diff options
Diffstat (limited to 'mysql-test/main')
150 files changed, 658 insertions, 587 deletions
diff --git a/mysql-test/main/alter_user.result b/mysql-test/main/alter_user.result index 7cca2db0e5e..08afb04d14f 100644 --- a/mysql-test/main/alter_user.result +++ b/mysql-test/main/alter_user.result @@ -28,7 +28,7 @@ SET @start_read_only = @@global.read_only; SET GLOBAL read_only=1; grant create user on *.* to foo; # Currently no READ_ONLY ADMIN privileges. -connect a, localhost, foo; +connect a, localhost, foo,,"*NO-ONE*"; select @@global.read_only; @@global.read_only 1 @@ -38,7 +38,7 @@ ERROR HY000: The MariaDB server is running with the --read-only option so it can connection default; grant READ_ONLY ADMIN on *.* to foo; # We now have READ_ONLY ADMIN privilege. We should be able to run alter user. -connect b, localhost, foo; +connect b, localhost, foo,,"*NO-ONE*"; alter user foo; connection default; SET GLOBAL read_only = @start_read_only; @@ -116,7 +116,7 @@ drop user foo; # Bug #29882299: ALTER USER ... IDENTIFIED WITH ... BY ... SHOULD BE A PRIVILEGED OPERATION # create user foo@localhost; -connect x,localhost,foo; +connect x,localhost,foo,,"*NO-ONE*"; alter user current_user identified with 'something'; ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation connection default; diff --git a/mysql-test/main/alter_user.test b/mysql-test/main/alter_user.test index 95e6d732907..aa92703a3e2 100644 --- a/mysql-test/main/alter_user.test +++ b/mysql-test/main/alter_user.test @@ -25,7 +25,7 @@ SET GLOBAL read_only=1; grant create user on *.* to foo; --echo # Currently no READ_ONLY ADMIN privileges. -connect (a, localhost, foo); +connect (a, localhost, foo,,"*NO-ONE*"); select @@global.read_only; --error ER_OPTION_PREVENTS_STATEMENT @@ -36,7 +36,7 @@ connection default; grant READ_ONLY ADMIN on *.* to foo; --echo # We now have READ_ONLY ADMIN privilege. We should be able to run alter user. -connect (b, localhost, foo); +connect (b, localhost, foo,,"*NO-ONE*"); alter user foo; connection default; @@ -110,7 +110,7 @@ drop user foo; --echo # Bug #29882299: ALTER USER ... IDENTIFIED WITH ... BY ... SHOULD BE A PRIVILEGED OPERATION --echo # create user foo@localhost; ---connect x,localhost,foo +--connect x,localhost,foo,,"*NO-ONE*" --error ER_SPECIFIC_ACCESS_DENIED_ERROR alter user current_user identified with 'something'; --connection default diff --git a/mysql-test/main/analyze_stmt_privileges.result b/mysql-test/main/analyze_stmt_privileges.result index d54b5b37863..b8bac18ba28 100644 --- a/mysql-test/main/analyze_stmt_privileges.result +++ b/mysql-test/main/analyze_stmt_privileges.result @@ -9,7 +9,7 @@ insert into t1 values (1,'foo'),(2,'bar'),(3,'baz'),(4,'qux'); create view v1 as select * from t1 where i > 1; CREATE USER u1@localhost; grant ALL on db.v1 to u1@localhost; -connect con1,localhost,u1,,; +connect con1,localhost,u1,,"*NO-ONE*"; select * from db.t1; ERROR 42000: SELECT command denied to user 'u1'@'localhost' for table 't1' explain select * from db.t1; diff --git a/mysql-test/main/analyze_stmt_privileges.test b/mysql-test/main/analyze_stmt_privileges.test index 32ff4ddfb7e..e7353347c7d 100644 --- a/mysql-test/main/analyze_stmt_privileges.test +++ b/mysql-test/main/analyze_stmt_privileges.test @@ -13,7 +13,7 @@ create view v1 as select * from t1 where i > 1; CREATE USER u1@localhost; grant ALL on db.v1 to u1@localhost; ---connect (con1,localhost,u1,,) +--connect (con1,localhost,u1,,"*NO-ONE*") --error ER_TABLEACCESS_DENIED_ERROR select * from db.t1; diff --git a/mysql-test/main/auth_named_pipe.result b/mysql-test/main/auth_named_pipe.result index fb190ccd149..8a239f13bf1 100644 --- a/mysql-test/main/auth_named_pipe.result +++ b/mysql-test/main/auth_named_pipe.result @@ -1,6 +1,6 @@ INSTALL SONAME 'auth_named_pipe'; CREATE USER 'USERNAME' IDENTIFIED WITH named_pipe; -connect pipe_con,localhost,$USERNAME,,,,,PIPE; +connect pipe_con,localhost,$USERNAME,,"*NO-ONE*",,,PIPE; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() USERNAME@localhost USERNAME@% diff --git a/mysql-test/main/auth_named_pipe.test b/mysql-test/main/auth_named_pipe.test index 4685b13143c..61bf84845c4 100644 --- a/mysql-test/main/auth_named_pipe.test +++ b/mysql-test/main/auth_named_pipe.test @@ -10,7 +10,7 @@ INSTALL SONAME 'auth_named_pipe'; --replace_result $USERNAME USERNAME eval CREATE USER '$USERNAME' IDENTIFIED WITH named_pipe; # Connect using named pipe, correct username -connect(pipe_con,localhost,$USERNAME,,,,,PIPE); +connect(pipe_con,localhost,$USERNAME,,"*NO-ONE*",,,PIPE); --replace_result $USERNAME USERNAME SELECT USER(),CURRENT_USER(); disconnect pipe_con; @@ -25,4 +25,4 @@ CREATE USER nosuchuser IDENTIFIED WITH named_pipe; connect(pipe_con,localhost,nosuchuser,,,,,PIPE); --enable_query_log DROP USER nosuchuser; -UNINSTALL SONAME 'auth_named_pipe';
\ No newline at end of file +UNINSTALL SONAME 'auth_named_pipe'; diff --git a/mysql-test/main/backup_priv.result b/mysql-test/main/backup_priv.result index 4169f58f40f..94882d949f8 100644 --- a/mysql-test/main/backup_priv.result +++ b/mysql-test/main/backup_priv.result @@ -4,7 +4,7 @@ set sql_mode=""; GRANT RELOAD ON *.* TO user1@localhost; GRANT CREATE, DROP ON *.* TO user2@localhost; -connect con1, localhost, user1; +connect con1, localhost, user1,,"*NO-ONE*"; BACKUP STAGE START; BACKUP STAGE END; # change_user must release backup lock diff --git a/mysql-test/main/backup_priv.test b/mysql-test/main/backup_priv.test index 93b69af0b67..18b65b6a3d5 100644 --- a/mysql-test/main/backup_priv.test +++ b/mysql-test/main/backup_priv.test @@ -11,7 +11,7 @@ set sql_mode=""; GRANT RELOAD ON *.* TO user1@localhost; GRANT CREATE, DROP ON *.* TO user2@localhost; ---connect(con1, localhost, user1) +--connect(con1, localhost, user1,,"*NO-ONE*") BACKUP STAGE START; BACKUP STAGE END; --echo # change_user must release backup lock diff --git a/mysql-test/main/brackets.result b/mysql-test/main/brackets.result index 3fd19ef968a..f87afdc0f47 100644 --- a/mysql-test/main/brackets.result +++ b/mysql-test/main/brackets.result @@ -489,8 +489,6 @@ drop table t1; # select * from ( mysql.db ); Host Db User Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Grant_priv References_priv Index_priv Alter_priv Create_tmp_table_priv Lock_tables_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Execute_priv Event_priv Trigger_priv Delete_history_priv -% test Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y -% test\_% Y Y Y Y Y Y N Y Y Y Y Y Y Y Y N N Y Y Y create table t1 (a int); insert into t1 values (7), (2), (7); select * from (t1); diff --git a/mysql-test/main/bug58669.result b/mysql-test/main/bug58669.result index a7d1d7b5581..778284df36c 100644 --- a/mysql-test/main/bug58669.result +++ b/mysql-test/main/bug58669.result @@ -5,7 +5,7 @@ CREATE USER user1@localhost; CREATE DATABASE db1; GRANT ALL PRIVILEGES ON db1.* TO user1@localhost; CREATE TABLE db1.t1(a INT); -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; SELECT CURRENT_USER(); CURRENT_USER() diff --git a/mysql-test/main/bug58669.test b/mysql-test/main/bug58669.test index 77827cde5ba..b64e60ce28a 100644 --- a/mysql-test/main/bug58669.test +++ b/mysql-test/main/bug58669.test @@ -9,7 +9,7 @@ CREATE DATABASE db1; GRANT ALL PRIVILEGES ON db1.* TO user1@localhost; CREATE TABLE db1.t1(a INT); -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; SELECT CURRENT_USER(); SHOW VARIABLES LIKE "read_only%"; diff --git a/mysql-test/main/concurrent_innodb_safelog.result b/mysql-test/main/concurrent_innodb_safelog.result index 7d120547570..40f89c7c65b 100644 --- a/mysql-test/main/concurrent_innodb_safelog.result +++ b/mysql-test/main/concurrent_innodb_safelog.result @@ -7,7 +7,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation REPEATABLE-READ # keep_locks == 1 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/concurrent_innodb_unsafelog.result b/mysql-test/main/concurrent_innodb_unsafelog.result index 9ae80328c0b..3771438bc66 100644 --- a/mysql-test/main/concurrent_innodb_unsafelog.result +++ b/mysql-test/main/concurrent_innodb_unsafelog.result @@ -8,7 +8,7 @@ SELECT @@global.tx_isolation; @@global.tx_isolation READ-COMMITTED # keep_locks == 0 -GRANT USAGE ON test.* TO mysqltest@localhost; +GRANT ALL ON test.* TO mysqltest@localhost; ** ** two UPDATE's running and both changing distinct result sets diff --git a/mysql-test/main/connect.result b/mysql-test/main/connect.result index 74387168d98..364bb9028db 100644 --- a/mysql-test/main/connect.result +++ b/mysql-test/main/connect.result @@ -191,13 +191,13 @@ GRANT USAGE ON *.* TO mysqltest_u1@localhost; SET GLOBAL max_connections = 10; SET GLOBAL event_scheduler = ON; -connect tmp_con1,localhost,mysqltest_u1,,; -connect tmp_con2,localhost,mysqltest_u1,,; -connect tmp_con3,localhost,mysqltest_u1,,; -connect tmp_con4,localhost,mysqltest_u1,,; -connect tmp_con5,localhost,mysqltest_u1,,; -connect tmp_con6,localhost,mysqltest_u1,,; -connect tmp_con7,localhost,mysqltest_u1,,; +connect tmp_con1,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con2,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con3,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con4,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con5,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con6,localhost,mysqltest_u1,,"*NO-ONE*"; +connect tmp_con7,localhost,mysqltest_u1,,"*NO-ONE*"; connection default; # -- Waiting for Event Scheduler to start... @@ -342,18 +342,18 @@ disconnect extracon2; connection default; CREATE USER mysqltest_up1 IDENTIFIED VIA mysql_native_password using '*E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB'; CREATE USER mysqltest_up2 IDENTIFIED VIA mysql_old_password using '09301740536db389'; -connect(localhost,mysqltest_up1,foo,test,MASTER_PORT,MASTER_SOCKET); -connect pcon1,localhost,mysqltest_up1,foo,,$MASTER_MYPORT,; +connect(localhost,mysqltest_up1,foo,,MASTER_PORT,MASTER_SOCKET); +connect pcon1,localhost,mysqltest_up1,foo,"*NO-ONE*",$MASTER_MYPORT,; ERROR 28000: Access denied for user 'mysqltest_up1'@'localhost' (using password: YES) -connect pcon2,localhost,mysqltest_up1,bar,,$MASTER_MYPORT,; +connect pcon2,localhost,mysqltest_up1,bar,"*NO-ONE*",$MASTER_MYPORT,; select user(), current_user(); user() current_user() mysqltest_up1@localhost mysqltest_up1@% disconnect pcon2; -connect(localhost,mysqltest_up2,newpw,test,MASTER_PORT,MASTER_SOCKET); -connect pcon3,localhost,mysqltest_up2,newpw,,$MASTER_MYPORT,; +connect(localhost,mysqltest_up2,newpw,,MASTER_PORT,MASTER_SOCKET); +connect pcon3,localhost,mysqltest_up2,newpw,"*NO-ONE*",$MASTER_MYPORT,; ERROR 28000: Access denied for user 'mysqltest_up2'@'localhost' (using password: YES) -connect pcon4,localhost,mysqltest_up2,oldpw,,$MASTER_MYPORT,; +connect pcon4,localhost,mysqltest_up2,oldpw,"*NO-ONE*",$MASTER_MYPORT,; select user(), current_user(); user() current_user() mysqltest_up2@localhost mysqltest_up2@% @@ -374,12 +374,12 @@ user password plugin authentication_string mysqltest_up1 *E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB mysql_native_password *E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB mysqltest_up2 09301740536db389 mysql_old_password 09301740536db389 flush privileges; -connect pcon6,localhost,mysqltest_up1,bar,,$MASTER_MYPORT,; +connect pcon6,localhost,mysqltest_up1,bar,"*NO-ONE*",$MASTER_MYPORT,; select user(), current_user(); user() current_user() mysqltest_up1@localhost mysqltest_up1@% disconnect pcon6; -connect pcon7,localhost,mysqltest_up2,oldpw,,$MASTER_MYPORT,; +connect pcon7,localhost,mysqltest_up2,oldpw,"*NO-ONE*",$MASTER_MYPORT,; select user(), current_user(); user() current_user() mysqltest_up2@localhost mysqltest_up2@% diff --git a/mysql-test/main/connect.test b/mysql-test/main/connect.test index c9969633a2a..0cfc72ee5bf 100644 --- a/mysql-test/main/connect.test +++ b/mysql-test/main/connect.test @@ -144,13 +144,13 @@ let $saved_max_connections = `SELECT @@global.max_connections`; SET GLOBAL max_connections = 10; SET GLOBAL event_scheduler = ON; -connect (tmp_con1,localhost,mysqltest_u1,,); -connect (tmp_con2,localhost,mysqltest_u1,,); -connect (tmp_con3,localhost,mysqltest_u1,,); -connect (tmp_con4,localhost,mysqltest_u1,,); -connect (tmp_con5,localhost,mysqltest_u1,,); -connect (tmp_con6,localhost,mysqltest_u1,,); -connect (tmp_con7,localhost,mysqltest_u1,,); +connect (tmp_con1,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con2,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con3,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con4,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con5,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con6,localhost,mysqltest_u1,,"*NO-ONE*"); +connect (tmp_con7,localhost,mysqltest_u1,,"*NO-ONE*"); connection default; --echo @@ -372,15 +372,15 @@ CREATE USER mysqltest_up2 IDENTIFIED VIA mysql_old_password using '09301740536db --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR -connect(pcon1,localhost,mysqltest_up1,foo,,$MASTER_MYPORT,); -connect(pcon2,localhost,mysqltest_up1,bar,,$MASTER_MYPORT,); +connect(pcon1,localhost,mysqltest_up1,foo,"*NO-ONE*",$MASTER_MYPORT,); +connect(pcon2,localhost,mysqltest_up1,bar,"*NO-ONE*",$MASTER_MYPORT,); select user(), current_user(); disconnect pcon2; --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR -connect(pcon3,localhost,mysqltest_up2,newpw,,$MASTER_MYPORT,); -connect(pcon4,localhost,mysqltest_up2,oldpw,,$MASTER_MYPORT,); +connect(pcon3,localhost,mysqltest_up2,newpw,"*NO-ONE*",$MASTER_MYPORT,); +connect(pcon4,localhost,mysqltest_up2,oldpw,"*NO-ONE*",$MASTER_MYPORT,); select user(), current_user(); disconnect pcon4; @@ -411,11 +411,11 @@ select user, password, plugin, authentication_string from mysql.user where user like 'mysqltest_up_'; flush privileges; -connect(pcon6,localhost,mysqltest_up1,bar,,$MASTER_MYPORT,); +connect(pcon6,localhost,mysqltest_up1,bar,"*NO-ONE*",$MASTER_MYPORT,); select user(), current_user(); disconnect pcon6; -connect(pcon7,localhost,mysqltest_up2,oldpw,,$MASTER_MYPORT,); +connect(pcon7,localhost,mysqltest_up2,oldpw,"*NO-ONE*",$MASTER_MYPORT,); select user(), current_user(); disconnect pcon7; connection default; diff --git a/mysql-test/main/create_drop_role.result b/mysql-test/main/create_drop_role.result index b7ec45daeae..1d7406756e5 100644 --- a/mysql-test/main/create_drop_role.result +++ b/mysql-test/main/create_drop_role.result @@ -43,7 +43,7 @@ CREATE USER u1@localhost; REVOKE SHOW DATABASES ON *.* FROM 'u1'@'localhost'; GRANT SHOW DATABASES ON *.* TO role_1; GRANT role_1 TO u1@localhost; -connect user_a, localhost, u1,,; +connect user_a, localhost, u1,,"*NO-ONE*"; connection user_a; SELECT CURRENT_USER; CURRENT_USER @@ -51,7 +51,6 @@ u1@localhost SHOW DATABASES; Database information_schema -test SELECT CURRENT_ROLE; CURRENT_ROLE NULL diff --git a/mysql-test/main/create_drop_role.test b/mysql-test/main/create_drop_role.test index 11bc832c6e9..a0af4be1f77 100644 --- a/mysql-test/main/create_drop_role.test +++ b/mysql-test/main/create_drop_role.test @@ -31,7 +31,7 @@ REVOKE SHOW DATABASES ON *.* FROM 'u1'@'localhost'; GRANT SHOW DATABASES ON *.* TO role_1; GRANT role_1 TO u1@localhost; -connect (user_a, localhost, u1,,); +connect (user_a, localhost, u1,,"*NO-ONE*"); connection user_a; SELECT CURRENT_USER; diff --git a/mysql-test/main/create_or_replace_permission.result b/mysql-test/main/create_or_replace_permission.result index b9938e4270a..35bdab97df5 100644 --- a/mysql-test/main/create_or_replace_permission.result +++ b/mysql-test/main/create_or_replace_permission.result @@ -19,7 +19,7 @@ REVOKE ALTER ROUTINE ON db1.* FROM mysqltest_1@localhost; GRANT DELETE ON mysql.* TO mysqltest_1@localhost; REVOKE DELETE ON mysql.* FROM mysqltest_1@localhost; FLUSH PRIVILEGES; -connect user_a, localhost, mysqltest_1,,; +connect user_a, localhost, mysqltest_1,,"*NO-ONE*"; connection user_a; SELECT CURRENT_USER; CURRENT_USER diff --git a/mysql-test/main/create_or_replace_permission.test b/mysql-test/main/create_or_replace_permission.test index 0e833a125bd..d4c1c62671b 100644 --- a/mysql-test/main/create_or_replace_permission.test +++ b/mysql-test/main/create_or_replace_permission.test @@ -24,7 +24,7 @@ GRANT DELETE ON mysql.* TO mysqltest_1@localhost; REVOKE DELETE ON mysql.* FROM mysqltest_1@localhost; FLUSH PRIVILEGES; -connect (user_a, localhost, mysqltest_1,,); +connect (user_a, localhost, mysqltest_1,,"*NO-ONE*"); connection user_a; SELECT CURRENT_USER; diff --git a/mysql-test/main/cte_grant.result b/mysql-test/main/cte_grant.result index 2ee31be3435..578f85643ec 100644 --- a/mysql-test/main/cte_grant.result +++ b/mysql-test/main/cte_grant.result @@ -2,7 +2,7 @@ connect root,localhost,root,,test; connection root; create database mysqltest; create user mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; connection root; create table mysqltest.t1 (a int, b int); @@ -77,8 +77,7 @@ values (3,10), (7,11), (1,17), (4,15), (2,11), (3,10), (1,15); create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; -connect con1,localhost,foo,,; -use db; +connect con1,localhost,foo,,db; with cte as (select * from t1 where i < 4) select * from cte; i diff --git a/mysql-test/main/cte_grant.test b/mysql-test/main/cte_grant.test index c6627c05829..3e6d5009569 100644 --- a/mysql-test/main/cte_grant.test +++ b/mysql-test/main/cte_grant.test @@ -12,7 +12,7 @@ create database mysqltest; --enable_warnings create user mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; connection root; @@ -96,8 +96,7 @@ create user foo@localhost; grant SELECT on db.t1 to foo@localhost; grant SELECT(a) on db.t2 to foo@localhost; ---connect (con1,localhost,foo,,) -use db; +--connect (con1,localhost,foo,,db) with cte as (select * from t1 where i < 4) select * from cte; with cte as (select * from t1 where i < 4 group by i) diff --git a/mysql-test/main/cte_nonrecursive_not_embedded.result b/mysql-test/main/cte_nonrecursive_not_embedded.result index c96a1ec2849..c923878f24f 100644 --- a/mysql-test/main/cte_nonrecursive_not_embedded.result +++ b/mysql-test/main/cte_nonrecursive_not_embedded.result @@ -12,9 +12,7 @@ CREATE USER 'u1'@'localhost'; GRANT USAGE ON db.* TO 'u1'@'localhost'; GRANT SELECT ON db.t1 TO 'u1'@'localhost'; FLUSH PRIVILEGES; -connect u1,'localhost',u1,,; -connection u1; -USE db; +connect u1,'localhost',u1,,db; WITH cte1 AS (SELECT a FROM t1), diff --git a/mysql-test/main/cte_nonrecursive_not_embedded.test b/mysql-test/main/cte_nonrecursive_not_embedded.test index e80baeaf591..aeed0d4fc93 100644 --- a/mysql-test/main/cte_nonrecursive_not_embedded.test +++ b/mysql-test/main/cte_nonrecursive_not_embedded.test @@ -20,9 +20,7 @@ GRANT USAGE ON db.* TO 'u1'@'localhost'; GRANT SELECT ON db.t1 TO 'u1'@'localhost'; FLUSH PRIVILEGES; ---connect (u1,'localhost',u1,,) ---connection u1 -USE db; +--connect (u1,'localhost',u1,,db) WITH cte1 AS diff --git a/mysql-test/main/debug_sync.result b/mysql-test/main/debug_sync.result index bb9ae1a417d..ee35e5cf558 100644 --- a/mysql-test/main/debug_sync.result +++ b/mysql-test/main/debug_sync.result @@ -234,7 +234,7 @@ Variable_name Value debug_sync ON - current signal: '' CREATE USER mysqltest_1@localhost; GRANT SUPER ON *.* TO mysqltest_1@localhost; -connect con1,localhost,mysqltest_1,,; +connect con1,localhost,mysqltest_1,,"*NO-ONE*"; SET DEBUG_SYNC= 'RESET'; disconnect con1; connection default; diff --git a/mysql-test/main/debug_sync.test b/mysql-test/main/debug_sync.test index 89414939f59..a2062f0b9d8 100644 --- a/mysql-test/main/debug_sync.test +++ b/mysql-test/main/debug_sync.test @@ -330,7 +330,7 @@ SHOW VARIABLES LIKE 'DEBUG_SYNC'; # CREATE USER mysqltest_1@localhost; GRANT SUPER ON *.* TO mysqltest_1@localhost; -connect (con1,localhost,mysqltest_1,,); +connect (con1,localhost,mysqltest_1,,"*NO-ONE*"); SET DEBUG_SYNC= 'RESET'; disconnect con1; connection default; diff --git a/mysql-test/main/delete_returning_grant.result b/mysql-test/main/delete_returning_grant.result index b41d48a7112..30fdf41cf67 100644 --- a/mysql-test/main/delete_returning_grant.result +++ b/mysql-test/main/delete_returning_grant.result @@ -10,6 +10,7 @@ CREATE DATABASE mysqltest; CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect user1,localhost,mysqltest_1,,test; connection user1; DELETE FROM mysqltest.t1 WHERE a=2 RETURNING b; diff --git a/mysql-test/main/delete_returning_grant.test b/mysql-test/main/delete_returning_grant.test index 67613603a72..d21af392261 100644 --- a/mysql-test/main/delete_returning_grant.test +++ b/mysql-test/main/delete_returning_grant.test @@ -23,6 +23,7 @@ CREATE TABLE mysqltest.t1 SELECT * FROM t1; GRANT DELETE ON mysqltest.* TO mysqltest_1@localhost; GRANT SELECT(b) ON mysqltest.t1 TO mysqltest_1@localhost; +GRANT SELECT ON test.* TO mysqltest_1@localhost; connect (user1,localhost,mysqltest_1,,test); diff --git a/mysql-test/main/derived.result b/mysql-test/main/derived.result index b6310f1a09f..0d38dd2f966 100644 --- a/mysql-test/main/derived.result +++ b/mysql-test/main/derived.result @@ -205,6 +205,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; x 1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK; connection con1; diff --git a/mysql-test/main/derived.test b/mysql-test/main/derived.test index 904114e33b9..c839ba93a86 100644 --- a/mysql-test/main/derived.test +++ b/mysql-test/main/derived.test @@ -109,6 +109,7 @@ SELECT a.x FROM (SELECT 1 AS x) AS a HAVING a.x = 1; # # Connect without a database as user mysqltest_1 create user mysqltest_1; +grant all on test.* to mysqltest_1; create table t1 select 1 as a; connect (con1,localhost,mysqltest_1,,*NO-ONE*,$MASTER_MYPORT,$MASTER_MYSOCK); connection con1; diff --git a/mysql-test/main/enforce_storage_engine.result b/mysql-test/main/enforce_storage_engine.result index 296ed405a72..f85aa73348c 100644 --- a/mysql-test/main/enforce_storage_engine.result +++ b/mysql-test/main/enforce_storage_engine.result @@ -69,7 +69,7 @@ ERROR 42000: Unknown storage engine 'FooBar' select @@session.enforce_storage_engine; @@session.enforce_storage_engine MyISAM -connect con1,localhost,user_1,,; +connect con1,localhost,user_1,,"*NO-ONE*"; connection con1; SET SESSION enforce_storage_engine=MyISAM; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation diff --git a/mysql-test/main/enforce_storage_engine.test b/mysql-test/main/enforce_storage_engine.test index 6b422477fe6..97118258426 100644 --- a/mysql-test/main/enforce_storage_engine.test +++ b/mysql-test/main/enforce_storage_engine.test @@ -46,7 +46,7 @@ select @@session.enforce_storage_engine; --source include/add_anonymous_users.inc -connect (con1,localhost,user_1,,); +connect (con1,localhost,user_1,,"*NO-ONE*"); connection con1; --error 1227 SET SESSION enforce_storage_engine=MyISAM; @@ -108,4 +108,4 @@ SHOW CREATE TABLE t3; DROP TABLE t3; SET SESSION enforce_storage_engine=NULL; -SET GLOBAL enforce_storage_engine=NULL;
