp.cc: Removed sp_routine_exists_in_table() which is no longer used. sql/sp.h: Removed sp_routine_exists_in_table() which is no longer used. sql/sql_parse.cc: When dropping routine we no longer check if routine exists before checking if user has enough privileges to do so. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist.
15 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#3339: Stored procedures in nonexistent schemas are uncallable. Also added some related security tests and corrected related error messages. mysql-test/r/sp-error.result: New test case for BUG#3339, and updated results for other modified error messages. mysql-test/r/sp-security.result: Added tests for creating procedures in another database with and wihout access rights. mysql-test/t/sp-error.test: New test case for BUG#3339. mysql-test/t/sp-security.test: Added tests for creating procedures in another database with and wihout access rights. sql/sp.cc: Check existance (and access rights) for database when creating a stored routine. sql/sp.h: New error return value for sp_create_* functions, for non existing database. sql/sql_parse.cc: Check error return for create stored routine (non existing database), and corrected the error output for some other commands. (Use qualified name, not just name.)
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 2: Make SPs belong to a DB, and use qualified names. As a side effect, using USE in an SP is no longer allowed. (It just doesn't work otherwise.) include/mysqld_error.h: New error code (USE is no longer allowed in a stored procedure). include/sql_state.h: New error state (USE is no longer allowed in a stored procedure). mysql-test/r/sp-error.result: Updated result for test of USE in SP (not allowed now). mysql-test/r/sp-security.result: Updated test results for new db column and qualified procedured names. mysql-test/r/sp.result: Updated results for USE in SP (as it's no longer allowed), and for new db column in status result. mysql-test/t/sp-error.test: Moved test of USE in SP from sp.test (as it's no longer allowed). mysql-test/t/sp-security.test: Ajusted tests for new db column and qualified procedured names. mysql-test/t/sp.test: Moved test of USE in SP to sp-error.test (as it's no longer allowed). Adjusted tests for new db column in status result. sql/mysql_priv.h: mysql_change_db() now has optional arguments for use by SP with qualified names. sql/share/czech/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/danish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/dutch/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/english/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/estonian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/french/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/german/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/greek/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/hungarian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/italian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/japanese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/korean/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian-ny/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/norwegian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/polish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/portuguese/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/romanian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/russian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/serbian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/slovak/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/spanish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/swedish/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/share/ukrainian/errmsg.txt: New error message: USE is not allowed in a stored procedure. sql/sp.cc: SPs are now "belong" to a DB and may have qualified names. New functions for changing DB ("use") when parsing and invoking SPs. sql/sp.h: New functions for changing DB ("use") when parsing and invoking SPs. sql/sp_cache.cc: Use the qualified name in the SP cache. sql/sp_head.cc: New function for allocating a qualified SP name (used in sql_yacc.yy). Change DB when executing an SP (if needed). Moved thd_mem_root swap functions from sp_head.h. sql/sp_head.h: New function for allocating a qualified SP name (used in sql_yacc.yy). Moved thd_mem_root swap functions to sp_head.cc. sql/sql_db.cc: mysql_change_db() now has optional arguments for use by SP with qualified names (for use when reading an SP from database and executing it); also allow "unusing" a database, i.e. setting thd->thd to "". sql/sql_yacc.yy: Initialize qualfied SP names correctly. USE is no longer allowed in an SP.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 3: Made qualified names work for functions as well. mysql-test/r/sp-security.result: New testcases for functions with qualified names. mysql-test/t/sp-security.test: New testcases for functions with qualified names. sql/item_func.cc: Added error handling for stored function, if it doesn't exist. sql/item_func.h: Set null_value if execution of a stored function fails. sql/mysql_priv.h: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sp.cc: Copied mysql_change_db() from sql_db.cc and modified specially for SPs. sql/sp_head.cc: Fixed error handling for errors in functions during query/statement execution. sql/sql_db.cc: Reverted previous change: No optional args for mysql_change_db(). (SPs use a specially tailored function instead.) sql/sql_yacc.yy: Reworked the stored function/UDF invokation parsing and added qualified names for stored functions. UDFs now have precedence over stored functions (whith unqualified name). When using an unqualified name, only IDENT_sys is allowed (i.e. no unreserved keywords), since we get unresolvable reduce/reduce conflicts otherwise.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege. ...and no ALTER privilege either. For now, only the definer and root can drop or alter an SP. include/mysqld_error.h: New access denied error code when dropping/altering stored procedures. include/sql_state.h: New access denied error code when dropping/altering stored procedures. mysql-test/r/sp-error.result: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/r/sp-security.result: Added tests for access control on who's allowed to drop and alter SPs. mysql-test/r/sp.result: Updated results. (Warning removed.) mysql-test/t/sp-error.test: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/t/sp-security.test: Added tests for access control on who's allowed to drop and alter SPs. sql/share/czech/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/danish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/dutch/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/english/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/estonian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/french/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/german/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/greek/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/hungarian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/italian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/japanese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/korean/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian-ny/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/polish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/portuguese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/romanian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/russian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/serbian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/slovak/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/spanish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/swedish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/ukrainian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/sql_parse.cc: Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer and root are allowed to do this. sql/sql_yacc.yy: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.)
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege. ...and no ALTER privilege either. For now, only the definer and root can drop or alter an SP. include/mysqld_error.h: New access denied error code when dropping/altering stored procedures. include/sql_state.h: New access denied error code when dropping/altering stored procedures. mysql-test/r/sp-error.result: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/r/sp-security.result: Added tests for access control on who's allowed to drop and alter SPs. mysql-test/r/sp.result: Updated results. (Warning removed.) mysql-test/t/sp-error.test: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/t/sp-security.test: Added tests for access control on who's allowed to drop and alter SPs. sql/share/czech/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/danish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/dutch/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/english/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/estonian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/french/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/german/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/greek/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/hungarian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/italian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/japanese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/korean/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian-ny/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/polish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/portuguese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/romanian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/russian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/serbian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/slovak/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/spanish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/swedish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/ukrainian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/sql_parse.cc: Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer and root are allowed to do this. sql/sql_yacc.yy: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.)
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege. ...and no ALTER privilege either. For now, only the definer and root can drop or alter an SP. include/mysqld_error.h: New access denied error code when dropping/altering stored procedures. include/sql_state.h: New access denied error code when dropping/altering stored procedures. mysql-test/r/sp-error.result: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/r/sp-security.result: Added tests for access control on who's allowed to drop and alter SPs. mysql-test/r/sp.result: Updated results. (Warning removed.) mysql-test/t/sp-error.test: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/t/sp-security.test: Added tests for access control on who's allowed to drop and alter SPs. sql/share/czech/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/danish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/dutch/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/english/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/estonian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/french/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/german/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/greek/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/hungarian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/italian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/japanese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/korean/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian-ny/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/polish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/portuguese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/romanian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/russian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/serbian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/slovak/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/spanish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/swedish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/ukrainian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/sql_parse.cc: Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer and root are allowed to do this. sql/sql_yacc.yy: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.)
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege. ...and no ALTER privilege either. For now, only the definer and root can drop or alter an SP. include/mysqld_error.h: New access denied error code when dropping/altering stored procedures. include/sql_state.h: New access denied error code when dropping/altering stored procedures. mysql-test/r/sp-error.result: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/r/sp-security.result: Added tests for access control on who's allowed to drop and alter SPs. mysql-test/r/sp.result: Updated results. (Warning removed.) mysql-test/t/sp-error.test: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/t/sp-security.test: Added tests for access control on who's allowed to drop and alter SPs. sql/share/czech/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/danish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/dutch/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/english/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/estonian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/french/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/german/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/greek/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/hungarian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/italian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/japanese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/korean/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian-ny/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/polish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/portuguese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/romanian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/russian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/serbian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/slovak/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/spanish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/swedish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/ukrainian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/sql_parse.cc: Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer and root are allowed to do this. sql/sql_yacc.yy: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.)
21 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#6030: Stored procedure has no appropriate DROP privilege. ...and no ALTER privilege either. For now, only the definer and root can drop or alter an SP. include/mysqld_error.h: New access denied error code when dropping/altering stored procedures. include/sql_state.h: New access denied error code when dropping/altering stored procedures. mysql-test/r/sp-error.result: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/r/sp-security.result: Added tests for access control on who's allowed to drop and alter SPs. mysql-test/r/sp.result: Updated results. (Warning removed.) mysql-test/t/sp-error.test: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.) mysql-test/t/sp-security.test: Added tests for access control on who's allowed to drop and alter SPs. sql/share/czech/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/danish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/dutch/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/english/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/estonian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/french/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/german/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/greek/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/hungarian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/italian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/japanese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/korean/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian-ny/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/norwegian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/polish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/portuguese/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/romanian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/russian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/serbian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/slovak/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/spanish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/swedish/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/share/ukrainian/errmsg.txt: New access denied error message when dropping/altering stored procedures. sql/sql_parse.cc: Added minimal access control for DROP/ALTER PROCEDURE/FUNCTION. Only the definer and root are allowed to do this. sql/sql_yacc.yy: Removed warning for "unitialized variable", as this popped up in unexpected places after the access control for drop/alter SPs was added. (And the warning was wrong and planned to be removed anyway.)
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Check warnings in servers error log as part of test case BitKeeper/deleted/.del-rpl_bug33931-slave.opt: Delete: mysql-test/suite/rpl/t/rpl_bug33931-slave.opt mysql-test/include/default_mysqld.cnf: Set a default name for "log-bin" mysql-test/mysql-test-run.pl: Check for warnings in mysqld error log files after each testcase, using SQL mysql-test/lib/mtr_cases.pm: Make mtr_match into a perl module mysql-test/lib/mtr_match.pm: Make mtr_match into a perl module mysql-test/lib/mtr_report.pm: Make mtr_match into a perl module Print warnings if testcase failed from warnings mysql-test/r/information_schema.result: Be more selective which databases and tables are select in the queries mysql-test/r/mysql_upgrade.result: Update result, mysql_upgrade will check _all_ databases mysql-test/r/mysqlcheck.result: Update result, mysql_upgrade should check _all_ databases mysql-test/r/sp-destruct.result: Be more selective which databases and tables are select in the queries mysql-test/r/sp-error.result: Backup and restore mysql.proc table mysql-test/r/sp-security.result: Be more selective which databases and tables are select in the queries mysql-test/r/sp.result: Be more selective which databases and tables are select in the queries mysql-test/suite/rpl/r/rpl_bug33931.result: Move the setting of debug flag into the test file instead of in -slave.opt Add supression mysql-test/suite/rpl/r/rpl_idempotency.result: Add supression Add master-slave-end.inc mysql-test/suite/rpl/t/rpl_bug33931.test: Move the setting of debug flag into the test file instead of in -slave.opt Add supression mysql-test/suite/rpl/t/rpl_idempotency.test: Add supression Add master-slave-end.inc mysql-test/t/information_schema.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp-destruct.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp-error.test: Backup and restore mysql.proc table mysql-test/t/sp-security.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp.test: Be more selective which databases and tables are select in the queries mysql-test/include/check-warnings.test: New BitKeeper file ``mysql-test/include/check-warnings.test'' mysql-test/include/mtr_warnings.sql: New BitKeeper file ``mysql-test/include/mtr_warnings.sql''
18 years ago
WL#1365: Implement definer's rights execution of stored procedures. (Also put the hostpart back in the definer column.) mysql-test/r/sp-error.result: Moved error test from sp.test mysql-test/r/sp.result: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. mysql-test/t/sp-error.test: Moved error test from sp.test mysql-test/t/sp.test: Moved error test to sp-error.test. Put hostpart back into definer column in mysql.proc. sql/item_func.cc: (Maybe) switch security context before invoking a stored function. sql/sp.cc: Renamed creator into definer, for more consistent terminology, and put the hostpart back. sql/sp_head.cc: Some fixes in the way things are allocated, and moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sp_head.h: Moved set_info() definition here from sp_head.h. creator is now called definer, and is split into a user and host part. Added functions for (possible) change and restore of privileges, for sql security definer calls. sql/sql_acl.cc: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_acl.h: New function acl_getroot_no_password() for getting the privileges used when calling an SP with sql security definer. sql/sql_parse.cc: (Maybe) switch security context before invoking a stored procedure. sql/sql_yacc.yy: Fixed typo.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 4 (final): Remove associated stored procedures when a database is dropped. mysql-test/r/sp-security.result: drop database now deletes associated SPs. mysql-test/r/sp.result: drop database now deletes associated SPs. mysql-test/t/sp-security.test: drop database now deletes associated SPs. mysql-test/t/sp.test: drop database now deletes associated SPs. sql/sp.cc: New function for deleting all SPs associated with a database. sql/sp.h: New function for deleting all SPs associated with a database. sql/sp_cache.cc: New function for just invalidating all SP caches (when dropping a database). sql/sp_cache.h: New function for just invalidating all SP caches (when dropping a database). sql/sql_db.cc: When dropping a database, also delete all associated SPs.
22 years ago
Check warnings in servers error log as part of test case BitKeeper/deleted/.del-rpl_bug33931-slave.opt: Delete: mysql-test/suite/rpl/t/rpl_bug33931-slave.opt mysql-test/include/default_mysqld.cnf: Set a default name for "log-bin" mysql-test/mysql-test-run.pl: Check for warnings in mysqld error log files after each testcase, using SQL mysql-test/lib/mtr_cases.pm: Make mtr_match into a perl module mysql-test/lib/mtr_match.pm: Make mtr_match into a perl module mysql-test/lib/mtr_report.pm: Make mtr_match into a perl module Print warnings if testcase failed from warnings mysql-test/r/information_schema.result: Be more selective which databases and tables are select in the queries mysql-test/r/mysql_upgrade.result: Update result, mysql_upgrade will check _all_ databases mysql-test/r/mysqlcheck.result: Update result, mysql_upgrade should check _all_ databases mysql-test/r/sp-destruct.result: Be more selective which databases and tables are select in the queries mysql-test/r/sp-error.result: Backup and restore mysql.proc table mysql-test/r/sp-security.result: Be more selective which databases and tables are select in the queries mysql-test/r/sp.result: Be more selective which databases and tables are select in the queries mysql-test/suite/rpl/r/rpl_bug33931.result: Move the setting of debug flag into the test file instead of in -slave.opt Add supression mysql-test/suite/rpl/r/rpl_idempotency.result: Add supression Add master-slave-end.inc mysql-test/suite/rpl/t/rpl_bug33931.test: Move the setting of debug flag into the test file instead of in -slave.opt Add supression mysql-test/suite/rpl/t/rpl_idempotency.test: Add supression Add master-slave-end.inc mysql-test/t/information_schema.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp-destruct.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp-error.test: Backup and restore mysql.proc table mysql-test/t/sp-security.test: Be more selective which databases and tables are select in the queries mysql-test/t/sp.test: Be more selective which databases and tables are select in the queries mysql-test/include/check-warnings.test: New BitKeeper file ``mysql-test/include/check-warnings.test'' mysql-test/include/mtr_warnings.sql: New BitKeeper file ``mysql-test/include/mtr_warnings.sql''
18 years ago
WL#1366: Use the schema (db) associated with an SP. Phase 4 (final): Remove associated stored procedures when a database is dropped. mysql-test/r/sp-security.result: drop database now deletes associated SPs. mysql-test/r/sp.result: drop database now deletes associated SPs. mysql-test/t/sp-security.test: drop database now deletes associated SPs. mysql-test/t/sp.test: drop database now deletes associated SPs. sql/sp.cc: New function for deleting all SPs associated with a database. sql/sp.h: New function for deleting all SPs associated with a database. sql/sp_cache.cc: New function for just invalidating all SP caches (when dropping a database). sql/sp_cache.h: New function for just invalidating all SP caches (when dropping a database). sql/sql_db.cc: When dropping a database, also delete all associated SPs.
22 years ago
Fixed BUG#2777: Stored procedure doesn't observe definer's rights. SQL SECURITY DEFINER must enforce reduced rights too, not just additional rights. mysql-test/r/sp-security.result: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. mysql-test/t/sp-security.test: Test case for BUG#2777: Make sure that SQL SECURITY DEFINER enforces reduced rights. sql/sql_acl.cc: Clear rights before changing them in acl_getroot_no_password so that reduced rights work too, and take care of db acls as well.
