diff options
| author | Sergei Golubchik <sergii@pisem.net> | 2013-10-18 12:17:49 -0700 |
|---|---|---|
| committer | Sergei Golubchik <sergii@pisem.net> | 2013-10-18 12:17:49 -0700 |
| commit | b2f16628cf4500111d59a8e52cc44851742ddfcc (patch) | |
| tree | a09b5dcacded4cf82fc40707874e39feb8a72e7a /sql | |
| parent | b0547006192730d6281ca96f2151802ee7fe2ba0 (diff) | |
| download | mariadb-git-b2f16628cf4500111d59a8e52cc44851742ddfcc.tar.gz | |
support DEFINER=role and DEFINER=current_role
Diffstat (limited to 'sql')
| -rw-r--r-- | sql/log_event.cc | 15 | ||||
| -rw-r--r-- | sql/share/errmsg-utf8.txt | 5 | ||||
| -rw-r--r-- | sql/sp.cc | 19 | ||||
| -rw-r--r-- | sql/sp_head.cc | 9 | ||||
| -rw-r--r-- | sql/sql_acl.cc | 487 | ||||
| -rw-r--r-- | sql/sql_class.cc | 10 | ||||
| -rw-r--r-- | sql/sql_class.h | 21 | ||||
| -rw-r--r-- | sql/sql_parse.cc | 74 | ||||
| -rw-r--r-- | sql/sql_parse.h | 6 | ||||
| -rw-r--r-- | sql/sql_show.cc | 7 | ||||
| -rw-r--r-- | sql/sql_trigger.cc | 4 | ||||
| -rw-r--r-- | sql/sql_view.cc | 12 | ||||
| -rw-r--r-- | sql/sql_yacc.yy | 8 | ||||
| -rw-r--r-- | sql/structs.h | 8 |
14 files changed, 370 insertions, 315 deletions
diff --git a/sql/log_event.cc b/sql/log_event.cc index 9f33c3d8568..4700cbc4d1c 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -2853,17 +2853,22 @@ bool Query_log_event::write(IO_CACHE* file) user= thd->get_invoker_user(); host= thd->get_invoker_host(); } - else if (thd->security_ctx->priv_user) + else { Security_context *ctx= thd->security_ctx; - user.length= strlen(ctx->priv_user); - user.str= ctx->priv_user; - if (ctx->priv_host[0] != '\0') + if (thd->need_binlog_invoker() == THD::INVOKER_USER) { + user.str= ctx->priv_user; host.str= ctx->priv_host; - host.length= strlen(ctx->priv_host); + host.length= strlen(host.str); + } + else + { + user.str= ctx->priv_role; + host= null_lex_str; // XXX FIXME or empty_lex_str ? } + user.length= strlen(user.str); } if (user.length > 0) diff --git a/sql/share/errmsg-utf8.txt b/sql/share/errmsg-utf8.txt index 7516700e56e..6135f8f1b96 100644 --- a/sql/share/errmsg-utf8.txt +++ b/sql/share/errmsg-utf8.txt @@ -5489,9 +5489,8 @@ ER_PS_NO_RECURSION ER_SP_CANT_SET_AUTOCOMMIT eng "Not allowed to set autocommit from a stored function or trigger" ger "Es ist nicht erlaubt, innerhalb einer gespeicherten Funktion oder eines Triggers AUTOCOMMIT zu setzen" -ER_MALFORMED_DEFINER - eng "Definer is not fully qualified" - ger "Definierer des View ist nicht vollständig spezifiziert" +ER_MALFORMED_DEFINER 0L000 + eng "Invalid definer" ER_VIEW_FRM_NO_USER eng "View '%-.192s'.'%-.192s' has no definer information (old table format). Current user is used as definer. Please recreate the view!" ger "View '%-.192s'.'%-.192s' hat keine Definierer-Information (altes Tabellenformat). Der aktuelle Benutzer wird als Definierer verwendet. Bitte erstellen Sie den View neu" diff --git a/sql/sp.cc b/sql/sp.cc index ca0cd553716..5d91279af2a 100644 --- a/sql/sp.cc +++ b/sql/sp.cc @@ -662,9 +662,14 @@ db_find_routine(THD *thd, stored_procedure_type type, sp_name *name, close_system_tables(thd, &open_tables_state_backup); table= 0; - parse_user(definer, strlen(definer), - definer_user_name.str, &definer_user_name.length, - definer_host_name.str, &definer_host_name.length); + if (parse_user(definer, strlen(definer), + definer_user_name.str, &definer_user_name.length, + definer_host_name.str, &definer_host_name.length) && + definer_user_name.length && !definer_host_name.length) + { + // 'user@' -> 'user@%' + definer_host_name= host_not_specified; + } ret= db_load_routine(thd, type, name, sphp, sql_mode, params, returns, body, chistics, @@ -975,7 +980,8 @@ sp_create_routine(THD *thd, stored_procedure_type type, sp_head *sp) { int ret; TABLE *table; - char definer[USER_HOST_BUFF_SIZE]; + char definer_buf[USER_HOST_BUFF_SIZE]; + LEX_STRING definer; ulonglong saved_mode= thd->variables.sql_mode; MDL_key::enum_mdl_namespace mdl_type= type == TYPE_ENUM_FUNCTION ? MDL_key::FUNCTION : MDL_key::PROCEDURE; @@ -1012,8 +1018,7 @@ sp_create_routine(THD *thd, stored_procedure_type type, sp_head *sp) restore_record(table, s->default_values); // Get default values for fields /* NOTE: all needed privilege checks have been already done. */ - strxnmov(definer, sizeof(definer)-1, thd->lex->definer->user.str, "@", - thd->lex->definer->host.str, NullS); + thd->lex->definer->set_lex_string(&definer, definer_buf); if (table->s->fields < MYSQL_PROC_FIELD_COUNT) { @@ -1088,7 +1093,7 @@ sp_create_routine(THD *thd, stored_procedure_type type, sp_head *sp) store_failed= store_failed || table->field[MYSQL_PROC_FIELD_DEFINER]-> - store(definer, (uint)strlen(definer), system_charset_info); + store(definer.str, definer.length, system_charset_info); ((Field_timestamp *)table->field[MYSQL_PROC_FIELD_CREATED])->set_time(); ((Field_timestamp *)table->field[MYSQL_PROC_FIELD_MODIFIED])->set_time(); diff --git a/sql/sp_head.cc b/sql/sp_head.cc index 25e64339379..122b6c9b796 100644 --- a/sql/sp_head.cc +++ b/sql/sp_head.cc @@ -2549,8 +2549,13 @@ sp_head::set_definer(const char *definer, uint definerlen) char host_name_holder[HOSTNAME_LENGTH + 1]; LEX_STRING host_name= { host_name_holder, HOSTNAME_LENGTH }; - parse_user(definer, definerlen, user_name.str, &user_name.length, - host_name.str, &host_name.length); + if (parse_user(definer, definerlen, user_name.str, &user_name.length, + host_name.str, &host_name.length) && + user_name.length && !host_name.length) + { + // 'user@' -> 'user@%' + host_name= host_not_specified; + } set_definer(&user_name, &host_name); } diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 938f92220e1..eea2169f7d1 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -314,27 +314,19 @@ public: #ifndef NO_EMBEDDED_ACCESS_CHECKS static void update_hostname(acl_host_and_ip *host, const char *hostname); static ulong get_sort(uint count,...); -static bool compare_hostname(const acl_host_and_ip *host, const char *hostname, - const char *ip); -static bool show_proxy_grants (THD *thd, - const char *username, const char *hostname, - char *buff, size_t buffsize); -static bool show_role_grants(THD *thd, const char *username, const char *hostname, - ACL_USER_BASE *acl_entry, - char *buff, size_t buffsize); -static bool show_global_privileges(THD *thd, ACL_USER_BASE *acl_entry, - bool handle_as_role, - char *buff, size_t buffsize); -static bool show_database_privileges(THD *thd, - const char *username, - const char *hostname, - bool handle_as_role, - char *buff, size_t buffsize); -static bool show_table_and_column_privileges(THD *thd, - const char *username, - const char *hostname, - bool handle_as_role, - char *buff, size_t buffsize); +static bool compare_hostname(const acl_host_and_ip *, const char *, const char *); +static bool show_proxy_grants (THD *, const char *, const char *, + char *, size_t); +static bool show_role_grants(THD *, const char *, const char *, + ACL_USER_BASE *, char *, size_t); +static bool show_global_privileges(THD *, ACL_USER_BASE *, + bool, char *, size_t); +static bool show_database_privileges(THD *, const char *, const char *, + char *, size_t); +static bool show_table_and_column_privileges(THD *, const char *, const char *, + char *, size_t); +static int show_routine_grants(THD *, const char *, const char *, HASH *, + const char *, int, char *, int); class ACL_PROXY_USER :public ACL_ACCESS { @@ -1757,57 +1749,86 @@ bool acl_getroot(Security_context *sctx, char *user, char *host, sctx->db_access= 0; *sctx->priv_user= *sctx->priv_host= *sctx->priv_role= 0; - /* - Find acl entry in user database. - This is specially tailored to suit the check we do for CALL of - a stored procedure; user is set to what is actually a - priv_user, which can be ''. - */ - for (i=0 ; i < acl_users.elements ; i++) + if (host[0]) // User, not Role { - ACL_USER *acl_user_tmp= dynamic_element(&acl_users,i,ACL_USER*); - if ((!acl_user_tmp->user.str && !user[0]) || - (acl_user_tmp->user.str && strcmp(user, acl_user_tmp->user.str) == 0)) + /* + Find acl entry in user database. + This is specially tailored to suit the check we do for CALL of + a stored procedure; user is set to what is actually a + priv_user, which can be ''. + */ + for (i=0 ; i < acl_users.elements ; i++) { - if (compare_hostname(&acl_user_tmp->host, host, ip)) + ACL_USER *acl_user_tmp= dynamic_element(&acl_users,i,ACL_USER*); + if ((!acl_user_tmp->user.str && !user[0]) || + (acl_user_tmp->user.str && strcmp(user, acl_user_tmp->user.str) == 0)) { - acl_user= acl_user_tmp; - res= 0; - break; + if (compare_hostname(&acl_user_tmp->host, host, ip)) + { + acl_user= acl_user_tmp; + res= 0; + break; + } } } - } - if (acl_user) - { - for (i=0 ; i < acl_dbs.elements ; i++) + if (acl_user) { - ACL_DB *acl_db= dynamic_element(&acl_dbs, i, ACL_DB*); - if (!acl_db->user || - (user && user[0] && !strcmp(user, acl_db->user))) + for (i=0 ; i < acl_dbs.elements ; i++) { - if (compare_hostname(&acl_db->host, host, ip)) - { - if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0))) - { - sctx->db_access= acl_db->access; - break; - } - } + ACL_DB *acl_db= dynamic_element(&acl_dbs, i, ACL_DB*); + if (!acl_db->user || + (user && user[0] && !strcmp(user, acl_db->user))) + { + if (compare_hostname(&acl_db->host, host, ip)) + { + if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0))) + { + sctx->db_access= acl_db->access; + break; + } + } + } } - } - sctx->master_access= acl_user->access; + sctx->master_access= acl_user->access; - if (acl_user->user.str) - strmake_buf(sctx->priv_user, user); - else - *sctx->priv_user= 0; + if (acl_user->user.str) + strmake_buf(sctx->priv_user, user); - if (acl_user->host.hostname) - strmake_buf(sctx->priv_host, acl_user->host.hostname); - else - *sctx->priv_host= 0; + if (acl_user->host.hostname) + strmake_buf(sctx->priv_host, acl_user->host.hostname); + } + } + else // Role, not User + { + ACL_ROLE *acl_role= find_acl_role(user); + if (acl_role) + { + res= 0; + for (i=0 ; i < acl_dbs.elements ; i++) + { + ACL_DB *acl_db= dynamic_element(&acl_dbs, i, ACL_DB*); + if (!acl_db->user || + (user && user[0] && !strcmp(user, acl_db->user))) + { + if (compare_hostname(&acl_db->host, "", "")) + { + if (!acl_db->db || (db && !wild_compare(db, acl_db->db, 0))) + { + sctx->db_access= acl_db->access; + break; + } + } + } + } + sctx->master_access= acl_role->access; + + if (acl_role->user.str) + strmake_buf(sctx->priv_user, user); + sctx->priv_host[0]= 0; + } } + mysql_mutex_unlock(&acl_cache->lock); DBUG_RETURN(res); } @@ -3039,7 +3060,12 @@ bool is_acl_user(const char *host, const char *user) return TRUE; mysql_mutex_lock(&acl_cache->lock); - res= find_user_no_anon(host, user, TRUE) != NULL; + + if (*host) // User + res= find_user_no_anon(host, user, TRUE) != NULL; + else // Role + res= find_acl_role(user) != NULL; + mysql_mutex_unlock(&acl_cache->lock); return res; } @@ -3345,13 +3371,13 @@ static bool test_if_create_new_users(THD *thd) static int replace_user_table(THD *thd, TABLE *table, LEX_USER &combo, ulong rights, bool revoke_grant, - bool can_create_user, bool no_auto_create, - bool handle_as_role) + bool can_create_user, bool no_auto_create) { int error = -1; bool old_row_exists=0; char what= (revoke_grant) ? 