\ No newline at end of file +SET GLOBAL enforce_storage_engine=NULL; diff --git a/mysql-test/main/events_grant.result b/mysql-test/main/events_grant.result index 5bdbbf0f8f1..5952097a8d2 100644 --- a/mysql-test/main/events_grant.result +++ b/mysql-test/main/events_grant.result @@ -13,6 +13,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; connect ev_con1,localhost,ev_test,,events_test2; select "NEW CONNECTION"; @@ -24,6 +25,7 @@ ev_test@localhost events_test2 SHOW GRANTS; Grants for ev_test@localhost GRANT USAGE ON *.* TO `ev_test`@`localhost` +GRANT ALL PRIVILEGES ON `test`.* TO `ev_test`@`localhost` GRANT ALL PRIVILEGES ON `events_test`.* TO `ev_test`@`localhost` GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, TRIGGER, DELETE HISTORY ON `events_test2`.* TO `ev_test`@`localhost` "Here comes an error:"; diff --git a/mysql-test/main/events_grant.test b/mysql-test/main/events_grant.test index 0c89e9d1f6c..ea427526d18 100644 --- a/mysql-test/main/events_grant.test +++ b/mysql-test/main/events_grant.test @@ -16,6 +16,7 @@ CREATE DATABASE events_test2; CREATE USER ev_test@localhost; GRANT ALL ON events_test.* to ev_test@localhost; GRANT ALL ON events_test2.* to ev_test@localhost; +GRANT ALL ON test.* TO ev_test@localhost; REVOKE EVENT ON events_test2.* FROM ev_test@localhost; #now we are on con1 connect (ev_con1,localhost,ev_test,,events_test2); diff --git a/mysql-test/main/flush_notembedded.result b/mysql-test/main/flush_notembedded.result index f4c83ff2361..eecba445a27 100644 --- a/mysql-test/main/flush_notembedded.result +++ b/mysql-test/main/flush_notembedded.result @@ -9,6 +9,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; flush tables mysqltest1.t1 for export; ERROR 42000: Access denied for user 'u1'@'localhost' to database 'mysqltest1' diff --git a/mysql-test/main/flush_notembedded.test b/mysql-test/main/flush_notembedded.test index af3b8a00c55..193ac026cb4 100644 --- a/mysql-test/main/flush_notembedded.test +++ b/mysql-test/main/flush_notembedded.test @@ -13,6 +13,7 @@ create table mysqltest1.t1 (a int); create user u1@localhost; grant reload on *.* to u1@localhost; grant select on mysqltest1.* to u1@localhost; +grant all on test.* to u1@localhost; connect u1,localhost,u1; error ER_DBACCESS_DENIED_ERROR; flush tables mysqltest1.t1 for export; diff --git a/mysql-test/main/gis_notembedded.result b/mysql-test/main/gis_notembedded.result index 99fe8d656a1..04b79254248 100644 --- a/mysql-test/main/gis_notembedded.result +++ b/mysql-test/main/gis_notembedded.result @@ -37,7 +37,7 @@ t1 CREATE TABLE `t1` ( drop table t1; create user foo@localhost; grant execute on mysql.* to foo@localhost; -connect foo, localhost, foo; +connect foo, localhost, foo,,mysql; call mysql.AddGeometryColumn('', 'mysql', 'proc', 'c', 10); ERROR 42000: ALTER command denied to user 'foo'@'localhost' for table 'proc' disconnect foo; diff --git a/mysql-test/main/gis_notembedded.test b/mysql-test/main/gis_notembedded.test index d25d6a7097e..2948f68bec9 100644 --- a/mysql-test/main/gis_notembedded.test +++ b/mysql-test/main/gis_notembedded.test @@ -15,7 +15,7 @@ drop table t1; create user foo@localhost; grant execute on mysql.* to foo@localhost; -connect (foo, localhost, foo); +connect (foo, localhost, foo,,mysql); --error ER_TABLEACCESS_DENIED_ERROR call mysql.AddGeometryColumn('', 'mysql', 'proc', 'c', 10); disconnect foo; diff --git a/mysql-test/main/grant.result b/mysql-test/main/grant.result index d8f369ed3e7..590e371db22 100644 --- a/mysql-test/main/grant.result +++ b/mysql-test/main/grant.result @@ -517,7 +517,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect conn1,localhost,mysqltest_3,,; +connect conn1,localhost,mysqltest_3,,"*NO-ONE*",; connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -859,24 +859,29 @@ mysqltest_8 '%' mysqltest_8 'host8' Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8; show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE 'mysqltest_8'@'%' def mysqltest SELECT NO +'mysqltest_8'@'%' def test SELECT NO connect conn3,localhost,mysqltest_8,,; select * from t1; a @@ -886,25 +891,31 @@ revoke select on mysqltest.* from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.schema_privileges where grantee like "'mysqltest_8'%"; GRANTEE TABLE_CATALOG TABLE_SCHEMA PRIVILEGE_TYPE IS_GRANTABLE +'mysqltest_8'@'%' def test SELECT NO flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` grant select on mysqltest.* to mysqltest_8@''; flush privileges; show grants for mysqltest_8@; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT SELECT ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` revoke select on mysqltest.* from mysqltest_8@''; flush privileges; Column privileges @@ -913,19 +924,23 @@ grant update (a) on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -939,37 +954,45 @@ revoke update (a) on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.column_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME COLUMN_NAME PRIVILEGE_TYPE IS_GRANTABLE flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` Table privileges grant update on t1 to mysqltest_8@''; grant update on t1 to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE @@ -985,9 +1008,11 @@ revoke update on t1 from mysqltest_8@''; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` select * from information_schema.table_privileges; GRANTEE TABLE_CATALOG TABLE_SCHEMA TABLE_NAME PRIVILEGE_TYPE IS_GRANTABLE 'mariadb.sys'@'localhost' def mysql global_priv SELECT NO @@ -996,9 +1021,11 @@ flush privileges; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` "DROP USER" should clear privileges grant all privileges on mysqltest.* to mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@''; @@ -1008,11 +1035,13 @@ grant all privileges on mysqltest.* to mysqltest_8; show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` select * from information_schema.user_privileges @@ -1030,11 +1059,13 @@ show grants for mysqltest_8@''; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` show grants for mysqltest_8; Grants for mysqltest_8@% GRANT USAGE ON *.* TO `mysqltest_8`@`%` GRANT ALL PRIVILEGES ON `mysqltest`.* TO `mysqltest_8`@`%` +GRANT SELECT ON `test`.* TO `mysqltest_8`@`%` GRANT UPDATE, UPDATE (a) ON `test`.`t1` TO `mysqltest_8`@`%` drop user mysqltest_8@''; show grants for mysqltest_8@''; @@ -1066,7 +1097,7 @@ GRANT SHOW VIEW ON mysqltest2.v_ny TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,; +connect mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"; SHOW CREATE VIEW mysqltest2.v_nn; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v_nn' SHOW CREATE TABLE mysqltest2.v_nn; @@ -1550,7 +1581,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv mysqltest1 f1 FUNCTION Execute mysqltest1 p1 PROCEDURE Execute -connect bug36544_con1,localhost,mysqluser1,,; +connect bug36544_con1,localhost,mysqluser1,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1579,7 +1610,7 @@ Grants for mysqluser1@localhost GRANT USAGE ON *.* TO `mysqluser1`@`localhost` select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; db routine_name routine_type proc_priv -connect bug36544_con2,localhost,mysqluser1,,; +connect bug36544_con2,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access any of the routines. call mysqltest1.p1(); ERROR 42000: execute command denied to user 'mysqluser1'@'localhost' for routine 'mysqltest1.p1' @@ -1661,7 +1692,7 @@ select db, routine_name, routine_type, proc_priv from mysql.procs_priv where use db routine_name routine_type proc_priv select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; db table_name table_priv -connect bug36544_con3,localhost,mysqluser1,,; +connect bug36544_con3,localhost,mysqluser1,,"*NO-ONE*"; # Newly created user should not be able to access to any of the # stored routines or tables. call mysqltest1.p1(); @@ -1693,7 +1724,7 @@ select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10 db table_name table_priv mysqltest1 t11 Select mysqltest1 t22 Select -connect bug36544_con4,localhost,mysqluser10,,; +connect bug36544_con4,localhost,mysqluser10,,"*NO-ONE*"; call mysqltest1.p1(); select mysqltest1.f1(); mysqltest1.f1() @@ -1826,7 +1857,7 @@ SHOW GRANTS FOR 'user1'@'localhost'; Grants for user1@localhost GRANT USAGE ON *.* TO `user1`@`localhost` GRANT CREATE, CREATE ROUTINE ON `db1`.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; ** Connect as user1 and create a procedure. ** The creation will imply implicitly assigned ** EXECUTE and ALTER ROUTINE privileges to @@ -1843,7 +1874,7 @@ BEGIN SET @x = 0; REPEAT SET @x = @x + 1; UNTIL @x > p1 END REPEAT; END ;|| -connect con2,localhost,user2,,; +connect con2,localhost,user2,,"*NO-ONE*"; ** Connect as user2 and create a procedure. ** Implicitly assignment of privileges will ** fail because the user2@localhost is an @@ -2676,13 +2707,13 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` disconnect con1; connection default; rename table mysql.procs_priv to mysql.procs_priv1; @@ -2701,9 +2732,9 @@ show grants for foo@localhost; Grants for foo@localhost GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`localhost` -GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`localhost` +GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `foodb`.`fooproc` TO `foo`@`localhost` drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; # # Bug#11756966 - 48958: STORED PROCEDURES CAN BE LEVERAGED TO BYPASS @@ -2713,14 +2744,13 @@ DROP DATABASE IF EXISTS secret; DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect con1, localhost, untrusted; +connect con1, localhost, untrusted,,"*NO-ONE*"; SHOW GRANTS; Grants for untrusted@localhost GRANT USAGE ON *.* TO `untrusted`@`localhost` SHOW DATABASES; Database information_schema -test # Both statements below should fail with the same error. # They used to give different errors, thereby # hinting that the secret database exists. @@ -2780,7 +2810,7 @@ DROP USER dummy@localhost; CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); -connect con1,localhost,foo,,; +connect con1,localhost,foo,,"*NO-ONE*"; GRANT ALL ON db.t TO foo; ERROR 42000: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT, REFERENCES, INDEX, ALTER, CREATE VIEW, SHOW ... command denied to user 'foo'@'localhost' for table 't' GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT OPTION, REFERENCES, @@ -2834,12 +2864,14 @@ DROP USER bar3@localhost; # # MDEV-17946 : Unsorted acl_dbs after RENAME USER # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; # # End of 10.4 tests # diff --git a/mysql-test/main/grant.test b/mysql-test/main/grant.test index a243967a9c7..69bb050778d 100644 --- a/mysql-test/main/grant.test +++ b/mysql-test/main/grant.test @@ -327,7 +327,7 @@ grant update (a) on mysqltest_1.t1 to mysqltest_3@localhost; grant select (b) on mysqltest_1.t2 to mysqltest_3@localhost; grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost; grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost; -connect (conn1,localhost,mysqltest_3,,); +connect (conn1,localhost,mysqltest_3,,"*NO-ONE*",); connection conn1; SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES WHERE GRANTEE = '''mysqltest_3''@''localhost''' @@ -596,6 +596,7 @@ select user, QUOTE(host) from mysql.user where user="mysqltest_8"; --echo Schema privileges grant select on mysqltest.* to mysqltest_8@''; +grant select on test.* to mysqltest_8@''; show grants for mysqltest_8@''; grant select on mysqltest.* to mysqltest_8@; show grants for mysqltest_8@; @@ -723,7 +724,7 @@ GRANT SELECT ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIE GRANT SELECT ON mysqltest2.* TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1'; -connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,); +connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,"*NO-ONE*"); # fail because of missing SHOW VIEW (have generic SELECT) --error ER_TABLEACCESS_DENIED_ERROR @@ -1369,7 +1370,7 @@ grant execute on procedure mysqltest1.p1 to mysqluser1@localhost; --echo # in privilege tables and in in-memory structures. show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con1,localhost,mysqluser1,,) +--connect (bug36544_con1,localhost,mysqluser1,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); @@ -1396,7 +1397,7 @@ select mysqltest1.f1(); create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con2,localhost,mysqluser1,,) +--connect (bug36544_con2,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access any of the routines. --error ER_PROCACCESS_DENIED_ERROR call mysqltest1.p1(); @@ -1463,7 +1464,7 @@ create user mysqluser1@localhost; show grants for mysqluser1@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser1' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser1' and host='localhost'; ---connect (bug36544_con3,localhost,mysqluser1,,) +--connect (bug36544_con3,localhost,mysqluser1,,"*NO-ONE*") --echo # Newly created user should not be able to access to any of the --echo # stored routines or tables. --error ER_PROCACCESS_DENIED_ERROR @@ -1484,7 +1485,7 @@ select * from mysqltest1.t22; show grants for mysqluser10@localhost; select db, routine_name, routine_type, proc_priv from mysql.procs_priv where user='mysqluser10' and host='localhost'; select db, table_name, table_priv from mysql.tables_priv where user='mysqluser10' and host='localhost'; ---connect (bug36544_con4,localhost,mysqluser10,,) +--connect (bug36544_con4,localhost,mysqluser10,,"*NO-ONE*") call mysqltest1.p1(); select mysqltest1.f1(); select * from mysqltest1.t11; @@ -1677,7 +1678,7 @@ GRANT CREATE ON db1.