diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2022-06-13 14:37:59 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2022-11-01 16:33:00 +0100 |
| commit | 594bed9b427704001fc4beca9943006a605305f4 (patch) | |
| tree | 62fe26dcdaded3b8b05ccf1ad9afaee2f1bdf035 /mysql-test/main | |
| parent | 749c12782298dce721656cd357e339643a7d8af4 (diff) | |
| download | mariadb-git-594bed9b427704001fc4beca9943006a605305f4.tar.gz | |
MDEV-5215 prerequisite: remove test and test_* database hacks in the test suite
Diffstat (limited to 'mysql-test/main')
73 files changed, 403 insertions, 319 deletions
diff --git a/mysql-test/main/brackets.result b/mysql-test/main/brackets.result index 3fd19ef968a..f87afdc0f47 100644 --- a/mysql-test/main/brackets.result +++ b/mysql-test/main/brackets.result @@ -489,8 +489,6 @@ drop table t1; # select * from ( mysql.db ); Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv Event_priv Trigger_priv Delete_history_priv -% test Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y -% test\_% Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y create table t1 (a int); insert into t1 values (7), (2), (7); select * from (t1); diff --git a/mysql-test/main/concurrent_innodb_safelog.result b/mysql-test/main/concurrent_innodb_safelog.result index 7d120547570..40f89c7c65b 100644 --- a/mysql-test/main/concurrent_innodb_safelog.result +++ b/mysql-test/main/concurrent_innodb_safelog.result @@ -7,7 +7,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation REPEATABLE-READ # keep_locks == 1 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/concurrent_innodb_unsafelog.result b/mysql-test/main/concurrent_innodb_unsafelog.result index 9ae80328c0b..3771438bc66 100644 --- a/mysql-test/main/concurrent_innodb_unsafelog.result +++ b/mysql-test/main/concurrent_innodb_unsafelog.result @@ -8,7 +8,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation READ-COMMITTED # keep_locks == 0 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/create_drop_role.result b/mysql-test/main/create_drop_role.result index b7ec45daeae..7f43751c007 100644 --- a/mysql-test/main/create_drop_role.result +++ b/mysql-test/main/create_drop_role.result @@ -51,7 +51,6 @@ u1@localhost SHOW DATABASES; Database information_schema -test SELECT CURRENT_ROLE; CURRENT_ROLE NULL diff --git a/mysql-test/main/cte_grant.result b/mysql-test/main/cte_grant.result index 96588d26b6c..7a982fcee9a 100644 --- a/mysql-test/main/cte_grant.result +++ b/mysql-test/main/cte_grant.result @@ -2,7 +2,7 @@ connect root,localhost,root,,test; connection root; create database mysqltest; create user mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; connection root; create table mysqltest.t1 (a int, b int); @@ -77,8 +77,7 @@ values (3,10), (7,11), (1,17), (4,15), (2,11), (3,10), (1,15); create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; -connect con1,localhost,foo,,; -use db; +connect con1,localhost,foo,,db; with cte as (select * from t1 where i < 4) select * from cte; i diff --git a/mysql-test/main/cte_grant.test b/mysql-test/main/cte_grant.test index c6627c05829..3e6d5009569 100644 --- a/mysql-test/main/cte_grant.test +++ b/mysql-test/main/cte_grant.test @@ -12,7 +12,7 @@ create database mysqltest; --enable_warnings create user mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; connection root; @@ -96,8 +96,7 @@ create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; ---connect (con1,localhost,foo,,) -use db; +--connect (con1,localhost,foo,,db) with cte as (select * from t1 where i < 4) select * from cte; with cte as (select * from t1 where i < 4 group by i) diff --git a/mysql-test/main/delete_returning_grant.result b/mysql-test/main/delete_returning_grant.result index b41d48a7112..30fdf41cf67 100644 --- a/mysql-test/main/delete_returning_grant.result +++ b/mysql-test/main/delete_returning_grant.result @@ -10,6 +10,7 @@ CREATE DATABASE mysqltest; CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect user1,localhost,mysqltest_1,,test; connection user1; DELETE FROM mysqltest.t1 WHERE a=2 RETURNING b; diff --git a/mysql-test/main/delete_returning_grant.test b/mysql-test/main/delete_returning_grant.test index 67613603a72..d21af392261 100644 --- a/mysql-test/main/delete_returning_grant.test +++ b/mysql-test/main/delete_returning_grant.test @@ -23,6 +23,7 @@ CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect (user1,localhost,mysqltest_1,,test); diff --git a/mysql-test/main/derived.result b/mysql-test/main/derived.result index b6310f1a09f..0d38dd2f966 100644 --- a/mysql-test/main/derived.result +++ b/mysql-test/main/derived.result @@ -205,6 +205,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; x 1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK; connection con1; diff --git a/mysql-test/main/derived.test b/mysql-test/main/derived.test index 904114e33b9..c839ba93a86 100644 --- a/mysql-test/main/derived.test +++ b/mysql-test/main/derived.test @@ -109,6 +109,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; # # Connect without a database as user mysqltest_1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect (con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK); connection con1; diff --git a/mysql-test/main/events_grant.result b/mysql-test/main/events_grant.result index 5bdbbf0f8f1..5952097a8d2 100644 --- a/mysql-test/main/events_grant.result +++ b/mysql-test/main/events_grant.result @@ -13,6 +13,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; connect ev_con1,localhost,ev_test,,events_test2; select "NEW CONNECTION"; @@ -24,6 +25,7 @@ ev_test@localhost events_test2 SHOW GRANTS; Grants for ev_test@localhost GRANT USAGE ON *.* TO `ev_test`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `ev_test`@`localhost` GRANT ALL PRIVILEGES ON `events_test`.* TO `ev_test`@`localhost` GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER, DELETE HISTORY ON `events_test2`.* TO `ev_test`@`localhost` "Here comes an error:"; diff --git a/mysql-test/main/events_grant.test b/mysql-test/main/events_grant.test index cd5b6911542..2fe39a6cf2d 100644 --- a/mysql-test/main/events_grant.test +++ b/mysql-test/main/events_grant.test @@ -16,6 +16,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; #now we are on con1 connect (ev_con1,localhost,ev_test,,events_test2); diff --git a/mysql-test/main/flush_notembedded.result b/mysql-test/main/flush_notembedded.result index 25ddeba17d3..b0fa8a6dfbc 100644 --- a/mysql-test/main/flush_notembedded.result +++ b/mysql-test/main/flush_notembedded.result @@ -9,6 +9,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; flush tables mysqltest1.t1 for export; ERROR 42000: Access denied for user 'u1'@'localhost' to database 'mysqltest1' diff --git a/mysql-test/main/flush_notembedded.test b/mysql-test/main/flush_notembedded.test index af3b8a00c55..193ac026cb4 100644 --- a/mysql-test/main/flush_notembedded.test +++ b/mysql-test/main/flush_notembedded.test @@ -13,6 +13,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; error ER_DBACCESS_DENIED_ERROR; flush tables mysqltest1.t1 for export; diff --git a/mysql-test/main/grant.result b/mysql-test/main/grant.result index 5e86ea3d810..9e0ec851a85 100644 --- a/mysql-test/main/grant.result +++ b/mysql-test/main/grant.result @@ -517,7 +517,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect conn1,localhost,mysqltest_3,,; +connect conn1,localhost,mysqltest_3,,"*NO-ONE*",; connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -859,24 +859,29 @@ mysqltest_8 '%' mysqltest_8 'host8' Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8; show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE 'mysqltest_8'@'%' def mysqltest SELECT NO +'mysqltest_8'@'%' def test SELECT NO connect conn3,localhost,mysqltest_8,,; select * from t1; a @@ -886,25 +891,31 @@ revoke select on mysqltest.* from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE +'mysqltest_8'@'%' def test SELECT NO flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@''; flush privileges; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` revoke select on mysqltest.* from mysqltest_8@''; flush privileges; Column privileges @@ -913,19 +924,23 @@ grant update (a) on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -939,37 +954,45 @@ revoke update (a) on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` Table privileges grant update on t1 to mysqltest_8@''; grant update on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -985,9 +1008,11 @@ revoke update on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE 'mariadb.sys'@'localhost' def mysql global_priv SELECT NO @@ -996,9 +1021,11 @@ flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` "DROP USER" should clear privileges grant all privileges on mysqltest.* to mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@''; @@ -1008,11 +1035,13 @@ grant all privileges on mysqltest.* to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.user_privileges @@ -1030,11 +1059,13 @@ show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` drop user mysqltest_8@''; show grants for mysqltest_8@''; @@ -1066,7 +1097,7 @@ GRANT SHOW VIEW ON mysqltest2.v_ny TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,; +connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"; SHOW CREATE VIEW mysqltest2.v_nn; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest2`.`v_nn` SHOW CREATE TABLE mysqltest2.v_nn; @@ -1550,7 +1581,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv mysqltest1 f1 FUNCTION Execute mysqltest1 p1 PROCEDURE Execute -connect bug36544_con1,localhost,mysqluser1,,; +connect bug36544_con1,localhost,mysqluser1,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1579,7 +1610,7 @@ Grants for mysqluser1@localhost GRANT USAGE ON *.* TO `mysqluser1`@`localhost` select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; db routine_name routine_type proc_priv -connect bug36544_con2,localhost,mysqluser1,,; +connect bug36544_con2,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access any of the routines. call mysqltest1.p1(); ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1' @@ -1661,7 +1692,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; db table_name table_priv -connect bug36544_con3,localhost,mysqluser1,,; +connect bug36544_con3,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access to any of the # stored routines or tables. call mysqltest1.p1(); @@ -1693,7 +1724,7 @@ select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10 db table_name table_priv mysqltest1 t11 Select mysqltest1 t22 Select -connect bug36544_con4,localhost,mysqluser10,,; +connect bug36544_con4,localhost,mysqluser10,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1826,7 +1857,7 @@ SHOW GRANTS FOR 'user1'@'localhost'; Grants for user1@localhost GRANT USAGE ON *.