SCRUM:

WL#604 Privileges in embedded library
code added to check privileges in embedded library
NO_EMBEDDED_ACCESS_CHECKS macros inserted in code so we can exclude
access-checking parts. Actually we now can exclude these parts from
standalone server as well. Do we need it?
Access checks are disabled in embedded server by default. One should
edit libmysqld/Makefile manually to get this working.
We definitely need the separate configure for embedded server

1 files changed, 7 insertions, 3 deletions

diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc
index 5d05fea4fe3..f5721a6832e 100644
--- a/sql/sql_derived.cc
+++ b/sql/sql_derived.cc
@@ -91,13 +91,15 @@ int mysql_derived(THD *thd, LEX *lex, SELECT_LEX_UNIT *unit,
     We have to do access checks here as this code is executed before any
     sql command is started to execute.
   */
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
   if (tables)
-    res= check_table_access(thd,SELECT_ACL, tables);
+    res= check_table_access(thd,SELECT_ACL, tables,0);
   else
-    res= check_access(thd, SELECT_ACL, any_db);
+    res= check_access(thd, SELECT_ACL, any_db,0,0,0);
   if (res)
     DBUG_RETURN(1);
-    
+#endif
+
   if (!(res=open_and_lock_tables(thd,tables)))
   {
     if (is_union || is_subsel)
@@ -203,7 +205,9 @@ int mysql_derived(THD *thd, LEX *lex, SELECT_LEX_UNIT *unit,
 	  org_table_list->table=table;
 	  table->derived_select_number= select_cursor->select_number;
 	  table->tmp_table= TMP_TABLE;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
 	  org_table_list->grant.privilege= SELECT_ACL;
+#endif
 	  if (lex->describe)
 	  {
 	    // to fix a problem in EXPLAIN