* TO 'user2'@'%'; GRANT CREATE ROUTINE ON db1.* TO 'user2'@'%'; FLUSH PRIVILEGES; SHOW GRANTS FOR 'user1'@'localhost'; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); --echo ** Connect as user1 and create a procedure. --echo ** The creation will imply implicitly assigned --echo ** EXECUTE and ALTER ROUTINE privileges to @@ -1693,7 +1694,7 @@ CREATE PROCEDURE db1.proc1(p1 INT) END ;|| DELIMITER ;|| -connect (con2,localhost,user2,,); +connect (con2,localhost,user2,,"*NO-ONE*"); --echo ** Connect as user2 and create a procedure. --echo ** Implicitly assignment of privileges will --echo ** fail because the user2@localhost is an @@ -2170,7 +2171,7 @@ DROP USER foo@'127.0.0.1'; create user foo@localhost; create database foodb; grant create routine on foodb.* to foo@localhost; -connect con1,localhost,foo; +connect con1,localhost,foo,,foodb; create procedure fooproc() select 'i am fooproc'; show grants; disconnect con1; @@ -2183,7 +2184,7 @@ show grants for foo@localhost; flush privileges; show grants for foo@localhost; drop user foo@localhost; -drop procedure fooproc; +drop procedure foodb.fooproc; drop database foodb; @@ -2200,7 +2201,7 @@ DROP DATABASE IF EXISTS no_such_db; CREATE DATABASE secret; GRANT USAGE ON *.* TO untrusted@localhost; -connect (con1, localhost, untrusted); +connect (con1, localhost, untrusted,,"*NO-ONE*"); SHOW GRANTS; SHOW DATABASES; @@ -2265,7 +2266,7 @@ CREATE USER foo; CREATE DATABASE db; CREATE TABLE db.t (a INT); ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,"*NO-ONE*") --error ER_TABLEACCESS_DENIED_ERROR GRANT ALL ON db.t TO foo; @@ -2336,12 +2337,14 @@ DROP USER bar3@localhost; --echo # --echo # MDEV-17946 : Unsorted acl_dbs after RENAME USER --echo # +CREATE USER a; CREATE USER foo; GRANT SELECT ON test.* TO foo; -RENAME USER '' TO 'name'; +RENAME USER 'a' TO 'name'; GRANT UPDATE ON test.* TO foo; -RENAME USER 'name' to ''; +RENAME USER 'name' to 'a'; DROP USER foo; +DROP USER a; --echo # --echo # End of 10.4 tests diff --git a/mysql-test/main/grant2.result b/mysql-test/main/grant2.result index 7bb8aeb9d23..28408d7a3dc 100644 --- a/mysql-test/main/grant2.result +++ b/mysql-test/main/grant2.result @@ -12,7 +12,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect user_a,localhost,mysqltest_1,,; +connect user_a,localhost,mysqltest_1,,"*NO-ONE*"; connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; @@ -20,14 +20,14 @@ ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysql disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect user_b,localhost,mysqltest_1,,; +connect user_b,localhost,mysqltest_1,,"*NO-ONE*"; connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect user_c,localhost,mysqltest_1,,; +connect user_c,localhost,mysqltest_1,,"*NO-ONE*"; connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -40,7 +40,7 @@ delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select current_user(); current_user() @@ -73,7 +73,7 @@ delete from mysql.db where user like 'mysqltest\_%'; flush privileges; create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect user2,localhost,mysqltest_1,,; +connect user2,localhost,mysqltest_1,,"*NO-ONE*"; connection user2; select current_user(); current_user() @@ -82,7 +82,6 @@ show databases; Database information_schema mysqltest_1 -test grant all privileges on `mysqltest_1`.* to mysqltest_1@localhost with grant option; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest_1' disconnect user2; @@ -157,7 +156,7 @@ disconnect con9; connection default; create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect con10,localhost,mysqltest_1,,; +connect con10,localhost,mysqltest_1,,"*NO-ONE*"; connection con10; set sql_log_off = 1; ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation @@ -309,7 +308,7 @@ GRANT SELECT ON "mysql".* TO "%@a"@"a" drop user '%@a'@'a'; create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect user3,localhost,mysqltest_2,,; +connect user3,localhost,mysqltest_2,,"*NO-ONE*"; connection user3; select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table 'user' @@ -321,7 +320,7 @@ connection default; drop user mysqltest_2@localhost; create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect user4,localhost,mysqltest_3,,; +connect user4,localhost,mysqltest_3,,"*NO-ONE*"; connection user4; show grants; Grants for mysqltest_3@localhost @@ -390,7 +389,7 @@ revoke all on mysqltest_1.* from mysqltest_1@'127.0.0.0/255.0.0.0'; delete from mysql.user where user like 'mysqltest\_1'; flush privileges; drop database mysqltest_1; -connect n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection n5; set password = password("changed"); ERROR 42000: You are using MariaDB as an anonymous user and anonymous users are not allowed to modify user settings @@ -496,13 +495,13 @@ drop database mysqltest_2; drop user mysqltest_u1@localhost; grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect con18600_1,localhost,mysqltest_1,,; +connect con18600_1,localhost,mysqltest_1,,"*NO-ONE*"; create database mysqltest_1; use mysqltest_1; create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect con3,localhost,mysqltest_2,,; +connect con3,localhost,mysqltest_2,,"*NO-ONE*"; connection con3; create database mysqltest_3; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest_3' @@ -527,7 +526,7 @@ CREATE TABLE t2 (b INT, c INT); INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect conn1,localhost,mysqltest1,,; +connect conn1,localhost,mysqltest1,,"*NO-ONE*"; connection conn1; USE db1; SELECT c FROM t2; diff --git a/mysql-test/main/grant2.test b/mysql-test/main/grant2.test index b8098488709..2866aeb348a 100644 --- a/mysql-test/main/grant2.test +++ b/mysql-test/main/grant2.test @@ -30,7 +30,7 @@ flush privileges; grant all privileges on `my\_1`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; create user mysqltest_2@localhost; -connect (user_a,localhost,mysqltest_1,,); +connect (user_a,localhost,mysqltest_1,,"*NO-ONE*"); connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; --error ER_DBACCESS_DENIED_ERROR @@ -38,14 +38,14 @@ grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; disconnect user_a; connection default; grant update on mysql.* to mysqltest_1@localhost; -connect (user_b,localhost,mysqltest_1,,); +connect (user_b,localhost,mysqltest_1,,"*NO-ONE*"); connection user_b; grant select on `my\_1`.* to mysqltest_2@localhost identified by 'pass'; grant select on `my\_1`.* to mysqltest_3@localhost; disconnect user_b; connection default; grant insert on mysql.* to mysqltest_1@localhost; -connect (user_c,localhost,mysqltest_1,,); +connect (user_c,localhost,mysqltest_1,,"*NO-ONE*"); connection user_c; grant select on `my\_1`.* to mysqltest_3@localhost; grant select on `my\_1`.* to mysqltest_4@localhost identified by 'pass'; @@ -63,7 +63,7 @@ flush privileges; grant all privileges on `my\_%`.* to mysqltest_1@localhost with grant option; grant create user on *.* to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select current_user(); grant all privileges on `my\_1`.* to mysqltest_2@localhost with grant option; @@ -97,7 +97,7 @@ flush privileges; # create database mysqltest_1; grant all privileges on `mysqltest\_1`.* to mysqltest_1@localhost with grant option; -connect (user2,localhost,mysqltest_1,,); +connect (user2,localhost,mysqltest_1,,"*NO-ONE*"); connection user2; select current_user(); show databases; @@ -198,7 +198,7 @@ connection default; # create database mysqltest_1; grant select, insert, update on `mysqltest\_1`.* to mysqltest_1@localhost; -connect (con10,localhost,mysqltest_1,,); +connect (con10,localhost,mysqltest_1,,"*NO-ONE*"); connection con10; --error ER_SPECIFIC_ACCESS_DENIED_ERROR set sql_log_off = 1; @@ -342,7 +342,7 @@ drop user '%@a'@'a'; # create user mysqltest_2@localhost; grant create user on *.* to mysqltest_2@localhost; -connect (user3,localhost,mysqltest_2,,); +connect (user3,localhost,mysqltest_2,,"*NO-ONE*"); connection user3; --error ER_TABLEACCESS_DENIED_ERROR select host,user,password,plugin,authentication_string from mysql.user where user like 'mysqltest_%' ; @@ -356,7 +356,7 @@ drop user mysqltest_2@localhost; # INSERT/UPDATE/DELETE is ok too create user mysqltest_3@localhost; grant INSERT,DELETE,UPDATE on mysql.* to mysqltest_3@localhost; -connect (user4,localhost,mysqltest_3,,); +connect (user4,localhost,mysqltest_3,,"*NO-ONE*"); connection user4; show grants; --error ER_TABLEACCESS_DENIED_ERROR @@ -420,7 +420,7 @@ drop database mysqltest_1; --source include/add_anonymous_users.inc # But anonymous users can't change their password -connect (n5,localhost,test,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (n5,localhost,test,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); connection n5; --error ER_PASSWORD_ANONYMOUS_USER set password = password("changed"); @@ -589,7 +589,7 @@ drop user mysqltest_u1@localhost; # grant all on `mysqltest\_%`.* to mysqltest_1@localhost with grant option; grant usage on *.* to mysqltest_2@localhost; -connect (con18600_1,localhost,mysqltest_1,,); +connect (con18600_1,localhost,mysqltest_1,,"*NO-ONE*"); create database mysqltest_1; use mysqltest_1; @@ -597,7 +597,7 @@ create table t1 (f1 int); grant create on `mysqltest\_1`.* to mysqltest_2@localhost; grant select on mysqltest_1.t1 to mysqltest_2@localhost; -connect (con3,localhost,mysqltest_2,,); +connect (con3,localhost,mysqltest_2,,"*NO-ONE*"); connection con3; --error ER_DBACCESS_DENIED_ERROR create database mysqltest_3; @@ -631,7 +631,7 @@ INSERT INTO t2 VALUES (1,100),(2,200); GRANT SELECT ON t1 TO mysqltest1@localhost; GRANT SELECT (b) ON t2 TO mysqltest1@localhost; -connect (conn1,localhost,mysqltest1,,); +connect (conn1,localhost,mysqltest1,,"*NO-ONE*"); connection conn1; USE db1; --error ER_COLUMNACCESS_DENIED_ERROR diff --git a/mysql-test/main/grant3.result b/mysql-test/main/grant3.result index 63e343aaf4d..2febde8e361 100644 --- a/mysql-test/main/grant3.result +++ b/mysql-test/main/grant3.result @@ -12,7 +12,7 @@ flush privileges; create user mysqltest_1@localhost; grant create user on *.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_1@localhost with grant option; -connect user_a,localhost,mysqltest_1,,; +connect user_a,localhost,mysqltest_1,,"*NO-ONE*"; connection user_a; grant select on `my\_1`.* to mysqltest_2@localhost; ERROR 42000: You are not allowed to create a user with GRANT @@ -139,7 +139,7 @@ GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%'; REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%'; GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'; FLUSH PRIVILEGES; -connect conn1,localhost,mysqltest1,,; +connect conn1,localhost,mysqltest1,,"*NO-ONE*"; connection conn1; SHOW GRANTS; Grants for mysqltest1@% @@ -174,7 +174,7 @@ Grants for user2@% GRANT USAGE ON *.* TO `user2`@`%` GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO `user2`@`%` # Connect as the renamed user -connect conn1, localhost, user2,,; +connect conn1, localhost, user2,,"*NO-ONE*"; connection conn1; SHOW GRANTS; Grants for user2@% diff --git a/mysql-test/main/grant3.test b/mysql-test/main/grant3.test index 27f565916f7..36d3b3e612a 100644 --- a/mysql-test/main/grant3.test +++ b/mysql-test/main/grant3.test @@ -27,7 +27,7 @@ flush privileges; create user mysqltest_1@localhost; grant create user on *.