* TO `user1`@`localhost` GRANT CREATE, CREATE ROUTINE ON `db1`.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; ** Connect as user1 and create a procedure. ** The creation will imply implicitly assigned ** EXECUTE and ALTER ROUTINE privileges to @@ -1843,7 +1874,7 @@ BEGIN SET @x = 0; REPEAT SET @x = @x + 1; UNTIL @x > p1 END REPEAT; END ;|| -connect con2,localhost,user2,,; +connect con2,localhost,user2,,"*NO-ONE*"; ** Connect as user2 and create a procedure. ** Implicitly assignment of privileges will ** fail because the user2@localhost is an @@ -2676,13 +2707,13 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` disconnect con1; connection default; rename table mysql.procs_priv to mysql.procs_priv1; @@ -2701,9 +2732,9 @@ show grants for foo@localhost; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; # # Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS @@ -2713,14 +2744,13 @@ DROP DATABASE IF EXISTS secret; DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect con1, localhost, untrusted; +connect con1, localhost, untrusted,,"*NO-ONE*"; SHOW GRANTS; Grants for untrusted@localhost GRANT USAGE ON *.* TO `untrusted`@`localhost` SHOW DATABASES; Database information_schema -test # Both statements below should fail with the same error. # They used to give different errors, thereby # hinting that the secret database exists. @@ -2780,7 +2810,7 @@ DROP USER dummy@localhost; CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); -connect con1,localhost,foo,,; +connect con1,localhost,foo,,"*NO-ONE*"; GRANT ALL ON db.t TO foo; ERROR 42000: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW ... command denied to user 'foo'@'localhost' for table `db`.`t` GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT OPTION, REFERENCES, @@ -2834,12 +2864,14 @@ DROP USER bar3@localhost; # # MDEV-17946 : Unsorted acl_dbs after RENAME USER # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; # # End of 10.4 tests # diff --git a/mysql-test/main/grant.test b/mysql-test/main/grant.test index a243967a9c7..69bb050778d 100644 --- a/mysql-test/main/grant.test +++ b/mysql-test/main/grant.test @@ -327,7 +327,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect (conn1,localhost,mysqltest_3,,); +connect (conn1,localhost,mysqltest_3,,"*NO-ONE*",); connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -596,6 +596,7 @@ select user, QUOTE(host) from mysql.user where user="mysqltest_8"; --echo Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; @@ -723,7 +724,7 @@ GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,); +connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"); # fail because of missing SHOW VIEW (have generic SELECT) --error ER_TABLEACCESS_DENIED_ERROR @@ -1369,7 +1370,7 @@ grant execute on procedure mysqltest1.p1 to mysqluser1@localhost; --echo # in privilege tables and in in-memory structures. show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con1,localhost,mysqluser1,,) +--connect (bug36544_con1,localhost,mysqluser1,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); @@ -1396,7 +1397,7 @@ select mysqltest1.f1(); create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con2,localhost,mysqluser1,,) +--connect (bug36544_con2,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access any of the routines. --error ER_PROCACCESS_DENIED_ERROR call mysqltest1.p1(); @@ -1463,7 +1464,7 @@ create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con3,localhost,mysqluser1,,) +--connect (bug36544_con3,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access to any of the --echo # stored routines or tables. --error ER_PROCACCESS_DENIED_ERROR @@ -1484,7 +1485,7 @@ select * from mysqltest1.t22; show grants for mysqluser10@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser10' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10' and host='localhost'; ---connect (bug36544_con4,localhost,mysqluser10,,) +--connect (bug36544_con4,localhost,mysqluser10,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); select * from mysqltest1.t11; @@ -1677,7 +1678,7 @@ GRANT CREATE ON db1.* TO 'user2'@'%'; GRANT CREATE ROUTINE ON db1.* TO 'user2'@'%'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'user1'@'localhost'; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); --echo ** Connect as user1 and create a procedure. --echo ** The creation will imply implicitly assigned --echo ** EXECUTE and ALTER ROUTINE privileges to @@ -1693,7 +1694,7 @@ CREATE PROCEDURE db1.proc1(p1 INT) END ;|| DELIMITER ;|| -connect (con2,localhost,user2,,); +connect (con2,localhost,user2,,"*NO-ONE*"); --echo ** Connect as user2 and create a procedure. --echo ** Implicitly assignment of privileges will --echo ** fail because the user2@localhost is an @@ -2170,7 +2171,7 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; disconnect con1; @@ -2183,7 +2184,7 @@ show grants for foo@localhost; flush privileges; show grants for foo@localhost; drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; @@ -2200,7 +2201,7 @@ DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect (con1, localhost, untrusted); +connect (con1, localhost, untrusted,,"*NO-ONE*"); SHOW GRANTS; SHOW DATABASES; @@ -2265,7 +2266,7 @@ CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,"*NO-ONE*") --error ER_TABLEACCESS_DENIED_ERROR GRANT ALL ON db.t TO foo; @@ -2336,12 +2337,14 @@ DROP USER bar3@localhost; --echo # --echo # MDEV-17946 : Unsorted acl_dbs after RENAME USER --echo # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; --echo # --echo # End of 10.4 tests diff --git a/mysql-test/main/grant2.result b/mysql-test/main/grant2.result index 9d9b4c80292..0192c83296a 100644 --- a/mysql-test/main/grant2.result +++ b/mysql-test/main/grant2.result @@ -12,7 +12,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect user_a,localhost,mysqltest_1,,; +connect user_a,localhost,mysqltest_1,,"*NO-ONE*"; connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; @@ -20,14 +20,14 @@ ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect user_b,localhost,mysqltest_1,,; +connect user_b,localhost,mysqltest_1,,"*NO-ONE*"; connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect user_c,localhost,mysqltest_1,,; +connect user_c,localhost,mysqltest_1,,"*NO-ONE*"; connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -40,7 +40,7 @@ delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select current_user(); current_user() @@ -73,7 +73,7 @@ delete from mysql.db where user like 'mysqltest\_%'; flush privileges; create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect user2,localhost,mysqltest_1,,; +connect user2,localhost,mysqltest_1,,"*NO-ONE*"; connection user2; select current_user(); current_user() @@ -82,7 +82,6 @@ show databases; Database information_schema mysqltest_1 -test grant all privileges on `mysqltest_1`.* to mysqltest_1@localhost with grant option; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest_1' disconnect user2; @@ -157,7 +156,7 @@ disconnect con9; connection default; create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect con10,localhost,mysqltest_1,,; +connect con10,localhost,mysqltest_1,,"*NO-ONE*"; connection con10; set sql_log_off = 1; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation @@ -309,7 +308,7 @@ GRANT SELECT ON "mysql".* TO "%@a"@"a" drop user '%@a'@'a'; create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect user3,localhost,mysqltest_2,,; +connect user3,localhost,mysqltest_2,,"*NO-ONE*"; connection user3; select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table `mysql`.`user` @@ -321,7 +320,7 @@ connection default; drop user mysqltest_2@localhost; create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect user4,localhost,mysqltest_3,,; +connect user4,localhost,mysqltest_3,,"*NO-ONE*"; connection user4; show grants; Grants for mysqltest_3@localhost @@ -390,7 +389,7 @@ revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0'; delete from mysql.user where user like 'mysqltest\_1'; flush privileges; drop database mysqltest_1; -connect n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection n5; set password = password("changed"); ERROR 42000: You are using MariaDB as an anonymous user and anonymous users are not allowed to modify user settings @@ -496,13 +495,13 @@ drop database mysqltest_2; drop user mysqltest_u1@localhost; grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect con18600_1,localhost,mysqltest_1,,; +connect con18600_1,localhost,mysqltest_1,,"*NO-ONE*"; create database mysqltest_1; use mysqltest_1; create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect con3,localhost,mysqltest_2,,; +connect con3,localhost,mysqltest_2,,"*NO-ONE*"; connection con3; create database mysqltest_3; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest_3' @@ -527,7 +526,7 @@ CREATE TABLE t2 (b INT, c INT); INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect conn1,localhost,mysqltest1,,; +connect conn1,localhost,mysqltest1,,"*NO-ONE*"; connection conn1; USE db1; SELECT c FROM t2; diff --git a/mysql-test/main/grant2.test b/mysql-test/main/grant2.test index b8098488709..2866aeb348a 100644 --- a/mysql-test/main/grant2.test +++ b/mysql-test/main/grant2.test @@ -30,7 +30,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect (user_a,localhost,mysqltest_1,,); +connect (user_a,localhost,mysqltest_1,,"*NO-ONE*"); connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; --error ER_DBACCESS_DENIED_ERROR @@ -38,14 +38,14 @@ grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect (user_b,localhost,mysqltest_1,,); +connect (user_b,localhost,mysqltest_1,,"*NO-ONE*"); connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect (user_c,localhost,mysqltest_1,,); +connect (user_c,localhost,mysqltest_1,,"*NO-ONE*"); connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -63,7 +63,7 @@ flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select current_user(); grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option; @@ -97,7 +97,7 @@ flush privileges; # create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect (user2,localhost,mysqltest_1,,); +connect (user2,localhost,mysqltest_1,,"*NO-ONE*"); connection user2; select current_user(); show databases; @@ -198,7 +198,7 @@ connection