Added more tests to grant2. Fixed some previous tests.

Added new logic to ACL system: 1) If GRANT OPTION (not mysql db): Ok to update existing user, but not password. Not allowed to make a new user. 2) If UPDATE_ACL to mysql DB: Ok to update current user, but not make a new one. 3) If INSERT_ACL to mysql DB: Ok to add a new user, but not modify existing. 4) If GRANT OPTION to mysql DB: All modifications OK. mysql-test/r/grant2.result: Added more ACL tests and fixed results in some old tests. mysql-test/t/grant2.test: Added more ACL tests and fixed results in some old tests. sql/sql_acl.h: Made check_acl_user() visible to sql_parse.cc sql/sql_parse.cc: Added new logic to ACL system: 1) If GRANT OPTION (not mysql db): Ok to update existing user, but not password. Not allowed to make a new user. 2) If UPDATE_ACL to mysql DB: Ok to update current user, but not make a new one. 3) If INSERT_ACL to mysql DB: Ok to add a new user, but not modify existing. 4) If GRANT OPTION to mysql DB: All modifications OK.
author: unknown <jani@a193-229-222-105.elisa-laajakaista.fi> 2005-03-18 13:32:28 +0200
committer: unknown <jani@a193-229-222-105.elisa-laajakaista.fi> 2005-03-18 13:32:28 +0200
commit: c94570057c9f7861d40971f77c794ea05635b83a (patch)
tree: 5c0bffa6d1ac69b2b7cd0e0dbfa6f2bb92cff785 /mysql-test/r/grant2.result
parent: 0f58efbd487dd1b82c6dd3b5e60304a168793eea (diff)
download: mariadb-git-c94570057c9f7861d40971f77c794ea05635b83a.tar.gz
1 files changed, 22 insertions, 6 deletions
diff --git a/mysql-test/r/grant2.result b/mysql-test/r/grant2.result
index e6c78fdfdd4..e6db7bd682f 100644
--- a/mysql-test/r/grant2.result
+++ b/mysql-test/r/grant2.result
@@ -5,6 +5,23 @@ delete from mysql.db where user like 'mysqltest\_%';
 delete from mysql.tables_priv where user like 'mysqltest\_%';
 delete from mysql.columns_priv where user like 'mysqltest\_%';
 flush privileges;
+grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option;
+create user mysqltest_2@localhost;
+grant select on `my\_1`.* to mysqltest_2@localhost;
+grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
+ERROR 42000: You must have privileges to update tables in the mysql database to be able to change passwords for others
+grant update on mysql.* to mysqltest_1@localhost;
+grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass';
+grant select on `my\_1`.* to mysqltest_3@localhost;
+ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
+grant insert on mysql.* to mysqltest_1@localhost;
+grant select on `my\_1`.* to mysqltest_3@localhost;
+grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass';
+delete from mysql.user where user like 'mysqltest\_%';
+delete from mysql.db where user like 'mysqltest\_%';
+delete from mysql.tables_priv where user like 'mysqltest\_%';
+delete from mysql.columns_priv where user like 'mysqltest\_%';
+flush privileges;
 grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option;
 select current_user();
 current_user()
@@ -13,6 +30,7 @@ select current_user;
 current_user
 mysqltest_1@localhost
 grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option;
+ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 grant all privileges on `my_%`.* to mysqltest_3@localhost with grant option;
 ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'my_%'
 set @@sql_mode='NO_AUTO_CREATE_USER';
@@ -23,15 +41,13 @@ grant select on `my\_1`.* to mysqltest_4@localhost with grant option;
 ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 grant select on `my\_1`.* to mysqltest_4@localhost identified by 'mypass'
 with grant option;
-ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql'
+ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
 GRANT ALL PRIVILEGES ON `my\_%`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
 show grants for mysqltest_2@localhost;
-Grants for mysqltest_2@localhost
-GRANT USAGE ON *.* TO 'mysqltest_2'@'localhost'
-GRANT ALL PRIVILEGES ON `my\_1`.* TO 'mysqltest_2'@'localhost' WITH GRANT OPTION
+ERROR 42000: There is no such grant defined for user 'mysqltest_2' on host 'localhost'
 show grants for mysqltest_3@localhost;
 ERROR 42000: There is no such grant defined for user 'mysqltest_3' on host 'localhost'
 delete from mysql.user where user like 'mysqltest\_%';
@@ -61,9 +77,9 @@ flush privileges;
 create table t1 (a int, b int);
 grant select (a) on t1 to mysqltest_1@localhost with grant option;
 grant select (a,b) on t1 to mysqltest_2@localhost;
-ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'b' in table 't1'
+ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 grant select on t1 to mysqltest_3@localhost;
-ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 't1'
+ERROR 42000: 'mysqltest_1'@'localhost' is not allowed to create new users
 drop table t1;
 delete from mysql.user where user like 'mysqltest\_%';
 delete from mysql.db where user like 'mysqltest\_%';
author	unknown <jani@a193-229-222-105.elisa-laajakaista.fi>	2005-03-18 13:32:28 +0200
committer	unknown <jani@a193-229-222-105.elisa-laajakaista.fi>	2005-03-18 13:32:28 +0200
commit	c94570057c9f7861d40971f77c794ea05635b83a (patch)
tree	5c0bffa6d1ac69b2b7cd0e0dbfa6f2bb92cff785 /mysql-test/r/grant2.result
parent	0f58efbd487dd1b82c6dd3b5e60304a168793eea (diff)
download	mariadb-git-c94570057c9f7861d40971f77c794ea05635b83a.tar.gz