* to mysqltest_1@localhost; grant select on `my\_1`.* to mysqltest_1@localhost with grant option; -connect (user_a,localhost,mysqltest_1,,); +connect (user_a,localhost,mysqltest_1,,"*NO-ONE*"); connection user_a; --error ER_CANT_CREATE_USER_WITH_GRANT grant select on `my\_1`.* to mysqltest_2@localhost; @@ -160,7 +160,7 @@ REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%'; GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%'; FLUSH PRIVILEGES; -connect (conn1,localhost,mysqltest1,,); +connect (conn1,localhost,mysqltest1,,"*NO-ONE*"); connection conn1; SHOW GRANTS; SELECT * FROM mysqltest_1.t1; @@ -191,7 +191,7 @@ GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%'; SHOW GRANTS FOR 'user2'@'%'; --echo # Connect as the renamed user -connect (conn1, localhost, user2,,); +connect (conn1, localhost, user2,,"*NO-ONE*"); connection conn1; SHOW GRANTS; SELECT a FROM temp.t1; diff --git a/mysql-test/main/grant4.result b/mysql-test/main/grant4.result index 889c42310a0..2523fc95d0f 100644 --- a/mysql-test/main/grant4.result +++ b/mysql-test/main/grant4.result @@ -177,7 +177,7 @@ insert into mysqltest_db1.t2 values (1); # Create user which will try to do this. create user mysqltest_u1@localhost; grant insert, select on mysqltest_db1.t1 to mysqltest_u1@localhost; -connect con1,localhost,mysqltest_u1,,; +connect con1,localhost,mysqltest_u1,,"*NO-ONE*"; connection default; # Corrupt t1 by replacing t1.MYI with a corrupt + unclosed one created # by doing: 'create table t1 (a int key(a))' diff --git a/mysql-test/main/grant4.test b/mysql-test/main/grant4.test index 65e8f78b467..dbcef5a85d1 100644 --- a/mysql-test/main/grant4.test +++ b/mysql-test/main/grant4.test @@ -205,7 +205,7 @@ insert into mysqltest_db1.t2 values (1); --echo # Create user which will try to do this. create user mysqltest_u1@localhost; grant insert, select on mysqltest_db1.t1 to mysqltest_u1@localhost; -connect (con1,localhost,mysqltest_u1,,); +connect (con1,localhost,mysqltest_u1,,"*NO-ONE*"); connection default; --echo # Corrupt t1 by replacing t1.MYI with a corrupt + unclosed one created diff --git a/mysql-test/main/grant5.result b/mysql-test/main/grant5.result index fa5a952a9c1..756ec8059ac 100644 --- a/mysql-test/main/grant5.result +++ b/mysql-test/main/grant5.result @@ -4,7 +4,7 @@ create user test; create user foo; create role foo; grant foo to test; -connect conn_1, localhost, test,,; +connect conn_1, localhost, test,,"*NO-ONE*"; set role foo; show grants for test; Grants for test@% @@ -32,7 +32,7 @@ insert t1 values(2); create user u1@localhost; grant select on mysqltest1.t1 to u1@localhost; grant update on mysqltest1.* to u1@localhost; -connect u1, localhost, u1; +connect u1, localhost, u1,,mysqltest1; update mysqltest1.t1 set id=1 where id=2; connection default; disconnect u1; @@ -55,7 +55,7 @@ SHOW GRANTS FOR test_user; Grants for test_user@% GRANT `test_role` TO `test_user`@`%` GRANT USAGE ON *.* TO `test_user`@`%` -connect test_user, localhost, test_user; +connect test_user, localhost, test_user,,"*NO-ONE*"; SET ROLE test_role; SET DEFAULT ROLE test_role; SHOW GRANTS; @@ -296,7 +296,7 @@ create table db.t1 (a int); insert into db.t1 values (1); create user foo; grant delete on db.* to foo; -connect con1,localhost,foo,,; +connect con1,localhost,foo,,db; show create table db.t1; Table Create Table t1 CREATE TABLE `t1` ( diff --git a/mysql-test/main/grant5.test b/mysql-test/main/grant5.test index 0b4a63ab075..513d9b4b306 100644 --- a/mysql-test/main/grant5.test +++ b/mysql-test/main/grant5.test @@ -13,7 +13,7 @@ create user test; create user foo; create role foo; grant foo to test; ---connect (conn_1, localhost, test,,) +--connect (conn_1, localhost, test,,"*NO-ONE*") set role foo; show grants for test; # user show grants for foo; # role @@ -44,7 +44,7 @@ insert t1 values(2); create user u1@localhost; grant select on mysqltest1.t1 to u1@localhost; grant update on mysqltest1.* to u1@localhost; -connect u1, localhost, u1; +connect u1, localhost, u1,,mysqltest1; update mysqltest1.t1 set id=1 where id=2; connection default; disconnect u1; @@ -61,7 +61,7 @@ SET DEFAULT ROLE test_role FOR test_user; SHOW GRANTS FOR test_user; SET DEFAULT ROLE NONE for test_user; SHOW GRANTS FOR test_user; -connect test_user, localhost, test_user; +connect test_user, localhost, test_user,,"*NO-ONE*"; SET ROLE test_role; SET DEFAULT ROLE test_role; SHOW GRANTS; @@ -246,7 +246,7 @@ create table db.t1 (a int); insert into db.t1 values (1); create user foo; grant delete on db.* to foo; ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,db) show create table db.t1; --error ER_COLUMNACCESS_DENIED_ERROR delete from db.t1 returning *; diff --git a/mysql-test/main/grant_binlog_replay.result b/mysql-test/main/grant_binlog_replay.result index 2c71e70e59b..b0e42486171 100644 --- a/mysql-test/main/grant_binlog_replay.result +++ b/mysql-test/main/grant_binlog_replay.result @@ -25,7 +25,7 @@ GRANT BINLOG REPLAY ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT BINLOG REPLAY ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; BINLOG ''; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use @@ -40,7 +40,7 @@ GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT SUPER ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; BINLOG ''; ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use diff --git a/mysql-test/main/grant_binlog_replay.test b/mysql-test/main/grant_binlog_replay.test index a3078e5023c..46d046bbee8 100644 --- a/mysql-test/main/grant_binlog_replay.test +++ b/mysql-test/main/grant_binlog_replay.test @@ -34,7 +34,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT BINLOG REPLAY ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; # The below fails with a syntax error. # This is fine. It's only important that it does not fail on "access denied". @@ -55,7 +55,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_BAD_SLAVE # The below fails with a syntax error. diff --git a/mysql-test/main/grant_cache_no_prot.result b/mysql-test/main/grant_cache_no_prot.result index 780fb254b76..7f1cf88672d 100644 --- a/mysql-test/main/grant_cache_no_prot.result +++ b/mysql-test/main/grant_cache_no_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_cache_ps_prot.result b/mysql-test/main/grant_cache_ps_prot.result index 9dcf8c4aa8f..216cd8f60cc 100644 --- a/mysql-test/main/grant_cache_ps_prot.result +++ b/mysql-test/main/grant_cache_ps_prot.result @@ -58,15 +58,18 @@ show status like "Qcache_hits%"; Variable_name Value Qcache_hits 0 grant SELECT on mysqltest.* to mysqltest_1@localhost; +grant SELECT on test.t1 to mysqltest_1@localhost; grant SELECT on mysqltest.t1 to mysqltest_2@localhost; grant SELECT on test.t1 to mysqltest_2@localhost; grant SELECT(a) on mysqltest.t1 to mysqltest_3@localhost; +grant SELECT(a) on test.t1 to mysqltest_3@localhost; connect user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK; connection user1; show grants for current_user(); Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` show status like "Qcache_queries_in_cache"; Variable_name Value Qcache_queries_in_cache 6 @@ -127,7 +130,7 @@ Qcache_hits 3 show status like "Qcache_not_cached"; Variable_name Value Qcache_not_cached 1 -connect unkuser,localhost,unkuser,,,$MASTER_MYPORT,$MASTER_MYSOCK; +connect unkuser,localhost,unkuser,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; connection unkuser; show grants for current_user(); Grants for @localhost @@ -199,6 +202,7 @@ show grants; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` GRANT SELECT ON `mysqltest`.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.`t1` TO `mysqltest_1`@`localhost` select a from t1; ERROR 3D000: No database selected select * from mysqltest.t1,test.t1; diff --git a/mysql-test/main/grant_explain_non_select.result b/mysql-test/main/grant_explain_non_select.result index 53b7d687d6c..7185cba525c 100644 --- a/mysql-test/main/grant_explain_non_select.result +++ b/mysql-test/main/grant_explain_non_select.result @@ -6,9 +6,8 @@ CREATE TABLE privtest_db.t2 (a INT); INSERT INTO privtest_db.t2 VALUES (1), (2), (3); GRANT USAGE ON *.* TO 'privtest'@'localhost'; GRANT SELECT ON privtest_db.t2 TO 'privtest'@'localhost'; -connect con1,localhost,privtest,,; +connect con1,localhost,privtest,,privtest_db; connection con1; -USE privtest_db; EXPLAIN INSERT INTO t1 VALUES (10); ERROR 42000: INSERT command denied to user 'privtest'@'localhost' for table 't1' INSERT INTO t1 VALUES (10); diff --git a/mysql-test/main/grant_explain_non_select.test b/mysql-test/main/grant_explain_non_select.test index 2bde3bed17c..d6a795182d4 100644 --- a/mysql-test/main/grant_explain_non_select.test +++ b/mysql-test/main/grant_explain_non_select.test @@ -21,12 +21,10 @@ INSERT INTO privtest_db.t2 VALUES (1), (2), (3); GRANT USAGE ON *.* TO 'privtest'@'localhost'; GRANT SELECT ON privtest_db.t2 TO 'privtest'@'localhost'; -connect(con1,localhost,privtest,,); +connect(con1,localhost,privtest,,privtest_db); connection con1; --source include/default_optimizer_switch.inc -USE privtest_db; - --error ER_TABLEACCESS_DENIED_ERROR EXPLAIN INSERT INTO t1 VALUES (10); --error ER_TABLEACCESS_DENIED_ERROR diff --git a/mysql-test/main/grant_kill.result b/mysql-test/main/grant_kill.result index e1243a39a70..4038219d539 100644 --- a/mysql-test/main/grant_kill.result +++ b/mysql-test/main/grant_kill.result @@ -33,8 +33,8 @@ CREATE USER foo@localhost; GRANT SELECT ON *.* TO foo@localhost; CREATE USER bar@localhost; GRANT PROCESS, CONNECTION ADMIN ON *.* TO bar@localhost; -connect foo,localhost,foo,,; -connect bar,localhost,bar,,; +connect foo,localhost,foo,,"*NO-ONE*"; +connect bar,localhost,bar,,"*NO-ONE*"; SELECT user FROM information_schema.processlist ORDER BY user; user bar @@ -53,8 +53,8 @@ CREATE USER foo@localhost; GRANT SELECT ON *.* TO foo@localhost; CREATE USER bar@localhost; GRANT PROCESS, SUPER ON *.* TO bar@localhost; -connect foo,localhost,foo,,; -connect bar,localhost,bar,,; +connect foo,localhost,foo,,"*NO-ONE*"; +connect bar,localhost,bar,,"*NO-ONE*"; SELECT user FROM information_schema.processlist ORDER BY user; user bar diff --git a/mysql-test/main/grant_kill.test b/mysql-test/main/grant_kill.test index b29dfb32917..c9b4be2658e 100644 --- a/mysql-test/main/grant_kill.test +++ b/mysql-test/main/grant_kill.test @@ -41,9 +41,9 @@ CREATE USER foo@localhost; GRANT SELECT ON *.* TO foo@localhost; CREATE USER bar@localhost; GRANT PROCESS, CONNECTION ADMIN ON *.* TO bar@localhost; ---connect (foo,localhost,foo,,) +--connect (foo,localhost,foo,,"*NO-ONE*") let $id=`(SELECT id FROM INFORMATION_SCHEMA.PROCESSLIST WHERE user='foo')`; ---connect (bar,localhost,bar,,) +--connect (bar,localhost,bar,,"*NO-ONE*") SELECT user FROM information_schema.processlist ORDER BY user; --replace_result $id ID --eval KILL $id @@ -66,9 +66,9 @@ CREATE USER foo@localhost; GRANT SELECT ON *.* TO foo@localhost; CREATE USER bar@localhost; GRANT PROCESS, SUPER ON *.