22 years ago
Add new option "check-testcases" to mysql-test-run.pl Cleanup the sideeffects from most of the testcases with sideeffects. mysql-test/mysql-test-run.pl: Add option "check-testcases" to mysql-test-run.pl Will execute "include/check-testcase.test" once before each tescase and record the output into "var/tmp/check-testcase.result" After the teastcase it will run again and this time compare the output with previously recorded file. mysql-test/r/analyze.result: Drop table t1 at end of test mysql-test/r/create_select_tmp.result: Drop table t1 at end of test mysql-test/r/ctype_cp932.result: Drop table t1 at end of test mysql-test/r/ctype_recoding.result: Drop table t1 at end of test mysql-test/r/grant2.result: Drop user mysqltest_2 and mysqltest_A@'%' mysql-test/r/join_outer.result: Drop view v1 to cleanup mysql-test/r/ps_1general.result: Drop table t1 at end of test mysql-test/r/query_cache.result: Drop function "f1" mysql-test/r/read_only.result: Reset the "read_only" flag mysql-test/r/rpl000001.result: Remove user "blafasel2" mysql-test/r/rpl000017.result: Remove user "replicate" mysql-test/r/rpl_failed_optimize.result: Drop table t1 to cleanup mysql-test/r/rpl_flush_tables.result: Drop tables t3, t4, t5 mysql-test/r/rpl_ignore_revoke.result: Delete user "user_foo" mysql-test/r/rpl_insert_id.result: Drop table t1 to cleanup mysql-test/r/rpl_loaddata.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_m.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_s.result: Drop tyable t1 to cleanup mysql-test/r/rpl_misc_functions.result: Drop tyable t1 to cleanup mysql-test/r/rpl_multi_update3.result: Drop tyable t1 and t2 to cleanup mysql-test/r/rpl_replicate_do.result: Drop tyable t1 to cleanup mysql-test/r/rpl_skip_error.result: Drop tyable t1 to cleanup mysql-test/r/rpl_slave_status.result: Drop tyable t1 to cleanup mysql-test/r/sp-prelocking.result: Drop view v1 and tables t1, t2, t3 and t4 to cleanup mysql-test/r/sp-security.result: Delete users to cleanup Delete remaining traces in tables_priv and procs_priv mysql-test/r/subselect_innodb.result: Drop procedure p1 to cleanup mysql-test/r/trigger-compat.result: Drop trigger wl2818_trg1 and wl2818_trg2. Drop table t1, t2 Drop database mysqltest_db1 And the users "mysqltest_dfn@localhost" and "mysqltest_inv@localhost" mysql-test/r/type_bit.result: Drop tables t1 and t2 to cleanup mysql-test/r/variables.result: Set GLOBAL max_join_size to 10 as it originally was in variables-master.opt mysql-test/r/view_grant.result: Dop user "test@localhost" to cleanup mysql-test/t/analyze.test: Drop table t1 to cleanup mysql-test/t/create_select_tmp.test: Drop table t1 to cleanup mysql-test/t/ctype_cp932.test: Drop table t1 to cleanup mysql-test/t/ctype_recoding.test: Drop table t1 to cleanup mysql-test/t/fulltext_var.test: Restore the original ft_boolean_syntax mysql-test/t/grant2.test: Drop users "mysqltest_2" and "mysqltest_A@'%'" to cleanup mysql-test/t/innodb_cache.test: Reset query_cache_size to original value mysql-test/t/join_outer.test: Drop view v1 to cleanup mysql-test/t/ps_1general.test: Drop table t1 to cleanup mysql-test/t/query_cache.test: Drop function "f1" to cleanup mysql-test/t/read_only.test: Reset the readonly flag mysql-test/t/rpl000001.test: Delete user "blafasel2" to cleanup mysql-test/t/rpl000017.test: Delete user "replicate" to cleanup mysql-test/t/rpl_failed_optimize.test: Drop table t1 to cleanup mysql-test/t/rpl_flush_tables.test: Droip table t3, t4 and t5 to cleanup mysql-test/t/rpl_ignore_revoke.test: Delet user "user_foo" to cleanup mysql-test/t/rpl_insert_id.test: drop table t1 to cleanup mysql-test/t/rpl_loaddata.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_m.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_s.test: Drop table t1 to cleanup mysql-test/t/rpl_misc_functions.test: Drop table t1 to cleanup mysql-test/t/rpl_multi_update3.test: Drop table t1 and t2 to cleanup mysql-test/t/rpl_replicate_do.test: Drop table t1 to cleanup mysql-test/t/rpl_skip_error.test: Drop table t1 to cleanup mysql-test/t/rpl_slave_status.test: Drop table t1 to cleanup mysql-test/t/sp-prelocking.test: Drop table t1, t2 t3 and t4 to cleanup Drop view v1 mysql-test/t/sp-security.test: Delete test users from mysql.user, mysql.db, mysql.procs_priv and mysql.tables_priv Drop table t1 to cleanup mysql-test/t/subselect_innodb.test: Drop procedure p1 to cleanup mysql-test/t/trigger-compat.test: Drop trigger wl2818_trg1 and wl2818_trg2 to cleanup Drop table t1, t2 Drop users drop database mysqltest_db1 mysql-test/t/type_bit.test: drop table t1 and t2 to cleanup mysql-test/t/variables-master.opt: Increase max_join_size to 100. mysql-test/t/variables.test: Set max_join_size to 10, which was the original value in variables-master.opt mysql-test/t/view_grant.test: Drop the user "test@localhost" mysql-test/include/check-testcase.test: New BitKeeper file ``mysql-test/include/check-testcase.test''
20 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Add new option "check-testcases" to mysql-test-run.pl Cleanup the sideeffects from most of the testcases with sideeffects. mysql-test/mysql-test-run.pl: Add option "check-testcases" to mysql-test-run.pl Will execute "include/check-testcase.test" once before each tescase and record the output into "var/tmp/check-testcase.result" After the teastcase it will run again and this time compare the output with previously recorded file. mysql-test/r/analyze.result: Drop table t1 at end of test mysql-test/r/create_select_tmp.result: Drop table t1 at end of test mysql-test/r/ctype_cp932.result: Drop table t1 at end of test mysql-test/r/ctype_recoding.result: Drop table t1 at end of test mysql-test/r/grant2.result: Drop user mysqltest_2 and mysqltest_A@'%' mysql-test/r/join_outer.result: Drop view v1 to cleanup mysql-test/r/ps_1general.result: Drop table t1 at end of test mysql-test/r/query_cache.result: Drop function "f1" mysql-test/r/read_only.result: Reset the "read_only" flag mysql-test/r/rpl000001.result: Remove user "blafasel2" mysql-test/r/rpl000017.result: Remove user "replicate" mysql-test/r/rpl_failed_optimize.result: Drop table t1 to cleanup mysql-test/r/rpl_flush_tables.result: Drop tables t3, t4, t5 mysql-test/r/rpl_ignore_revoke.result: Delete user "user_foo" mysql-test/r/rpl_insert_id.result: Drop table t1 to cleanup mysql-test/r/rpl_loaddata.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_m.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_s.result: Drop tyable t1 to cleanup mysql-test/r/rpl_misc_functions.result: Drop tyable t1 to cleanup mysql-test/r/rpl_multi_update3.result: Drop tyable t1 and t2 to cleanup mysql-test/r/rpl_replicate_do.result: Drop tyable t1 to cleanup mysql-test/r/rpl_skip_error.result: Drop tyable t1 to cleanup mysql-test/r/rpl_slave_status.result: Drop tyable t1 to cleanup mysql-test/r/sp-prelocking.result: Drop view v1 and tables t1, t2, t3 and t4 to cleanup mysql-test/r/sp-security.result: Delete users to cleanup Delete remaining traces in tables_priv and procs_priv mysql-test/r/subselect_innodb.result: Drop procedure p1 to cleanup mysql-test/r/trigger-compat.result: Drop trigger wl2818_trg1 and wl2818_trg2. Drop table t1, t2 Drop database mysqltest_db1 And the users "mysqltest_dfn@localhost" and "mysqltest_inv@localhost" mysql-test/r/type_bit.result: Drop tables t1 and t2 to cleanup mysql-test/r/variables.result: Set GLOBAL max_join_size to 10 as it originally was in variables-master.opt mysql-test/r/view_grant.result: Dop user "test@localhost" to cleanup mysql-test/t/analyze.test: Drop table t1 to cleanup mysql-test/t/create_select_tmp.test: Drop table t1 to cleanup mysql-test/t/ctype_cp932.test: Drop table t1 to cleanup mysql-test/t/ctype_recoding.test: Drop table t1 to cleanup mysql-test/t/fulltext_var.test: Restore the original ft_boolean_syntax mysql-test/t/grant2.test: Drop users "mysqltest_2" and "mysqltest_A@'%'" to cleanup mysql-test/t/innodb_cache.test: Reset query_cache_size to original value mysql-test/t/join_outer.test: Drop view v1 to cleanup mysql-test/t/ps_1general.test: Drop table t1 to cleanup mysql-test/t/query_cache.test: Drop function "f1" to cleanup mysql-test/t/read_only.test: Reset the readonly flag mysql-test/t/rpl000001.test: Delete user "blafasel2" to cleanup mysql-test/t/rpl000017.test: Delete user "replicate" to cleanup mysql-test/t/rpl_failed_optimize.test: Drop table t1 to cleanup mysql-test/t/rpl_flush_tables.test: Droip table t3, t4 and t5 to cleanup mysql-test/t/rpl_ignore_revoke.test: Delet user "user_foo" to cleanup mysql-test/t/rpl_insert_id.test: drop table t1 to cleanup mysql-test/t/rpl_loaddata.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_m.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_s.test: Drop table t1 to cleanup mysql-test/t/rpl_misc_functions.test: Drop table t1 to cleanup mysql-test/t/rpl_multi_update3.test: Drop table t1 and t2 to cleanup mysql-test/t/rpl_replicate_do.test: Drop table t1 to cleanup mysql-test/t/rpl_skip_error.test: Drop table t1 to cleanup mysql-test/t/rpl_slave_status.test: Drop table t1 to cleanup mysql-test/t/sp-prelocking.test: Drop table t1, t2 t3 and t4 to cleanup Drop view v1 mysql-test/t/sp-security.test: Delete test users from mysql.user, mysql.db, mysql.procs_priv and mysql.tables_priv Drop table t1 to cleanup mysql-test/t/subselect_innodb.test: Drop procedure p1 to cleanup mysql-test/t/trigger-compat.test: Drop trigger wl2818_trg1 and wl2818_trg2 to cleanup Drop table t1, t2 Drop users drop database mysqltest_db1 mysql-test/t/type_bit.test: drop table t1 and t2 to cleanup mysql-test/t/variables-master.opt: Increase max_join_size to 100. mysql-test/t/variables.test: Set max_join_size to 10, which was the original value in variables-master.opt mysql-test/t/view_grant.test: Drop the user "test@localhost" mysql-test/include/check-testcase.test: New BitKeeper file ``mysql-test/include/check-testcase.test''
20 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Bug#10246 - Parser: bad syntax for GRANT EXECUTE Rename some functions more fine-grained sp privileges make grant/revoke sp grammar less ambigious mysql-test/r/sp-security.result: change test for new syntax mysql-test/r/system_mysql_db.result: change test for new syntax mysql-test/t/sp-security.test: change test for new syntax scripts/mysql_create_system_tables.sh: now store routine_type for procs_priv scripts/mysql_fix_privilege_tables.sql: now store routine_type for procs_priv sql/item_func.cc: rename of function sql/mysql_priv.h: rename of function sql/sp_head.cc: extra arg for check_some_routine_access sql/sql_acl.cc: rename of function. now handle func/proc acls seperately sql/sql_acl.h: rename of function sql/sql_parse.cc: rename of function grants for procs handled distinctly from funcs sql/sql_show.cc: check_some_routine_access extra arg sql/sql_base.cc: fix for build sql/sql_yacc.yy: fix for build
21 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
Add new option "check-testcases" to mysql-test-run.pl Cleanup the sideeffects from most of the testcases with sideeffects. mysql-test/mysql-test-run.pl: Add option "check-testcases" to mysql-test-run.pl Will execute "include/check-testcase.test" once before each tescase and record the output into "var/tmp/check-testcase.result" After the teastcase it will run again and this time compare the output with previously recorded file. mysql-test/r/analyze.result: Drop table t1 at end of test mysql-test/r/create_select_tmp.result: Drop table t1 at end of test mysql-test/r/ctype_cp932.result: Drop table t1 at end of test mysql-test/r/ctype_recoding.result: Drop table t1 at end of test mysql-test/r/grant2.result: Drop user mysqltest_2 and mysqltest_A@'%' mysql-test/r/join_outer.result: Drop view v1 to cleanup mysql-test/r/ps_1general.result: Drop table t1 at end of test mysql-test/r/query_cache.result: Drop function "f1" mysql-test/r/read_only.result: Reset the "read_only" flag mysql-test/r/rpl000001.result: Remove user "blafasel2" mysql-test/r/rpl000017.result: Remove user "replicate" mysql-test/r/rpl_failed_optimize.result: Drop table t1 to cleanup mysql-test/r/rpl_flush_tables.result: Drop tables t3, t4, t5 mysql-test/r/rpl_ignore_revoke.result: Delete user "user_foo" mysql-test/r/rpl_insert_id.result: Drop table t1 to cleanup mysql-test/r/rpl_loaddata.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_m.result: Drop tyable t1 to cleanup mysql-test/r/rpl_loaddata_rule_s.result: Drop tyable t1 to cleanup mysql-test/r/rpl_misc_functions.result: Drop tyable t1 to cleanup mysql-test/r/rpl_multi_update3.result: Drop tyable t1 and t2 to cleanup mysql-test/r/rpl_replicate_do.result: Drop tyable t1 to cleanup mysql-test/r/rpl_skip_error.result: Drop tyable t1 to cleanup mysql-test/r/rpl_slave_status.result: Drop tyable t1 to cleanup mysql-test/r/sp-prelocking.result: Drop view v1 and tables t1, t2, t3 and t4 to cleanup mysql-test/r/sp-security.result: Delete users to cleanup Delete remaining traces in tables_priv and procs_priv mysql-test/r/subselect_innodb.result: Drop procedure p1 to cleanup mysql-test/r/trigger-compat.result: Drop trigger wl2818_trg1 and wl2818_trg2. Drop table t1, t2 Drop database mysqltest_db1 And the users "mysqltest_dfn@localhost" and "mysqltest_inv@localhost" mysql-test/r/type_bit.result: Drop tables t1 and t2 to cleanup mysql-test/r/variables.result: Set GLOBAL max_join_size to 10 as it originally was in variables-master.opt mysql-test/r/view_grant.result: Dop user "test@localhost" to cleanup mysql-test/t/analyze.test: Drop table t1 to cleanup mysql-test/t/create_select_tmp.test: Drop table t1 to cleanup mysql-test/t/ctype_cp932.test: Drop table t1 to cleanup mysql-test/t/ctype_recoding.test: Drop table t1 to cleanup mysql-test/t/fulltext_var.test: Restore the original ft_boolean_syntax mysql-test/t/grant2.test: Drop users "mysqltest_2" and "mysqltest_A@'%'" to cleanup mysql-test/t/innodb_cache.test: Reset query_cache_size to original value mysql-test/t/join_outer.test: Drop view v1 to cleanup mysql-test/t/ps_1general.test: Drop table t1 to cleanup mysql-test/t/query_cache.test: Drop function "f1" to cleanup mysql-test/t/read_only.test: Reset the readonly flag mysql-test/t/rpl000001.test: Delete user "blafasel2" to cleanup mysql-test/t/rpl000017.test: Delete user "replicate" to cleanup mysql-test/t/rpl_failed_optimize.test: Drop table t1 to cleanup mysql-test/t/rpl_flush_tables.test: Droip table t3, t4 and t5 to cleanup mysql-test/t/rpl_ignore_revoke.test: Delet user "user_foo" to cleanup mysql-test/t/rpl_insert_id.test: drop table t1 to cleanup mysql-test/t/rpl_loaddata.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_m.test: Drop table t1 to cleanup mysql-test/t/rpl_loaddata_rule_s.test: Drop table t1 to cleanup mysql-test/t/rpl_misc_functions.test: Drop table t1 to cleanup mysql-test/t/rpl_multi_update3.test: Drop table t1 and t2 to cleanup mysql-test/t/rpl_replicate_do.test: Drop table t1 to cleanup mysql-test/t/rpl_skip_error.test: Drop table t1 to cleanup mysql-test/t/rpl_slave_status.test: Drop table t1 to cleanup mysql-test/t/sp-prelocking.test: Drop table t1, t2 t3 and t4 to cleanup Drop view v1 mysql-test/t/sp-security.test: Delete test users from mysql.user, mysql.db, mysql.procs_priv and mysql.tables_priv Drop table t1 to cleanup mysql-test/t/subselect_innodb.test: Drop procedure p1 to cleanup mysql-test/t/trigger-compat.test: Drop trigger wl2818_trg1 and wl2818_trg2 to cleanup Drop table t1, t2 Drop users drop database mysqltest_db1 mysql-test/t/type_bit.test: drop table t1 and t2 to cleanup mysql-test/t/variables-master.opt: Increase max_join_size to 100. mysql-test/t/variables.test: Set max_join_size to 10, which was the original value in variables-master.opt mysql-test/t/view_grant.test: Drop the user "test@localhost" mysql-test/include/check-testcase.test: New BitKeeper file ``mysql-test/include/check-testcase.test''
20 years ago