'N' : 'Y'; uchar user_key[MAX_KEY_LENGTH]; + bool handle_as_role= combo.is_role(); LEX *lex= thd->lex; DBUG_ENTER("replace_user_table"); @@ -4833,26 +4859,6 @@ table_error: /* - A user name specified without a host can be either a - username@% (where '@%' is added automatically by the parser) - or a role name. Treat it as a role, if such a role exists. -*/ -static ACL_ROLE *find_and_mark_as_role(LEX_USER *user) -{ - if (user->host.str == host_not_specified.str) - { - ACL_ROLE *role= find_acl_role(user->user.str); - if (role) - { - user->host= empty_lex_str; - return role; - } - } - return NULL; -} - - -/* Store table level and column level grants in the privilege tables SYNOPSIS @@ -5018,21 +5024,16 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, { int error; GRANT_TABLE *grant_table; - if (!(Str= get_current_user(thd, tmp_Str))) + if (!(Str= get_current_user(thd, tmp_Str, false))) { result= TRUE; continue; } - - bool handle_as_role= FALSE; - if (find_and_mark_as_role(Str)) - handle_as_role= TRUE; - /* Create user if needed */ error=replace_user_table(thd, tables[0].table, *Str, 0, revoke_grant, create_new_users, test(thd->variables.sql_mode & - MODE_NO_AUTO_CREATE_USER), handle_as_role); + MODE_NO_AUTO_CREATE_USER)); if (error) { result= TRUE; // Remember error @@ -5227,21 +5228,16 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc, { int error; GRANT_NAME *grant_name; - if (!(Str= get_current_user(thd, tmp_Str))) + if (!(Str= get_current_user(thd, tmp_Str, false))) { result= TRUE; continue; } - - bool handle_as_role= FALSE; - if (find_and_mark_as_role(Str)) - handle_as_role=TRUE; - /* Create user if needed */ error=replace_user_table(thd, tables[0].table, *Str, 0, revoke_grant, create_new_users, test(thd->variables.sql_mode & - MODE_NO_AUTO_CREATE_USER), handle_as_role); + MODE_NO_AUTO_CREATE_USER)); if (error) { result= TRUE; // Remember error @@ -5297,15 +5293,14 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc, DBUG_RETURN(result); } -static void append_user(String *str, const char *u, const char *h, - bool handle_as_role) +static void append_user(String *str, const char *u, const char *h) { if (str->length()) str->append(','); str->append('\''); str->append(u); /* hostname part is not relevant for roles, it is always empty */ - if (!handle_as_role) + if (*h) { str->append(STRING_WITH_LEN("'@'")); str->append(h); @@ -5381,13 +5376,13 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) /* current_role is NONE */ if (!thd->security_ctx->priv_role[0]) { - append_user(&wrong_users, "NONE", "", TRUE); + append_user(&wrong_users, "NONE", ""); result= 1; continue; } if (!(role_as_user= find_acl_role(thd->security_ctx->priv_role))) { - append_user(&wrong_users, thd->security_ctx->priv_role, "", TRUE); + append_user(&wrong_users, thd->security_ctx->priv_role, ""); result= 1; continue; } @@ -5395,18 +5390,26 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) /* can not grant current_role to current_role */ if (granted_role->user.str == current_role.str) { - append_user(&wrong_users, thd->security_ctx->priv_role, "", TRUE); + append_user(&wrong_users, thd->security_ctx->priv_role, ""); result= 1; continue; } username= thd->security_ctx->priv_role; - hostname= (char *)""; + hostname= const_cast<char*>(""); + } + else if (user->user.str == current_user.str) + { + role_as_user= NULL; + username= thd->security_ctx->priv_user; + hostname= thd->security_ctx->priv_host; } else { - role_as_user= find_and_mark_as_role(user); + if ((role_as_user= find_acl_role(user->user.str))) + hostname= const_cast<char*>(""); + else + hostname= user->host.str ? user->host.str : host_not_specified.str; username= user->user.str; - hostname= user->host.str; } ROLE_GRANT_PAIR *mapping, *hash_entry; @@ -5421,7 +5424,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) /* role or user does not exist*/ if (res == -1) { - append_user(&wrong_users, username, hostname, role_as_user != NULL); + append_user(&wrong_users, username, hostname); result= 1; continue; } @@ -5434,7 +5437,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) traverse_role_graph(role, NULL, NULL, NULL, role_explore_detect_cycle, NULL) == 2) { - append_user(&wrong_users, username, hostname, TRUE); + append_user(&wrong_users, username, ""); result= 1; /* need to rollback the mapping added previously */ remove_role_user_mapping(mapping); @@ -5450,7 +5453,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) /* grant was already removed or never existed */ if (!hash_entry) { - append_user(&wrong_users, username, hostname, role_as_user != NULL); + append_user(&wrong_users, username, hostname); result= 1; continue; } @@ -5458,7 +5461,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) int res= remove_role_user_mapping(mapping); if (res == -1) { - append_user(&wrong_users, username, hostname, role_as_user != NULL); + append_user(&wrong_users, username, hostname); result= 1; continue; } @@ -5467,7 +5470,7 @@ bool mysql_grant_role(THD *thd, List <LEX_USER> &list, bool revoke) /* write into the roles_mapping table */ if (replace_roles_mapping_table(tables.table, mapping, revoke)) { - append_user(&wrong_users, username, hostname, TRUE); + append_user(&wrong_users, username, ""); result= 1; if (!revoke) { @@ -5599,10 +5602,17 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list, mysql_mutex_lock(&acl_cache->lock); grant_version++; + if (proxied_user) + { + if (!