default; # create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect (con10,localhost,mysqltest_1,,); +connect (con10,localhost,mysqltest_1,,"*NO-ONE*"); connection con10; --error ER_SPECIFIC_ACCESS_DENIED_ERROR set sql_log_off = 1; @@ -342,7 +342,7 @@ drop user '%@a'@'a'; # create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect (user3,localhost,mysqltest_2,,); +connect (user3,localhost,mysqltest_2,,"*NO-ONE*"); connection user3; --error ER_TABLEACCESS_DENIED_ERROR select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; @@ -356,7 +356,7 @@ drop user mysqltest_2@localhost; # INSERT/UPDATE/DELETE is ok too create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect (user4,localhost,mysqltest_3,,); +connect (user4,localhost,mysqltest_3,,"*NO-ONE*"); connection user4; show grants; --error ER_TABLEACCESS_DENIED_ERROR @@ -420,7 +420,7 @@ drop database mysqltest_1; --source include/add_anonymous_users.inc # But anonymous users can't change their password -connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); connection n5; --error ER_PASSWORD_ANONYMOUS_USER set password = password("changed"); @@ -589,7 +589,7 @@ drop user mysqltest_u1@localhost; # grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect (con18600_1,localhost,mysqltest_1,,); +connect (con18600_1,localhost,mysqltest_1,,"*NO-ONE*"); create database mysqltest_1; use mysqltest_1; @@ -597,7 +597,7 @@ create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect (con3,localhost,mysqltest_2,,); +connect (con3,localhost,mysqltest_2,,"*NO-ONE*"); connection con3; --error ER_DBACCESS_DENIED_ERROR create database mysqltest_3; @@ -631,7 +631,7 @@ INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect (conn1,localhost,mysqltest1,,); +connect (conn1,localhost,mysqltest1,,"*NO-ONE*"); connection conn1; USE db1; --error ER_COLUMNACCESS_DENIED_ERROR diff --git a/mysql-test/main/grant3.result b/mysql-test/main/grant3.result index 160153b1674..a2869da4268 100644 --- a/mysql-test/main/grant3.result +++ b/mysql-test/main/grant3.result @@ -201,6 +201,7 @@ set global sql_mode=default; create database db1; create user foo@localhost; grant create on db1.* to foo@localhost; +grant all privileges on test.* to foo@localhost; connect foo,localhost,foo; create temporary table t as values (1),(2),(3); use db1; diff --git a/mysql-test/main/grant3.test b/mysql-test/main/grant3.test index 5337d59efd8..7842233d9bd 100644 --- a/mysql-test/main/grant3.test +++ b/mysql-test/main/grant3.test @@ -214,6 +214,7 @@ set global sql_mode=default; create database db1; create user foo@localhost; grant create on db1.* to foo@localhost; +grant all privileges on test.* to foo@localhost; connect foo,localhost,foo; create temporary table t as values (1),(2),(3); use db1; diff --git a/mysql-test/main/grant_cache_no_prot.result b/mysql-test/main/grant_cache_no_prot.result index 1ecfc308422..daf382d65d3 100644 --- a/mysql-test/main/grant_cache_no_prot.result +++ b/mysql-test/main/grant_cache_no_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_cache_ps_prot.result b/mysql-test/main/grant_cache_ps_prot.result index d6f343d6459..0fde04ac0f3 100644 --- a/mysql-test/main/grant_cache_ps_prot.result +++ b/mysql-test/main/grant_cache_ps_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_read_only.result b/mysql-test/main/grant_read_only.result index e7855dc9411..18d97cc412f 100644 --- a/mysql-test/main/grant_read_only.result +++ b/mysql-test/main/grant_read_only.result @@ -27,10 +27,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; @@ -50,10 +50,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; diff --git a/mysql-test/main/grant_read_only.test b/mysql-test/main/grant_read_only.test index a951987fa7f..f42bb24fe83 100644 --- a/mysql-test/main/grant_read_only.test +++ b/mysql-test/main/grant_read_only.test @@ -36,7 +36,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; @@ -61,7 +61,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; diff --git a/mysql-test/main/information_schema.result b/mysql-test/main/information_schema.result index 88026081e89..5b815d3f433 100644 --- a/mysql-test/main/information_schema.result +++ b/mysql-test/main/information_schema.result @@ -842,7 +842,7 @@ Database Table In_use Name_locked mysql user 0 0 show status where variable_name like "%database%"; Variable_name Value -Acl_database_grants 2 +Acl_database_grants 0 Com_show_databases 3 show variables where variable_name like "skip_show_databas"; Variable_name Value diff --git a/mysql-test/main/information_schema_db.result b/mysql-test/main/information_schema_db.result index 6a6e5c49851..725b1a125ad 100644 --- a/mysql-test/main/information_schema_db.result +++ b/mysql-test/main/information_schema_db.result @@ -40,7 +40,7 @@ create table t1 (f1 int(10) unsigned not null, f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select * from information_schema.tables; call mbase.p1(); @@ -93,8 +93,7 @@ create user testdb_1@localhost; grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect testdb_1,localhost,testdb_1,,test; -use testdb_1; +connect testdb_1,localhost,testdb_1,,testdb_1; create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -221,7 +220,7 @@ create table testdb_1.t1 (a int); create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/information_schema_db.test b/mysql-test/main/information_schema_db.test index e60557a9526..fabc42e38b8 100644 --- a/mysql-test/main/information_schema_db.test +++ b/mysql-test/main/information_schema_db.test @@ -62,7 +62,7 @@ create table t1 f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; --disable_result_log select * from information_schema.tables; @@ -122,8 +122,7 @@ grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect (testdb_1,localhost,testdb_1,,test); -use testdb_1; +connect (testdb_1,localhost,testdb_1,,testdb_1); create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -234,7 +233,7 @@ create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/init_connect.result b/mysql-test/main/init_connect.result index 1476d846078..876a6a14b4e 100644 --- a/mysql-test/main/init_connect.result +++ b/mysql-test/main/init_connect.result @@ -1,23 +1,23 @@ -connect con0,localhost,root,,test; +connect con0,localhost,root,,; connection con0; select hex(@a); hex(@a) NULL -connect con1,localhost,user_1,,test; +connect con1,localhost,user_1,,"*NO-ONE*"; connection con1; select hex(@a); hex(@a) 610063 connection con0; set global init_connect="set @a=2;set @b=3"; -connect con2,localhost,user_1,,test; +connect con2,localhost,user_1,,"*NO-ONE*"; connection con2; select @a, @b; @a @b 2 3 connection con0; set GLOBAL init_connect=DEFAULT; -connect con3,localhost,user_1,,test; +connect con3,localhost,user_1,,"*NO-ONE*"; connection con3; select @a; @a @@ -25,6 +25,8 @@ NULL connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect con4,localhost,user_1,,test; connection con4; select hex(a) from t1; @@ -46,6 +48,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; End of 4.1 tests create table t1 (x int); insert into t1 values (3), (5), (7); diff --git a/mysql-test/main/init_connect.test b/mysql-test/main/init_connect.test index 60549c3458e..c210ea10850 100644 --- a/mysql-test/main/init_connect.test +++ b/mysql-test/main/init_connect.test @@ -10,25 +10,27 @@ --source include/add_anonymous_users.inc -connect (con0,localhost,root,,test); +connect (con0,localhost,root,,); connection con0; select hex(@a); -connect (con1,localhost,user_1,,test); +connect (con1,localhost,user_1,,"*NO-ONE*"); connection con1; select hex(@a); connection con0; set global init_connect="set @a=2;set @b=3"; -connect (con2,localhost,user_1,,test); +connect (con2,localhost,user_1,,"*NO-ONE*"); connection con2; select @a, @b; connection con0; set GLOBAL init_connect=DEFAULT; -connect (con3,localhost,user_1,,test); +connect (con3,localhost,user_1,,"*NO-ONE*"); connection con3; select @a; connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect (con4,localhost,user_1,,test); connection con4; select hex(a) from t1; @@ -54,6 +56,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; --source include/delete_anonymous_users.inc diff --git a/mysql-test/main/invisible_field_grant_completely.result b/mysql-test/main/invisible_field_grant_completely.result index b1b313072b2..f0992baf7b1 100644 --- a/mysql-test/main/invisible_field_grant_completely.result +++ b/mysql-test/main/invisible_field_grant_completely.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_completely.test b/mysql-test/main/invisible_field_grant_completely.test index aeca66b97d2..b27071ada56 100644 --- a/mysql-test/main/invisible_field_grant_completely.test +++ b/mysql-test/main/invisible_field_grant_completely.test @@ -21,10 +21,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/invisible_field_grant_system.result b/mysql-test/main/invisible_field_grant_system.result index d2e40c391c4..86e40736f11 100644 --- a/mysql-test/main/invisible_field_grant_system.result +++ b/mysql-test/main/invisible_field_grant_system.