SCRUM:

WL#604 Privileges in embedded library
code added to check privileges in embedded library
NO_EMBEDDED_ACCESS_CHECKS macros inserted in code so we can exclude
access-checking parts. Actually we now can exclude these parts from
standalone server as well. Do we need it?
Access checks are disabled in embedded server by default. One should
edit libmysqld/Makefile manually to get this working.
We definitely need the separate configure for embedded server


include/mysql.h:
  options added so user of embedded library can set the client host
  it will work as if the usual client connects from this host
libmysqld/Makefile.am:
  Usually one doesn't need access checking in embedded library
  we definitely should separate configure for embedded server
libmysqld/lib_sql.cc:
  necessary code for getting passwords and access checks added
libmysqld/libmysqld.c:
  code #ifdef-ed - we use this only when we check permissions
sql-common/client.c:
  one mysql_close left now
sql/item_strfunc.cc:
  #ifndef-s added
sql/log.cc:
  #ifndef-s added
sql/mysql_priv.h:
  #ifndef-s added
  also i removed default parameters from check_access and check_table_access
  definitions to set definitions working
sql/mysqld.cc:
  #ifndef-s added
  localhost renamed to my_localhost
sql/repl_failsafe.cc:
  parameters added
sql/set_var.cc:
  #ifndef-s added
sql/sql_acl.cc:
  #ifndef-s added
sql/sql_acl.h:
  #ifndef-s added
sql/sql_base.cc:
  #ifndef-s added
sql/sql_cache.cc:
  #ifndef-s added
sql/sql_class.cc:
  #ifndef-s added
sql/sql_db.cc:
  #ifndef-s added
sql/sql_derived.cc:
  #ifndef-s added
sql/sql_insert.cc:
  #ifndef-s added
sql/sql_parse.cc:
  a horde of #ifndef-s added
sql/sql_prepare.cc:
  #ifndef-s added
sql/sql_repl.cc:
  parameters added
sql/sql_show.cc:
  #ifndef-s added
sql/sql_update.cc:
  #ifndef-s added

1 files changed, 7 insertions, 2 deletions

diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc
index 6028e291edd..51ed3bf60be 100644
--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -60,9 +60,11 @@ check_insert_fields(THD *thd,TABLE *table,List<Item> &fields,
 		      MYF(0),counter);
       return -1;
     }
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
     if (grant_option &&
 	check_grant_all_columns(thd,INSERT_ACL,table))
       return -1;
+#endif
     table->time_stamp=0;			// This is saved by caller
   }
   else
@@ -96,7 +98,9 @@ check_insert_fields(THD *thd,TABLE *table,List<Item> &fields,
       table->time_stamp= table->timestamp_field->offset()+1;
   }
   // For the values we need select_priv
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
   table->grant.want_privilege=(SELECT_ACL & ~table->grant.privilege);
+#endif
   return 0;
 }
 
@@ -130,14 +134,15 @@ int mysql_insert(THD *thd,TABLE_LIST *table_list,
     thd->lex.select_lex.table_list.first;
   DBUG_ENTER("mysql_insert");
 
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
   if (thd->master_access & SUPER_ACL)
+#endif
   {
     if (!(thd->options & OPTION_UPDATE_LOG))
       log_on&= ~(int) DELAYED_LOG_UPDATE;
     if (!(thd->options & OPTION_BIN_LOG))
       log_on&= ~(int) DELAYED_LOG_BIN;
   }
-
   /*
     in safe mode or with skip-new change delayed insert to be regular
     if we are told to replace duplicates, the insert cannot be concurrent
@@ -626,7 +631,7 @@ public:
      group_count(0)
   {
     thd.user=thd.priv_user=(char*) delayed_user;
-    thd.host=(char*) localhost;
+    thd.host=(char*) my_localhost;
     thd.current_tablenr=0;
     thd.version=refresh_version;
     thd.command=COM_DELAYED_INSERT;