Bug #20482: failure on Create join view with sources views/tables in different

schemas The function check_one_table_access() called to check access to tables in SELECT/INSERT/UPDATE was doing additional checks/modifications that don't hold in the context of setup_tables_and_check_access(). That's why the check_one_table() was split into two : the functionality needed by setup_tables_and_check_access() into check_single_table_access() and the rest of the functionality stays in check_one_table_access() that is made to call the new check_single_table_access() function.
author: gkodinov@mysql.com <> 2006-06-21 12:12:46 +0300
committer: gkodinov@mysql.com <> 2006-06-21 12:12:46 +0300
commit: 75ca0554935b4e70394618da3de956fc27e894cf (patch)
tree: 4d1eaabc3133949024515c0746b67bb1c08977bd
parent: ee2e2d0c6d46d0d58e4bcff0b4c8289882e254b4 (diff)
download: mariadb-git-75ca0554935b4e70394618da3de956fc27e894cf.tar.gz
5 files changed, 67 insertions, 10 deletions
diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result
index f6559e6f838..11161d0c844 100644
--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@@ -618,3 +618,15 @@ ERROR HY000: There is no 'no-such-user'@'localhost' registered
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+CREATE DATABASE test1;
+CREATE DATABASE test2;
+CREATE TABLE test1.t0 (a VARCHAR(20));
+CREATE TABLE test2.t1 (a VARCHAR(20));
+CREATE VIEW  test2.t3 AS SELECT * FROM test1.t0;
+CREATE OR REPLACE VIEW test.v1 AS 
+SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
+DROP VIEW test.v1;
+DROP VIEW test2.t3;
+DROP TABLE test2.t1, test1.t0;
+DROP DATABASE test2;
+DROP DATABASE test1;
diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test
index 4663a667d25..9d23bfa6197 100644
--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@@ -807,3 +807,24 @@ SELECT * FROM v;
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+
+#
+# BUG#20482: failure on Create join view with sources views/tables 
+#             in different schemas
+#
+--disable_warnings
+CREATE DATABASE test1;
+CREATE DATABASE test2;
+--enable_warnings
+
+CREATE TABLE test1.t0 (a VARCHAR(20));
+CREATE TABLE test2.t1 (a VARCHAR(20));
+CREATE VIEW  test2.t3 AS SELECT * FROM test1.t0;
+CREATE OR REPLACE VIEW test.v1 AS 
+  SELECT ta.a AS col1, tb.a AS col2 FROM test2.t3 ta, test2.t1 tb;
+
+DROP VIEW test.v1;
+DROP VIEW test2.t3;
+DROP TABLE test2.t1, test1.t0;
+DROP DATABASE test2;
+DROP DATABASE test1;
diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h
index 6d39f2f7440..3bb371b6004 100644
--- a/sql/mysql_priv.h
+++ b/sql/mysql_priv.h
@@ -513,6 +513,8 @@ class THD;
 void close_thread_tables(THD *thd, bool locked=0, bool skip_derived=0);
 bool check_one_table_access(THD *thd, ulong privilege,
 			   TABLE_LIST *tables);
+bool check_single_table_access(THD *thd, ulong privilege,
+			   TABLE_LIST *tables);
 bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
 			  bool is_proc, bool no_errors);
 bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
diff --git a/sql/sql_base.cc b/sql/sql_base.cc
index 7fe626c8f2d..f01ab4cf74f 100644
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@@ -4545,7 +4545,7 @@ bool setup_tables_and_check_access(THD *thd,
 
   for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf)
     if (leaves_tmp->belong_to_view && 
-        check_one_table_access(thd, want_access,  leaves_tmp))
+        check_single_table_access(thd, want_access,  leaves_tmp))
     {
       tables->hide_view_error(thd);
       return TRUE;
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 37e45e999b3..6ec8bd65a90 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -4978,11 +4978,10 @@ error:
 
 
 /*
-  Check grants for commands which work only with one table and all other
-  tables belonging to subselects or implicitly opened tables.
+  Check grants for commands which work only with one table.
 
   SYNOPSIS
-    check_one_table_access()
+    check_single_table_access()
     thd			Thread handler
     privilege		requested privilege
     all_tables		global table list of query
@@ -4992,7 +4991,8 @@ error:
     1 - access denied, error is sent to client
 */
 
-bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
+bool check_single_table_access(THD *thd, ulong privilege, 
+                               TABLE_LIST *all_tables)
 {
   Security_context * backup_ctx= thd->security_ctx;
 
@@ -5010,19 +5010,41 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
     goto deny;
 
   thd->security_ctx= backup_ctx;
+  return 0;
+
+deny:
+  thd->security_ctx= backup_ctx;
+  return 1;
+}
+
+/*
+  Check grants for commands which work only with one table and all other
+  tables belonging to subselects or implicitly opened tables.
+
+  SYNOPSIS
+    check_one_table_access()
+    thd			Thread handler
+    privilege		requested privilege
+    all_tables		global table list of query
+
+  RETURN
+    0 - OK
+    1 - access denied, error is sent to client
+*/
+
+bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
+{
+  if (check_single_table_access (thd,privilege,all_tables))
+    return 1;
 
   /* Check rights on tables of subselects and implictly opened tables */
   TABLE_LIST *subselects_tables;
   if ((subselects_tables= all_tables->next_global))
   {
     if ((check_table_access(thd, SELECT_ACL, subselects_tables, 0)))
-      goto deny;
+      return 1;
   }
   return 0;
-
-deny:
-  thd->security_ctx= backup_ctx;
-  return 1;
 }
author	gkodinov@mysql.com <>	2006-06-21 12:12:46 +0300
committer	gkodinov@mysql.com <>	2006-06-21 12:12:46 +0300
commit	75ca0554935b4e70394618da3de956fc27e894cf (patch)
tree	4d1eaabc3133949024515c0746b67bb1c08977bd
parent	ee2e2d0c6d46d0d58e4bcff0b4c8289882e254b4 (diff)
download	mariadb-git-75ca0554935b4e70394618da3de956fc27e894cf.tar.gz