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_system.test b/mysql-test/main/invisible_field_grant_system.test index fd54ea72a5a..04ea5f14be1 100644 --- a/mysql-test/main/invisible_field_grant_system.test +++ b/mysql-test/main/invisible_field_grant_system.test @@ -18,10 +18,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/join_cache.result b/mysql-test/main/join_cache.result index b32a278d3a1..938167035a2 100644 --- a/mysql-test/main/join_cache.result +++ b/mysql-test/main/join_cache.result @@ -6056,8 +6056,7 @@ SET join_cache_level = 3; explain SELECT * FROM INFORMATION_SCHEMA.PROFILING, mysql.db WHERE Select_priv = PAGE_FAULTS_MINOR; id select_type table type possible_keys key key_len ref rows Extra -1 SIMPLE PROFILING ALL NULL NULL NULL NULL NULL Using where -1 SIMPLE db hash_ALL NULL #hash#$hj 1 information_schema.PROFILING.PAGE_FAULTS_MINOR 2 Using where; Using join buffer (flat, BNLH join) +1 SIMPLE NULL NULL NULL NULL NULL NULL NULL Impossible WHERE noticed after reading const tables set join_cache_level=@save_join_cache_level; create table t1 (c1 date not null, key (c1)) engine=innodb; insert t1 values ('2017-12-27'); diff --git a/mysql-test/main/lock_multi.result b/mysql-test/main/lock_multi.result index 30cd63e60ed..52196d835ec 100644 --- a/mysql-test/main/lock_multi.result +++ b/mysql-test/main/lock_multi.result @@ -128,7 +128,6 @@ mysql.global_priv optimize status OK UNLOCK TABLES; connection reader; host -localhost USE test; connection locker; use test; diff --git a/mysql-test/main/lock_view.result b/mysql-test/main/lock_view.result index 47a7e58ea0d..8137300f3e3 100644 --- a/mysql-test/main/lock_view.result +++ b/mysql-test/main/lock_view.result @@ -181,7 +181,6 @@ information_schema mysqltest1 mysqltest2 performance_schema -test lock table mysqltest3.v3ps write; select * from mysqltest3.v3ps; user diff --git a/mysql-test/main/long_host.result b/mysql-test/main/long_host.result index 57b637de587..52b479b66f7 100644 --- a/mysql-test/main/long_host.result +++ b/mysql-test/main/long_host.result @@ -20,7 +20,7 @@ create table mariadbtestdb.t3 (a int); SET @saved_dbug = @@GLOBAL.debug_dbug; set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,getaddrinfo_fake_good_ipv4"; # check connect -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select current_user(); current_user() @@ -43,7 +43,7 @@ a connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1` @@ -53,7 +53,7 @@ ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_3456 connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -66,7 +66,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -79,7 +79,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1` @@ -96,6 +96,7 @@ CREATE ROLE role5678901_345678902_345678903_345678904_345678905_345678906_345678 ERROR HY000: String 'role5678901_345678902_345678903_345678904_345678905_345678906_34567...' is too long for user name (should be no longer than 128) grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; diff --git a/mysql-test/main/long_host.test b/mysql-test/main/long_host.test index 0c082bf6fb4..301744a1f11 100644 --- a/mysql-test/main/long_host.test +++ b/mysql-test/main/long_host.test @@ -36,7 +36,7 @@ set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,ge --echo # check connect -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select current_user(); @@ -61,7 +61,7 @@ select * from mariadbtestdb2.t2; connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -74,7 +74,7 @@ select * from mariadbtestdb2.t2; connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -87,7 +87,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -101,7 +101,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -126,6 +126,8 @@ grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_34567890 REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; + grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; diff --git a/mysql-test/main/mysql_upgrade_to_100502.result b/mysql-test/main/mysql_upgrade_to_100502.result index 15095809092..7235b16aa5a 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.result +++ b/mysql-test/main/mysql_upgrade_to_100502.result @@ -84,15 +84,15 @@ GRANT BINLOG MONITOR, SLAVE MONITOR ON *.* TO `user_replclient`@`localhost` SHOW GRANTS FOR user_replslave@localhost; Grants for user_replslave@localhost GRANT REPLICATION SLAVE, SLAVE MONITOR ON *.* TO `user_replslave`@`localhost` -connect con1,localhost,user_super_replslave,,test; +connect con1,localhost,user_super_replslave,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replclient,,test; +connect con1,localhost,user_replclient,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replslave,,test; +connect con1,localhost,user_replslave,,"*NO-ONE*"; connection con1; SHOW RELAYLOG EVENTS; disconnect con1; diff --git a/mysql-test/main/mysql_upgrade_to_100502.test b/mysql-test/main/mysql_upgrade_to_100502.test index b5a44080f17..fc47f0c94aa 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.test +++ b/mysql-test/main/mysql_upgrade_to_100502.test @@ -87,21 +87,21 @@ SHOW GRANTS FOR user_replclient@localhost; --echo # SHOW GRANTS FOR user_replslave@localhost; ---connect (con1,localhost,user_super_replslave,,test) +--connect (con1,localhost,user_super_replslave,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replclient,,test) +--connect (con1,localhost,user_replclient,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replslave,,test) +--connect (con1,localhost,user_replslave,,"*NO-ONE*") --connection con1 --disable_ps_protocol --disable_result_log diff --git a/mysql-test/main/mysqldump.result b/mysql-test/main/mysqldump.result index 0191238ce71..1e827ac6e59 100644 --- a/mysql-test/main/mysqldump.result +++ b/mysql-test/main/mysqldump.result @@ -3727,6 +3727,7 @@ use test; # Bug#21215 mysqldump creating incomplete backups without warning # create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); reset master; mysqldump: Couldn't execute 'FLUSH /*!40101 LOCAL */ TABLES': Access denied; you need (at least one of) the RELOAD privilege(s) for this operation (1227) @@ -5784,6 +5785,8 @@ drop tables t2, t1; # MDEV-22037: Add ability to skip content of some tables # (work around for MDEV-20939) # +create user a; +grant SELECT on test.* to a; use mysql; # check that all tables we need are not empty select count(*) >= 1 from mysql.proc; @@ -5797,6 +5800,7 @@ FOUND 1 /INSERT INTO `proc`/ in MDEV-20939.sql NOT FOUND /INSERT INTO `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `proc`/ in MDEV-20939.sql +drop user a; use test; # End of 10.1 tests # diff --git a/mysql-test/main/mysqldump.test b/mysql-test/main/mysqldump.test index c03ae71b539..d9020791289 100644 --- a/mysql-test/main/mysqldump.test +++ b/mysql-test/main/mysqldump.test @@ -1381,6 +1381,7 @@ use test; # Create user without sufficient privs to perform the requested operation create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); # To get consistent output, reset the master, starts over from first log @@ -2696,6 +2697,8 @@ drop tables t2, t1; --echo # (work around for MDEV-20939) --echo # +create user a; +grant SELECT on test.* to a; use mysql; --echo # check that all tables we need are not empty @@ -2721,6 +2724,7 @@ let SEARCH_PATTERN=CREATE TABLE `proc`; source include/search_pattern_in_file.inc; --remove_file $MYSQLTEST_VARDIR/tmp/MDEV-20939.sql +drop user a; use test; --echo # End of 10.1 tests diff --git a/mysql-test/main/not_embedded_server.result b/mysql-test/main/not_embedded_server.result index 0b952f93ad8..19e862e07a5 100644 --- a/mysql-test/main/not_embedded_server.result +++ b/mysql-test/main/not_embedded_server.result @@ -31,6 +31,7 @@ CREATE TABLE t2 (key2 INT); INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; connect con1,localhost,nopriv_user,,; connection con1; diff --git a/mysql-test/main/not_embedded_server.test b/mysql-test/main/not_embedded_server.test index 20f75db25d5..079c0c85bcd 100644 --- a/mysql-test/main/not_embedded_server.test +++ b/mysql-test/main/not_embedded_server.test @@ -59,6 +59,7 @@ INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; diff --git a/mysql-test/main/partition_symlink.result b/mysql-test/main/partition_symlink.result index 17ddecbe19d..06aef8ea4c6 100644 --- a/mysql-test/main/partition_symlink.result +++ b/mysql-test/main/partition_symlink.result @@ -47,6 +47,7 @@ DROP TABLE t1, t2; # test.t1 have partitions in mysqltest2-directory! # user root: CREATE USER mysqltest_1@localhost; +GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/partition_symlink.test b/mysql-test/main/partition_symlink.test index 07d653ee4d6..5eba9658b1c 100644 --- a/mysql-test/main/partition_symlink.test +++ b/mysql-test/main/partition_symlink.test @@ -77,6 +77,7 @@ DROP TABLE t1, t2; -- echo # user root: --disable_service_connection CREATE USER mysqltest_1@localhost; + GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/plugin_auth.result b/mysql-test/main/plugin_auth.result index ac10bd06707..12a5156eeb1 100644 --- a/mysql-test/main/plugin_auth.result +++ b/mysql-test/main/plugin_auth.result @@ -11,8 +11,8 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string test_plugin_server plug_dest ## test plugin auth -connect(localhost,plug,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); -connect plug_con,localhost,plug,plug_dest; +connect(localhost,plug,plug_dest,,MYSQL_PORT,MYSQL_SOCK); +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug; test proxies_priv columns @@ -33,7 +33,7 @@ proxies_priv CREATE TABLE `proxies_priv` ( PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='User proxy privileges' -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -46,14 +46,14 @@ connect(localhost,plug,bad_credentials,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con,localhost,plug,bad_credentials; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name; +connect plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% connection default; disconnect plug_con_wrongp; ## test correct default plugin -connect plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin; +connect plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -67,7 +67,7 @@ DROP USER grant_user; ## test utf-8 user name CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect non_ascii,localhost,Ÿ,plug_dest; +connect non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() Ÿ@localhost plug_dest@% @@ -80,7 +80,8 @@ CREATE DATABASE test_grant_db; GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; -connect plug_con_grant,localhost,new_grant_user,plug_dest; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; +connect plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost plug_dest@% @@ -96,11 +97,10 @@ IDENTIFIED BY 'new_password'; connect(localhost,new_grant_user,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con_grant_deny,localhost,new_grant_user,plug_dest; ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES) -connect plug_con_grant,localhost,new_grant_user,new_password; +connect plug_con_grant,localhost,new_grant_user,new_password,test_grant_db; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost new_grant_user@% -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -137,7 +137,7 @@ ERROR 42000: You have an error in your SQL syntax; check the manual that corresp # this should fail : no such grant REVOKE PROXY ON grant_plug_dest FROM grant_plug; ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%' -connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd; +connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"; ## testing what an ordinary user can grant this should fail : no rights to grant all GRANT PROXY ON ''@'%%' TO grant_plug; @@ -219,7 +219,7 @@ ERROR HY000: Variable 'proxy_user' is a read only variable SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user 'plug'@'%' @@ -248,7 +248,7 @@ ERROR HY000: Variable 'external_user' is a read only variable SELECT @@LOCAL.external_user; @@LOCAL.external_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.external_user; @@LOCAL.external_user