(proxied_user= get_current_user(thd, proxied_user, false))) + DBUG_RETURN(TRUE); + DBUG_ASSERT(proxied_user->host.length); // not a Role + } + int result=0; while ((tmp_Str = str_list++)) { - if (!(Str= get_current_user(thd, tmp_Str))) + if (!(Str= get_current_user(thd, tmp_Str, false))) { result= TRUE; continue; @@ -5615,14 +5625,10 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list, if (tmp_Str->user.str == current_user.str && tmp_Str->password.str) Str->password= tmp_Str->password; - bool handle_as_role= FALSE; - if (find_and_mark_as_role(Str)) - handle_as_role= TRUE; - if (replace_user_table(thd, tables[0].table, *Str, (!db ? rights : 0), revoke_grant, create_new_users, test(thd->variables.sql_mode & - MODE_NO_AUTO_CREATE_USER), handle_as_role)) + MODE_NO_AUTO_CREATE_USER))) result= -1; else if (db) { @@ -6870,14 +6876,6 @@ static uint command_lengths[]= }; -static int show_routine_grants(THD *thd, - const char *username, - const char *hostname, - HASH *hash, - const char *type, int typelen, - bool handle_as_role, - char *buff, int buffsize); - bool print_grants_for_role(THD *thd, ACL_ROLE * role, char *buff, size_t buffsize) { @@ -6887,18 +6885,18 @@ bool print_grants_for_role(THD *thd, ACL_ROLE * role, if (show_global_privileges(thd, role, TRUE, buff, buffsize)) return TRUE; - if (show_database_privileges(thd, role->user.str, "", TRUE, buff, buffsize)) + if (show_database_privileges(thd, role->user.str, "", buff, buffsize)) return TRUE; - if (show_table_and_column_privileges(thd, role->user.str, "", TRUE, buff, buffsize)) + if (show_table_and_column_privileges(thd, role->user.str, "", buff, buffsize)) return TRUE; if (show_routine_grants(thd, role->user.str, "", &proc_priv_hash, - STRING_WITH_LEN("PROCEDURE"), TRUE, buff, buffsize)) + STRING_WITH_LEN("PROCEDURE"), buff, buffsize)) return TRUE; if (show_routine_grants(thd, role->user.str, "", &func_priv_hash, - STRING_WITH_LEN("FUNCTION"), TRUE, buff, buffsize)) + STRING_WITH_LEN("FUNCTION"), buff, buffsize)) return TRUE; return FALSE; @@ -6951,7 +6949,8 @@ bool mysql_show_grants(THD *thd, LEX_USER *lex_user) } else { - if (find_and_mark_as_role(lex_user)) + lex_user= get_current_user(thd, lex_user, false); + if (lex_user->is_role()) { rolename= lex_user->user.str; } @@ -7010,28 +7009,28 @@ bool mysql_show_grants(THD *thd, LEX_USER *lex_user) }; /* Add database access */ - if (show_database_privileges(thd, username, hostname, FALSE, buff, sizeof(buff))) + if (show_database_privileges(thd, username, hostname, buff, sizeof(buff))) { error= -1; goto end; } /* Add table & column access */ - if (show_table_and_column_privileges(thd, username, hostname, FALSE, buff, sizeof(buff))) + if (show_table_and_column_privileges(thd, username, hostname, buff, sizeof(buff))) { error= -1; goto end; } if (show_routine_grants(thd, username, hostname, &proc_priv_hash, - STRING_WITH_LEN("PROCEDURE"), FALSE, buff, sizeof(buff))) + STRING_WITH_LEN("PROCEDURE"), buff, sizeof(buff))) { error= -1; goto end; } if (show_routine_grants(thd, username, hostname, &func_priv_hash, - STRING_WITH_LEN("FUNCTION"), FALSE, buff, sizeof(buff))) + STRING_WITH_LEN("FUNCTION"), buff, sizeof(buff))) { error= -1; goto end; @@ -7267,7 +7266,6 @@ static bool show_global_privileges(THD *thd, ACL_USER_BASE *acl_entry, static bool show_database_privileges(THD *thd, const char *username, const char *hostname, - bool handle_as_role, char *buff, size_t buffsize) { ACL_DB *acl_db; @@ -7295,12 +7293,14 @@ static bool show_database_privileges(THD *thd, if (!strcmp(username, user) && !my_strcasecmp(system_charset_info, hostname, host)) { - /* do not print inherited access bits, the role bits present in the - table are what matters */ - if (handle_as_role) - want_access=acl_db->initial_access; - else + /* + do not print inherited access bits for roles, + the role bits present in the table are what matters + */ + if (*hostname) // User want_access=acl_db->access; + else // Role + want_access=acl_db->initial_access; if (want_access) { String db(buff,sizeof(buff),system_charset_info); @@ -7331,7 +7331,7 @@ static bool show_database_privileges(THD *thd, db.append (STRING_WITH_LEN(".