* TO bar@localhost; ---connect (foo,localhost,foo,,) +--connect (foo,localhost,foo,,"*NO-ONE*") let $id=`(SELECT id FROM INFORMATION_SCHEMA.PROCESSLIST WHERE user='foo')`; ---connect (bar,localhost,bar,,) +--connect (bar,localhost,bar,,"*NO-ONE*") SELECT user FROM information_schema.processlist ORDER BY user; --replace_result $id ID --eval KILL $id diff --git a/mysql-test/main/grant_master_admin.result b/mysql-test/main/grant_master_admin.result index bd08ade940c..a0392057e02 100644 --- a/mysql-test/main/grant_master_admin.result +++ b/mysql-test/main/grant_master_admin.result @@ -25,7 +25,7 @@ GRANT REPLICATION MASTER ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT REPLICATION MASTER ADMIN ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; SHOW SLAVE HOSTS; Server_id Host Port Master_id diff --git a/mysql-test/main/grant_master_admin.test b/mysql-test/main/grant_master_admin.test index c98c374f7e9..35e66b9a299 100644 --- a/mysql-test/main/grant_master_admin.test +++ b/mysql-test/main/grant_master_admin.test @@ -34,7 +34,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT REPLICATION MASTER ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; SHOW SLAVE HOSTS; diff --git a/mysql-test/main/grant_read_only.result b/mysql-test/main/grant_read_only.result index 185325f03a6..1742aa15a4e 100644 --- a/mysql-test/main/grant_read_only.result +++ b/mysql-test/main/grant_read_only.result @@ -27,10 +27,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; @@ -50,10 +50,10 @@ DROP TABLE t1; # CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO `user1`@`localhost` SET @@GLOBAL.read_only=1; connect con1,localhost,user1,,; connection con1; diff --git a/mysql-test/main/grant_read_only.test b/mysql-test/main/grant_read_only.test index 25ffa3767ba..1e450c65287 100644 --- a/mysql-test/main/grant_read_only.test +++ b/mysql-test/main/grant_read_only.test @@ -36,7 +36,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, READ_ONLY ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; @@ -61,7 +61,7 @@ DROP TABLE t1; CREATE TABLE t1 (a INT); CREATE USER user1@localhost IDENTIFIED BY ''; ## TODO: it works even without INSERT/UPDATE/DELETE: file a bug report! -GRANT INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; +GRANT SELECT, INSERT, UPDATE, DELETE, SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; SET @@GLOBAL.read_only=1; diff --git a/mysql-test/main/grant_server.result b/mysql-test/main/grant_server.result index 37b5f67ba4b..ad291268c34 100644 --- a/mysql-test/main/grant_server.result +++ b/mysql-test/main/grant_server.result @@ -28,7 +28,7 @@ GRANT FEDERATED ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT FEDERATED ADMIN ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; CREATE SERVER IF NOT EXISTS server_1 FOREIGN DATA WRAPPER mysql @@ -46,7 +46,7 @@ GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT SUPER ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; CREATE SERVER IF NOT EXISTS server_1 FOREIGN DATA WRAPPER mysql diff --git a/mysql-test/main/grant_server.test b/mysql-test/main/grant_server.test index 58c6b4e9ab6..16523838aec 100644 --- a/mysql-test/main/grant_server.test +++ b/mysql-test/main/grant_server.test @@ -36,7 +36,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT FEDERATED ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; CREATE SERVER IF NOT EXISTS server_1 FOREIGN DATA WRAPPER mysql @@ -57,7 +57,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; CREATE SERVER IF NOT EXISTS server_1 FOREIGN DATA WRAPPER mysql diff --git a/mysql-test/main/grant_slave_admin.result b/mysql-test/main/grant_slave_admin.result index 0f1f2c9985f..ab4209e9dd6 100644 --- a/mysql-test/main/grant_slave_admin.result +++ b/mysql-test/main/grant_slave_admin.result @@ -29,7 +29,7 @@ GRANT REPLICATION SLAVE ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT REPLICATION SLAVE ADMIN ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; START SLAVE; ERROR HY000: Misconfigured slave: MASTER_HOST was not set; Fix in config file or with CHANGE MASTER TO @@ -48,7 +48,7 @@ GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; Grants for user1@localhost GRANT SUPER ON *.* TO `user1`@`localhost` -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; START SLAVE; ERROR HY000: Misconfigured slave: MASTER_HOST was not set; Fix in config file or with CHANGE MASTER TO diff --git a/mysql-test/main/grant_slave_admin.test b/mysql-test/main/grant_slave_admin.test index d73c31e0cf2..b9d4bfe57a2 100644 --- a/mysql-test/main/grant_slave_admin.test +++ b/mysql-test/main/grant_slave_admin.test @@ -38,7 +38,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT REPLICATION SLAVE ADMIN ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_BAD_SLAVE START SLAVE; @@ -58,7 +58,7 @@ CREATE USER user1@localhost IDENTIFIED BY ''; GRANT SUPER ON *.* TO user1@localhost; SHOW GRANTS FOR user1@localhost; -connect (con1,localhost,user1,,); +connect (con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_BAD_SLAVE START SLAVE; diff --git a/mysql-test/main/grant_slave_monitor.result b/mysql-test/main/grant_slave_monitor.result index 68df790074a..7ab3da62992 100644 --- a/mysql-test/main/grant_slave_monitor.result +++ b/mysql-test/main/grant_slave_monitor.result @@ -43,7 +43,7 @@ DROP USER user1@localhost; # CREATE USER user1@localhost IDENTIFIED BY ''; GRANT SUPER ON *.* TO user1@localhost; -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; SHOW SLAVE STATUS; # # SHOW RELAYLOG EVENTS is not allowed with SUPER privilege, it requires SLAVE MONITOR diff --git a/mysql-test/main/grant_slave_monitor.test b/mysql-test/main/grant_slave_monitor.test index af4399b7150..8cd84437b8b 100644 --- a/mysql-test/main/grant_slave_monitor.test +++ b/mysql-test/main/grant_slave_monitor.test @@ -82,7 +82,7 @@ DROP USER user1@localhost; CREATE USER user1@localhost IDENTIFIED BY ''; GRANT SUPER ON *.* TO user1@localhost; ---connect(con1,localhost,user1,,) +--connect(con1,localhost,user1,,"*NO-ONE*") --disable_result_log SHOW SLAVE STATUS; --enable_result_log diff --git a/mysql-test/main/information_schema.result b/mysql-test/main/information_schema.result index 0ce5cbea37d..c4c665c4d27 100644 --- a/mysql-test/main/information_schema.result +++ b/mysql-test/main/information_schema.result @@ -842,7 +842,7 @@ Database Table In_use Name_locked mysql user 0 0 show status where variable_name like "%database%"; Variable_name Value -Acl_database_grants 2 +Acl_database_grants 0 Com_show_databases 3 show variables where variable_name like "skip_show_databas"; Variable_name Value @@ -1936,7 +1936,7 @@ USE db1; CREATE TABLE t1 (id INT); CREATE USER nonpriv; USE test; -connect nonpriv_con, localhost, nonpriv,,; +connect nonpriv_con, localhost, nonpriv,,"*NO-ONE*"; connection nonpriv_con; # connected as nonpriv # Should return 0 @@ -1984,7 +1984,7 @@ DROP TABLE ubig; select 1 from information_schema.tables where table_schema=repeat('a', 2000); 1 grant usage on *.* to mysqltest_1@localhost; -connect con1, localhost, mysqltest_1,,; +connect con1, localhost, mysqltest_1,,"*NO-ONE*"; connection con1; select 1 from information_schema.tables where table_schema=repeat('a', 2000); 1 diff --git a/mysql-test/main/information_schema.test b/mysql-test/main/information_schema.test index 27f5dd6103d..fcde8d57a7c 100644 --- a/mysql-test/main/information_schema.test +++ b/mysql-test/main/information_schema.test @@ -1447,7 +1447,7 @@ CREATE TABLE t1 (id INT); CREATE USER nonpriv; USE test; -connect (nonpriv_con, localhost, nonpriv,,); +connect (nonpriv_con, localhost, nonpriv,,"*NO-ONE*"); connection nonpriv_con; --echo # connected as nonpriv --echo # Should return 0 @@ -1493,7 +1493,7 @@ DROP TABLE ubig; # select 1 from information_schema.tables where table_schema=repeat('a', 2000); grant usage on *.* to mysqltest_1@localhost; -connect (con1, localhost, mysqltest_1,,); +connect (con1, localhost, mysqltest_1,,"*NO-ONE*"); connection con1; select 1 from information_schema.tables where table_schema=repeat('a', 2000); connection default; diff --git a/mysql-test/main/information_schema_db.result b/mysql-test/main/information_schema_db.result index b8a18179e75..a21edc50167 100644 --- a/mysql-test/main/information_schema_db.result +++ b/mysql-test/main/information_schema_db.result @@ -40,7 +40,7 @@ create table t1 (f1 int(10) unsigned not null, f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect user1,localhost,mysqltest_1,,; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select * from information_schema.tables; call mbase.p1(); @@ -93,8 +93,7 @@ create user testdb_1@localhost; grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect testdb_1,localhost,testdb_1,,test; -use testdb_1; +connect testdb_1,localhost,testdb_1,,testdb_1; create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -221,7 +220,7 @@ create table testdb_1.t1 (a int); create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect user1,localhost,mysqltest_1,,test; +connect user1,localhost,mysqltest_1,,"*NO-ONE*"; connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/information_schema_db.test b/mysql-test/main/information_schema_db.test index 1dd0f84bc09..fc569b9adc5 100644 --- a/mysql-test/main/information_schema_db.test +++ b/mysql-test/main/information_schema_db.test @@ -61,7 +61,7 @@ create table t1 f2 varchar(100) not null, primary key (f1), unique key (f2)); -connect (user1,localhost,mysqltest_1,,); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; --disable_result_log select * from information_schema.tables; @@ -119,8 +119,7 @@ grant all on testdb_1.* to testdb_1@localhost with grant option; create user testdb_2@localhost; grant all on test.* to testdb_2@localhost with grant option; -connect (testdb_1,localhost,testdb_1,,test); -use testdb_1; +connect (testdb_1,localhost,testdb_1,,testdb_1); create table t1 (f1 char(4)); create view v1 as select f1 from t1; grant insert on v1 to testdb_2@localhost; @@ -231,7 +230,7 @@ create view testdb_1.v1 as select * from testdb_1.t1; grant show view on testdb_1.* to mysqltest_1@localhost; grant select on testdb_1.v1 to mysqltest_1@localhost; -connect (user1,localhost,mysqltest_1,,test); +connect (user1,localhost,mysqltest_1,,"*NO-ONE*"); connection user1; select table_schema, table_name, view_definition from information_schema.views where table_name='v1'; diff --git a/mysql-test/main/init_connect.result b/mysql-test/main/init_connect.result index 11bb6036156..4dd3f1333ac 100644 --- a/mysql-test/main/init_connect.result +++ b/mysql-test/main/init_connect.result @@ -3,21 +3,21 @@ connection con0; select hex(@a); hex(@a) NULL -connect con1,localhost,user_1,,; +connect con1,localhost,user_1,,"*NO-ONE*"; connection con1; select hex(@a); hex(@a) 610063 connection con0; set global init_connect="set @a=2;set @b=3"; -connect con2,localhost,user_1,,; +connect con2,localhost,user_1,,"*NO-ONE*"; connection con2; select @a, @b; @a @b 2 3 connection con0; set GLOBAL init_connect=DEFAULT; -connect con3,localhost,user_1,,; +connect con3,localhost,user_1,,"*NO-ONE*"; connection con3; select @a; @a @@ -25,6 +25,8 @@ NULL connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect con4,localhost,user_1,,; connection con4; select hex(a) from t1; @@ -46,6 +48,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; End of 4.1 tests create table t1 (x int); insert into t1 values (3), (5), (7); diff --git a/mysql-test/main/init_connect.test b/mysql-test/main/init_connect.test index e96d02fe0d1..828067b6b1b 100644 --- a/mysql-test/main/init_connect.test +++ b/mysql-test/main/init_connect.test @@ -13,22 +13,24 @@ connect (con0,localhost,root,,); connection con0; select hex(@a); -connect (con1,localhost,user_1,,); +connect (con1,localhost,user_1,,"*NO-ONE*"); connection con1; select hex(@a); connection con0; set global init_connect="set @a=2;set @b=3"; -connect (con2,localhost,user_1,,); +connect (con2,localhost,user_1,,"*NO-ONE*"); connection con2; select @a, @b; connection con0; set GLOBAL init_connect=DEFAULT; -connect (con3,localhost,user_1,,); +connect (con3,localhost,user_1,,"*NO-ONE*"); connection con3; select @a; connection con0; set global init_connect="drop table if exists t1; create table t1(a char(10));\ insert into t1 values ('\0');insert into t1 values('abc')"; +create user 'user_1'@'localhost'; +GRANT DROP,CREATE,SELECT,INSERT ON test.* TO 'user_1'@'localhost'; connect (con4,localhost,user_1,,); connection con4; select hex(a) from t1; @@ -54,6 +56,7 @@ disconnect con2; disconnect con3; disconnect con4; disconnect con5; +drop user 'user_1'@'localhost'; --source include/delete_anonymous_users.inc diff --git a/mysql-test/main/invisible_field_grant_completely.result b/mysql-test/main/invisible_field_grant_completely.result index aa0a768c51c..bb8e0bf9ffa 100644 --- a/mysql-test/main/invisible_field_grant_completely.result +++ b/mysql-test/main/invisible_field_grant_completely.