plug_dest @@ -347,7 +347,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'cleartext_test'; ## test plugin auth ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES) -connect cleartext_con,localhost,uplain,cleartext_test; +connect cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() uplain@localhost uplain@localhost @@ -453,7 +453,7 @@ ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password CREATE USER bug12610784@localhost; SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); ERROR 28000: Access denied for user 'bug12610784'@'localhost' (using password: NO) -connect b12610784,localhost,bug12610784,secret,test; +connect b12610784,localhost,bug12610784,secret,"*NO-ONE*"; connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -466,14 +466,14 @@ IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest'; CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect bug12818542_con,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect bug12818542_con2,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost diff --git a/mysql-test/main/plugin_auth.test b/mysql-test/main/plugin_auth.test index 48f35ac65e2..1c471cab9b5 100644 --- a/mysql-test/main/plugin_auth.test +++ b/mysql-test/main/plugin_auth.test @@ -21,7 +21,7 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; --echo ## test plugin auth --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCESS_DENIED_ERROR : this should fail : no grant -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); GRANT PROXY ON plug_dest TO plug; --echo test proxies_priv columns @@ -30,7 +30,7 @@ SELECT * FROM mysql.proxies_priv WHERE user !='root'; --echo test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); --echo ## test SET PASSWORD @@ -46,13 +46,13 @@ disconnect plug_con; connect(plug_con,localhost,plug,bad_credentials); --echo ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect(plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name); +connect(plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name); select USER(),CURRENT_USER(); connection default; disconnect plug_con_wrongp; --echo ## test correct default plugin -connect(plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin); +connect(plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin); select USER(),CURRENT_USER(); connection default; disconnect plug_con_rightp; @@ -68,7 +68,7 @@ CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect(non_ascii,localhost,Ÿ,plug_dest); +connect(non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -84,8 +84,9 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; -connect(plug_con_grant,localhost,new_grant_user,plug_dest); +connect(plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); USE test_grant_db; CREATE TABLE t1 (a INT); @@ -102,9 +103,8 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user --error ER_ACCESS_DENIED_ERROR connect(plug_con_grant_deny,localhost,new_grant_user,plug_dest); -connect(plug_con_grant,localhost,new_grant_user,new_password); +connect(plug_con_grant,localhost,new_grant_user,new_password,test_grant_db); select USER(),CURRENT_USER(); -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -159,7 +159,7 @@ GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; --error ER_NONEXISTING_GRANT REVOKE PROXY ON grant_plug_dest FROM grant_plug; -connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd); +connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"); --echo ## testing what an ordinary user can grant --echo this should fail : no rights to grant all @@ -262,7 +262,7 @@ SET GLOBAL proxy_user = 'test'; SET LOCAL proxy_user = 'test'; SELECT @@LOCAL.proxy_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.proxy_user; connection default; disconnect plug_con; @@ -288,7 +288,7 @@ SET GLOBAL external_user = 'test'; SET LOCAL external_user = 'test'; SELECT @@LOCAL.external_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.external_user; connection default; disconnect plug_con; @@ -418,7 +418,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' connect(cleartext_fail_con,localhost,uplain,cleartext_test2); --enable_query_log -connect(cleartext_con,localhost,uplain,cleartext_test); +connect(cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -533,7 +533,7 @@ SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); --error ER_ACCESS_DENIED_ERROR connect(b12610784,localhost,bug12610784,,test); --enable_query_log -connect(b12610784,localhost,bug12610784,secret,test); +connect(b12610784,localhost,bug12610784,secret,"*NO-ONE*"); connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -550,7 +550,7 @@ CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect(bug12818542_con,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SET PASSWORD = PASSWORD('bruhaha'); @@ -558,7 +558,7 @@ SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; diff --git a/mysql-test/main/plugin_auth_qa_1.result b/mysql-test/main/plugin_auth_qa_1.result index 24c86f1e2a8..d33662ab618 100644 --- a/mysql-test/main/plugin_auth_qa_1.result +++ b/mysql-test/main/plugin_auth_qa_1.result @@ -6,9 +6,11 @@ mariadb.sys mysql_native_password CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; current_user() plug_dest@% user() @@ -52,6 +54,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; 1) ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; 2) current_user() plug_dest@% @@ -103,14 +106,14 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect plug_user,localhost,new_user,plug_dest; +connect plug_user,localhost,new_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost plug_dest@% @@ -134,7 +137,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% @@ -176,7 +179,7 @@ User plugin authentication_string mariadb.sys mysql_native_password new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 new_user test_plugin_server new_dest -connect plug_user,localhost,new_user,new_dest; +connect plug_user,localhost,new_user,new_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost new_dest@% @@ -192,7 +195,7 @@ new_dest mysql_native_password *01422E86A6FFF84618914AF149F9AEF64B84170A new_user test_plugin_server new_dest plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 GRANT ALL PRIVILEGES ON test.* TO new_user; -connect plug_user,localhost,new_dest,new_dest_passwd; +connect plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_dest@localhost new_dest@% @@ -207,7 +210,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -219,13 +222,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -244,7 +247,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -255,13 +258,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -291,11 +294,11 @@ proxied_user_2 mysql_native_password *3D948F77C6A988AFDCA9755AB2A6724362557220 proxied_user_3 mysql_native_password *41A18925D237DEE738C76581153990B037F462E3 proxied_user_4 mysql_native_password *F990073A9B96FF535C2D0721406042B8751E593F proxied_user_5 mysql_native_password *5AA915C5D0B5B1336336FD2BF7768BC09FD1F5B2 -connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'; -connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd; -connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd; -connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd; -connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd; +connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"; +connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"; +connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"; +connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"; +connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"; connection proxy_con_1; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() diff --git a/mysql-test/main/plugin_auth_qa_1.test b/mysql-test/main/plugin_auth_qa_1.test index 1c53da59844..100670dc8e7 100644 --- a/mysql-test/main/plugin_auth_qa_1.test +++ b/mysql-test/main/plugin_auth_qa_1.test @@ -16,10 +16,12 @@ SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON plug_dest FROM plug_user; @@ -56,6 +58,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --echo 2) --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 @@ -105,12 +108,12 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect(plug_user,localhost,new_user,plug_dest); +connect(plug_user,localhost,new_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; --sorted_result @@ -128,7 +131,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -156,7 +159,7 @@ FLUSH PRIVILEGES; GRANT PROXY ON new_dest TO new_user; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(plug_user,localhost,new_user,new_dest); +connect(plug_user,localhost,new_user,new_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -166,7 +169,7 @@ CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; GRANT ALL PRIVILEGES ON test.* TO new_user; -connect(plug_user,localhost,new_dest,new_dest_passwd); +connect(plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -178,7 +181,7 @@ CREATE USER ''@'%%' IDENTIFIED WITH test_plugin_server AS 'proxied_user'; CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -189,11 +192,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -206,7 +209,7 @@ GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'%%' CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -216,11 +219,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -240,11 +243,11 @@ GRANT PROXY ON proxied_user_4 TO ''@'%%'; GRANT PROXY ON proxied_user_5 TO ''@'%%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'); -connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd); -connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd); -connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd); -connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd); +connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"); +connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"); +connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"); +connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"); +connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"); connection proxy_con_1; SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; diff --git a/mysql-test/main/plugin_auth_qa_2.result b/mysql-test/main/plugin_auth_qa_2.result index de3023a3e42..c4ec8c0a364 100644 --- a/mysql-test/main/plugin_auth_qa_2.result +++ b/mysql-test/main/plugin_auth_qa_2.result @@ -5,6 +5,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string mariadb.sys mysql_native_password @@ -33,6 +34,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string