WL#925 - Privileges for stored routines Implement fine-grained control over access to stored procedures Privileges are cached (same way as existing table/column privs) mysql-test/include/system_db_struct.inc: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/connect.result: WL#925 - Privileges for stored routines New system table: procs_priv mysql-test/r/grant.result: WL#925 - Privileges for stored routines user table has additional privilege attributes SHOW PRIVILEGES amended mysql-test/r/grant2.result: Fix result mysql-test/r/information_schema.result: WL#925 - Privileges for stored routines New system table procs_priv New user privileges mysql-test/r/show_check.result: Fix result mysql-test/r/sp-security.result: WL#925 - Privileges for stored routines Fix existing tests to work with new privileges New tests for new privileges mysql-test/r/sp.result: WL#925 - Privileges for stored routines Fix SHOW PRIVILEGES results mysql-test/r/system_mysql_db.result: WL#925 - Privileges for stored routines New system table: procs_priv user and db tables have new privilege attributes mysql-test/t/grant2.test: Fix test mysql-test/t/show_check.test: Fix test mysql-test/t/sp-security.test: WL#925 - Privileges for stored routines Allow existing tests to run with new privilege checks New tests for privileges mysql-test/t/system_mysql_db_fix.test: WL#925 - Privileges for stored routines New system table: procs_priv scripts/mysql_create_system_tables.sh: WL#925 - Privileges for stored routines db and user has new privilege attributes new system table: procs_priv scripts/mysql_fix_privilege_tables.sql: WL#925 - Privileges for stored routines new system table: procs_priv scripts/mysql_install_db.sh: WL#925 - Privileges for stored routines Amend comment sql/item_func.cc: WL#925 - Privileges for stored routines Privilege check for stored FUNCTION routine sql/lex.h: WL#925 - Privileges for stored routines new token ROUTINE sql/mysql_priv.h: WL#925 - Privileges for stored routines New function: check_procedure_access() sql/mysqld.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/set_var.cc: WL#925 - Privileges for stored routines system option automatic-sp-privileges sql/share/errmsg.txt: WL#925 - Privileges for stored routines rename errormessage to conform: ER_SP_ACCESS_DENIED_ERROR -> ER_PROCACCESS_DENIED_ERROR New error messages ER_NONEXISTING_PROC_GRANT, ER_PROC_AUTO_GRANT_FAIL, ER_PROC_AUTO_REVOKE_FAIL sql/sp.cc: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sp.h: WL#925 - Privileges for stored routines new function: sp_exists_routine() sql/sql_acl.cc: WL#925 - Privileges for stored routines Implementation for SP privileges. Privileges are cached in memory hash. New functions: mysql_procedure_grant() check_grant_procedure() sp_revoke_privileges() sp_grant_privileges() sql/sql_acl.h: WL#925 - Privileges for stored routines New privilege bits: CREATE_PROC_ACL, ALTER_PROC_ACL Alter confusing bit-segments to be shifted New macros: fix_rights_for_procedure() get_rights_for_procedure() New functions: mysql_procedure_grant() check_grant_procedure() sp_grant_privileges() sp_revoke_privileges() sql/sql_lex.h: WL#925 - Privileges for stored routines new all_privileges attribute in LEX sql/sql_parse.cc: WL#925 - Privileges for stored routines Remove function: check_sp_definer_access() Add handling for SP grants/revokes Add privilege checks for stored procedure invocation sql/sql_show.cc: WL#925 - Privileges for stored routines update result for SHOW PRIVILEGES sql/sql_yacc.yy: WL#925 - Privileges for stored routines New token ROUTINE rename some rules handle CREATE ROUTINE / ALTER ROUTINE privileges
21 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
Lintian complains on spelling error The lintian check complains on spelling error: https://salsa.debian.org/mariadb-team/mariadb-10.3/-/jobs/95739
7 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
Always test ssl and compress - Updated after review client/mysqltest.c: Updated after review. Fix "connect" command to take SSL and/or COMPRESS as options instead of enable/disable_ssl and enable/disable_compress Commented do_connect, added test cases etc. Fix safe_get_param to make it possible to call it once for every argument without having any checks inbetween. Make a copy for query->first_argument since safe_get_param will modify query string. Now connect works inside a while loop as well. mysql-test/mysql-test-run.pl: Updated after review mysql-test/r/connect.result: Enable test that was previolsy disabled because of "no error handling" in connect mysql-test/r/mysqltest.result: Added tests for "connect" mysql-test/t/compress.test: Updated after review, use the option argument to connect mysql-test/t/connect.test: Enable test that was previolsy disabled because of "no error handling" in connect Now it's possible to use "--error" before connect, so let's use it. mysql-test/t/information_schema.test: Connection user4 was already used mysql-test/t/myisam.test: Disconnect con1 so the name can be reused mysql-test/t/mysqltest.test: Added tests for "connect" mysql-test/t/openssl_1.test: Updated after review, use the option argument to connect mysql-test/t/sp-security.test: Disconnect user1 connection so the name can be reused mysql-test/t/ssl.test: Updated after review, use the option argument to connect mysql-test/t/ssl_compress.test: Updated after review, use the option argument to connect sql/mysqld.cc: Updated after review, Compression variable is always available sql/sql_show.cc: Updated after review, Compression variable is always available sql/structs.h: Updated after review, Compression variable is always available
20 years ago
fixed environment restoring in case of error during SP function execution (BUG#9503) #define macro improvement mysql-test/r/sp-security.result: BUG#9503: reseting correct parameters of thread after error in SP function mysql-test/t/sp-security.test: BUG#9503: reseting correct parameters of thread after error in SP function sql/item_func.cc: fixed environment restoring in case of error during SP function execution sql/protocol.cc: added debug print sql/sql_class.h: fixed #defines to force them to be alvaise in piar, and variable name made more complex for accident repeating in other code
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Merge sanja.is.com.ua:/home/bell/mysql/bk/mysql-5.0 into sanja.is.com.ua:/home/bell/mysql/bk/work-bug6-5.0 BitKeeper/etc/config: Auto merged sql/item.cc: Auto merged sql/item.h: Auto merged sql/item_strfunc.cc: Auto merged sql/item_strfunc.h: Auto merged sql/sql_yacc.yy: Auto merged mysql-test/r/sp-security.result: merge mysql-test/r/view.result: merge mysql-test/t/sp-security.test: merge mysql-test/t/view.test: merge sql/item_cmpfunc.cc: merge sql/sql_class.h: merge
21 years ago
stop evaluation constant functions in WHERE (BUG#4663) correct value of CURRENT_USER() in SP with "security definer" (BUG#7291) BitKeeper/etc/config: switch off open logging mysql-test/r/sp-security.result: correct value from current_user() in function run from "security definer" mysql-test/r/view.result: evaluation constant functions in WHERE (BUG#4663) mysql-test/t/sp-security.test: correct value from current_user() in function run from "security definer" mysql-test/t/view.test: evaluation constant functions in WHERE (BUG#4663) sql/item.cc: Item_static_string_func creation if it is need sql/item.h: support of Item_static_string_func creation sql/item_cmpfunc.cc: do not evaluate items during view creation sql/item_create.cc: create Item_func_user sql/item_strfunc.cc: Item_func_sysconst in case of converting value still have to correctly print itself => use Item_static_string_func instead of Item_string Item_func_user return USER() or CURRENT_USER() sql/item_strfunc.h: support of correct charset conversion procedure in Item_func_sysconst sql/sql_class.h: new method sql/sql_yacc.yy: Item_func_user now support both USER() and CURRENT_USER(), so we have to pass parametr what it is
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
stop evaluation constant functions in WHERE (BUG#4663) correct value of CURRENT_USER() in SP with "security definer" (BUG#7291) BitKeeper/etc/config: switch off open logging mysql-test/r/sp-security.result: correct value from current_user() in function run from "security definer" mysql-test/r/view.result: evaluation constant functions in WHERE (BUG#4663) mysql-test/t/sp-security.test: correct value from current_user() in function run from "security definer" mysql-test/t/view.test: evaluation constant functions in WHERE (BUG#4663) sql/item.cc: Item_static_string_func creation if it is need sql/item.h: support of Item_static_string_func creation sql/item_cmpfunc.cc: do not evaluate items during view creation sql/item_create.cc: create Item_func_user sql/item_strfunc.cc: Item_func_sysconst in case of converting value still have to correctly print itself => use Item_static_string_func instead of Item_string Item_func_user return USER() or CURRENT_USER() sql/item_strfunc.h: support of correct charset conversion procedure in Item_func_sysconst sql/sql_class.h: new method sql/sql_yacc.yy: Item_func_user now support both USER() and CURRENT_USER(), so we have to pass parametr what it is
21 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
MDEV-6066: Merge new defaults from 5.6 and 5.7 (defaults changed, QC can be stopped with no-zero size)
10 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
Fixes during review of new pushed code Fixed new bug when running a SP without a default database mysql-test/r/information_schema.result: Added test to cover changes made in default handling mysql-test/r/sp-security.result: Added test when executing SP without a default database mysql-test/t/information_schema.test: Added test to cover changes made in default handling mysql-test/t/sp-security.test: Added test when executing SP without a default database sql/item_strfunc.cc: Removed wrong push sql/mysqld.cc: Indentation fix sql/sql_base.cc: Use share->db instead of share->table_cache_key Remove assert that can never fail (because of test in previous row) sql/sql_db.cc: Allow empty database name when called from SP (To allow on run without a default database) sql/sql_parse.cc: Added comment sql/sql_show.cc: Indentation fixes Simplified code by checking for 'wrong' condition first and doing continue instead of going down one level Simplified precision and decimal handling
21 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Fixes during review of new pushed code Fixed new bug when running a SP without a default database mysql-test/r/information_schema.result: Added test to cover changes made in default handling mysql-test/r/sp-security.result: Added test when executing SP without a default database mysql-test/t/information_schema.test: Added test to cover changes made in default handling mysql-test/t/sp-security.test: Added test when executing SP without a default database sql/item_strfunc.cc: Removed wrong push sql/mysqld.cc: Indentation fix sql/sql_base.cc: Use share->db instead of share->table_cache_key Remove assert that can never fail (because of test in previous row) sql/sql_db.cc: Allow empty database name when called from SP (To allow on run without a default database) sql/sql_parse.cc: Added comment sql/sql_show.cc: Indentation fixes Simplified code by checking for 'wrong' condition first and doing continue instead of going down one level Simplified precision and decimal handling
21 years ago
Avoid spurious error when restoring INFORMATION_SCHEMA as the current database after failing to execute a stored procedure in an inaccessible database. (Bug #12318) mysql-test/r/sp-security.result: Update results mysql-test/t/sp-security.test: Add regression test sql/mysql_priv.h: Add additional argument to mysql_change_db() sql/sp.cc: Use mysql_change_db(), get rid of sp_change_db(). sql/sp.h: Get rid of sp_change_db(). sql/sql_db.cc: Handle no_access_check flag to mysql_change_db, and remove the send_ok() call. sql/sql_parse.cc: Add extra argument to mysql_change_db(), and call send_ok() after successful calls to same (since it no longer does it for us).
21 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
MDEV-16708: Unsupported commands for prepared statements Withing this task the following changes were made: - Added sending of metadata info in prepare phase for the admin related command (check table, checksum table, repair, optimize, analyze). - Refactored implmentation of HELP command to support its execution in PS mode - Added support for execution of LOAD INTO and XA- related statements in PS mode - Modified mysqltest.cc to run statements in PS mode unconditionally in case the option --ps-protocol is set. Formerly, only those statements were executed using PS protocol that matched the hard-coded regular expression - Fixed the following issues: The statement explain select (select 2) executed in regular and PS mode produces different results: MariaDB [test]> prepare stmt from "explain select (select 2)"; Query OK, 0 rows affected (0,000 sec) Statement prepared MariaDB [test]> execute stmt; +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ | 1 | PRIMARY | NULL | NULL | NULL | NULL | NULL | NULL | NULL | No tables used | | 2 | SUBQUERY | NULL | NULL | NULL | NULL | NULL | NULL | NULL | No tables used | +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ 2 rows in set (0,000 sec) MariaDB [test]> explain select (select 2); +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ | 1 | SIMPLE | NULL | NULL | NULL | NULL | NULL | NULL | NULL | No tables used | +------+-------------+-------+------+---------------+------+---------+------+------+----------------+ 1 row in set, 1 warning (0,000 sec) In case the statement CREATE TABLE t1 SELECT * FROM (SELECT 1 AS a, (SELECT a+0)) a is run in PS mode it fails with the error ERROR 1054 (42S22): Unknown column 'a' in 'field list'. - Uniform handling of read-only variables both in case the SET var=val statement is executed as regular or prepared statememt. - Fixed assertion firing on handling LOAD DATA statement for temporary tables - Relaxed assert condition in the function lex_end_stage1() by adding the commands SQLCOM_ALTER_EVENT, SQLCOM_CREATE_PACKAGE, SQLCOM_CREATE_PACKAGE_BODY to a list of supported command - Removed raising of the error ER_UNSUPPORTED_PS in the function check_prepared_statement() for the ALTER VIEW command - Added initialization of the data memember st_select_lex_unit::last_procedure (assign NULL value) in the constructor Without this change the test case main.ctype_utf8 fails with the following report in case it is run with the optoin --ps-protocol. mysqltest: At line 2278: query 'VALUES (_latin1 0xDF) UNION VALUES(_utf8'a' COLLATE utf8_bin)' failed: 2013: Lost connection - The following bug reports were fixed: MDEV-24460: Multiple rows result set returned from stored routine over prepared statement binary protocol is handled incorrectly CONC-519: mariadb client library doesn't handle server_status and warnign_count fields received in the packet COM_STMT_EXECUTE_RESPONSE. Reasons for these bug reports have the same nature and caused by missing loop iteration on results sent by server in response to COM_STMT_EXECUTE packet. Enclosing of statements for processing of COM_STMT_EXECUTE response in the construct like do { ... } while (!mysql_stmt_next_result()); fixes the above mentioned bug reports.
5 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
sp-security.result, sp.result, sp-security.test, sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/t/sp-security.test: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp.result: Test for bug#12812 moved from sp.test to sp-security.test mysql-test/r/sp-security.result: Test for bug#12812 moved from sp.test to sp-security.test
20 years ago
Fixed BUG#14834: Server denies to execute Stored Procedure The problem was that databases with '_' in the name did not match a correct ACL with a literal '_' (i.e. '\_') in the db name, only identical strings matched. The fix makes this work, and also ACLs with wildcards in the db name work. mysql-test/r/sp-security.result: New test case for BUG#14834 mysql-test/t/sp-security.test: New test case for BUG#14834 sql/sql_acl.cc: Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security context switching when invoking stored routines)
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fixed BUG#14834: Server denies to execute Stored Procedure The problem was that databases with '_' in the name did not match a correct ACL with a literal '_' (i.e. '\_') in the db name, only identical strings matched. The fix makes this work, and also ACLs with wildcards in the db name work. mysql-test/r/sp-security.result: New test case for BUG#14834 mysql-test/t/sp-security.test: New test case for BUG#14834 sql/sql_acl.cc: Match wild db:s in ACL in acl_getroot_no_password() (used for "suid" security context switching when invoking stored routines)
20 years ago
Added new test case for BUG#14533: 'desc tbl' in stored procedure causes error 1142 which is no longer repeatable. (Unclear when this was fixed.) mysql-test/r/sp-security.result: Updated results for new test case (BUG#14533) mysql-test/t/sp-security.test: New test case for BUG#14533.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fix for BUG#9504: Stored procedures: execute privilege doesn't make 'use database' okay. The problem was that we didn't check stored-routine privileges in check_grant_db(). The patch adds this check. mysql-test/r/grant.result: Update result file. mysql-test/r/sp-security.result: Update result fil. mysql-test/t/grant.test: Added test case for BUG#9504. mysql-test/t/sp-security.test: Update test. sql/sql_acl.cc: Check stored routines privileges.
19 years ago
Added new test case for BUG#14533: 'desc tbl' in stored procedure causes error 1142 which is no longer repeatable. (Unclear when this was fixed.) mysql-test/r/sp-security.result: Updated results for new test case (BUG#14533) mysql-test/t/sp-security.test: New test case for BUG#14533.
20 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
Added new test case for BUG#14533: 'desc tbl' in stored procedure causes error 1142 which is no longer repeatable. (Unclear when this was fixed.) mysql-test/r/sp-security.result: Updated results for new test case (BUG#14533) mysql-test/t/sp-security.test: New test case for BUG#14533.