* TO '")); db.append(username, strlen(username), system_charset_info); - if (!handle_as_role) + if (*hostname) { db.append (STRING_WITH_LEN("'@'")); // host and lex_user->host are equal except for case @@ -7356,7 +7356,6 @@ static bool show_database_privileges(THD *thd, static bool show_table_and_column_privileges(THD *thd, const char *username, const char *hostname, - bool handle_as_role, char *buff, size_t buffsize) { uint counter, index; @@ -7385,16 +7384,16 @@ static bool show_table_and_column_privileges(THD *thd, { ulong table_access; ulong cols_access; - if (handle_as_role) - { - table_access= grant_table->init_privs; - cols_access= grant_table->init_cols; - } - else + if (*hostname) // User { table_access= grant_table->privs; cols_access= grant_table->cols; } + else // Role + { + table_access= grant_table->init_privs; + cols_access= grant_table->init_cols; + } if ((table_access | cols_access) != 0) { @@ -7435,8 +7434,8 @@ static bool show_table_and_column_privileges(THD *thd, { GRANT_COLUMN *grant_column = (GRANT_COLUMN*) my_hash_element(hash_columns,col_index); - if ((!handle_as_role && (grant_column->rights & j)) || - (handle_as_role && (grant_column->init_rights & j))) + if (j & (*hostname ? grant_column->rights // User + : grant_column->init_rights)) // Role { if (!found_col) { @@ -7475,7 +7474,7 @@ static bool show_table_and_column_privileges(THD *thd, global.append(STRING_WITH_LEN(" TO '")); global.append(username, strlen(username), system_charset_info); - if (!handle_as_role) + if (*hostname) { global.append(STRING_WITH_LEN("'@'")); // host and lex_user->host are equal except for case @@ -7499,9 +7498,7 @@ static bool show_table_and_column_privileges(THD *thd, static int show_routine_grants(THD* thd, const char *username, const char *hostname, - HASH *hash, - const char *type, int typelen, - bool handle_as_role, + HASH *hash, const char *type, int typelen, char *buff, int buffsize) { uint counter, index; @@ -7529,10 +7526,10 @@ static int show_routine_grants(THD* thd, !my_strcasecmp(system_charset_info, hostname, host)) { ulong proc_access; - if (handle_as_role) - proc_access= grant_proc->init_privs; - else + if (*hostname) // User proc_access= grant_proc->privs; + else // Role + proc_access= grant_proc->init_privs; if (proc_access != 0) { @@ -7572,7 +7569,7 @@ static int show_routine_grants(THD* thd, global.append(STRING_WITH_LEN(" TO '")); global.append(username, strlen(username), system_charset_info); - if (!handle_as_role) + if (*hostname) { global.append(STRING_WITH_LEN("'@'")); // host and lex_user->host are equal except for case @@ -8232,9 +8229,15 @@ static int handle_grant_table(TABLE_LIST *tables, uint table_no, bool drop, table->key_info->key_part[1].store_length); key_copy(user_key, table->record[0], table->key_info, key_prefix_length); - if ((error= table->file->ha_index_read_idx_map(table->record[0], 0, - user_key, (key_part_map)3, - HA_READ_KEY_EXACT))) + error= table->file->ha_index_read_idx_map(table->record[0], 0, + user_key, (key_part_map)3, + HA_READ_KEY_EXACT); + if (!error && !*host_str) + { // verify that we got a role or a user, as needed + if (check_is_role(table) != user_from->is_role()) + error= HA_ERR_KEY_NOT_FOUND; + } + if (error) { if (error != HA_ERR_KEY_NOT_FOUND && error != HA_ERR_END_OF_FILE) { @@ -8371,7 +8374,7 @@ static int handle_grant_struct(enum enum_acl_lists struct_no, bool drop, DBUG_RETURN(0); /* same. no roles in PROXY_USERS_ACL */ - if (struct_no == PROXY_USERS_ACL && !user_from->host.length) + if (struct_no == PROXY_USERS_ACL && user_from->is_role()) DBUG_RETURN(0); if (struct_no == ROLE_ACL) //no need to scan the structures in this case @@ -8678,8 +8681,12 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, { int result= 0; int found; + bool handle_as_role= user_from->is_role(); DBUG_ENTER("handle_grant_data"); + if (user_to) + DBUG_ASSERT(handle_as_role == user_to->is_role()); + /* Handle user table. */ if ((found= handle_grant_table(tables, 0, drop, user_from, user_to)) < 0) { @@ -8688,20 +8695,32 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, } else { - /* Handle user array. */ - if ((handle_grant_struct(USER_ACL, drop, user_from, user_to)) || found) + if (handle_as_role) { - result= 1; /* At least one record/element found. */ - /* If search is requested, we do not need to search further. */ - if (! drop && ! user_to) - goto end; + if ((handle_grant_struct(ROLE_ACL, drop, user_from, user_to)) || found) + { + result= 1; /* At least one record/element found. */ + /* If search is requested, we do not need to search further. */ + if (! drop && ! user_to) + goto end; + } + else + if (find_user_no_anon(user_from->host.str, user_from->user.str, TRUE)) + goto end; // looking for a role, found a user } - if ((handle_grant_struct(ROLE_ACL, drop, user_from, user_to)) || found) + else { - result= 1; /* At least one record/element found. */ - /* If search is requested, we do not need to search further. */ - if (! drop && ! user_to) - goto end; + /* Handle user array. */ + if ((handle_grant_struct(USER_ACL, drop, user_from, user_to)) || found) + { + result= 1; /* At least one record/element found. */ + /* If search is requested, we do not need to search further. */ + if (! drop && ! user_to) + goto end; + } + else + if (find_acl_role(user_from->user.str)) + goto end; // looking for a user, found a role } } @@ -8821,14 +8840,14 @@ static int handle_grant_data(TABLE_LIST *tables, bool drop, DBUG_RETURN(result); } -static void append_user(String *str, LEX_USER *user, bool handle_as_role) +static void append_user(String *str, LEX_USER *user) { if (str->length()) str->append(','); str->append('\''); str->append(user->user.str); /* hostname part is not relevant for roles, it is always empty */ - if (!handle_as_role) + if (!user->is_role()) { str->append(STRING_WITH_LEN("'@'")); str->append(user->host.str); @@ -8854,7 +8873,7 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) { int result; String wrong_users; - LEX_USER *user_name, *tmp_user_name; + LEX_USER *user_name; List_iterator <LEX_USER> user_list(list); TABLE_LIST tables[GRANT_TABLES]; bool some_users_created= FALSE; @@ -8868,30 +8887,8 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) mysql_rwlock_wrlock(&LOCK_grant); mysql_mutex_lock(&acl_cache->lock); - while ((tmp_user_name= user_list++)) + while ((user_name= user_list++)) { - if (handle_as_role) - { - user_name= tmp_user_name; - user_name->host.str= (char *)""; - user_name->host.length= 0; - /* role already exists */ - if (find_acl_role(user_name->user.str)) - { - append_user(&wrong_users, user_name, TRUE); - result = TRUE; - continue; - } - } - else - { - if (!