authenticated_as mysql_native_password *DFCACE76914AD7BD801FC1A1ECF6562272621A22 diff --git a/mysql-test/main/plugin_auth_qa_2.test b/mysql-test/main/plugin_auth_qa_2.test index 17e627ab773..bed5eec59e9 100644 --- a/mysql-test/main/plugin_auth_qa_2.test +++ b/mysql-test/main/plugin_auth_qa_2.test @@ -17,6 +17,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; @@ -39,6 +40,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; diff --git a/mysql-test/main/ps_show_log.result b/mysql-test/main/ps_show_log.result index 63cd7789de4..dbe078e7d1b 100644 --- a/mysql-test/main/ps_show_log.result +++ b/mysql-test/main/ps_show_log.result @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; # and check that attempt to execute the statements SHOW BINLOG EVENTS/ # SHOW RELAYLOG EVENTS as a prepred statements by a user without required # privileges results in error. -connect con2,localhost,u1,,test; +connect con2,localhost,u1,,"*NO-ONE*"; PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; EXECUTE stmt_1; ERROR 42000: Access denied; you need (at least one of) the BINLOG MONITOR privilege(s) for this operation diff --git a/mysql-test/main/ps_show_log.test b/mysql-test/main/ps_show_log.test index 95000d2d7e0..411b15600e1 100644 --- a/mysql-test/main/ps_show_log.test +++ b/mysql-test/main/ps_show_log.test @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; --echo # SHOW RELAYLOG EVENTS as a prepred statements by a user without required --echo # privileges results in error. ---connect (con2,localhost,u1,,test) +--connect (con2,localhost,u1,,"*NO-ONE*") PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; --error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/main/read_only.result b/mysql-test/main/read_only.result index 83dfada5f29..65cc12ffce9 100644 --- a/mysql-test/main/read_only.result +++ b/mysql-test/main/read_only.result @@ -2,6 +2,7 @@ set @start_read_only= @@global.read_only; DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -151,6 +152,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,; connection con_bug27440; @@ -191,6 +193,7 @@ USE test; CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect con1, localhost, user1; connection default; SET GLOBAL read_only= 1; diff --git a/mysql-test/main/read_only.test b/mysql-test/main/read_only.test index 5314b11154f..107a67c31fa 100644 --- a/mysql-test/main/read_only.test +++ b/mysql-test/main/read_only.test @@ -17,6 +17,7 @@ DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect (con1,localhost,test,,test); @@ -265,6 +266,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect (con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,); connection con_bug27440; @@ -312,6 +314,7 @@ CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect (con1, localhost, user1); connection default; diff --git a/mysql-test/main/read_only_innodb.result b/mysql-test/main/read_only_innodb.result index abfc5322ed0..cfc8f2ecb17 100644 --- a/mysql-test/main/read_only_innodb.result +++ b/mysql-test/main/read_only_innodb.result @@ -1,6 +1,6 @@ DROP TABLE IF EXISTS table_11733 ; create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -25,7 +25,7 @@ drop table table_11733 ; drop user test@localhost; disconnect con1; create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect con1, localhost, test, , test; connection default; CREATE TABLE t1(a INT) ENGINE=INNODB; diff --git a/mysql-test/main/read_only_innodb.test b/mysql-test/main/read_only_innodb.test index 4b00c32b185..e2c2979c393 100644 --- a/mysql-test/main/read_only_innodb.test +++ b/mysql-test/main/read_only_innodb.test @@ -15,7 +15,7 @@ DROP TABLE IF EXISTS table_11733 ; # so we use a non-SUPER one: create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect (con1,localhost,test,,test); @@ -50,7 +50,7 @@ disconnect con1; # # Test 1: read only mode create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect(con1, localhost, test, , test); connection default; diff --git a/mysql-test/main/show_check.result b/mysql-test/main/show_check.result index 35428b34599..5058f6d6db0 100644 --- a/mysql-test/main/show_check.result +++ b/mysql-test/main/show_check.result @@ -545,7 +545,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table `my drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest' disconnect con1; -connect con2,localhost,mysqltest_2,,test; +connect con2,localhost,mysqltest_2,,"*NO-ONE*"; connection con2; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table `mysqltest`.`t1` @@ -556,7 +556,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_2'@'localhost' for table `my drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest' disconnect con2; -connect con3,localhost,mysqltest_3,,test; +connect con3,localhost,mysqltest_3,,"*NO-ONE*"; connection con3; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table `mysqltest`.`t1` @@ -1471,7 +1471,7 @@ DROP EVENT ev1; SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect conn1, localhost, test_u,,; +connect conn1, localhost, test_u,,"*NO-ONE*"; SHOW ENGINE MYISAM MUTEX; SHOW ENGINE MYISAM STATUS; disconnect conn1; diff --git a/mysql-test/main/show_check.test b/mysql-test/main/show_check.test index 15beaaf0401..2a001866186 100644 --- a/mysql-test/main/show_check.test +++ b/mysql-test/main/show_check.test @@ -349,7 +349,7 @@ drop database mysqltest; disconnect con1; --source include/wait_until_disconnected.inc -connect (con2,localhost,mysqltest_2,,test); +connect (con2,localhost,mysqltest_2,,"*NO-ONE*"); connection con2; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -362,7 +362,7 @@ drop database mysqltest; disconnect con2; --source include/wait_until_disconnected.inc -connect (con3,localhost,mysqltest_3,,test); +connect (con3,localhost,mysqltest_3,,"*NO-ONE*"); connection con3; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -1255,7 +1255,7 @@ SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect (conn1, localhost, test_u,,); +connect (conn1, localhost, test_u,,"*NO-ONE*"); --disable_result_log SHOW ENGINE MYISAM MUTEX; diff --git a/mysql-test/main/sp-security.result b/mysql-test/main/sp-security.result index 8a1f46c7c35..cb158e979d2 100644 --- a/mysql-test/main/sp-security.result +++ b/mysql-test/main/sp-security.result @@ -42,8 +42,8 @@ set sql_mode=''; grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect con2user1,localhost,user1,,; -connect con3anon,localhost,anon,,; +connect con2user1,localhost,user1,,"*NO-ONE*"; +connect con3anon,localhost,anon,,"*NO-ONE*"; connection con2user1; call db1_secret.stamp(2); select db1_secret.db(); @@ -128,7 +128,7 @@ use db2; create procedure p () insert into t2 values (1); call p(); ERROR 42000: INSERT command denied to user 'user1'@'localhost' for table `db2`.`t2` -connect con4user2,localhost,user2,,; +connect con4user2,localhost,user2,,"*NO-ONE*"; connection con4user2; use db2; call p(); @@ -203,9 +203,9 @@ show grants for userc@localhost; Grants for userc@localhost GRANT USAGE ON *.* TO `userc`@`localhost` GRANT EXECUTE ON PROCEDURE `sptest`.`p1` TO `userc`@`localhost` WITH GRANT OPTION -connect con2usera,localhost,usera,,; -connect con3userb,localhost,userb,,; -connect con4userc,localhost,userc,,; +connect con2usera,localhost,usera,,"*NO-ONE*"; +connect con3userb,localhost,userb,,"*NO-ONE*"; +connect con4userc,localhost,userc,,"*NO-ONE*"; connection con2usera; call sptest.p1(1); grant execute on procedure sptest.p1 to userb@localhost; @@ -270,6 +270,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// connect user1,localhost,user1,,test; @@ -349,6 +350,7 @@ return 'ok'; end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| connect test_user_12812,localhost,user_bug12812,ABC,test; SELECT test.bug12812()| ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812' @@ -398,6 +400,7 @@ sql security definer select * from db_bug14533.t1; grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect user_bug14533,localhost,user_bug14533,,test; call db_bug14533.bug14533_1(); Field Type Null Key Default Extra @@ -670,7 +673,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect conn1, localhost, bug57061_user,,; +connect conn1, localhost, bug57061_user,,"*NO-ONE*"; # Attempt to drop routine on which user doesn't have privileges # should result in the same 'access denied' type of error whether # routine exists or not. @@ -695,7 +698,7 @@ CREATE DATABASE db1; CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect con2, localhost, user2; +connect con2, localhost, user2,,"*NO-ONE*"; # The statement below before disclosed info from body_utf8 column. SHOW CREATE PROCEDURE db1.p1; ERROR 42000: PROCEDURE p1 does not exist @@ -714,6 +717,7 @@ DROP USER user2@localhost; DROP DATABASE db1; create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -723,11 +727,13 @@ foo@localhost foo@local_ost show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`local_ost` disconnect con1; @@ -747,6 +753,7 @@ create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect conn1, localhost, bug12602983_user,,; # Attempt to execute routine on which user doesn't have privileges # should result in the same 'access denied' error whether @@ -794,8 +801,7 @@ CREATE USER u1@localhost; GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect u1, localhost, u1,,; -USE u1; +connect u1, localhost, u1,,u1; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ disconnect u1; diff --git a/mysql-test/main/sp-security.test b/mysql-test/main/sp-security.test index e11e8911b60..a0bf1334fa7 100644 --- a/mysql-test/main/sp-security.test +++ b/mysql-test/main/sp-security.test @@ -67,8 +67,8 @@ grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect (con2user1,localhost,user1,,); -connect (con3anon,localhost,anon,,); +connect (con2user1,localhost,user1,,"*NO-ONE*"); +connect (con3anon,localhost,anon,,"*NO-ONE*"); # @@ -195,7 +195,7 @@ create procedure p () insert into t2 values (1); --error ER_TABLEACCESS_DENIED_ERROR call p(); -connect (con4user2,localhost,user2,,); +connect (con4user2,localhost,user2,,"*NO-ONE*"); connection con4user2; use db2; @@ -284,9 +284,9 @@ show grants for usera@localhost; grant execute on procedure sptest.p1 to userc@localhost with grant option; show grants for userc@localhost; -connect (con2usera,localhost,usera,,); -connect (con3userb,localhost,userb,,); -connect (con4userc,localhost,userc,,); +connect (con2usera,localhost,usera,,"*NO-ONE*"); +connect (con3userb,localhost,userb,,"*NO-ONE*"); +connect (con4userc,localhost,userc,,"*NO-ONE*"); connection con2usera; call