20 years ago
Fix for BUG#7787: Stored procedures: improper warning for "grant execute" statement. The problem was that error flag was not reset. mysql-test/r/sp-security.result: Results for test case for BUG#7787. mysql-test/t/sp-security.test: A test case for BUG#7787. sql/sp.cc: Reset errors after sp_find_routine().
20 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
MDEV-21743 Split up SUPER privilege to smaller privileges
6 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Implementation of WL#2897: Complete definer support in the stored routines. The idea is to add DEFINER-clause in CREATE PROCEDURE and CREATE FUNCTION statements. Almost all support of definer in stored routines had been already done before this patch. NOTE: this patch changes behaviour of dumping stored routines in mysqldump. Before this patch, mysqldump did not dump DEFINER-clause for stored routines and this was documented behaviour. In order to get full information about stored routines, one should have dumped mysql.proc table. This patch changes this behaviour, so that DEFINER-clause is dumped. Since DEFINER-clause is not supported in CREATE PROCEDURE | FUNCTION statements before this patch, the clause is covered by additional version-specific comments. client/mysqldump.c: Updated the code for dumping stored routines: cover DEFINER-clause into version-specific comment. mysql-test/r/gis.result: Updated result file after adding DEFINER-clause. mysql-test/r/information_schema.result: Updated result file after adding DEFINER-clause. mysql-test/r/mysqldump.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_ddl.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/rpl_trigger.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp-security.result: Updated result file after adding DEFINER-clause. mysql-test/r/sp.result: Updated result file after adding DEFINER-clause. mysql-test/r/sql_mode.result: Updated result file after adding DEFINER-clause. mysql-test/t/sp-security.test: Updated result file after adding DEFINER-clause. sql/sp.cc: Added DEFINER-clause. sql/sp_head.cc: Added a new convenient variant of set_definer() operation. sql/sp_head.h: Updated result file after adding DEFINER-clause. sql/sql_lex.h: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_parse.cc: Check DEFINER-clause. sql/sql_trigger.cc: Renamed trigger_definition_begin into stmt_definition_begin to be used for triggers and stored routines. sql/sql_yacc.yy: Added DEFINER-clause.
20 years ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
fix error messages when a definer for SP/view is wrong - it shold be ER_MALFORMED_DEFINER, not ER_NO_SUCH_USER when one uses current_role as a definer or grantee but there's no current role - it should be ER_INVALID_ROLE not ER_MALFORMED_DEFINER when a non-existent user is specified - it should be ER_NO_SUCH_USER, which should say "The user does not exist", not "Definer does not exist" clarify ER_CANT_CHANGE_TX_CHARACTERISTICS to say what cannot be changed
8 months ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
fix error messages when a definer for SP/view is wrong - it shold be ER_MALFORMED_DEFINER, not ER_NO_SUCH_USER when one uses current_role as a definer or grantee but there's no current role - it should be ER_INVALID_ROLE not ER_MALFORMED_DEFINER when a non-existent user is specified - it should be ER_NO_SUCH_USER, which should say "The user does not exist", not "Definer does not exist" clarify ER_CANT_CHANGE_TX_CHARACTERISTICS to say what cannot be changed
8 months ago
Fix for BUG#13198: SP executes if definer does not exist. Basically, this fix contains a test case and removing of a workaround for replication. This fix became possible after pushing WL#2897 (Complete definer support in stored routines). mysql-test/r/sp-security.result: Updated the result file to contain results of test for BUG#13198. mysql-test/t/sp-security.test: Added a test case for BUG#13198. sql/sp_head.cc: Removed the workaround for replication, since WL#2897 is pushed and now definer attribute/clause is fully supported in stored routines.
20 years ago
Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP, did so creating a user-entry with not password; mysql_routine_grant() would then write that "change" to the user-table. mysql-test/r/sp-security.result: prove that creating a stored procedure will not destroy the creator's password mysql-test/t/sp-security.test: prove that creating a stored procedure will not destroy the creator's password sql/sql_acl.cc: get password from ACLs, convert to correct format, and use it when forcing GRANTS for SPs
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP, did so creating a user-entry with not password; mysql_routine_grant() would then write that "change" to the user-table. mysql-test/r/sp-security.result: prove that creating a stored procedure will not destroy the creator's password mysql-test/t/sp-security.test: prove that creating a stored procedure will not destroy the creator's password sql/sql_acl.cc: get password from ACLs, convert to correct format, and use it when forcing GRANTS for SPs
20 years ago
Use mysql.user.authentication_string for password Don't distinguish between a "password hash" and "authentication string" anymore. Now both are stored in mysql.user.authentication_string, both are handled identically internally. A "password hash" is just how some particular plugins interpret authentication string. Set mysql.user.plugin even if there is no password. The server will use mysql_native_password plugin in these cases, let's make it expicit. Remove LEX_USER::pwhash.
7 years ago
Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP, did so creating a user-entry with not password; mysql_routine_grant() would then write that "change" to the user-table. mysql-test/r/sp-security.result: prove that creating a stored procedure will not destroy the creator's password mysql-test/t/sp-security.test: prove that creating a stored procedure will not destroy the creator's password sql/sql_acl.cc: get password from ACLs, convert to correct format, and use it when forcing GRANTS for SPs
20 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP, did so creating a user-entry with not password; mysql_routine_grant() would then write that "change" to the user-table. mysql-test/r/sp-security.result: prove that creating a stored procedure will not destroy the creator's password mysql-test/t/sp-security.test: prove that creating a stored procedure will not destroy the creator's password sql/sql_acl.cc: get password from ACLs, convert to correct format, and use it when forcing GRANTS for SPs
20 years ago
Use mysql.user.authentication_string for password Don't distinguish between a "password hash" and "authentication string" anymore. Now both are stored in mysql.user.authentication_string, both are handled identically internally. A "password hash" is just how some particular plugins interpret authentication string. Set mysql.user.plugin even if there is no password. The server will use mysql_native_password plugin in these cases, let's make it expicit. Remove LEX_USER::pwhash.
7 years ago
Bug#19857: When a user with CREATE ROUTINE priv creates a routine it results in NULL p/w sp_grant_privileges(), the function that GRANTs EXECUTE + ALTER privs on a SP, did so creating a user-entry with not password; mysql_routine_grant() would then write that "change" to the user-table. mysql-test/r/sp-security.result: prove that creating a stored procedure will not destroy the creator's password mysql-test/t/sp-security.test: prove that creating a stored procedure will not destroy the creator's password sql/sql_acl.cc: get password from ACLs, convert to correct format, and use it when forcing GRANTS for SPs
20 years ago
Bug#18630: Arguments of suid routine calculated in wrong security context. Routine arguments were evaluated in the security context of the routine itself, not in the caller's context. The bug is fixed the following way: - Item_func_sp::find_and_check_access() has been split into two functions: Item_func_sp::find_and_check_access() itself only finds the function and check that the caller have EXECUTE privilege on it. New function set_routine_security_ctx() changes security context for SUID routines and checks that definer have EXECUTE privilege too. - new function sp_head::execute_trigger() is called from Table_triggers_list::process_triggers() instead of sp_head::execute_function(), and is effectively just as the sp_head::execute_function() is, with all non-trigger related code removed, and added trigger-specific security context switch. - call to Item_func_sp::find_and_check_access() stays outside of sp_head::execute_function(), and there is a code in sql_parse.cc before the call to sp_head::execute_procedure() that checks that the caller have EXECUTE privilege, but both sp_head::execute_function() and sp_head::execute_procedure() call set_routine_security_ctx() after evaluating their parameters, and restore the context after the body is executed. mysql-test/r/sp-security.result: Add test case for bug#18630: Arguments of suid routine calculated in wrong security context. mysql-test/t/sp-security.test: Add result for bug#18630: Arguments of suid routine calculated in wrong security context. sql/item_func.cc: Do not change security context before executing the function, as it will be changed after argument evaluation. Do not change security context in Item_func_sp::find_and_check_access(). sql/item_func.h: Change prototype for Item_func_sp::find_and_check_access(). sql/sp_head.cc: Add set_routine_security_ctx() function. Add sp_head::execute_trigger() method. Change security context in sp_head::execute_trigger(), and in sp_head::execute_function() and sp_head::execute_procedure() after argument evaluation. Move pop_all_cursors() call to sp_head::execute(). sql/sp_head.h: Add declaration for sp_head::execute_trigger() and set_routine_security_ctx(). sql/sql_parse.cc: Do not change security context before executing the procedure, as it will be changed after argument evaluation. sql/sql_trigger.cc: Call new sp_head::execute_trigger() instead of sp_head::execute_function(), which is responsible to switch security context.
20 years ago
Manual merge 5.0->5.1. Post-merge fixes. client/mysqldump.c: A post-merge fix - 'sock' was renamed to 'mysql' mysql-test/r/events_bugs.result: A post merge fix: now we strip rear comments from the query before it gets into the log. mysql-test/r/func_group.result: A post merge fix: default clause is now printed uppercase. mysql-test/r/im_life_cycle.result: Fix my mistake in manual resolve. mysql-test/r/mysqlcheck.result: use test; - after we drop client_test_db there is no current database. This cleanup is present in 5.1 only, but the test that was added in 5.0 assumes there is a current database, test. mysql-test/r/mysqldump.result: Ignore results of execution of mysqldump: we can't rely on MASTER_LOG_POS in test results, it's different for statement and row level logging. mysql-test/r/mysqlshow.result: A post-merge fix: information schema contains a few more tables in 5.1 mysql-test/r/mysqltest.result: A post merge fix: add 5.1 test end separator. mysql-test/r/ndb_basic.result: A post-merge fix: add test end separators. mysql-test/r/rpl_switch_stm_row_mixed.result: A post merge fix: length of varbinary column is now 3 times less. Assuming a side effect of some other change. Length of any field is not relevant in this test. mysql-test/r/rpl_view.result: Add an end of test marker. mysql-test/r/show_check.result: Remove duplicate results. Add results from a merged test case. mysql-test/r/sp-error.result: Add test end separators. mysql-test/r/sp-security.result: Post-merge fix: use test after the current database is dropped. mysql-test/r/sp.result: Remove a duplicate result (bad merge that left a copy of the test case for Bug#19862 in the test suite). mysql-test/r/strict.result: An after-merge fix for a new test case: in 5.1 we issue a more accurate error message: "Incorrect value" instead of "Truncated value". I reason it so that in case of an error nothing is truncated, really. Also found similar changes in other test cases. mysql-test/r/type_datetime.result: Fix the text of an error. mysql-test/r/union.result: A post-merge fix: CHARACTER SET is now uppercase. mysql-test/t/mysqlcheck.test: A post-merge fix: use test, after current database is dropped, there is no current database. mysql-test/t/mysqldump.test: Disable result log: it's dependent on binlog position. mysql-test/t/sp-security.test: use test sql/item_sum.cc: Adjust the call to the constructor after the merge. sql/sp_head.cc: Add a missing DBUG_VOID_RETURN, move security checks out of execute_trigger to Table_triggers_list: in 5.1 we check for TRIGGER privilege, not SUPER privilege to execute triggers, so these checks lack table context inside execute_trigger and have to be performed when we have table object on hand. sql/sql_db.cc: A post-merge fix: adjust load_db_opt_by_name and check_db_dir_existence (new functions added in 5.0) to be tablename-to-filename encoding friendly. sql/sql_lex.cc: A post-merge fix: make skip_rear_comments operate on const uchar *s. sql/sql_lex.h: A post-merge fix. sql/sql_show.cc: A post-merge fix: fix a bad merge, rename orig_sql_command -> sql_command. sql/sql_trigger.cc: A post-merge fix: move security checks to process_triggers from execute_trigger. sql/sql_view.cc: Adjust to the new signature of skip_rear_comments. sql/sql_yacc.yy: Adjust to the new signature of init_strings.
20 years ago
Bug#18630: Arguments of suid routine calculated in wrong security context. Routine arguments were evaluated in the security context of the routine itself, not in the caller's context. The bug is fixed the following way: - Item_func_sp::find_and_check_access() has been split into two functions: Item_func_sp::find_and_check_access() itself only finds the function and check that the caller have EXECUTE privilege on it. New function set_routine_security_ctx() changes security context for SUID routines and checks that definer have EXECUTE privilege too. - new function sp_head::execute_trigger() is called from Table_triggers_list::process_triggers() instead of sp_head::execute_function(), and is effectively just as the sp_head::execute_function() is, with all non-trigger related code removed, and added trigger-specific security context switch. - call to Item_func_sp::find_and_check_access() stays outside of sp_head::execute_function(), and there is a code in sql_parse.cc before the call to sp_head::execute_procedure() that checks that the caller have EXECUTE privilege, but both sp_head::execute_function() and sp_head::execute_procedure() call set_routine_security_ctx() after evaluating their parameters, and restore the context after the body is executed. mysql-test/r/sp-security.result: Add test case for bug#18630: Arguments of suid routine calculated in wrong security context. mysql-test/t/sp-security.test: Add result for bug#18630: Arguments of suid routine calculated in wrong security context. sql/item_func.cc: Do not change security context before executing the function, as it will be changed after argument evaluation. Do not change security context in Item_func_sp::find_and_check_access(). sql/item_func.h: Change prototype for Item_func_sp::find_and_check_access(). sql/sp_head.cc: Add set_routine_security_ctx() function. Add sp_head::execute_trigger() method. Change security context in sp_head::execute_trigger(), and in sp_head::execute_function() and sp_head::execute_procedure() after argument evaluation. Move pop_all_cursors() call to sp_head::execute(). sql/sp_head.h: Add declaration for sp_head::execute_trigger() and set_routine_security_ctx(). sql/sql_parse.cc: Do not change security context before executing the procedure, as it will be changed after argument evaluation. sql/sql_trigger.cc: Call new sp_head::execute_trigger() instead of sp_head::execute_function(), which is responsible to switch security context.
20 years ago
Merge of fix for Bug#42003 and Bug#43114 into more actual GCA tree modifications according to the reviews are included
17 years ago
Bug#18630: Arguments of suid routine calculated in wrong security context. Routine arguments were evaluated in the security context of the routine itself, not in the caller's context. The bug is fixed the following way: - Item_func_sp::find_and_check_access() has been split into two functions: Item_func_sp::find_and_check_access() itself only finds the function and check that the caller have EXECUTE privilege on it. New function set_routine_security_ctx() changes security context for SUID routines and checks that definer have EXECUTE privilege too. - new function sp_head::execute_trigger() is called from Table_triggers_list::process_triggers() instead of sp_head::execute_function(), and is effectively just as the sp_head::execute_function() is, with all non-trigger related code removed, and added trigger-specific security context switch. - call to Item_func_sp::find_and_check_access() stays outside of sp_head::execute_function(), and there is a code in sql_parse.cc before the call to sp_head::execute_procedure() that checks that the caller have EXECUTE privilege, but both sp_head::execute_function() and sp_head::execute_procedure() call set_routine_security_ctx() after evaluating their parameters, and restore the context after the body is executed. mysql-test/r/sp-security.result: Add test case for bug#18630: Arguments of suid routine calculated in wrong security context. mysql-test/t/sp-security.test: Add result for bug#18630: Arguments of suid routine calculated in wrong security context. sql/item_func.cc: Do not change security context before executing the function, as it will be changed after argument evaluation. Do not change security context in Item_func_sp::find_and_check_access(). sql/item_func.h: Change prototype for Item_func_sp::find_and_check_access(). sql/sp_head.cc: Add set_routine_security_ctx() function. Add sp_head::execute_trigger() method. Change security context in sp_head::execute_trigger(), and in sp_head::execute_function() and sp_head::execute_procedure() after argument evaluation. Move pop_all_cursors() call to sp_head::execute(). sql/sp_head.h: Add declaration for sp_head::execute_trigger() and set_routine_security_ctx(). sql/sql_parse.cc: Do not change security context before executing the procedure, as it will be changed after argument evaluation. sql/sql_trigger.cc: Call new sp_head::execute_trigger() instead of sp_head::execute_function(), which is responsible to switch security context.
20 years ago
Bug #48872 : Privileges for stored functions ignored if function name is mixed case Transcode the procedure name to lowercase when searching for it in the hash. This is the missing part of the fix for bug #41049.
16 years ago
Addendum to bug #48872: disable output in the test case because errors are dependent on the case mode
16 years ago
Bug #48872 : Privileges for stored functions ignored if function name is mixed case Transcode the procedure name to lowercase when searching for it in the hash. This is the missing part of the fix for bug #41049.
16 years ago
Addendum to bug #48872: disable output in the test case because errors are dependent on the case mode
16 years ago
Bug #48872 : Privileges for stored functions ignored if function name is mixed case Transcode the procedure name to lowercase when searching for it in the hash. This is the missing part of the fix for bug #41049.