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_completely.test b/mysql-test/main/invisible_field_grant_completely.test index aeca66b97d2..b27071ada56 100644 --- a/mysql-test/main/invisible_field_grant_completely.test +++ b/mysql-test/main/invisible_field_grant_completely.test @@ -21,10 +21,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/invisible_field_grant_system.result b/mysql-test/main/invisible_field_grant_system.result index b69478c58b3..6067047d33b 100644 --- a/mysql-test/main/invisible_field_grant_system.result +++ b/mysql-test/main/invisible_field_grant_system.result @@ -19,12 +19,11 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect con1, localhost, user_1,,test; +connect con1, localhost, user_1,,d; connection con1; select user(); user() user_1@localhost -use d; select * from t1; a 1 diff --git a/mysql-test/main/invisible_field_grant_system.test b/mysql-test/main/invisible_field_grant_system.test index fd54ea72a5a..04ea5f14be1 100644 --- a/mysql-test/main/invisible_field_grant_system.test +++ b/mysql-test/main/invisible_field_grant_system.test @@ -18,10 +18,9 @@ grant insert(a) on t1 to user_1; grant update(a) on t1 to user_1; grant select(a) on t1 to user_1; grant delete on t1 to user_1; -connect (con1, localhost, user_1,,test); +connect (con1, localhost, user_1,,d); connection con1; select user(); -use d; select * from t1; insert into t1 values(2); select * from t1; diff --git a/mysql-test/main/join_cache.result b/mysql-test/main/join_cache.result index 359739fecf8..0307170bcce 100644 --- a/mysql-test/main/join_cache.result +++ b/mysql-test/main/join_cache.result @@ -6056,8 +6056,7 @@ SET join_cache_level = 3; explain SELECT * FROM INFORMATION_SCHEMA.PROFILING, mysql.db WHERE Select_priv = PAGE_FAULTS_MINOR; id select_type table type possible_keys key key_len ref rows Extra -1 SIMPLE PROFILING ALL NULL NULL NULL NULL NULL Using where -1 SIMPLE db hash_ALL NULL #hash#$hj 1 information_schema.PROFILING.PAGE_FAULTS_MINOR 2 Using where; Using join buffer (flat, BNLH join) +1 SIMPLE NULL NULL NULL NULL NULL NULL NULL Impossible WHERE noticed after reading const tables set join_cache_level=@save_join_cache_level; create table t1 (c1 date not null, key (c1)) engine=innodb; insert t1 values ('2017-12-27'); diff --git a/mysql-test/main/kill-2.result b/mysql-test/main/kill-2.result index daaba2c092a..dc2855a6ef3 100644 --- a/mysql-test/main/kill-2.result +++ b/mysql-test/main/kill-2.result @@ -2,7 +2,7 @@ # MDEV-6896 kill user command cause MariaDB crash! # create user foo@'127.0.0.1'; -connect con1,127.0.0.1,foo,,; +connect con1,127.0.0.1,foo,,"*NO-ONE*"; connection default; select user from information_schema.processlist; user diff --git a/mysql-test/main/kill-2.test b/mysql-test/main/kill-2.test index 3412e75b8d5..b8e1fba777f 100644 --- a/mysql-test/main/kill-2.test +++ b/mysql-test/main/kill-2.test @@ -15,7 +15,7 @@ create user foo@'127.0.0.1'; ---connect (con1,127.0.0.1,foo,,) +--connect (con1,127.0.0.1,foo,,"*NO-ONE*") --connection default select user from information_schema.processlist; diff --git a/mysql-test/main/kill.result b/mysql-test/main/kill.result index cbb0598485f..9aea9fbf592 100644 --- a/mysql-test/main/kill.result +++ b/mysql-test/main/kill.result @@ -385,7 +385,7 @@ ERROR HY000: Unknown query id: 0 CREATE USER u1@localhost; SELECT SLEEP(1000); connection con1; -connect con5, localhost, u1,,; +connect con5, localhost, u1,,"*NO-ONE*"; KILL QUERY ID ID; ERROR HY000: You are not owner of query ID connection con1; diff --git a/mysql-test/main/kill.test b/mysql-test/main/kill.test index 1bb31bc665d..e30a3745884 100644 --- a/mysql-test/main/kill.test +++ b/mysql-test/main/kill.test @@ -624,7 +624,7 @@ let $wait_condition= SELECT @id:=QUERY_ID FROM INFORMATION_SCHEMA.PROCESSLIST WH source include/wait_condition.inc; let $id= `SELECT @id`; -connect(con5, localhost, u1,,); +connect(con5, localhost, u1,,"*NO-ONE*"); --replace_result $id ID --error ER_KILL_QUERY_DENIED_ERROR eval KILL QUERY ID $id; diff --git a/mysql-test/main/lock_multi.result b/mysql-test/main/lock_multi.result index 30cd63e60ed..52196d835ec 100644 --- a/mysql-test/main/lock_multi.result +++ b/mysql-test/main/lock_multi.result @@ -128,7 +128,6 @@ mysql.global_priv optimize status OK UNLOCK TABLES; connection reader; host -localhost USE test; connection locker; use test; diff --git a/mysql-test/main/lock_user.result b/mysql-test/main/lock_user.result index 24fff2105ab..945cd7020e4 100644 --- a/mysql-test/main/lock_user.result +++ b/mysql-test/main/lock_user.result @@ -7,7 +7,7 @@ alter user user1@localhost account lock; alter user user1@localhost account unlock; create user user3@localhost account lock; drop user user3@localhost; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; alter user user2@localhost account lock; ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation @@ -21,7 +21,7 @@ alter user user1@localhost account lock; connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); connect con1,localhost,user1; ERROR HY000: Access denied, this account is locked -connect con2,localhost,user2; +connect con2,localhost,user2,,"*NO-ONE*"; disconnect con2; connection default; alter user user1@localhost account unlock; @@ -101,7 +101,7 @@ drop user newuser@localhost; # Users should be able to lock themselves # grant CREATE USER on *.* to user1@localhost; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; alter user user1@localhost account lock; disconnect con1; @@ -115,7 +115,7 @@ alter user user1@localhost account unlock; # had been established before the accounts were locked # grant CREATE USER on *.* to user1@localhost; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; alter user user1@localhost account lock; connection con1; alter user user1@localhost account unlock; diff --git a/mysql-test/main/lock_user.test b/mysql-test/main/lock_user.test index 4e480c19360..589528a22f3 100644 --- a/mysql-test/main/lock_user.test +++ b/mysql-test/main/lock_user.test @@ -15,7 +15,7 @@ alter user user1@localhost account unlock; create user user3@localhost account lock; drop user user3@localhost; -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_SPECIFIC_ACCESS_DENIED_ERROR alter user user2@localhost account lock; @@ -31,7 +31,7 @@ alter user user1@localhost account lock; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCOUNT_HAS_BEEN_LOCKED connect(con1,localhost,user1); -connect(con2,localhost,user2); +connect(con2,localhost,user2,,"*NO-ONE*"); disconnect con2; connection default; alter user user1@localhost account unlock; @@ -106,7 +106,7 @@ drop user newuser@localhost; --echo # Users should be able to lock themselves --echo # grant CREATE USER on *.* to user1@localhost; -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; alter user user1@localhost account lock; disconnect con1; @@ -121,7 +121,7 @@ alter user user1@localhost account unlock; --echo # had been established before the accounts were locked --echo # grant CREATE USER on *.* to user1@localhost; -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); alter user user1@localhost account lock; connection con1; alter user user1@localhost account unlock; diff --git a/mysql-test/main/lock_view.result b/mysql-test/main/lock_view.result index 48c45dcf23d..82aeb074ebf 100644 --- a/mysql-test/main/lock_view.result +++ b/mysql-test/main/lock_view.result @@ -154,13 +154,13 @@ USE `mysqltest3`; /*!50001 SET character_set_client = @saved_cs_client */; /*!50001 SET character_set_results = @saved_cs_results */; /*!50001 SET collation_connection = @saved_col_connection */; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3 write; ERROR 42000: Access denied for user 'invoker'@'localhost' to database 'mysqltest3' disconnect inv; connection default; grant lock tables on mysqltest3.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; show create view mysqltest3.v3; View Create View character_set_client collation_connection v3 CREATE ALGORITHM=UNDEFINED DEFINER=`definer`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest3`.`v3` AS select `v2`.`a` AS `a` from `mysqltest2`.`v2` latin1 latin1_swedish_ci @@ -187,7 +187,6 @@ information_schema mysqltest1 mysqltest2 performance_schema -test lock table mysqltest3.v3ps write; select * from mysqltest3.v3ps; user @@ -201,7 +200,7 @@ select * from mysqltest3.v3nt; disconnect inv; connection default; grant lock tables on mysqltest2.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3 write; ERROR HY000: View 'mysqltest3.v3' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them lock table mysqltest3.v3i write; @@ -209,7 +208,7 @@ ERROR HY000: View 'mysqltest3.v3i' references invalid table(s) or column(s) or f disconnect inv; connection default; grant lock tables on mysqltest1.* to definer@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3 write; select * from mysqltest3.v3; a @@ -218,7 +217,7 @@ ERROR HY000: View 'mysqltest3.v3i' references invalid table(s) or column(s) or f disconnect inv; connection default; grant lock tables on mysqltest1.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3i write; select * from mysqltest3.v3i; a diff --git a/mysql-test/main/lock_view.test b/mysql-test/main/lock_view.test index abb8d317946..2a37abeafb9 100644 --- a/mysql-test/main/lock_view.test +++ b/mysql-test/main/lock_view.test @@ -24,14 +24,14 @@ create definer=definer@localhost sql security invoker view mysqltest3.v3i as sel exec $MYSQL_DUMP --compact -B mysqltest1 mysqltest2 mysqltest3; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; error ER_DBACCESS_DENIED_ERROR; lock table mysqltest3.v3 write; disconnect inv; connection default; grant lock tables on mysqltest3.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; show create view mysqltest3.v3; show create view mysqltest3.v3is; show create view mysqltest3.v3ps; @@ -48,7 +48,7 @@ disconnect inv; connection default; grant lock tables on mysqltest2.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; error ER_VIEW_INVALID; lock table mysqltest3.v3 write; error ER_VIEW_INVALID; @@ -57,7 +57,7 @@ disconnect inv; connection default; grant lock tables on mysqltest1.* to definer@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3 write; select * from mysqltest3.v3; error ER_VIEW_INVALID; lock table mysqltest3.v3i write; @@ -65,7 +65,7 @@ disconnect inv; connection default; grant lock tables on mysqltest1.