sptest.p1(1); @@ -357,6 +357,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// delimiter ;// @@ -467,6 +468,7 @@ begin end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (test_user_12812,localhost,user_bug12812,ABC,test)| --error ER_PROCACCESS_DENIED_ERROR @@ -543,6 +545,7 @@ create procedure bug14533_2() grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect (user_bug14533,localhost,user_bug14533,,test); @@ -926,7 +929,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect (conn1, localhost, bug57061_user,,); +connect (conn1, localhost, bug57061_user,,"*NO-ONE*"); --echo # Attempt to drop routine on which user doesn't have privileges --echo # should result in the same 'access denied' type of error whether --echo # routine exists or not. @@ -958,7 +961,7 @@ CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect (con2, localhost, user2); +connect (con2, localhost, user2,,"*NO-ONE*"); --echo # The statement below before disclosed info from body_utf8 column. --error ER_SP_DOES_NOT_EXIST SHOW CREATE PROCEDURE db1.p1; @@ -981,6 +984,7 @@ DROP DATABASE db1; # create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -1009,6 +1013,7 @@ create procedure mysqltest_db.p1() begin end; --echo # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect (conn1, localhost, bug12602983_user,,); @@ -1066,8 +1071,7 @@ GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect (u1, localhost, u1,,); -USE u1; +connect (u1, localhost, u1,,u1); DELIMITER $$; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ diff --git a/mysql-test/main/sql_mode.result b/mysql-test/main/sql_mode.result index 6ac65302d47..31308cd6a2f 100644 --- a/mysql-test/main/sql_mode.result +++ b/mysql-test/main/sql_mode.result @@ -505,7 +505,7 @@ connection default; set @OLD_SQL_MODE=@@SESSION.SQL_MODE; set session sql_mode='PAD_CHAR_TO_FULL_LENGTH'; flush privileges; -connect user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; select current_user(); current_user() mysqltest_32753@localhost diff --git a/mysql-test/main/sql_mode.test b/mysql-test/main/sql_mode.test index b1c5f05e618..bfcaff39253 100644 --- a/mysql-test/main/sql_mode.test +++ b/mysql-test/main/sql_mode.test @@ -302,7 +302,7 @@ flush privileges; # if user-table is affected by PAD_CHAR_TO_FULL_LENGTH, our connect will fail # --error 1045 -connect (user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); select current_user(); # clean up diff --git a/mysql-test/main/system_mysql_db_fix40123.result b/mysql-test/main/system_mysql_db_fix40123.result index 31a334878ec..2ed1e8ae618 100644 --- a/mysql-test/main/system_mysql_db_fix40123.result +++ b/mysql-test/main/system_mysql_db_fix40123.result @@ -100,7 +100,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50030.result b/mysql-test/main/system_mysql_db_fix50030.result index 8055211e5b2..b99b8678b1a 100644 --- a/mysql-test/main/system_mysql_db_fix50030.result +++ b/mysql-test/main/system_mysql_db_fix50030.result @@ -104,7 +104,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50117.result b/mysql-test/main/system_mysql_db_fix50117.result index 214b7ee572d..8e48c2accb7 100644 --- a/mysql-test/main/system_mysql_db_fix50117.result +++ b/mysql-test/main/system_mysql_db_fix50117.result @@ -84,7 +84,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/user_limits.result b/mysql-test/main/user_limits.result index acb34754caa..1cb4f9c03e8 100644 --- a/mysql-test/main/user_limits.result +++ b/mysql-test/main/user_limits.result @@ -7,7 +7,7 @@ delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; flush user_resources; connect mqph, localhost, mysqltest_1,,; connection mqph; @@ -26,7 +26,7 @@ drop user mysqltest_1@localhost; disconnect mqph; disconnect mqph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect muph, localhost, mysqltest_1,,; connection muph; @@ -53,7 +53,7 @@ drop user mysqltest_1@localhost; disconnect muph; disconnect muph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect mcph1, localhost, mysqltest_1,,; connection mcph1; @@ -77,7 +77,7 @@ connection default; drop user mysqltest_1@localhost; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect muc1, localhost, mysqltest_1,,; connection muc1; @@ -109,10 +109,12 @@ grant usage on *.* to mysqltest_1@localhost with max_user_connections -1; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` flush user_resources; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` connect(localhost,mysqltest_1,,test,MYSQL_PORT,MYSQL_SOCK); connect muc5, localhost, mysqltest_1,,; ERROR 42000: User 'mysqltest_1' has exceeded the 'max_user_connections' resource (current value: -1) @@ -130,7 +132,7 @@ select @@session.max_user_connections, @@global.max_user_connections; @@session.max_user_connections @@global.max_user_connections 2 2 create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect muca1, localhost, mysqltest_1,,; connection muca1; @@ -193,7 +195,7 @@ set global max_user_connections= @my_max_user_connections; # MDEV-17852 Altered connection limits for user have no effect # create user foo@'%' with max_user_connections 1; -connect con1,localhost,foo; +connect con1,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% @@ -202,7 +204,7 @@ connect con2,localhost,foo; ERROR 42000: User 'foo' has exceeded the 'max_user_connections' resource (current value: 1) connection default; alter user foo with max_user_connections 2; -connect con3,localhost,foo; +connect con3,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% diff --git a/mysql-test/main/user_limits.test b/mysql-test/main/user_limits.test index 36524febd8d..10e15ca3c9c 100644 --- a/mysql-test/main/user_limits.test +++ b/mysql-test/main/user_limits.test @@ -27,7 +27,7 @@ flush privileges; # Test of MAX_QUERIES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; # This ensures that counters are reset and makes test scheduling independent flush user_resources; connect (mqph, localhost, mysqltest_1,,); @@ -48,7 +48,7 @@ disconnect mqph2; # Test of MAX_UPDATES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect (muph, localhost, mysqltest_1,,); connection muph; @@ -73,7 +73,7 @@ disconnect muph2; # Test of MAX_CONNECTIONS_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect (mcph1, localhost, mysqltest_1,,); connection mcph1; @@ -101,7 +101,7 @@ drop user mysqltest_1@localhost; # We need this to reset internal mqh_used variable flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect (muc1, localhost, mysqltest_1,,); connection muc1; @@ -155,7 +155,7 @@ set global max_user_connections= 2; select @@session.max_user_connections, @@global.max_user_connections; # Let us check that global limit works create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect (muca1, localhost, mysqltest_1,,); connection muca1; @@ -225,14 +225,14 @@ set global max_user_connections= @my_max_user_connections; --echo # MDEV-17852 Altered connection limits for user have no effect --echo # create user foo@'%' with max_user_connections 1; ---connect con1,localhost,foo +--connect con1,localhost,foo,,"*NO-ONE*" select current_user(); --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_USER_LIMIT_REACHED --connect con2,localhost,foo --connection default alter user foo with max_user_connections 2; ---connect con3,localhost,foo +--connect con3,localhost,foo,,"*NO-ONE*" select current_user(); --disconnect con3 --disconnect con1 diff --git a/mysql-test/main/userstat-badlogin-4824.result b/mysql-test/main/userstat-badlogin-4824.result index b32b05e649d..2d34f78e006 100644 --- a/mysql-test/main/userstat-badlogin-4824.result +++ b/mysql-test/main/userstat-badlogin-4824.result @@ -2,7 +2,7 @@ set @save_userstat=@@global.userstat; create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect foo, localhost, foo, foo, test; +connect foo, localhost, foo, foo, "*NO-ONE*"; select 1; 1 1 diff --git a/mysql-test/main/userstat-badlogin-4824.test b/mysql-test/main/userstat-badlogin-4824.test index 3db3e10da15..8ee5d189f77 100644 --- a/mysql-test/main/userstat-badlogin-4824.test +++ b/mysql-test/main/userstat-badlogin-4824.test @@ -12,7 +12,7 @@ create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect(foo, localhost, foo, foo, test); +connect(foo, localhost, foo, foo, "*NO-ONE*"); select 1; disconnect foo; connection default; diff --git a/mysql-test/main/view_grant.result b/mysql-test/main/view_grant.result index 370035147a1..3754a55eea8 100644 --- a/mysql-test/main/view_grant.result +++ b/mysql-test/main/view_grant.result @@ -46,11 +46,12 @@ revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; create database mysqltest; create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select d from mysqltest.v1; @@ -70,6 +71,7 @@ c select d from mysqltest.v1; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1' connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -88,7 +90,7 @@ grant select on mysqltest.v2 to mysqltest_1@localhost; grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select c from mysqltest.v2; @@ -132,7 +134,7 @@ grant select on mysqltest.v5 to mysqltest_1@localhost; connection user1; show create view mysqltest.v5; View Create View character_set_client collation_connection -v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v5` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v5` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v1; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v1; @@ -141,13 +143,14 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v2; @@ -164,34 +167,36 @@ explain select c from mysqltest.v5; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v5` connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; id select_type table type possible_keys key key_len ref rows Extra 1 PRIMARY <derived2> system NULL NULL NULL NULL 0 Const row not found 2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table show create view mysqltest.v2; View Create View character_set_client collation_connection -v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v3; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v3; View Create View character_set_client collation_connection -v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci explain select c from mysqltest.v4; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v4; View Create View character_set_client collation_connection -v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v4` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -208,8 +213,7 @@ grant update (a) on mysqltest.v2 to mysqltest_1@localhost; grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; a