diff options
author | Georgi Kodinov <kgeorge@mysql.com> | 2009-02-25 12:19:29 +0200 |
---|---|---|
committer | Georgi Kodinov <kgeorge@mysql.com> | 2009-02-25 12:19:29 +0200 |
commit | 620438fdaef079216609bfcb0a8cb7b58c950e1e (patch) | |
tree | b87b94d4e99c05d39b544d049937c8e376a8e9dc | |
parent | e60b9650c0ec3e956141710bd141d001abb831fb (diff) | |
download | mariadb-git-620438fdaef079216609bfcb0a8cb7b58c950e1e.tar.gz |
backport the fix for bug #37191 to 5.1-bugteam
-rw-r--r-- | mysql-test/r/view_grant.result | 21 | ||||
-rw-r--r-- | mysql-test/t/view_grant.test | 38 | ||||
-rw-r--r-- | sql/sql_view.cc | 52 |
3 files changed, 90 insertions, 21 deletions
diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result index 1821e50e294..3e280e47bee 100644 --- a/mysql-test/r/view_grant.result +++ b/mysql-test/r/view_grant.result @@ -956,6 +956,27 @@ Warnings: Warning 1356 View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them DROP VIEW v1; DROP TABLE t1; +CREATE USER mysqluser1@localhost; +CREATE DATABASE mysqltest1; +USE mysqltest1; +CREATE TABLE t1 ( a INT ); +CREATE TABLE t2 ( b INT ); +INSERT INTO t1 VALUES (1), (2); +INSERT INTO t2 VALUES (1), (2); +GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost; +GRANT SELECT ON t1 TO mysqluser1@localhost; +GRANT INSERT ON t2 TO mysqluser1@localhost; +This would lead to failed assertion. +CREATE VIEW v1 AS SELECT a, b FROM t1, t2; +SELECT * FROM v1; +ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1' +SELECT b FROM v1; +ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1' +DROP TABLE t1, t2; +DROP VIEW v1; +DROP DATABASE mysqltest1; +DROP USER mysqluser1@localhost; +USE test; End of 5.1 tests. CREATE USER mysqluser1@localhost; CREATE DATABASE mysqltest1; diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test index 4e8d97e4444..f3794a6ba73 100644 --- a/mysql-test/t/view_grant.test +++ b/mysql-test/t/view_grant.test @@ -1218,6 +1218,44 @@ SHOW CREATE VIEW v1; DROP VIEW v1; DROP TABLE t1; +# +# Bug#37191: Failed assertion in CREATE VIEW +# +CREATE USER mysqluser1@localhost; +CREATE DATABASE mysqltest1; + +USE mysqltest1; + +CREATE TABLE t1 ( a INT ); +CREATE TABLE t2 ( b INT ); + +INSERT INTO t1 VALUES (1), (2); +INSERT INTO t2 VALUES (1), (2); + +GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost; + +GRANT SELECT ON t1 TO mysqluser1@localhost; +GRANT INSERT ON t2 TO mysqluser1@localhost; + +--connect (connection1, localhost, mysqluser1, , mysqltest1) + +--echo This would lead to failed assertion. +CREATE VIEW v1 AS SELECT a, b FROM t1, t2; + +--error ER_TABLEACCESS_DENIED_ERROR +SELECT * FROM v1; +--error ER_TABLEACCESS_DENIED_ERROR +SELECT b FROM v1; + +--disconnect connection1 +--connection default + +DROP TABLE t1, t2; +DROP VIEW v1; +DROP DATABASE mysqltest1; +DROP USER mysqluser1@localhost; +USE test; + --echo End of 5.1 tests. # diff --git a/sql/sql_view.cc b/sql/sql_view.cc index be66f7c2d80..b6ea6579d08 100644 --- a/sql/sql_view.cc +++ b/sql/sql_view.cc @@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, fill_effective_table_privileges(thd, &view->grant, view->db, view->table_name); + /* + Make sure that the current user does not have more column-level privileges + on the newly created view than he/she does on the underlying + tables. E.g. it must not be so that the user has UPDATE privileges on a + view column of he/she doesn't have it on the underlying table's + corresponding column. In that case, return an error for CREATE VIEW. + */ { Item *report_item= NULL; + /* + This will hold the intersection of the priviliges on all columns in the + view. + */ uint final_priv= VIEW_ANY_ACL; - - for (sl= select_lex; sl; sl= sl->next_select()) - { - DBUG_ASSERT(view->db); /* Must be set in the parser */ - List_iterator_fast<Item> it(sl->item_list); - Item *item; - while ((item= it++)) + + for (sl= select_lex; sl; sl= sl->next_select()) { + DBUG_ASSERT(view->db); /* Must be set in the parser */ + List_iterator_fast<Item> it(sl->item_list); + Item *item; + while ((item= it++)) + { Item_field *fld= item->filed_for_view_update(); - uint priv= (get_column_grant(thd, &view->grant, view->db, - view->table_name, item->name) & - VIEW_ANY_ACL); + uint priv= (get_column_grant(thd, &view->grant, view->db, + view->table_name, item->name) & + VIEW_ANY_ACL); if (fld && !fld->field->table->s->tmp_table) - { + { + final_priv&= fld->have_privileges; if (~fld->have_privileges & priv) @@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, } } } - - if (!final_priv) - { - DBUG_ASSERT(report_item); - - my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), - "create view", thd->security_ctx->priv_user, + + if (!final_priv && report_item) + { + my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), + "create view", thd->security_ctx->priv_user, thd->security_ctx->priv_host, report_item->name, - view->table_name); - res= TRUE; - goto err; + view->table_name); + res= TRUE; + goto err; } } #endif |