16 years ago
MDEV-29852 SIGSEGV in mysql_create_routine or is_acl_user on 2nd execution, ASAN use-after-poison in get_current_user (sql_acl.cc) if lex->definer is replaced, take care to restore it at the end of PS EXECUTE
3 years ago
Fix for bug#57061 "User without privilege on routine can discover its existence". The problem was that user without any privileges on routine was able to find out whether it existed or not. DROP FUNCTION and DROP PROCEDURE statements were checking if routine being dropped existed and reported ER_SP_DOES_NOT_EXIST error/warning before checking if user had enough privileges to drop it. This patch solves this problem by changing code not to check if routine exists before checking if user has enough privileges to drop it. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist. This change also simplifies one of upcoming patches refactoring global read lock implementation. mysql-test/r/grant.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/r/sp-security.result: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. mysql-test/suite/funcs_1/r/innodb_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/memory_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/myisam_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/storedproc/storedproc_06.inc: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/t/grant.test: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/t/sp-security.test: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. sql/sp.cc: Removed sp_routine_exists_in_table() which is no longer used. sql/sp.h: Removed sp_routine_exists_in_table() which is no longer used. sql/sql_parse.cc: When dropping routine we no longer check if routine exists before checking if user has enough privileges to do so. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist.
15 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
Fix for bug#57061 "User without privilege on routine can discover its existence". The problem was that user without any privileges on routine was able to find out whether it existed or not. DROP FUNCTION and DROP PROCEDURE statements were checking if routine being dropped existed and reported ER_SP_DOES_NOT_EXIST error/warning before checking if user had enough privileges to drop it. This patch solves this problem by changing code not to check if routine exists before checking if user has enough privileges to drop it. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist. This change also simplifies one of upcoming patches refactoring global read lock implementation. mysql-test/r/grant.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/r/sp-security.result: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. mysql-test/suite/funcs_1/r/innodb_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/memory_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/r/myisam_storedproc_06.result: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/suite/funcs_1/storedproc/storedproc_06.inc: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Now we drop routines under user which has enough privileges to do so. mysql-test/t/grant.test: Updated test case after fixing bug#57061 "User without privilege on routine can discover its existence". Removed DROP PROCEDURE/FUNCTION statements which have started to fail after this fix (correctly). There is no need in dropping routines in freshly created database anyway. mysql-test/t/sp-security.test: Added new test case for bug#57061 "User without privilege on routine can discover its existence". Updated existing tests according to new behaviour. sql/sp.cc: Removed sp_routine_exists_in_table() which is no longer used. sql/sp.h: Removed sp_routine_exists_in_table() which is no longer used. sql/sql_parse.cc: When dropping routine we no longer check if routine exists before checking if user has enough privileges to do so. Moreover we no longer perform this check using a separate call instead we rely on sp_drop_routine() returning SP_KEY_NOT_FOUND if routine doesn't exist.
15 years ago
Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE DEFINITION OF ANY ROUTINE. The problem was that having the SELECT privilege any column of the mysql.proc table by mistake allowed the user to see the definition of all routines (using SHOW CREATE PROCEDURE/FUNCTION and SHOW PROCEDURE/FUNCTION CODE). This patch fixes the problem by making sure that those commands are only allowed if the user has the SELECT privilege on the mysql.proc table itself. Test case added to sp-security.test.
15 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE DEFINITION OF ANY ROUTINE. This follow-up patch removes SHOW PROCEDURE CODE from the test case as this command is only available on debug versions of the server and therefore caused the test to fail on release builds.
15 years ago
Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE DEFINITION OF ANY ROUTINE. The problem was that having the SELECT privilege any column of the mysql.proc table by mistake allowed the user to see the definition of all routines (using SHOW CREATE PROCEDURE/FUNCTION and SHOW PROCEDURE/FUNCTION CODE). This patch fixes the problem by making sure that those commands are only allowed if the user has the SELECT privilege on the mysql.proc table itself. Test case added to sp-security.test.
15 years ago
Bug#27407480: AUTOMATIC_SP_PRIVILEGES REQUIRES NEED THE INSERT PRIVILEGES FOR MYSQL.USER TABLE A test case and a followup fix
7 years ago
MDEV-12321 authentication plugin: SET PASSWORD support Support SET PASSWORD for authentication plugins. Authentication plugin API is extended with two optional methods: * hash_password() is used to compute a password hash (or digest) from the plain-text password. This digest will be stored in mysql.user table * preprocess_hash() is used to convert this digest into some memory representation that can be later used to authenticate a user. Build-in plugins convert the hash from hexadecimal or base64 to binary, to avoid doing it on every authentication attempt. Note a change in behavior: when loading privileges (on startup or on FLUSH PRIVILEGES) an account with an unknown plugin was loaded with a warning (e.g. "Plugin 'foo' is not loaded"). But such an account could not be used for authentication until the plugin is installed. Now an account like that will not be loaded at all (with a warning, still). Indeed, without plugin's preprocess_hash() method the server cannot know how to load an account. Thus, if a new authentication plugin is installed run-time, one might need FLUSH PRIVILEGES to activate all existing accounts that were using this new plugin.
7 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
Bug#27407480: AUTOMATIC_SP_PRIVILEGES REQUIRES NEED THE INSERT PRIVILEGES FOR MYSQL.USER TABLE A test case and a followup fix
7 years ago
Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE DEFINITION OF ANY ROUTINE. The problem was that having the SELECT privilege any column of the mysql.proc table by mistake allowed the user to see the definition of all routines (using SHOW CREATE PROCEDURE/FUNCTION and SHOW PROCEDURE/FUNCTION CODE). This patch fixes the problem by making sure that those commands are only allowed if the user has the SELECT privilege on the mysql.proc table itself. Test case added to sp-security.test.
15 years ago
MDEV-5849 MySQL bug#12602983 - User without privilege on routine can discover its existence by executing "select non_existing_func();" or by "call non_existing_proc()" add or move privilege checks before existence checks
12 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
MDEV-5849 MySQL bug#12602983 - User without privilege on routine can discover its existence by executing "select non_existing_func();" or by "call non_existing_proc()" add or move privilege checks before existence checks
12 years ago
Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE DEFINITION OF ANY ROUTINE. The problem was that having the SELECT privilege any column of the mysql.proc table by mistake allowed the user to see the definition of all routines (using SHOW CREATE PROCEDURE/FUNCTION and SHOW PROCEDURE/FUNCTION CODE). This patch fixes the problem by making sure that those commands are only allowed if the user has the SELECT privilege on the mysql.proc table itself. Test case added to sp-security.test.
15 years ago
Last slice of fix for Bug#42003 tests missing the disconnect of connections <> default + Fix for Bug#43114 wait_until_count_sessions too restrictive, random PB failures + Removal of a lot of other weaknesses found + modifications according to review
17 years ago
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests.
7 years ago
bugfix: IDENTIFIED BY clause was lost in some GRANT variants
11 years ago
MDEV-17658 change the structure of mysql.user table Implement User_table_json. Fix scripts to use mysql.global_priv. Fix tests.
7 years ago
MDEV-13396 Unexpected "alter routine comand defined" during CREATE OR REPLACE PROCEDURE
8 years ago
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
3 years ago
MDEV-13396 Unexpected "alter routine comand defined" during CREATE OR REPLACE PROCEDURE
8 years ago
Updated mtr files to support different compiled in options This allows one to run the test suite even if any of the following options are changed: - character-set-server - collation-server - join-cache-level - log-basename - max-allowed-packet - optimizer-switch - query-cache-size and query-cache-type - skip-name-resolve - table-definition-cache - table-open-cache - Some innodb options etc Changes: - Don't print out the value of system variables as one can't depend on them to being constants. - Don't set global variables to 'default' as the default may not be the same as the test was started with if there was an additional option file. Instead save original value and reset it at end of test. - Test that depends on the latin1 character set should include default_charset.inc or set the character set to latin1 - Test that depends on the original optimizer switch, should include default_optimizer_switch.inc - Test that depends on the value of a specific system variable should set it in the test (like optimizer_use_condition_selectivity) - Split subselect3.test into subselect3.test and subselect3.inc to make it easier to set and reset system variables. - Added .opt files for test that required specfic options that could be changed by external configuration files. - Fixed result files in rockdsb & tokudb that had not been updated for a while.
6 years ago
MDEV-20366 Server crashes in get_current_user upon SET PASSWORD via SP The opt_for_user subrule was incorrectly scanned before sp_create_assignment_lex(), so the user name and the host were created on a wrong memory root. - Reoganizing the grammar to make sure that sp_create_assignment_lex() is called immediately after PASSWORD_SYM is scanned, so all attributes are then allocated on its memory root. - Moving the semantic code as methods to LEX, so the grammar looks as simple as possible. - Changing text_or_password to be of the data type USER_AUTH*. As a side effect, the LEX::definer member is now not used when processing the SET PASSWORD statement. Everything is done using Bison's stack. The bug sas introduced by this commit: commit bf5a144e1692f6cc6a6d781b7e75ff4abf32bdf3
6 years ago
MDEV-29852 SIGSEGV in mysql_create_routine or is_acl_user on 2nd execution, ASAN use-after-poison in get_current_user (sql_acl.cc) if lex->definer is replaced, take care to restore it at the end of PS EXECUTE
3 years ago
MDEV-20366 Server crashes in get_current_user upon SET PASSWORD via SP The opt_for_user subrule was incorrectly scanned before sp_create_assignment_lex(), so the user name and the host were created on a wrong memory root. - Reoganizing the grammar to make sure that sp_create_assignment_lex() is called immediately after PASSWORD_SYM is scanned, so all attributes are then allocated on its memory root. - Moving the semantic code as methods to LEX, so the grammar looks as simple as possible. - Changing text_or_password to be of the data type USER_AUTH*. As a side effect, the LEX::definer member is now not used when processing the SET PASSWORD statement. Everything is done using Bison's stack. The bug sas introduced by this commit: commit bf5a144e1692f6cc6a6d781b7e75ff4abf32bdf3
6 years ago
MDEV-29852 SIGSEGV in mysql_create_routine or is_acl_user on 2nd execution, ASAN use-after-poison in get_current_user (sql_acl.cc) if lex->definer is replaced, take care to restore it at the end of PS EXECUTE
3 years ago
MDEV-29167 new db-level SHOW CREATE ROUTINE privilege
2 years ago
MDEV-19123 Change default charset from latin1 to utf8mb4 Changing the default server character set from latin1 to utf8mb4.
1 year ago
  1. #
  2. # Testing SQL SECURITY of stored procedures
  3. #
  5. # Can't test with embedded server that doesn't support grants
  6. --source include/not_embedded.inc
  7. --source include/default_charset.inc
  8. set @@global.collation_server=@@session.collation_server;
  10. # Save the initial number of concurrent sessions
  11. --source include/count_sessions.inc
  12. connect (con1root,localhost,root,,);
  14. connection con1root;
  15. use test;
  17. # Create user user1 with no particular access rights
  18. create user user1@localhost;
  19. grant usage on *.* to user1@localhost;
  20. flush privileges;
  22. --disable_warnings
  23. drop table if exists t1;
  24. drop database if exists db1_secret;
  25. --enable_warnings
  26. # Create our secret database
  27. create database db1_secret;
  29. # Can create a procedure in other db
  30. create procedure db1_secret.dummy() begin end;
  31. drop procedure db1_secret.dummy;
  33. use db1_secret;
  35. create table t1 ( u varchar(64), i int );
  36. insert into t1 values('test', 0);
  38. # A test procedure and function
  39. create procedure stamp(i int)
  40. insert into db1_secret.t1 values (user(), i);
  41. --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
  42. show procedure status like 'stamp';
  44. delimiter |;
  45. create function db() returns varchar(64)
  46. begin
  47. declare v varchar(64);
  49. select u into v from t1 limit 1;
  51. return v;
  52. end|
  53. delimiter ;|
  54. --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
  55. show function status like 'db';
  57. # root can, of course
  58. call stamp(1);
  59. select * from t1;
  60. select db();
  62. create user user1@'%';
  63. grant execute on procedure db1_secret.stamp to user1@'%';
  64. grant execute on function db1_secret.db to user1@'%';
  65. set sql_mode='';
  66. grant execute on procedure db1_secret.stamp to ''@'%';
  67. grant execute on function db1_secret.db to ''@'%';
  68. set sql_mode=default;
  70. connect (con2user1,localhost,user1,,"*NO-ONE*");
  71. connect (con3anon,localhost,anon,,"*NO-ONE*");
  74. #
  75. # User1 can
  76. #
  77. connection con2user1;
  79. # This should work...
  80. call db1_secret.stamp(2);
  81. select db1_secret.db();
  83. # ...but not this
  84. --error ER_TABLEACCESS_DENIED_ERROR
  85. select * from db1_secret.t1;
  87. # ...and not this
  88. --error ER_DBACCESS_DENIED_ERROR
  89. create procedure db1_secret.dummy() begin end;
  90. --error ER_PROCACCESS_DENIED_ERROR
  91. drop procedure db1_secret.dummy;
  92. --error ER_PROCACCESS_DENIED_ERROR
  93. drop procedure db1_secret.stamp;
  94. --error ER_PROCACCESS_DENIED_ERROR
  95. drop function db1_secret.db;
  98. #
  99. # Anonymous can
  100. #
  101. connection con3anon;
  103. # This should work...
  104. call db1_secret.stamp(3);
  105. select db1_secret.db();
  107. # ...but not this
  108. --error ER_TABLEACCESS_DENIED_ERROR
  109. select * from db1_secret.t1;
  111. # ...and not this
  112. --error ER_DBACCESS_DENIED_ERROR
  113. create procedure db1_secret.dummy() begin end;
  114. --error ER_PROCACCESS_DENIED_ERROR
  115. drop procedure db1_secret.dummy;
  116. --error ER_PROCACCESS_DENIED_ERROR
  117. drop procedure db1_secret.stamp;
  118. --error ER_PROCACCESS_DENIED_ERROR
  119. drop function db1_secret.db;
  122. #
  123. # Check it out
  124. #
  125. connection con1root;
  126. select * from t1;
  128. #
  129. # Change to invoker's rights
  130. #
  131. alter procedure stamp sql security invoker;
  132. --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
  133. show procedure status like 'stamp';
  135. alter function db sql security invoker;
  136. --replace_column 5 '0000-00-00 00:00:00' 6 '0000-00-00 00:00:00'
  137. show function status like 'db';
  139. # root still can
  140. call stamp(4);
  141. select * from t1;
  142. select db();
  144. #
  145. # User1 cannot
  146. #
  147. connection con2user1;
  149. # This should not work
  150. --error ER_TABLEACCESS_DENIED_ERROR
  151. call db1_secret.stamp(5);
  152. --error ER_TABLEACCESS_DENIED_ERROR
  153. select db1_secret.db();
  155. #
  156. # Anonymous cannot
  157. #
  158. connection con3anon;
  160. # This should not work
  161. --error ER_TABLEACCESS_DENIED_ERROR
  162. call db1_secret.stamp(6);
  163. --error ER_TABLEACCESS_DENIED_ERROR
  164. select db1_secret.db();
  166. #
  167. # Bug#2777 Stored procedure doesn't observe definer's rights
  168. #
  170. connection con1root;
  171. --disable_warnings
  172. drop database if exists db2;
  173. --enable_warnings
  174. create database db2;
  176. use db2;
  178. create table t2 (s1 int);
  179. insert into t2 values (0);
  181. grant usage on db2.* to user1@localhost;
  182. grant select on db2.* to user1@localhost;
  183. create user user2@localhost;
  184. grant usage on db2.* to user2@localhost;
  185. grant select,insert,update,delete,create routine on db2.* to user2@localhost;
  186. grant create routine on db2.* to user1@localhost;
  187. flush privileges;
  189. connection con2user1;
  190. use db2;
  192. create procedure p () insert into t2 values (1);
  194. # Check that this doesn't work.
  195. --error ER_TABLEACCESS_DENIED_ERROR
  196. call p();
  198. connect (con4user2,localhost,user2,,"*NO-ONE*");
  200. connection con4user2;
  201. use db2;
  203. # This should not work, since p is executed with definer's (user1's) rights.