b @@ -251,11 +255,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3` update v3 set a=a+c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v3` -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -267,7 +271,7 @@ create view mysqltest.v2 (a,c) as select a, b+1 from mysqltest.t1; create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; delete from v1 where c < 4; select * from t1; @@ -284,8 +288,8 @@ delete v2 from t2,v2 where t2.x=v2.c; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` delete from v2 where c < 4; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -300,7 +304,7 @@ create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1; create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; insert into v1 values (5,6); select * from t1; @@ -319,11 +323,11 @@ insert into v2 values (5,6); ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` insert into v2 select x,y from t2; ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v2` -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); @@ -332,7 +336,7 @@ create user mysqltest_1@localhost; grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; create view mysqltest.v1 as select * from mysqltest.t1; @@ -366,26 +370,26 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; connection root; show create view v1; @@ -401,6 +405,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -423,8 +428,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; f2() NULL @@ -437,7 +441,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop function f2; @@ -446,6 +449,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -461,13 +465,11 @@ create user mysqltest_1@localhost; grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; revoke execute on function f2 from mysqltest_1@localhost; @@ -490,6 +492,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -501,14 +504,12 @@ grant select on t1 to mysqltest_1@localhost; grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; select * from v1; @@ -528,6 +529,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -544,8 +546,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; a b 1 1 @@ -558,7 +559,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop table t1; @@ -566,6 +566,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; create user 'test14256'@'%'; grant all on test.* to 'test14256'@'%'; connect test14256,localhost,test14256,,test; @@ -601,13 +602,11 @@ View Create View character_set_client collation_connection v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1` latin1 latin1_swedish_ci create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; LOCK TABLES v1 READ; SHOW CREATE TABLE v1; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table `mysqltest`.`v1` UNLOCK TABLES; -use test; connection root; use test; drop user mysqltest_1@localhost; @@ -647,7 +646,7 @@ GRANT UPDATE ON mysqltest1.v_tu TO readonly@localhost; GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect n1,localhost,readonly,,; +connect n1,localhost,readonly,,mysqltest1; connection n1; SELECT * FROM mysqltest1.v_t1; ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them @@ -720,7 +719,7 @@ DROP TABLE t1; USE test; CREATE USER mysqltest_db1@localhost identified by 'PWD'; GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; -connect session1,localhost,mysqltest_db1,PWD,test; +connect session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"; CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; CREATE TABLE t1 (f1 INTEGER); @@ -1085,9 +1084,7 @@ CREATE VIEW v1 AS SELECT f1, f2 FROM t1; CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect addconfoo, localhost, foo,,; -connection addconfoo; -USE db1; +connect addconfoo, localhost, foo,,db1; SELECT f1 FROM t1; f1 SELECT f2 FROM t1; @@ -1431,11 +1428,11 @@ CREATE TABLE t2 ( a INT, b INT ); CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; -connect connection1, localhost, mysqluser1, , test; +connect connection1, localhost, mysqluser1, ,mysqltest1; SELECT * FROM mysqltest1.v1; ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1` CREATE VIEW v1 AS SELECT * FROM mysqltest1.t2; -ERROR 42000: ANY command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`t2` +ERROR 42000: CREATE VIEW command denied to user 'mysqluser1'@'localhost' for table `mysqltest1`.`v1` disconnect connection1; connection default; DROP TABLE t1, t2; @@ -1858,7 +1855,7 @@ where t2.id = v1.id; create sql security invoker view v42 as select v2.id as id, v2.val as val from mysqltest2.t2 as t2, mysqltest2.v2_merge as v2 where t2.id = v2.id; -connect conn_11766767, localhost, user_11766767,,; +connect conn_11766767, localhost, user_11766767,,mysqltest2; # # A) Check how we handle privilege checking in multi-update for # directly used views. @@ -1959,6 +1956,7 @@ drop database mysqltest2; CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect con1,localhost,foo,,; SELECT * FROM foo.v; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table `foo`.`v` diff --git a/mysql-test/main/view_grant.test b/mysql-test/main/view_grant.test index 83bbeb3be77..9094c616a1f 100644 --- a/mysql-test/main/view_grant.test +++ b/mysql-test/main/view_grant.test @@ -71,6 +71,7 @@ revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; # # grants per columns @@ -84,7 +85,7 @@ create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); select c from mysqltest.v1; # there are no privileges on column 'd' --error ER_COLUMNACCESS_DENIED_ERROR @@ -112,6 +113,7 @@ select c from mysqltest.v1; select d from mysqltest.v1; connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -139,7 +141,7 @@ grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # all SELECTs works, except v5 which lacks SELECT privs select c from mysqltest.v1; select c from mysqltest.v2; @@ -188,7 +190,8 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # EXPLAIN works explain select c from mysqltest.v1; show create view mysqltest.v1; @@ -213,7 +216,8 @@ explain select c from mysqltest.v5; # allow to see any view in mysqltest database connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); explain select c from mysqltest.v1; show create view mysqltest.v1; explain select c from mysqltest.v2; @@ -231,6 +235,7 @@ connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # UPDATE privileges on VIEW columns and whole VIEW @@ -256,8 +261,7 @@ grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); # update with rights on VIEW column update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; @@ -281,11 +285,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; --error ER_TABLEACCESS_DENIED_ERROR update v3 set a=a+c; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # DELETE privileges on VIEW @@ -306,7 +310,7 @@ create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column delete from v1 where c < 4; @@ -319,8 +323,8 @@ delete v2 from t2,v2 where t2.x=v2.c; --error ER_TABLEACCESS_DENIED_ERROR delete from v2 where c < 4; -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -344,7 +348,7 @@ create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column insert into v1 values (5,6); @@ -357,11 +361,11 @@ insert into v2 values (5,6); --error ER_TABLEACCESS_DENIED_ERROR insert into v2 select x,y from t2; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # test of CREATE VIEW privileges if we have limited privileges @@ -379,7 +383,7 @@ grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; @@ -426,6 +430,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; # # user with global DB privileges @@ -438,15 +443,14 @@ create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # view definer grants revoking @@ -462,7 +466,7 @@ create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; @@ -478,6 +482,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; # # rights on execution of view underlying functiond (Bug#9505) @@ -512,8 +517,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -522,7 +526,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -532,6 +535,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # revertion of previous test, definer of view lost his/her rights to execute @@ -561,13 +565,11 @@ grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; @@ -588,6 +590,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # definer/invoker rights for columns @@ -607,14 +610,12 @@ grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; @@ -633,6 +634,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; @@ -655,8 +657,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -665,7 +666,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -674,6 +674,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # Bug#14256 definer in view definition is not fully qualified @@ -723,14 +724,12 @@ SHOW CREATE VIEW v1; create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); -use mysqltest; LOCK TABLES v1 READ; --error ER_TABLEACCESS_DENIED_ERROR SHOW CREATE TABLE v1; UNLOCK TABLES; -use test; connection root; use test; @@ -776,7 +775,7 @@ GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect (n1,localhost,readonly,,); +connect (n1,localhost,readonly,,mysqltest1); connection n1; --error ER_VIEW_INVALID @@ -858,7 +857,7 @@ eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; # The session with the non root user is needed. --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (session1,localhost,mysqltest_db1,PWD,test); +connect (session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"); CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; @@ -1270,9 +1269,7 @@ CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect (addconfoo, localhost, foo,,); -connection addconfoo; -USE db1; +connect (addconfoo, localhost, foo,,db1); SELECT f1 FROM t1; --error ER_COLUMNACCESS_DENIED_ERROR @@ -1714,7 +1711,7 @@ CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; ---connect (connection1, localhost, mysqluser1, , test) +--connect (connection1, localhost, mysqluser1, ,mysqltest1) --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM mysqltest1.v1; @@ -2106,7 +2103,7 @@ create sql security invoker view v42 as where t2.id = v2.id; -connect (conn_11766767, localhost, user_11766767,,); +connect (conn_11766767, localhost, user_11766767,,mysqltest2); --echo # --echo # A) Check how we handle privilege checking in multi-update for @@ -2215,6 +2212,7 @@ CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect (con1,localhost,foo,,); --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM foo.v; |