(user_name= get_current_user(thd, tmp_user_name))) - { - result= TRUE; - continue; - } - } - if (!user_name->host.str) user_name->host= host_not_specified; @@ -8901,17 +8898,16 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) */ if (handle_grant_data(tables, 0, user_name, NULL)) { - append_user(&wrong_users, user_name, handle_as_role); + append_user(&wrong_users, user_name); result= TRUE; continue; } some_users_created= TRUE; - if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0, - handle_as_role)) + if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0)) { - append_user(&wrong_users, user_name, handle_as_role); + append_user(&wrong_users, user_name); result= TRUE; } } @@ -8966,31 +8962,17 @@ bool mysql_drop_user(THD *thd, List <LEX_USER> &list, bool handle_as_role) while ((tmp_user_name= user_list++)) { - if (handle_as_role) + user_name= get_current_user(thd, tmp_user_name, false); + if (!user_name || handle_as_role != user_name->is_role()) { - - user_name= tmp_user_name; - user_name->host.str= (char *)""; - user_name->host.length= 0; - if (!find_acl_role(user_name->user.str)) - { - append_user(&wrong_users, user_name, TRUE); - result= TRUE; - continue; - } - } - else - { - if (!(user_name= get_current_user(thd, tmp_user_name))) - { - result= TRUE; - continue; - } + append_user(&wrong_users, tmp_user_name); + result= TRUE; + continue; } if (handle_grant_data(tables, 1, user_name, NULL) <= 0) { - append_user(&wrong_users, user_name, handle_as_role); + append_user(&wrong_users, user_name); result= TRUE; continue; } @@ -9058,18 +9040,21 @@ bool mysql_rename_user(THD *thd, List <LEX_USER> &list) while ((tmp_user_from= user_list++)) { - if (!(user_from= get_current_user(thd, tmp_user_from))) + tmp_user_to= user_list++; + if (!(user_from= get_current_user(thd, tmp_user_from, false)) || + user_from->is_role()) { + append_user(&wrong_users, user_from); result= TRUE; continue; } - tmp_user_to= user_list++; - if (!(user_to= get_current_user(thd, tmp_user_to))) + if (!(user_to= get_current_user(thd, tmp_user_to, false)) || + user_to->is_role()) { + append_user(&wrong_users, user_to); result= TRUE; continue; } - DBUG_ASSERT(user_to != 0); /* Syntax enforces pairs of users. */ /* Search all in-memory structures and grant tables @@ -9079,7 +9064,7 @@ bool mysql_rename_user(THD *thd, List <LEX_USER> &list) handle_grant_data(tables, 0, user_from, user_to) <= 0) { /* NOTE TODO renaming roles is not yet implemented */ - append_user(&wrong_users, user_from, FALSE); + append_user(&wrong_users, user_from); result= TRUE; continue; } @@ -9139,7 +9124,7 @@ bool mysql_revoke_all(THD *thd, List <LEX_USER> &list) List_iterator <LEX_USER> user_list(list); while ((tmp_lex_user= user_list++)) { - if (!(lex_user= get_current_user(thd, tmp_lex_user))) + if (!(lex_user= get_current_user(thd, tmp_lex_user, false))) { result= -1; continue; @@ -9150,8 +9135,7 @@ bool mysql_revoke_all(THD *thd, List <LEX_USER> &list) continue; } - if (replace_user_table(thd, tables[0].table, - *lex_user, ~(ulong)0, 1, 0, 0, 0)) + if (replace_user_table(thd, tables[0].table, *lex_user, ~(ulong)0, 1, 0, 0)) { result= -1; continue; @@ -10257,6 +10241,47 @@ bool check_routine_level_acl(THD *thd, const char *db, const char *name, #endif +/** + Retuns information about user or current user. + + @param[in] thd thread handler + @param[in] user user + + @return + - On success, return a valid pointer to initialized + LEX_USER, which contains user information. + - On error, return 0. +*/ + +LEX_USER *get_current_user(THD *thd, LEX_USER *user, bool lock) +{ + if (user->user.str == current_user.str) // current_user + return create_default_definer(thd, false); + + if (user->user.str == current_role.str) // current_role + return create_default_definer(thd, true); + + if (user->host.str == NULL) // Possibly a role + { + // to be reexecution friendly we have to make a copy + LEX_USER *dup= (LEX_USER*) thd->memdup(user, sizeof(*user)); + if (!dup) + return 0; + + if (lock) + mysql_mutex_lock(&acl_cache->lock); + if (find_acl_role(dup->user.str)) + dup->host= empty_lex_str; + else + dup->host= host_not_specified; + if (lock) + mysql_mutex_unlock(&acl_cache->lock); + return dup; + } + + return user; +} + struct ACL_internal_schema_registry_entry { const LEX_STRING *m_name; diff --git a/sql/sql_class.cc b/sql/sql_class.cc index cec46a0a3a7..0f379ba7660 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -938,7 +938,7 @@ THD::THD() thr_lock_info_init(&lock_info); /* safety: will be reset after start */ m_internal_handler= NULL; - m_binlog_invoker= FALSE; + m_binlog_invoker= INVOKER_NONE; arena_for_cached_items= 0; memset(&invoker_user, 