  204. --error ER_PROCACCESS_DENIED_ERROR
  205. call p();
  206. select * from t2;
  208. create procedure q () insert into t2 values (2);
  210. call q();
  211. select * from t2;
  213. connection con1root;
  214. grant usage on procedure db2.q to user2@localhost with grant option;
  216. connection con4user2;
  217. grant execute on procedure db2.q to user1@localhost;
  219. connection con2user1;
  220. use db2;
  222. # This should work
  223. call q();
  224. select * from t2;
  226. #
  227. # Bug#6030 Stored procedure has no appropriate DROP privilege
  228. # (or ALTER for that matter)
  230. # still connection con2user1 in db2
  232. # This should work:
  233. alter procedure p modifies sql data;
  234. drop procedure p;
  236. # This should NOT work
  237. --error ER_PROCACCESS_DENIED_ERROR
  238. alter procedure q modifies sql data;
  239. --error ER_PROCACCESS_DENIED_ERROR
  240. drop procedure q;
  242. connection con1root;
  243. use db2;
  244. # But root always can
  245. alter procedure q modifies sql data;
  246. drop procedure q;
  249. # Clean up
  250. #Still connection con1root;
  251. disconnect con2user1;
  252. disconnect con3anon;
  253. disconnect con4user2;
  254. use test;
  255. select type,db,name from mysql.proc where db like 'db%';
  256. drop database db1_secret;
  257. drop database db2;
  258. # Make sure the routines are gone
  259. select type,db,name from mysql.proc where db like 'db%';
  260. # Get rid of the users
  261. delete from mysql.user where user='user1' or user='user2';
  262. delete from mysql.user where user='' and host='%';
  263. # And any routine privileges
  264. delete from mysql.procs_priv where user='user1' or user='user2';
  265. # Delete the grants to user ''@'%' that was created above
  266. delete from mysql.procs_priv where user='' and host='%';
  267. delete from mysql.db where user='user2';
  268. flush privileges;
  269. #
  270. # Test the new security acls
  271. #
  272. create user usera@localhost;
  273. grant usage on *.* to usera@localhost;
  274. create user userb@localhost;
  275. grant usage on *.* to userb@localhost;
  276. create user userc@localhost;
  277. grant usage on *.* to userc@localhost;
  278. create database sptest;
  279. create table t1 ( u varchar(64), i int );
  280. create procedure sptest.p1(i int) insert into test.t1 values (user(), i);
  281. grant insert on t1 to usera@localhost;
  282. grant execute on procedure sptest.p1 to usera@localhost;
  283. show grants for usera@localhost;
  284. grant execute on procedure sptest.p1 to userc@localhost with grant option;
  285. show grants for userc@localhost;
  287. connect (con2usera,localhost,usera,,"*NO-ONE*");
  288. connect (con3userb,localhost,userb,,"*NO-ONE*");
  289. connect (con4userc,localhost,userc,,"*NO-ONE*");
  291. connection con2usera;
  292. call sptest.p1(1);
  293. --error ER_PROCACCESS_DENIED_ERROR
  294. grant execute on procedure sptest.p1 to userb@localhost;
  295. --error ER_PROCACCESS_DENIED_ERROR
  296. drop procedure sptest.p1;
  298. connection con3userb;
  299. --error ER_PROCACCESS_DENIED_ERROR
  300. call sptest.p1(2);
  301. --error ER_PROCACCESS_DENIED_ERROR
  302. grant execute on procedure sptest.p1 to userb@localhost;
  303. --error ER_PROCACCESS_DENIED_ERROR
  304. drop procedure sptest.p1;
  306. connection con4userc;
  307. call sptest.p1(3);
  308. grant execute on procedure sptest.p1 to userb@localhost;
  309. --error ER_PROCACCESS_DENIED_ERROR
  310. drop procedure sptest.p1;
  312. connection con3userb;
  313. call sptest.p1(4);
  314. --error ER_PROCACCESS_DENIED_ERROR
  315. grant execute on procedure sptest.p1 to userb@localhost;
  316. --error ER_PROCACCESS_DENIED_ERROR
  317. drop procedure sptest.p1;
  319. connection con1root;
  320. select * from t1;
  322. grant all privileges on procedure sptest.p1 to userc@localhost;
  323. show grants for userc@localhost;
  324. show grants for userb@localhost;
  326. connection con4userc;
  327. revoke all privileges on procedure sptest.p1 from userb@localhost;
  329. connection con1root;
  330. show grants for userb@localhost;
  332. #cleanup
  333. disconnect con4userc;
  334. disconnect con3userb;
  335. disconnect con2usera;
  336. use test;
  337. drop database sptest;
  338. delete from mysql.user where user='usera' or user='userb' or user='userc';
  339. delete from mysql.procs_priv where user='usera' or user='userb' or user='userc';
  340. delete from mysql.tables_priv where user='usera';
  341. flush privileges;
  342. drop table t1;
  344. #
  345. # Bug#9503 resetting correct parameters of thread after error in SP function
  346. #
  347. connect (root,localhost,root,,test);
  348. connection root;
  350. --disable_warnings
  351. drop function if exists bug_9503;
  352. drop user if exists user1@localhost;
  353. --enable_warnings
  354. delimiter //;
  355. create database mysqltest//
  356. use mysqltest//
  357. create table t1 (s1 int)//
  358. create user user1@localhost//
  359. grant select on t1 to user1@localhost//
  360. grant select on test.* to user1@localhost//
  361. create function bug_9503 () returns int sql security invoker begin declare v int;
  362. select min(s1) into v from t1; return v; end//
  363. delimiter ;//
  365. connect (user1,localhost,user1,,test);
  366. connection user1;
  367. use mysqltest;
  368. -- error ER_PROCACCESS_DENIED_ERROR
  369. select bug_9503();
  371. connection root;
  372. grant execute on function bug_9503 to user1@localhost;
  374. connection user1;
  375. do 1;
  376. use test;
  378. disconnect user1;
  379. connection root;
  380. REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
  381. drop function bug_9503;
  382. use test;
  383. drop database mysqltest;
  384. connection default;
  385. disconnect root;
  387. #
  388. # correct value from current_user() in function run from "security definer"
  389. # (Bug#7291 Stored procedures: wrong CURRENT_USER value)
  390. #
  391. connection con1root;
  392. use test;
  394. select current_user();
  395. select user();
  396. create procedure bug7291_0 () sql security invoker select current_user(), user();
  397. create procedure bug7291_1 () sql security definer call bug7291_0();
  398. create procedure bug7291_2 () sql security invoker call bug7291_0();
  399. grant execute on procedure bug7291_0 to user1@localhost;
  400. grant execute on procedure bug7291_1 to user1@localhost;
  401. grant execute on procedure bug7291_2 to user1@localhost;
  403. connect (user1,localhost,user1,,);
  404. connection user1;
  406. call bug7291_2();
  407. call bug7291_1();
  409. connection con1root;
  410. drop procedure bug7291_1;
  411. drop procedure bug7291_2;
  412. drop procedure bug7291_0;
  413. disconnect user1;
  414. REVOKE ALL PRIVILEGES, GRANT OPTION FROM user1@localhost;
  415. drop user user1@localhost;
  417. #
  418. # Bug#12318 Wrong error message when accessing an inaccessible stored
  419. # procedure in another database when the current database is
  420. # information_schema.
  421. #
  423. --disable_warnings
  424. drop database if exists mysqltest_1;
  425. --enable_warnings
  427. create database mysqltest_1;
  428. delimiter //;
  429. create procedure mysqltest_1.p1()
  430. begin
  431. select 1 from dual;
  432. end//
  433. delimiter ;//
  435. create user mysqltest_1@localhost;
  436. grant usage on *.* to mysqltest_1@localhost;
  438. connect (n1,localhost,mysqltest_1,,information_schema,$MASTER_MYPORT,$MASTER_MYSOCK);
  439. connection n1;
  440. --error ER_PROCACCESS_DENIED_ERROR
  441. call mysqltest_1.p1();
  442. disconnect n1;
  443. # Test also without a current database
  444. connect (n2,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK);
  445. connection n2;
  446. --error ER_PROCACCESS_DENIED_ERROR
  447. call mysqltest_1.p1();
  448. disconnect n2;
  450. connection default;
  452. drop procedure mysqltest_1.p1;
  453. drop database mysqltest_1;
  455. revoke usage on *.* from mysqltest_1@localhost;
  456. drop user mysqltest_1@localhost;
  458. #
  459. # Bug#12812 create view calling a function works without execute right
  460. # on function
  461. delimiter |;
  462. --disable_warnings
  463. drop function if exists bug12812|
  464. --enable_warnings
  465. create function bug12812() returns char(2)
  466. begin
  467. return 'ok';
  468. end;
  469. |
  470. create user user_bug12812@localhost IDENTIFIED BY 'ABC'|
  471. grant select,create view on test.* to user_bug12812@localhost|
  472. --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
  473. connect (test_user_12812,localhost,user_bug12812,ABC,test)|
  474. --error ER_PROCACCESS_DENIED_ERROR
  475. SELECT test.bug12812()|
  476. --error ER_PROCACCESS_DENIED_ERROR
  477. CREATE VIEW v1 AS SELECT test.bug12812()|
  478. # Cleanup
  479. connection default|
  480. disconnect test_user_12812|
  481. DROP USER user_bug12812@localhost|
  482. drop function bug12812|
  483. delimiter ;|
  486. #
  487. # Bug#14834 Server denies to execute Stored Procedure
  488. #
  489. # The problem here was with '_' in the database name.
  490. #
  491. create database db_bug14834;
  493. create user user1_bug14834@localhost identified by '';
  494. # The exact name of the database (no wildcard)
  495. grant all on `db\_bug14834`.* to user1_bug14834@localhost;
  497. create user user2_bug14834@localhost identified by '';
  498. # The exact name of the database (no wildcard)
  499. grant all on `db\_bug14834`.* to user2_bug14834@localhost;
  501. create user user3_bug14834@localhost identified by '';
  502. # Wildcards in the database name
  503. grant all on `db__ug14834`.* to user3_bug14834@localhost;
  505. connect (user1_bug14834,localhost,user1_bug14834,,db_bug14834);
  506. # Create the procedure and check that we can call it
  507. create procedure p_bug14834() select user(), current_user();
  508. call p_bug14834();
  510. connect (user2_bug14834,localhost,user2_bug14834,,db_bug14834);
  511. # This didn't work before
  512. call p_bug14834();
  514. connect (user3_bug14834,localhost,user3_bug14834,,db_bug14834);
  515. # Should also work
  516. call p_bug14834();
  518. # Cleanup
  519. connection default;
  520. disconnect user1_bug14834;
  521. disconnect user2_bug14834;
  522. disconnect user3_bug14834;
  523. drop user user1_bug14834@localhost;
  524. drop user user2_bug14834@localhost;
  525. drop user user3_bug14834@localhost;
  526. drop database db_bug14834;
  529. #
  530. # Bug#14533 'desc tbl' in stored procedure causes error
  531. # ER_TABLEACCESS_DENIED_ERROR
  532. #
  533. create database db_bug14533;
  534. use db_bug14533;
  535. create table t1 (id int);
  536. create user user_bug14533@localhost identified by '';
  538. create procedure bug14533_1()
  539. sql security definer
  540. desc db_bug14533.t1;
  542. create procedure bug14533_2()
  543. sql security definer
  544. select * from db_bug14533.t1;
  546. grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost;
  547. grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost;
  548. grant select on test.* to user_bug14533@localhost;
  550. connect (user_bug14533,localhost,user_bug14533,,test);
  552. # These should work
  553. call db_bug14533.bug14533_1();
  554. call db_bug14533.bug14533_2();
  556. # For reference, these should not work
  557. --error ER_TABLEACCESS_DENIED_ERROR
  558. desc db_bug14533.t1;
  559. --error ER_TABLEACCESS_DENIED_ERROR
  560. select * from db_bug14533.t1;
  562. # Cleanup
  563. connection default;
  564. disconnect user_bug14533;
  565. drop user user_bug14533@localhost;
  566. drop database db_bug14533;
  569. #
  570. # WL#2897 Complete definer support in the stored routines.
  571. #
  572. # The following cases are tested:
  573. # 1. check that if DEFINER-clause is not explicitly specified, stored routines
  574. # are created with CURRENT_USER privileges;
  575. # 2. check that if DEFINER-clause specifies non-current user, SUPER privilege
  576. # is required to create a stored routine;
  577. # 3. check that if DEFINER-clause specifies non-existent user, a warning is
  578. # emitted.
  579. # 4. check that SHOW CREATE PROCEDURE | FUNCTION works correctly;
  580. #
  581. # The following cases are tested in other test suites:
  582. # - check that mysqldump dumps new attribute correctly;
  583. # - check that slave replicates CREATE-statements with explicitly specified
  584. # DEFINER correctly.
  585. #
  587. # Setup the environment.
  589. --connection con1root
  591. --disable_warnings
  592. DROP DATABASE IF EXISTS mysqltest;
  593. --enable_warnings
  595. CREATE DATABASE mysqltest;
  597. CREATE USER mysqltest_1@localhost;
  598. GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
  600. CREATE USER mysqltest_2@localhost;
  601. GRANT SET USER ON *.* TO mysqltest_2@localhost;
  602. GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
  604. --connect (mysqltest_2_con,localhost,mysqltest_2,,mysqltest)
  605. --connect (mysqltest_1_con,localhost,mysqltest_1,,mysqltest)
  607. # test case (1).
  609. --connection mysqltest_2_con
  611. USE mysqltest;
  613. CREATE PROCEDURE wl2897_p1() SELECT 1;
  615. CREATE FUNCTION wl2897_f1() RETURNS INT RETURN 1;
  617. # test case (2).
  619. --connection mysqltest_1_con
  621. USE mysqltest;
  623. --error ER_SPECIFIC_ACCESS_DENIED_ERROR
  624. CREATE DEFINER=root@localhost PROCEDURE wl2897_p2() SELECT 2;
  626. --error ER_SPECIFIC_ACCESS_DENIED_ERROR
  627. CREATE DEFINER=root@localhost FUNCTION wl2897_f2() RETURNS INT RETURN 2;
  629. # test case (3).
  631. --connection mysqltest_2_con
  633. use mysqltest;
  635. CREATE DEFINER='a @ b @ c'@localhost PROCEDURE wl2897_p3() SELECT 3;
  637. CREATE DEFINER='a @ b @ c'@localhost FUNCTION wl2897_f3() RETURNS INT RETURN 3;
  639. # test case (4).
  641. --connection con1root
  643. USE mysqltest;
  645. SHOW CREATE PROCEDURE wl2897_p1;
  646. SHOW CREATE PROCEDURE wl2897_p3;
  648. SHOW CREATE FUNCTION wl2897_f1;
  649. SHOW CREATE FUNCTION wl2897_f3;
  651. # Cleanup.
  653. DROP USER mysqltest_1@localhost;
  654. DROP USER mysqltest_2@localhost;
  656. DROP DATABASE mysqltest;
  658. --disconnect mysqltest_1_con
  659. --disconnect mysqltest_2_con
  662. #
  663. # Bug#13198 SP executes if definer does not exist
  664. #
  666. # Prepare environment.
  668. --connection con1root
  670. --disable_warnings
  671. DROP DATABASE IF EXISTS mysqltest;
  672. --enable_warnings
  674. CREATE DATABASE mysqltest;
  676. CREATE USER mysqltest_1@localhost;
  677. GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_1@localhost;
  679. CREATE USER mysqltest_2@localhost;
  680. GRANT ALL PRIVILEGES ON mysqltest.* TO mysqltest_2@localhost;
  682. --connect (mysqltest_1_con,localhost,mysqltest_1,,mysqltest)
  683. --connect (mysqltest_2_con,localhost,mysqltest_2,,mysqltest)
  685. # Create a procedure/function under u1.
  687. --connection mysqltest_1_con
  689. USE mysqltest;
  691. CREATE PROCEDURE bug13198_p1()
  692. SELECT 1;
  694. CREATE FUNCTION bug13198_f1() RETURNS INT
  695. RETURN 1;
  697. CALL bug13198_p1();
  699. SELECT bug13198_f1();
  701. # Check that u2 can call the procedure/function.
  703. --connection mysqltest_2_con
  705. USE mysqltest;
  707. CALL bug13198_p1();
  709. SELECT bug13198_f1();
  711. # Drop user u1 (definer of the object);
  713. --connection con1root
  715. --disconnect mysqltest_1_con
  717. DROP USER mysqltest_1@localhost;
  719. # Check that u2 can not call the procedure/function.
  721. --connection mysqltest_2_con
  723. USE mysqltest;
  725. --error ER_MALFORMED_DEFINER
  726. CALL bug13198_p1();
  728. --error ER_MALFORMED_DEFINER
  729. SELECT bug13198_f1();
  731. # Cleanup.
