summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGeorgi Kodinov <kgeorge@mysql.com>2009-02-25 12:19:29 +0200
committerGeorgi Kodinov <kgeorge@mysql.com>2009-02-25 12:19:29 +0200
commit620438fdaef079216609bfcb0a8cb7b58c950e1e (patch)
treeb87b94d4e99c05d39b544d049937c8e376a8e9dc
parente60b9650c0ec3e956141710bd141d001abb831fb (diff)
downloadmariadb-git-620438fdaef079216609bfcb0a8cb7b58c950e1e.tar.gz
backport the fix for bug #37191 to 5.1-bugteam
-rw-r--r--mysql-test/r/view_grant.result21
-rw-r--r--mysql-test/t/view_grant.test38
-rw-r--r--sql/sql_view.cc52
3 files changed, 90 insertions, 21 deletions
diff --git a/mysql-test/r/view_grant.result b/mysql-test/r/view_grant.result
index 1821e50e294..3e280e47bee 100644
--- a/mysql-test/r/view_grant.result
+++ b/mysql-test/r/view_grant.result
@@ -956,6 +956,27 @@ Warnings:
Warning 1356 View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
DROP VIEW v1;
DROP TABLE t1;
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+USE mysqltest1;
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+SELECT * FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+SELECT b FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
End of 5.1 tests.
CREATE USER mysqluser1@localhost;
CREATE DATABASE mysqltest1;
diff --git a/mysql-test/t/view_grant.test b/mysql-test/t/view_grant.test
index 4e8d97e4444..f3794a6ba73 100644
--- a/mysql-test/t/view_grant.test
+++ b/mysql-test/t/view_grant.test
@@ -1218,6 +1218,44 @@ SHOW CREATE VIEW v1;
DROP VIEW v1;
DROP TABLE t1;
+#
+# Bug#37191: Failed assertion in CREATE VIEW
+#
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+
+USE mysqltest1;
+
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+
+--connect (connection1, localhost, mysqluser1, , mysqltest1)
+
+--echo This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT * FROM v1;
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT b FROM v1;
+
+--disconnect connection1
+--connection default
+
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
+
--echo End of 5.1 tests.
#
diff --git a/sql/sql_view.cc b/sql/sql_view.cc
index be66f7c2d80..b6ea6579d08 100644
--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
fill_effective_table_privileges(thd, &view->grant, view->db,
view->table_name);
+ /*
+ Make sure that the current user does not have more column-level privileges
+ on the newly created view than he/she does on the underlying
+ tables. E.g. it must not be so that the user has UPDATE privileges on a
+ view column of he/she doesn't have it on the underlying table's
+ corresponding column. In that case, return an error for CREATE VIEW.
+ */
{
Item *report_item= NULL;
+ /*
+ This will hold the intersection of the priviliges on all columns in the
+ view.
+ */
uint final_priv= VIEW_ANY_ACL;
-
- for (sl= select_lex; sl; sl= sl->next_select())
- {
- DBUG_ASSERT(view->db); /* Must be set in the parser */
- List_iterator_fast<Item> it(sl->item_list);
- Item *item;
- while ((item= it++))
+
+ for (sl= select_lex; sl; sl= sl->next_select())
{
+ DBUG_ASSERT(view->db); /* Must be set in the parser */
+ List_iterator_fast<Item> it(sl->item_list);
+ Item *item;
+ while ((item= it++))
+ {
Item_field *fld= item->filed_for_view_update();
- uint priv= (get_column_grant(thd, &view->grant, view->db,
- view->table_name, item->name) &
- VIEW_ANY_ACL);
+ uint priv= (get_column_grant(thd, &view->grant, view->db,
+ view->table_name, item->name) &
+ VIEW_ANY_ACL);
if (fld && !fld->field->table->s->tmp_table)
- {
+ {
+
final_priv&= fld->have_privileges;
if (~fld->have_privileges & priv)
@@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
}
}
}
-
- if (!final_priv)
- {
- DBUG_ASSERT(report_item);
-
- my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
- "create view", thd->security_ctx->priv_user,
+
+ if (!final_priv && report_item)
+ {
+ my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
+ "create view", thd->security_ctx->priv_user,
thd->security_ctx->priv_host, report_item->name,
- view->table_name);
- res= TRUE;
- goto err;
+ view->table_name);
+ res= TRUE;
+ goto err;
}
}
#endif