0, sizeof(invoker_user)); memset(&invoker_host, 0, sizeof(invoker_host)); @@ -1890,7 +1890,7 @@ void THD::cleanup_after_query() where= THD::DEFAULT_WHERE; /* reset table map for multi-table update */ table_map_for_update= 0; - m_binlog_invoker= FALSE; + m_binlog_invoker= INVOKER_NONE; #ifndef EMBEDDED_LIBRARY if (rli_slave) @@ -4341,9 +4341,9 @@ void THD::leave_locked_tables_mode() locked_tables_mode= LTM_NONE; } -void THD::get_definer(LEX_USER *definer) +void THD::get_definer(LEX_USER *definer, bool role) { - binlog_invoker(); + binlog_invoker(role); #if !defined(MYSQL_CLIENT) && defined(HAVE_REPLICATION) if (slave_thread && has_invoker()) { @@ -4355,7 +4355,7 @@ void THD::get_definer(LEX_USER *definer) } else #endif - get_default_definer(this, definer); + get_default_definer(this, definer, role); } diff --git a/sql/sql_class.h b/sql/sql_class.h index 64de6a63ded..13a3adf5909 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -3153,9 +3153,11 @@ public: } void leave_locked_tables_mode(); int decide_logging_format(TABLE_LIST *tables); - void binlog_invoker() { m_binlog_invoker= TRUE; } - bool need_binlog_invoker() { return m_binlog_invoker; } - void get_definer(LEX_USER *definer); + + enum need_invoker { INVOKER_NONE=0, INVOKER_USER, INVOKER_ROLE}; + void binlog_invoker(bool role) { m_binlog_invoker= role ? INVOKER_ROLE : INVOKER_USER; } + enum need_invoker need_binlog_invoker() { return m_binlog_invoker; } + void get_definer(LEX_USER *definer, bool role); void set_invoker(const LEX_STRING *user, const LEX_STRING *host) { invoker_user= *user; @@ -3230,14 +3232,15 @@ private: Diagnostics_area main_da; /** - It will be set TURE if CURRENT_USER() is called in account management - statements or default definer is set in CREATE/ALTER SP, SF, Event, - TRIGGER or VIEW statements. + It will be set if CURRENT_USER() or CURRENT_ROLE() is called in account + management statements or default definer is set in CREATE/ALTER SP, SF, + Event, TRIGGER or VIEW statements. - Current user will be binlogged into Query_log_event if m_binlog_invoker - is TRUE; It will be stored into invoker_host and invoker_user by SQL thread. + Current user or role will be binlogged into Query_log_event if + m_binlog_invoker is not NONE; It will be stored into invoker_host and + invoker_user by SQL thread. */ - bool m_binlog_invoker; + enum need_invoker m_binlog_invoker; /** It points to the invoker in the Query_log_event. diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 3ac90ea2b7c..27162b1cac4 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -1840,7 +1840,7 @@ bool sp_process_definer(THD *thd) Query_arena original_arena; Query_arena *ps_arena= thd->activate_stmt_arena_if_needed(&original_arena); - lex->definer= create_default_definer(thd); + lex->definer= create_default_definer(thd, false); if (ps_arena) thd->restore_active_arena(ps_arena, &original_arena); @@ -1854,20 +1854,24 @@ bool sp_process_definer(THD *thd) } else { + LEX_USER *d= lex->definer= get_current_user(thd, lex->definer); + if (!d) + DBUG_RETURN(TRUE); + /* - If the specified definer differs from the current user, we + If the specified definer differs from the current user or role, we should check that the current user has SUPER privilege (in order to create a stored routine under another user one must have SUPER privilege). */ - if ((strcmp(lex->definer->user.str, thd->security_ctx->priv_user) || - my_strcasecmp(system_charset_info, lex->definer->host.str, - thd->security_ctx->priv_host)) && - check_global_access(thd, SUPER_ACL, true)) - { - my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), "SUPER"); + bool curuser= !strcmp(d->user.str, thd->security_ctx->priv_user); + bool currole= !curuser && !strcmp(d->user.str, thd->security_ctx->priv_role); + bool curuserhost= curuser && d->host.str && + !my_strcasecmp(system_charset_info, d->host.str, + thd->security_ctx->priv_host); + if (!curuserhost && !currole && + check_global_access(thd, SUPER_ACL, false)) DBUG_RETURN(TRUE); - } } /* Check that the specified definer exists. Emit a warning if not. */ @@ -3783,7 +3787,7 @@ end_with_restore_list: goto error; /* Replicate current user as grantor */ - thd->binlog_invoker(); + thd->binlog_invoker(false); if (thd->security_ctx->user) // If not replication { @@ -7686,16 +7690,23 @@ Item *negate_expression(THD *thd, Item *expr) @param[out] definer definer */ -void get_default_definer(THD *thd, LEX_USER *definer) +void get_default_definer(THD *thd, LEX_USER *definer, bool role) { const Security_context *sctx= thd->security_ctx; - definer->user.str= (char *) sctx->priv_user; + if (role) + { + definer->user.str= const_cast<char*>(sctx->priv_role); + definer->host= empty_lex_str; + } + else + { + definer->user.str= const_cast<char*>(sctx->priv_user); + definer->host.str= const_cast<char*>(sctx->priv_host); + definer->host.length= strlen(definer->host.str); + } definer->user.length= strlen(definer->user.str); - definer->host.str= (char *) sctx->priv_host; - definer->host.length= strlen(definer->host.str); - definer->password= null_lex_str; definer->plugin= empty_lex_str; definer->auth= empty_lex_str; @@ -7713,16 +7724,22 @@ void get_default_definer(THD *thd, LEX_USER *definer) - On error, return 0. */ -LEX_USER *create_default_definer(THD *thd) +LEX_USER *create_default_definer(THD *thd, bool role) { LEX_USER *definer; if (! (definer= (LEX_USER*) thd->alloc(sizeof(LEX_USER)))) return 0; - thd->get_definer(definer); + thd->get_definer(definer, role); - return definer; + if (role && definer->user.length == 0) + { + my_error(ER_MALFORMED_DEFINER, MYF(0)); + return 0; + } + else + return definer; } @@ -7758,27 +7775,6 @@ LEX_USER *create_definer(THD *thd, LEX_STRING *user_name, LEX_STRING *host_name) /** - Retuns information about user or current user. - - @param[in] thd thread handler - @param[in] user user - - @return - - On success, return a valid pointer to initialized - LEX_USER, which contains user information. - - On error, return 0. -*/ - -LEX_USER *get_current_user(THD *thd, LEX_USER *user) -{ - if (user->user.str == current_user.str) // current_user - return create_default_definer(thd); - - return user; -} - - -/** Check that byte length of a string does not exceed some limit. @param str string to be checked diff --git a/sql/sql_parse.h b/sql/sql_parse.h index c87e290119e..16b5280a7c7 100644 --- a/sql/sql_parse.h +++ b/sql/sql_parse.h @@ -63,10 +63,10 @@ Comp_creator *comp_ne_creator(bool invert); int prepare_schema_table(THD *thd, LEX *lex, Table_ident *table_ident, enum enum_schema_tables schema_table_idx); -void get_default_definer(THD *thd, LEX_USER *definer); -LEX_USER *create_default_definer(THD *thd); +void get_default_definer(THD *thd, LEX_USER *definer, bool role); +LEX_USER *create_default_definer(THD *thd, bool role); LEX_USER *create_definer(THD *thd, LEX_STRING *user_name, LEX_STRING *host_name); -LEX_USER *get_current_user(THD *thd, LEX_USER *user); +LEX_USER *get_current_user(THD *thd, LEX_USER *user, bool lock=true); bool sp_process_definer(THD *thd); bool check_string_byte_length(LEX_STRING *str, const char *err_msg, uint max_byte_length); diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 5fc5afcc0fd..b95d26bd51c 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2064,8 +2064,11 @@ void append_definer(THD *thd, String *buffer, const LEX_STRING *definer_user, { buffer->append(STRING_WITH_LEN("DEFINER=")); append_identifier(thd, buffer, definer_user->str, definer_user->length); - buffer->append('@'); - append_identifier(thd, buffer, definer_host->str, definer_host->length); + if (definer_host->str[0]) + { + buffer->append('@'); + append_identifier(thd, buffer, definer_host->str, definer_host->length); + } buffer->append(' '); } diff --git a/sql/sql_trigger.cc b/sql/sql_trigger.cc index e0898740047..c7d47487c6a 100644 --- a/sql/sql_trigger.cc +++ b/sql/sql_trigger.cc @@ -763,9 +763,7 @@ bool Table_triggers_list::create_trigger(THD *thd, TABLE_LIST *tables, definer_user= lex->definer->user; definer_host= lex->definer->host; - trg_definer->str= trg_definer_holder; - trg_definer->length= strxmov(trg_definer->str, definer_user.str, "@", - definer_host.str, NullS) - trg_definer->str; + lex->definer->set_lex_string(trg_definer, trg_definer_holder); } else { diff --git a/sql/sql_view.cc b/sql/sql_view.cc index 65151d503a4..1a33cd97a48 100644 --- a/sql/sql_view.cc +++ b/sql/sql_view.cc @@ -822,7 +822,7 @@ static int mysql_register_view(THD *thd, TABLE_LIST *view, goto err; } - view->file_version= 1; + view->file_version= 2; view->calc_md5(md5); if (!(view->md5.str= (char*) thd->memdup(md5, 32))) { @@ -1113,8 +1113,16 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table, push_warning_printf(thd, MYSQL_ERROR::WARN_LEVEL_WARN, ER_VIEW_FRM_NO_USER, ER(ER_VIEW_FRM_NO_USER), table->db, table->table_name); - get_default_definer(thd, &table->definer); + get_default_definer(thd, &table->definer, false); } + + /* + since 10.0.5 definer.host can never be "" for a User, but it's + always "" for a Role. Before 10.0.5 it could be "" for a User, + but roles didn't exist. file_version helps. + */ + if (!table->definer.host.str[0] && table->file_version < 2) + table->definer.host= host_not_specified; // User, not Role /* Initialize view definition context by character set names loaded from diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy index dd874caf4b0..332333da620 100644 --- a/sql/sql_yacc.yy +++ b/sql/sql_yacc.yy @@ -13173,7 +13173,7 @@ user: if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user)))) MYSQL_YYABORT; $$->user = $1; - $$->host= host_not_specified; + $$->host= null_lex_str; // User or Role, see get_current_user() $$->password= null_lex_str; $$->plugin= empty_lex_str; $$->auth= empty_lex_str; @@ -14351,7 +14351,7 @@ grant_role: if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user)))) MYSQL_YYABORT; $$->user = $1; - $$->host= host_not_specified; + $$->host= empty_lex_str; $$->password= null_lex_str; $$->plugin= empty_lex_str; $$->auth= empty_lex_str; @@ -15044,9 +15044,9 @@ no_definer: ; definer: - DEFINER_SYM EQ user + DEFINER_SYM EQ user_or_role { - thd->lex->definer= get_current_user(thd, $3); + thd->lex->definer= $3; } ; diff --git a/sql/structs.h b/sql/structs.h index a3a54c524e6..f4b85433e3a 100644 --- a/sql/structs.h +++ b/sql/structs.h @@ -190,6 +190,14 @@ typedef int *(*update_var)(THD *, struct st_mysql_show_var *); typedef struct st_lex_user { LEX_STRING user, host, password, plugin, auth; + bool is_role() { return user.str[0] && !host.str[0]; } + void set_lex_string(LEX_STRING *l, char *buf) + { + if (is_role()) + *l= user; + else + l->length= strxmov(l->str= buf, user.str, "@", host.str, NullS) - buf; + } } LEX_USER; /* |