  733. --connection con1root
  735. --disconnect mysqltest_2_con
  737. DROP USER mysqltest_2@localhost;
  739. DROP DATABASE mysqltest;
  741. #
  742. # Bug#19857 When a user with CREATE ROUTINE priv creates a routine,
  743. # it results in NULL p/w
  744. #
  746. # Can't test with embedded server that doesn't support grants
  748. GRANT USAGE ON *.* TO user19857@localhost IDENTIFIED BY 'meow';
  749. GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ROUTINE, ALTER ROUTINE ON test.* TO
  750. user19857@localhost;
  751. SELECT Host,User,Plugin,Authentication_string FROM mysql.user WHERE User='user19857';
  753. --connect (mysqltest_2_con,localhost,user19857,meow,test)
  754. --connection mysqltest_2_con
  756. USE test;
  758. DELIMITER //;
  759. CREATE PROCEDURE sp19857() DETERMINISTIC
  760. BEGIN
  761. DECLARE a INT;
  762. SET a=1;
  763. SELECT a;
  764. END //
  765. DELIMITER ;//
  767. SHOW CREATE PROCEDURE test.sp19857;
  769. --disconnect mysqltest_2_con
  770. --connect (mysqltest_2_con,localhost,user19857,meow,test)
  771. --connection mysqltest_2_con
  773. DROP PROCEDURE IF EXISTS test.sp19857;
  775. --connection con1root
  777. --disconnect mysqltest_2_con
  779. SELECT Host,User,Plugin,Authentication_string FROM mysql.user WHERE User='user19857';
  781. DROP USER user19857@localhost;
  783. --disconnect con1root
  784. --connection default
  785. use test;
  787. #
  788. # Bug#18630 Arguments of suid routine calculated in wrong security context
  789. #
  790. # Arguments of suid routines were calculated in definer's security
  791. # context instead of caller's context thus creating security hole.
  792. #
  793. --disable_warnings
  794. DROP TABLE IF EXISTS t1;
  795. DROP VIEW IF EXISTS v1;
  796. DROP FUNCTION IF EXISTS f_suid;
  797. DROP PROCEDURE IF EXISTS p_suid;
  798. DROP FUNCTION IF EXISTS f_evil;
  799. --enable_warnings
  800. DELETE FROM mysql.user WHERE user LIKE 'mysqltest\_%';
  801. DELETE FROM mysql.db WHERE user LIKE 'mysqltest\_%';
  802. DELETE FROM mysql.tables_priv WHERE user LIKE 'mysqltest\_%';
  803. DELETE FROM mysql.columns_priv WHERE user LIKE 'mysqltest\_%';
  804. FLUSH PRIVILEGES;
  806. CREATE TABLE t1 (i INT);
  807. CREATE FUNCTION f_suid(i INT) RETURNS INT SQL SECURITY DEFINER RETURN 0;
  808. CREATE PROCEDURE p_suid(IN i INT) SQL SECURITY DEFINER SET @c:= 0;
  810. CREATE USER mysqltest_u1@localhost;
  811. # Thanks to this grant statement privileges of anonymous users on
  812. # 'test' database are not applicable for mysqltest_u1@localhost.
  813. GRANT EXECUTE ON test.* TO mysqltest_u1@localhost;
  815. delimiter |;
  816. CREATE DEFINER=mysqltest_u1@localhost FUNCTION f_evil () RETURNS INT
  817. SQL SECURITY INVOKER
  818. BEGIN
  819. SET @a:= CURRENT_USER();
  820. SET @b:= (SELECT COUNT(*) FROM t1);
  821. RETURN @b;
  822. END|
  823. delimiter ;|
  825. CREATE SQL SECURITY INVOKER VIEW v1 AS SELECT f_evil();
  827. connect (conn1, localhost, mysqltest_u1,,);
  829. --error ER_TABLEACCESS_DENIED_ERROR
  830. SELECT COUNT(*) FROM t1;
  832. --error ER_TABLEACCESS_DENIED_ERROR
  833. SELECT f_evil();
  834. SELECT @a, @b;
  836. --error ER_TABLEACCESS_DENIED_ERROR
  837. SELECT f_suid(f_evil());
  838. SELECT @a, @b;
  840. --error ER_TABLEACCESS_DENIED_ERROR
  841. CALL p_suid(f_evil());
  842. SELECT @a, @b;
  844. --error ER_TABLEACCESS_DENIED_ERROR
  845. SELECT * FROM v1;
  846. SELECT @a, @b;
  848. disconnect conn1;
  849. connection default;
  851. DROP VIEW v1;
  852. DROP FUNCTION f_evil;
  853. DROP USER mysqltest_u1@localhost;
  854. DROP PROCEDURE p_suid;
  855. DROP FUNCTION f_suid;
  856. DROP TABLE t1;
  858. --echo #
  859. --echo # Bug #48872 : Privileges for stored functions ignored if function name
  860. --echo # is mixed case
  861. --echo #
  863. CREATE DATABASE B48872;
  864. USE B48872;
  865. CREATE TABLE `TestTab` (id INT);
  866. INSERT INTO `TestTab` VALUES (1),(2);
  867. CREATE FUNCTION `f_Test`() RETURNS INT RETURN 123;
  868. CREATE FUNCTION `f_Test_denied`() RETURNS INT RETURN 123;
  869. CREATE USER 'tester';
  870. CREATE USER 'Tester';
  871. GRANT SELECT ON TABLE `TestTab` TO 'tester';
  872. GRANT EXECUTE ON FUNCTION `f_Test` TO 'tester';
  873. GRANT EXECUTE ON FUNCTION `f_Test_denied` TO 'Tester';
  875. SELECT f_Test();
  876. SELECT * FROM TestTab;
  878. CONNECT (con_tester,localhost,tester,,B48872);
  879. CONNECT (con_tester_denied,localhost,Tester,,B48872);
  880. CONNECTION con_tester;
  882. SELECT * FROM TestTab;
  883. SELECT `f_Test`();
  884. SELECT `F_TEST`();
  885. SELECT f_Test();
  886. SELECT F_TEST();
  888. CONNECTION con_tester_denied;
  890. --disable_result_log
  891. --error ER_TABLEACCESS_DENIED_ERROR
  892. SELECT * FROM TestTab;
  893. --error ER_PROCACCESS_DENIED_ERROR
  894. SELECT `f_Test`();
  895. --error ER_PROCACCESS_DENIED_ERROR
  896. SELECT `F_TEST`();
  897. --error ER_PROCACCESS_DENIED_ERROR
  898. SELECT f_Test();
  899. --error ER_PROCACCESS_DENIED_ERROR
  900. SELECT F_TEST();
  901. --enable_result_log
  902. SELECT `f_Test_denied`();
  903. SELECT `F_TEST_DENIED`();
  905. CONNECTION default;
  906. DISCONNECT con_tester;
  907. DISCONNECT con_tester_denied;
  908. DROP TABLE `TestTab`;
  909. DROP FUNCTION `f_Test`;
  910. DROP FUNCTION `f_Test_denied`;
  912. USE test;
  913. DROP USER 'tester';
  914. DROP USER 'Tester';
  915. DROP DATABASE B48872;
  917. --echo #
  918. --echo # End of 5.0 tests.
  919. --echo #
  921. --echo #
  922. --echo # Test for bug#57061 "User without privilege on routine can discover
  923. --echo # its existence."
  924. --echo #
  925. --disable_warnings
  926. drop database if exists mysqltest_db;
  927. --enable_warnings
  928. create database mysqltest_db;
  929. --echo # Create user with no privileges on mysqltest_db database.
  930. create user bug57061_user@localhost;
  931. create function mysqltest_db.f1() returns int return 0;
  932. create procedure mysqltest_db.p1() begin end;
  933. connect (conn1, localhost, bug57061_user,,"*NO-ONE*");
  934. --echo # Attempt to drop routine on which user doesn't have privileges
  935. --echo # should result in the same 'access denied' type of error whether
  936. --echo # routine exists or not.
  937. --error ER_PROCACCESS_DENIED_ERROR
  938. drop function if exists mysqltest_db.f_does_not_exist;
  939. --error ER_PROCACCESS_DENIED_ERROR
  940. drop procedure if exists mysqltest_db.p_does_not_exist;
  941. --error ER_PROCACCESS_DENIED_ERROR
  942. drop function if exists mysqltest_db.f1;
  943. --error ER_PROCACCESS_DENIED_ERROR
  944. drop procedure if exists mysqltest_db.p1;
  945. connection default;
  946. disconnect conn1;
  947. drop user bug57061_user@localhost;
  948. drop database mysqltest_db;
  951. --echo #
  952. --echo # Bug#11882603 SELECT_ACL ON ANY COLUMN IN MYSQL.PROC ALLOWS TO SEE
  953. --echo # DEFINITION OF ANY ROUTINE.
  954. --echo #
  956. --disable_warnings
  957. DROP DATABASE IF EXISTS db1;
  958. --enable_warnings
  960. CREATE DATABASE db1;
  961. CREATE PROCEDURE db1.p1() SELECT 1;
  962. CREATE USER user2@localhost IDENTIFIED BY '';
  963. GRANT SELECT(db) ON mysql.proc TO user2@localhost;
  965. connect (con2, localhost, user2,,"*NO-ONE*");
  966. --echo # The statement below before disclosed info from body_utf8 column.
  967. --error ER_SP_DOES_NOT_EXIST
  968. SHOW CREATE PROCEDURE db1.p1;
  970. --echo # Check that SHOW works with SELECT grant on whole table
  971. connection default;
  972. GRANT SELECT ON mysql.proc TO user2@localhost;
  974. connection con2;
  975. --echo # This should work
  976. SHOW CREATE PROCEDURE db1.p1;
  978. connection default;
  979. disconnect con2;
  980. DROP USER user2@localhost;
  981. DROP DATABASE db1;
  983. #
  984. # Bug#27407480: AUTOMATIC_SP_PRIVILEGES REQUIRES NEED THE INSERT PRIVILEGES FOR MYSQL.USER TABLE
  985. #
  986. create user foo@local_ost;
  987. create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF';
  988. grant select,create routine on test.* to foo@local_ost;
  989. create database foodb;
  990. grant create routine on foodb.* to foo@local_ost;
  991. connect con1,localhost,foo;
  992. select user(), current_user();
  993. show grants;
  994. create procedure fooproc() select 'i am fooproc';
  995. show grants;
  996. disconnect con1;
  997. connection default;
  998. drop user foo@local_ost;
  999. drop user foo@`local\_ost`;
  1000. drop procedure fooproc;
  1001. drop database foodb;
  1003. --echo #
  1004. --echo # Test for bug#12602983 - User without privilege on routine can discover
  1005. --echo # its existence by executing "select non_existing_func();" or by
  1006. --echo # "call non_existing_proc()";
  1007. --echo #
  1008. --disable_warnings
  1009. drop database if exists mysqltest_db;
  1010. --enable_warnings
  1011. create database mysqltest_db;
  1012. create function mysqltest_db.f1() returns int return 0;
  1013. create procedure mysqltest_db.p1() begin end;
  1015. --echo # Create user with no privileges on mysqltest_db database.
  1016. create user bug12602983_user@localhost;
  1017. grant create view on test.* to bug12602983_user@localhost;
  1019. connect (conn1, localhost, bug12602983_user,,);
  1021. --echo # Attempt to execute routine on which user doesn't have privileges
  1022. --echo # should result in the same 'access denied' error whether
  1023. --echo # routine exists or not.
  1024. --error ER_PROCACCESS_DENIED_ERROR
  1025. select mysqltest_db.f_does_not_exist();
  1026. --error ER_PROCACCESS_DENIED_ERROR
  1027. call mysqltest_db.p_does_not_exist();
  1029. --error ER_PROCACCESS_DENIED_ERROR
  1030. select mysqltest_db.f1();
  1031. --error ER_PROCACCESS_DENIED_ERROR
  1032. call mysqltest_db.p1();
  1034. --error ER_PROCACCESS_DENIED_ERROR
  1035. create view bug12602983_v1 as select mysqltest_db.f_does_not_exist();
  1036. --error ER_PROCACCESS_DENIED_ERROR
  1037. create view bug12602983_v1 as select mysqltest_db.f1();
  1039. connection default;
  1040. disconnect conn1;
  1041. drop user bug12602983_user@localhost;
  1042. drop database mysqltest_db;
  1044. # Wait till all disconnects are completed
  1045. --source include/wait_until_count_sessions.inc
  1047. create user u1@localhost;
  1048. grant all privileges on *.* to u1@localhost with grant option;
  1049. connect u1, localhost, u1;
  1050. set password=password('foobar');
  1051. create procedure sp1() select 1;
  1052. show grants;
  1053. grant execute on procedure sp1 to current_user() identified by 'barfoo';
  1054. show grants;
  1055. drop procedure sp1;
  1056. disconnect u1;
  1057. connection default;
  1058. drop user u1@localhost;
  1060. --echo #
  1061. --echo # MDEV-13396 Unexpected "alter routine comand defined" during CREATE OR REPLACE PROCEDURE
  1062. --echo #
  1064. CREATE DATABASE u1;
  1065. DELIMITER $$;
  1066. CREATE PROCEDURE u1.p1() BEGIN SELECT 1; END; $$
  1067. CREATE FUNCTION u1.f1() RETURNS INT BEGIN RETURN 1; END; $$
  1068. DELIMITER ;$$
  1070. CREATE USER u1@localhost;
  1071. GRANT CREATE ROUTINE ON u1.* TO u1@localhost;
  1072. GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost;
  1073. GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost;
  1075. connect (u1, localhost, u1,,u1);
  1076. DELIMITER $$;
  1077. CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$
  1078. CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$
  1079. DELIMITER ;$$
  1081. disconnect u1;
  1082. connection default;
  1083. DROP DATABASE u1;
  1084. DROP USER u1@localhost;
  1086. set @@global.character_set_server=@save_character_set_server;
  1088. --echo #
  1089. --echo # End of 10.2 tests
  1090. --echo #
  1092. --echo #
  1093. --echo # MDEV-20366 Server crashes in get_current_user upon SET PASSWORD via SP
  1094. --echo #
  1096. # Testing without the user
  1097. CREATE PROCEDURE p1() SET PASSWORD FOR foo@localhost=PASSWORD('x');
  1098. --error ER_PASSWORD_NO_MATCH
  1099. CALL p1();
  1100. DROP PROCEDURE p1;
  1102. # Testing with the user
  1103. CREATE USER foo@localhost;
  1104. CREATE PROCEDURE p1() SET PASSWORD FOR foo@localhost=PASSWORD('x');
  1105. CALL p1();
  1106. DROP PROCEDURE p1;
  1107. DROP USER foo@localhost;
  1109. --echo #
  1110. --echo # End of 10.5 tests
  1111. --echo #
  1113. --echo #
  1114. --echo # MDEV-29852 SIGSEGV in mysql_create_routine or is_acl_user on 2nd execution, ASAN use-after-poison in get_current_user (sql_acl.cc)
  1115. --echo #
  1116. set @cmd:="create definer=u function f(i int) returns char binary reads sql data return concat (1,i)";
  1117. prepare s from @cmd;
  1118. execute s;
  1119. --error ER_SP_ALREADY_EXISTS
  1120. execute s;
  1121. drop function f;
  1123. --echo #
  1124. --echo # End of 10.6 tests
  1125. --echo #
  1127. --echo #
  1128. --echo # MDEV-29167: new db-level SHOW CREATE ROUTINE privilege
  1129. --echo #
  1131. --echo ###
  1132. --echo ### SHOW-Like commad test
  1133. --echo ###
  1135. SET @save_sql_mode=@@sql_mode;
  1137. --echo #
  1138. --echo ### Prepare functions for the test and SHOW-like by root
  1139. --echo #
  1141. create database test_db;
  1142. use test_db;
  1143. create procedure test_db.sp() select 1;
  1144. show create procedure test_db.sp;
  1145. --replace_column 5 # 6 #
  1146. SHOW PROCEDURE STATUS WHERE name="sp";
  1147. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1148. CREATE FUNCTION test_db.fn() RETURNS INT RETURN 1;
  1149. show create function test_db.fn;
  1150. --replace_column 5 # 6 #
  1151. SHOW FUNCTION STATUS WHERE name="fn";
  1152. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="fn";
  1154. SET sql_mode=ORACLE;
  1155. DELIMITER $$;
  1156. CREATE PACKAGE test_db.pk AS
  1157. FUNCTION pkf() RETURN INT;
  1158. PROCEDURE pkp();
  1159. END;
  1160. $$
  1161. CREATE PACKAGE BODY test_db.pk AS
  1162. pkv INT:=1;
  1164. PROCEDURE pkhp() AS
  1165. BEGIN
  1166. SELECT pkv FROM DUAL;
  1167. END;
  1169. FUNCTION pkhf() RETURN INT AS
  1170. BEGIN
  1171. RETURN pkv;
  1172. END;
  1174. PROCEDURE pkp() AS
  1175. BEGIN
  1176. CALL pkhp();
  1177. END;
  1178. FUNCTION pkf() RETURN INT AS
  1179. BEGIN
  1180. RETURN pkhf();
  1181. END;
  1183. BEGIN
  1184. pkv:=2;
  1185. END;
  1186. $$
  1187. DELIMITER ;$$
  1189. SET sql_mode=@save_sql_mode;
  1190. show create package test_db.pk;
  1191. show create package body test_db.pk;
  1192. --replace_column 5 # 6 #
  1193. SHOW PACKAGE STATUS WHERE name="pk";
  1194. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1197. use test;
  1200. --echo ###
  1201. --echo ### Pre-"SHOW-CREATE-ROUTINE" behaviour tests
  1202. --echo ###
  1205. --echo #
  1206. --echo ### Rights on mysql.proc
  1207. --echo #
  1209. create user user@localhost;
  1210. grant all privileges on mysql.* to user@localhost;
  1211. grant all privileges on test.* to user@localhost;
  1213. connect conn1, localhost, user, , test;
  1215. show create procedure test_db.sp;
  1216. --replace_column 5 # 6 #
  1217. SHOW PROCEDURE STATUS WHERE name="sp";
  1218. SELECT ROUTINE_NAME from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1219. show create function test_db.fn;
  1220. --replace_column 5 # 6 #
  1221. SHOW FUNCTION STATUS WHERE name="fn";
  1222. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1223. ROUTINE_NAME="fn";
  1224. show create package test_db.pk;
  1225. show create package body test_db.pk;
  1226. --replace_column 5 # 6 #
  1227. SHOW PACKAGE STATUS WHERE name="pk";
  1228. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1230. connection default;
  1231. disconnect conn1;
  1233. revoke all privileges on mysql.* from user@localhost;
  1236. --echo #
  1237. --echo ### No privileges
  1238. --echo #
  1240. connect conn1, localhost, user, , test;
  1242. --error ER_SP_DOES_NOT_EXIST
  1243. show create procedure test_db.sp;
  1244. --replace_column 5 # 6 #
  1245. SHOW PROCEDURE STATUS WHERE name="sp";
  1246. SELECT ROUTINE_NAME from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1247. --error ER_SP_DOES_NOT_EXIST
  1248. show create function test_db.fn;
  1249. --replace_column 5 # 6 #
  1250. SHOW FUNCTION STATUS WHERE name="fn";
  1251. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1252. ROUTINE_NAME="fn";
  1253. --error ER_SP_DOES_NOT_EXIST
  1254. show create package test_db.pk;
  1255. --error ER_SP_DOES_NOT_EXIST
  1256. show create package body test_db.pk;
  1257. --replace_column 5 # 6 #
  1258. SHOW PACKAGE STATUS WHERE name="pk";
  1259. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1261. connection default;
  1262. disconnect conn1;
  1264. --echo #
  1265. --echo ### Execute provilege PROCEDURE/FUNCTION
  1266. --echo #
  1268. grant execute on procedure test_db.sp to user@localhost;
  1269. grant execute on function test_db.fn to user@localhost;
  1271. connect conn1, localhost, user, , test;
  1273. show create procedure test_db.sp;
  1274. --replace_column 5 # 6 #
  1275. SHOW PROCEDURE STATUS WHERE name="sp";
  1276. SELECT ROUTINE_NAME from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1277. call test_db.sp();
  1278. show create function test_db.fn;
  1279. --replace_column 5 # 6 #
  1280. SHOW FUNCTION STATUS WHERE name="fn";
  1281. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1282. ROUTINE_NAME="fn";
  1283. select test_db.fn();
  1285. connection default;
  1286. disconnect conn1;
  1288. revoke execute on procedure test_db.sp from user@localhost;
  1289. revoke execute on function test_db.fn from user@localhost;
  1291. --echo #
  1292. --echo ### Execute provilege PACKAGE+ PACKAGE BODY-
  1293. --echo #
  1295. SET sql_mode=ORACLE;
  1296. grant execute on package test_db.pk to user@localhost;
  1297. SET sql_mode=@save_sql_mode;
  1299. connect conn1, localhost, user, , test;
  1301. show create package test_db.pk;
  1302. --error ER_SP_DOES_NOT_EXIST
  1303. show create package body test_db.pk;
  1304. --replace_column 5 # 6 #
  1305. SHOW PACKAGE STATUS WHERE name="pk";
  1306. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1307. --error ER_PROCACCESS_DENIED_ERROR
  1308. call test_db.pk.pkp();
  1309. --error ER_PROCACCESS_DENIED_ERROR
  1310. select test_db.pk.pkf();
  1312. connection default;
  1313. disconnect conn1;
  1315. SET sql_mode=ORACLE;
  1316. revoke execute on package test_db.pk from user@localhost;
  1317. SET sql_mode=@save_sql_mode;
  1320. --echo #
  1321. --echo ### Execute provilege PACKAGE- PACKAGE BODY+
  1322. --echo #
  1324. SET sql_mode=ORACLE;
  1325. grant execute on package body test_db.pk to user@localhost;
  1326. SET sql_mode=@save_sql_mode;
  1328. connect conn1, localhost, user, , test;
  1330. --error ER_SP_DOES_NOT_EXIST
  1331. show create package test_db.pk;
  1332. show create package body test_db.pk;
  1333. --replace_column 5 # 6 #
  1334. SHOW PACKAGE STATUS WHERE name="pk";
  1335. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1336. call test_db.pk.pkp();
  1337. select test_db.pk.pkf();
  1339. connection default;
  1340. disconnect conn1;
  1342. SET sql_mode=ORACLE;
  1343. revoke execute on package body test_db.pk from user@localhost;
  1344. SET sql_mode=@save_sql_mode;
  1346. --echo #
  1347. --echo ### Alter routine provilege PROCEDURE/FUNCTION
  1348. --echo #
  1350. grant alter routine on procedure test_db.sp to user@localhost;
  1351. grant alter routine on function test_db.fn to user@localhost;
  1353. connect conn1, localhost, user, , test;
  1355. show create procedure test_db.sp;
  1356. --replace_column 5 # 6 #
  1357. SHOW PROCEDURE STATUS WHERE name="sp";
  1358. SELECT ROUTINE_NAME from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1359. show create function test_db.fn;
  1360. --replace_column 5 # 6 #
  1361. SHOW FUNCTION STATUS WHERE name="fn";
  1362. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1363. ROUTINE_NAME="fn";
  1365. connection default;
  1366. disconnect conn1;
  1369. revoke alter routine on procedure test_db.sp from user@localhost;
  1370. revoke alter routine on function test_db.fn from user@localhost;
  1372. --echo #
  1373. --echo ### Alter routine provilege PACKAGE+ PACKAGE BODY-
  1374. --echo #
  1376. SET sql_mode=ORACLE;
  1377. grant alter routine on package test_db.pk to user@localhost;
  1378. SET sql_mode=@save_sql_mode;
  1380. connect conn1, localhost, user, , test;
  1382. show create package test_db.pk;
  1383. --error ER_SP_DOES_NOT_EXIST
  1384. show create package body test_db.pk;
  1385. --replace_column 5 # 6 #
  1386. SHOW PACKAGE STATUS WHERE name="pk";
  1387. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1389. connection default;
  1390. disconnect conn1;
  1392. SET sql_mode=ORACLE;
  1393. revoke alter routine on package test_db.pk from user@localhost;
  1394. SET sql_mode=@save_sql_mode;
  1397. --echo #
  1398. --echo ### Alter routine provilege PACKAGE+ PACKAGE BODY-
  1399. --echo #
  1401. SET sql_mode=ORACLE;
  1402. grant alter routine on package body test_db.pk to user@localhost;
  1403. SET sql_mode=@save_sql_mode;
  1405. connect conn1, localhost, user, , test;
  1407. --error ER_SP_DOES_NOT_EXIST
  1408. show create package test_db.pk;
  1409. show create package body test_db.pk;
  1410. --replace_column 5 # 6 #
  1411. SHOW PACKAGE STATUS WHERE name="pk";
  1412. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1414. connection default;
  1415. disconnect conn1;
  1417. SET sql_mode=ORACLE;
  1418. revoke alter routine on package body test_db.pk from user@localhost;
  1419. SET sql_mode=@save_sql_mode;
  1422. --echo ###
  1423. --echo ### SHOW CREATE PROCEDURE tests
  1424. --echo ###
  1427. --echo #
  1428. --echo ### Global "show create routine" test
  1429. --echo #
  1431. grant show create routine on *.* to user@localhost;
  1432. show grants for user@localhost;
  1434. connect conn1, localhost, user, , test;
  1436. show create procedure test_db.sp;
  1437. --replace_column 5 # 6 #
  1438. SHOW PROCEDURE STATUS WHERE name="sp";
  1439. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1440. show create function test_db.fn;
  1441. --replace_column 5 # 6 #
  1442. SHOW FUNCTION STATUS WHERE name="fn";
  1443. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="fn";
  1444. show create package test_db.pk;
  1445. show create package body test_db.pk;
  1446. --replace_column 5 # 6 #
  1447. SHOW PACKAGE STATUS WHERE name="pk";
  1448. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1450. connection default;
  1451. disconnect conn1;
  1453. revoke show create routine on *.* from user@localhost;
  1455. --echo #
  1456. --echo ### DB-level "show create routine" but other DB test
  1457. --echo #
  1459. grant show create routine on db_test.* to user@localhost;
  1460. show grants for user@localhost;
  1462. connect conn1, localhost, user, , test;
  1464. --error ER_SP_DOES_NOT_EXIST
  1465. show create procedure test_db.sp;
  1466. --replace_column 5 # 6 #
  1467. SHOW PROCEDURE STATUS WHERE name="sp";
  1468. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1469. --error ER_SP_DOES_NOT_EXIST
  1470. show create function test_db.fn;
  1471. --replace_column 5 # 6 #
  1472. SHOW FUNCTION STATUS WHERE name="fn";
  1473. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="fn";
  1474. --error ER_SP_DOES_NOT_EXIST
  1475. show create package test_db.pk;
  1476. --error ER_SP_DOES_NOT_EXIST
  1477. show create package body test_db.pk;
  1478. --replace_column 5 # 6 #
  1479. SHOW PACKAGE STATUS WHERE name="pk";
  1480. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1482. connection default;
  1483. disconnect conn1;
  1485. revoke show create routine on db_test.* from user@localhost;
  1487. --echo #
  1488. --echo ### DB-level "show create routine" test
  1489. --echo #
  1491. grant show create routine on test_db.* to user@localhost;
  1492. show grants for user@localhost;
  1494. connect conn1, localhost, user, , test;
  1496. show create procedure test_db.sp;
  1497. --replace_column 5 # 6 #
  1498. SHOW PROCEDURE STATUS WHERE name="sp";
  1499. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1500. show create function test_db.fn;
  1501. --replace_column 5 # 6 #
  1502. SHOW FUNCTION STATUS WHERE name="fn";
  1503. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="fn";
  1504. show create package test_db.pk;
  1505. show create package body test_db.pk;
  1506. --replace_column 5 # 6 #
  1507. SHOW PACKAGE STATUS WHERE name="pk";
  1508. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1510. connection default;
  1511. disconnect conn1;
  1513. revoke show create routine on test_db.* from user@localhost;
  1516. --echo #
  1517. --echo ### Routine-level "show create routine" PROCEDURE and FUNCTION
  1518. --echo #
  1520. grant show create routine on procedure test_db.sp to user@localhost;
  1521. grant show create routine on function test_db.fn to user@localhost;
  1523. connect conn1, localhost, user, , test;
  1525. show create procedure test_db.sp;
  1526. --replace_column 5 # 6 #
  1527. SHOW PROCEDURE STATUS WHERE name="sp";
  1528. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1529. -- error ER_PROCACCESS_DENIED_ERROR
  1530. call test_db.sp();
  1531. show create function test_db.fn;
  1532. --replace_column 5 # 6 #
  1533. SHOW FUNCTION STATUS WHERE name="fn";
  1534. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1535. ROUTINE_NAME="fn";
  1536. -- error ER_PROCACCESS_DENIED_ERROR
  1537. select test_db.fn();
  1539. connection default;
  1540. disconnect conn1;
  1542. revoke show create routine on procedure test_db.sp from user@localhost;
  1543. revoke show create routine on function test_db.fn from user@localhost;
  1546. --echo #
  1547. --echo ### Routine-level "show create routine" PACKAGE+ PACKAGE BODY-
  1548. --echo #
  1550. SET sql_mode=ORACLE;
  1551. grant show create routine on package test_db.pk to user@localhost;
  1552. SET sql_mode=@save_sql_mode;
  1554. connect conn1, localhost, user, , test;
  1556. show create package test_db.pk;
  1557. --error ER_SP_DOES_NOT_EXIST
  1558. show create package body test_db.pk;
  1559. --replace_column 5 # 6 #
  1560. SHOW PACKAGE STATUS WHERE name="pk";
  1561. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1562. --error ER_PROCACCESS_DENIED_ERROR
  1563. call test_db.pk.pkp();
  1564. --error ER_PROCACCESS_DENIED_ERROR
  1565. select test_db.pk.pkf();
  1567. connection default;
  1568. disconnect conn1;
  1570. SET sql_mode=ORACLE;
  1571. revoke show create routine on package test_db.pk from user@localhost;
  1572. SET sql_mode=@save_sql_mode;
  1575. --echo #
  1576. --echo ### Routine-level "show create routine" PACKAGE- PACKAGE BODY+
  1577. --echo #
  1579. SET sql_mode=ORACLE;
  1580. grant show create routine on package body test_db.pk to user@localhost;
  1581. SET sql_mode=@save_sql_mode;
  1584. connect conn1, localhost, user, , test;
  1586. --error ER_SP_DOES_NOT_EXIST
  1587. show create package test_db.pk;
  1588. show create package body test_db.pk;
  1589. --replace_column 5 # 6 #
  1590. SHOW PACKAGE STATUS WHERE name="pk";
  1591. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1592. --error ER_PROCACCESS_DENIED_ERROR
  1593. call test_db.pk.pkp();
  1594. --error ER_PROCACCESS_DENIED_ERROR
  1595. select test_db.pk.pkf();
  1597. connection default;
  1598. disconnect conn1;
  1600. SET sql_mode=ORACLE;
  1601. revoke show create routine on package body test_db.pk from user@localhost;
  1602. SET sql_mode=@save_sql_mode;
  1604. drop user user@localhost;
  1605. drop database test_db;
  1607. --echo #
  1608. --echo ### Check owner only rights
  1609. --echo #
  1611. create user user@localhost;
  1612. create database test_db;
  1613. use test_db;
  1614. create definer=user@localhost procedure test_db.sp() select 1;
  1615. CREATE definer=user@localhost FUNCTION test_db.fn() RETURNS INT RETURN 1;
  1616. SET sql_mode=ORACLE;
  1617. DELIMITER $$;
  1618. CREATE definer=user@localhost PACKAGE test_db.pk AS
  1619. FUNCTION pkf() RETURN INT;
  1620. PROCEDURE pkp();
  1621. END;
  1622. $$
  1623. CREATE definer=user@localhost PACKAGE BODY test_db.pk AS
  1624. pkv INT:=1;
  1626. PROCEDURE pkhp() AS
  1627. BEGIN
  1628. SELECT pkv FROM DUAL;
  1629. END;
  1631. FUNCTION pkhf() RETURN INT AS
  1632. BEGIN
  1633. RETURN pkv;
  1634. END;
  1636. PROCEDURE pkp() AS
  1637. BEGIN
  1638. CALL pkhp();
  1639. END;
  1640. FUNCTION pkf() RETURN INT AS
  1641. BEGIN
  1642. RETURN pkhf();
  1643. END;
  1645. BEGIN
  1646. pkv:=2;
  1647. END;
  1648. $$
  1649. DELIMITER ;$$
  1651. use test;
  1654. connect conn1, localhost, user, , "*NO-ONE*";
  1656. show create procedure test_db.sp;
  1657. --replace_column 5 # 6 #
  1658. SHOW PROCEDURE STATUS WHERE name="sp";
  1659. SELECT ROUTINE_NAME from information_schema.ROUTINES where ROUTINE_NAME="sp";
  1660. show create function test_db.fn;
  1661. --replace_column 5 # 6 #
  1662. SHOW FUNCTION STATUS WHERE name="fn";
  1663. SELECT ROUTINE_NAME, ROUTINE_DEFINITION from information_schema.ROUTINES where
  1664. ROUTINE_NAME="fn";
  1665. show create package test_db.pk;
  1666. show create package body test_db.pk;
  1667. --replace_column 5 # 6 #
  1668. SHOW PACKAGE STATUS WHERE name="pk";
  1669. SELECT ROUTINE_NAME, ROUTINE_TYPE, ROUTINE_DEFINITION from information_schema.ROUTINES where ROUTINE_NAME="pk";
  1671. connection default;
  1672. disconnect conn1;
  1674. drop user user@localhost;
  1675. drop database test_db;
  1677. --echo #
  1678. --echo # End of 11.3 tests
  1679. --echo #
  1681. set @@global.collation_server=@save_collation_server;