* to invoker@localhost; -connect inv,localhost,invoker; +connect inv,localhost,invoker,,"*NO-ONE*"; lock table mysqltest3.v3i write; select * from mysqltest3.v3i; disconnect inv; connection default; diff --git a/mysql-test/main/long_host.result b/mysql-test/main/long_host.result index 4c479e36fa9..972e67d517c 100644 --- a/mysql-test/main/long_host.result +++ b/mysql-test/main/long_host.result @@ -20,7 +20,7 @@ create table mariadbtestdb.t3 (a int); SET @saved_dbug = @@GLOBAL.debug_dbug; set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,getaddrinfo_fake_good_ipv4"; # check connect -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select current_user(); current_user() @@ -43,7 +43,7 @@ a connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table 't1' @@ -53,7 +53,7 @@ ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_3456 connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -66,7 +66,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; a b @@ -79,7 +79,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; +connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,; connection con1; select * from mariadbtestdb.t1; ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table 't1' @@ -96,6 +96,7 @@ CREATE ROLE role5678901_345678902_345678903_345678904_345678905_345678906_345678 ERROR HY000: String 'role5678901_345678902_345678903_345678904_345678905_345678906_34567...' is too long for user name (should be no longer than 128) grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; connect con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,; diff --git a/mysql-test/main/long_host.test b/mysql-test/main/long_host.test index f176279749a..db3e58644e2 100644 --- a/mysql-test/main/long_host.test +++ b/mysql-test/main/long_host.test @@ -34,7 +34,7 @@ set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,ge --echo # check connect -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select current_user(); @@ -59,7 +59,7 @@ select * from mariadbtestdb2.t2; connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -72,7 +72,7 @@ select * from mariadbtestdb2.t2; connection default; grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -85,7 +85,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; select * from mariadbtestdb.t1; --error ER_TABLEACCESS_DENIED_ERROR @@ -99,7 +99,7 @@ connection default; REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; -connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,); +connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,); connection con1; --error ER_TABLEACCESS_DENIED_ERROR select * from mariadbtestdb.t1; @@ -124,6 +124,8 @@ grant SELECT (a) ON mariadbtestdb.t1 TO role5678901_345678902_345678903_34567890 REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; +GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; + grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345; disconnect con1; diff --git a/mysql-test/main/max_password_errors.result b/mysql-test/main/max_password_errors.result index 020761b4f2e..d6224ca4b7d 100644 --- a/mysql-test/main/max_password_errors.result +++ b/mysql-test/main/max_password_errors.result @@ -14,17 +14,17 @@ connect(localhost,u,bad_pass,test,MASTER_PORT,MASTER_SOCKET); connect con1, localhost, u, bad_pass; ERROR HY000: User is blocked because of too many credential errors; unblock with 'FLUSH PRIVILEGES' FLUSH PRIVILEGES; -connect con1, localhost, u, good_pass; +connect con1, localhost, u, good_pass,"*NO-ONE*"; disconnect con1; -connect(localhost,u,bad_pass,test,MASTER_PORT,MASTER_SOCKET); -connect con1, localhost, u, bad_pass; +connect(localhost,u,bad_pass,,MASTER_PORT,MASTER_SOCKET); +connect con1, localhost, u, bad_pass,"*NO-ONE*"; ERROR 28000: Access denied for user 'u'@'localhost' (using password: YES) -connect con1, localhost, u, good_pass; +connect con1, localhost, u, good_pass,"*NO-ONE*"; disconnect con1; -connect(localhost,u,bad_pass,test,MASTER_PORT,MASTER_SOCKET); -connect con1, localhost, u, bad_pass; +connect(localhost,u,bad_pass,,MASTER_PORT,MASTER_SOCKET); +connect con1, localhost, u, bad_pass,"*NO-ONE*"; ERROR 28000: Access denied for user 'u'@'localhost' (using password: YES) -connect con1, localhost, u, good_pass; +connect con1, localhost, u, good_pass,"*NO-ONE*"; ERROR 28000: Access denied for user 'u'@'localhost' (using password: YES) ERROR 28000: Access denied for user 'u'@'localhost' (using password: YES) ERROR HY000: User is blocked because of too many credential errors; unblock with 'FLUSH PRIVILEGES' @@ -34,10 +34,10 @@ FLUSH PRIVILEGES; connect(localhost,root,bas_pass,test,MASTER_PORT,MASTER_SOCKET); connect con1, localhost, root, bas_pass; ERROR 28000: Access denied for user 'root'@'localhost' (using password: YES) -connect(localhost,root,bad_pass,test,MASTER_PORT,MASTER_SOCKET); -connect con1, localhost, root, bad_pass; +connect(localhost,root,bad_pass,,MASTER_PORT,MASTER_SOCKET); +connect con1, localhost, root, bad_pass,"*NO-ONE*"; ERROR 28000: Access denied for user 'root'@'localhost' (using password: YES) -connect con1, localhost, u, good_pass; +connect con1, localhost, u, good_pass,"*NO-ONE*"; disconnect con1; connection default; DROP USER u; diff --git a/mysql-test/main/max_password_errors.test b/mysql-test/main/max_password_errors.test index 1debca0258d..cd5e3ccc05a 100644 --- a/mysql-test/main/max_password_errors.test +++ b/mysql-test/main/max_password_errors.test @@ -20,19 +20,19 @@ connect(con1, localhost, u, bad_pass); # Test that FLUSH PRIVILEGES clears the error FLUSH PRIVILEGES; -connect (con1, localhost, u, good_pass); +connect (con1, localhost, u, good_pass,"*NO-ONE*"); disconnect con1; # Test that good login clears the error --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT error ER_ACCESS_DENIED_ERROR; -connect (con1, localhost, u, bad_pass); -connect (con1, localhost, u, good_pass); +connect (con1, localhost, u, bad_pass,"*NO-ONE*"); +connect (con1, localhost, u, good_pass,"*NO-ONE*"); disconnect con1; --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT error ER_ACCESS_DENIED_ERROR; -connect (con1, localhost, u, bad_pass); -connect (con1, localhost, u, good_pass); +connect (con1, localhost, u, bad_pass,"*NO-ONE*"); +connect (con1, localhost, u, good_pass,"*NO-ONE*"); # Test the behavior of change_user --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT @@ -55,10 +55,10 @@ error ER_ACCESS_DENIED_ERROR; connect(con1, localhost, root, bas_pass); --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT error ER_ACCESS_DENIED_ERROR; -connect (con1, localhost, root, bad_pass); -connect (con1, localhost, u, good_pass); +connect (con1, localhost, root, bad_pass,"*NO-ONE*"); +connect (con1, localhost, u, good_pass,"*NO-ONE*"); disconnect con1; connection default; DROP USER u; FLUSH PRIVILEGES; -set global max_password_errors=@old_max_password_errors;
\ No newline at end of file +set global max_password_errors=@old_max_password_errors; diff --git a/mysql-test/main/mysql_upgrade.result b/mysql-test/main/mysql_upgrade.result index 0649c9139fd..2dd5adf3900 100644 --- a/mysql-test/main/mysql_upgrade.result +++ b/mysql-test/main/mysql_upgrade.result @@ -1963,7 +1963,7 @@ flush privileges; show create user user3@localhost; CREATE USER for user3@localhost CREATE USER `user3`@`localhost` IDENTIFIED BY PASSWORD '*5DC1D11F45824A9DD613961F05C1EC1E7A1601AA' PASSWORD EXPIRE NEVER -connect con1,localhost,user3,a_password; +connect con1,localhost,user3,a_password,"*NO-ONE*"; select current_user(); current_user() user3@localhost @@ -1973,7 +1973,7 @@ connection default; show create user user3@localhost; CREATE USER for user3@localhost CREATE USER `user3`@`localhost` IDENTIFIED BY PASSWORD '*5DC1D11F45824A9DD613961F05C1EC1E7A1601AA' -connect con1,localhost,user3,a_password; +connect con1,localhost,user3,a_password,"*NO-ONE*"; select current_user(); current_user() user3@localhost @@ -2163,7 +2163,7 @@ OK SHOW CREATE USER mariadb_102; CREATE USER for mariadb_102@% CREATE USER `mariadb_102`@`%` -connect con1,localhost,mariadb_102; +connect con1,localhost,mariadb_102,,"*NO-ONE*"; select current_user(); current_user() mariadb_102@% diff --git a/mysql-test/main/mysql_upgrade.test b/mysql-test/main/mysql_upgrade.test index 083f033daf5..0bfce9cc879 100644 --- a/mysql-test/main/mysql_upgrade.test +++ b/mysql-test/main/mysql_upgrade.test @@ -392,7 +392,7 @@ update mysql.user set password=authentication_string, authentication_string='' w select password,plugin,authentication_string from mysql.user where user='user3'; flush privileges; show create user user3@localhost; -connect con1,localhost,user3,a_password; +connect con1,localhost,user3,a_password,"*NO-ONE*"; select current_user(); disconnect con1; connection default; @@ -400,7 +400,7 @@ connection default; --exec $MYSQL_UPGRADE --force --silent 2>&1 --remove_file $MYSQLD_DATADIR/mysql_upgrade_info show create user user3@localhost; -connect con1,localhost,user3,a_password; +connect con1,localhost,user3,a_password,"*NO-ONE*"; select current_user(); disconnect con1; connection default; @@ -462,7 +462,7 @@ FLUSH PRIVILEGES; --exec $MYSQL_UPGRADE --force 2>&1 # Should not have "PASSWORD EXPIRED" SHOW CREATE USER mariadb_102; -connect con1,localhost,mariadb_102; +connect con1,localhost,mariadb_102,,"*NO-ONE*"; select current_user(); disconnect con1; connection default; diff --git a/mysql-test/main/mysql_upgrade_to_100502.result b/mysql-test/main/mysql_upgrade_to_100502.result index 15095809092..7235b16aa5a 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.result +++ b/mysql-test/main/mysql_upgrade_to_100502.result @@ -84,15 +84,15 @@ GRANT BINLOG MONITOR, SLAVE MONITOR ON *.* TO `user_replclient`@`localhost` SHOW GRANTS FOR user_replslave@localhost; Grants for user_replslave@localhost GRANT REPLICATION SLAVE, SLAVE MONITOR ON *.* TO `user_replslave`@`localhost` -connect con1,localhost,user_super_replslave,,test; +connect con1,localhost,user_super_replslave,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replclient,,test; +connect con1,localhost,user_replclient,,"*NO-ONE*"; connection con1; SHOW SLAVE STATUS; disconnect con1; -connect con1,localhost,user_replslave,,test; +connect con1,localhost,user_replslave,,"*NO-ONE*"; connection con1; SHOW RELAYLOG EVENTS; disconnect con1; diff --git a/mysql-test/main/mysql_upgrade_to_100502.test b/mysql-test/main/mysql_upgrade_to_100502.test index b5a44080f17..fc47f0c94aa 100644 --- a/mysql-test/main/mysql_upgrade_to_100502.test +++ b/mysql-test/main/mysql_upgrade_to_100502.test @@ -87,21 +87,21 @@ SHOW GRANTS FOR user_replclient@localhost; --echo # SHOW GRANTS FOR user_replslave@localhost; ---connect (con1,localhost,user_super_replslave,,test) +--connect (con1,localhost,user_super_replslave,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replclient,,test) +--connect (con1,localhost,user_replclient,,"*NO-ONE*") --connection con1 --disable_result_log SHOW SLAVE STATUS; --enable_result_log --disconnect con1 ---connect (con1,localhost,user_replslave,,test) +--connect (con1,localhost,user_replslave,,"*NO-ONE*") --connection con1 --disable_ps_protocol --disable_result_log diff --git a/mysql-test/main/mysqldump.result b/mysql-test/main/mysqldump.result index 1b4c8775448..00b0e2fe7a5 100644 --- a/mysql-test/main/mysqldump.result +++ b/mysql-test/main/mysqldump.result @@ -3745,6 +3745,7 @@ use test; # Bug#21215 mysqldump creating incomplete backups without warning # create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); reset master; mysqldump: Couldn't execute 'FLUSH /*!40101 LOCAL */ TABLES': Access denied; you need (at least one of) the RELOAD privilege(s) for this operation (1227) @@ -5796,6 +5797,8 @@ drop tables t2, t1; # MDEV-22037: Add ability to skip content of some tables # (work around for MDEV-20939) # +create user a; +grant SELECT on test.* to a; use mysql; # check that all tables we need are not empty select count(*) >= 1 from mysql.proc; @@ -5809,6 +5812,7 @@ FOUND 1 /INSERT INTO `proc`/ in MDEV-20939.sql NOT FOUND /INSERT INTO `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `db`/ in MDEV-20939.sql FOUND 1 /CREATE TABLE `proc`/ in MDEV-20939.sql +drop user a; use test; # End of 10.1 tests # diff --git a/mysql-test/main/mysqldump.test b/mysql-test/main/mysqldump.test index fc6a426d554..a881605a73b 100644 --- a/mysql-test/main/mysqldump.test +++ b/mysql-test/main/mysqldump.test @@ -1380,6 +1380,7 @@ use test; # Create user without sufficient privs to perform the requested operation create user mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; create table t1(a int, b varchar(34)); # To get consistent output, reset the master, starts over from first log @@ -2694,6 +2695,8 @@ drop tables t2, t1; --echo # (work around for MDEV-20939) --echo # +create user a; +grant SELECT on test.* to a; use mysql; --echo # check that all tables we need are not empty @@ -2719,6 +2722,7 @@ let SEARCH_PATTERN=CREATE TABLE `proc`; source include/search_pattern_in_file.inc; --remove_file $MYSQLTEST_VARDIR/tmp/MDEV-20939.sql +drop user a; use test; --echo # End of 10.1 tests diff --git a/mysql-test/main/nested_profiling.result b/mysql-test/main/nested_profiling.result index b8bceba480a..11b83b25e46 100644 --- a/mysql-test/main/nested_profiling.result +++ b/mysql-test/main/nested_profiling.result @@ -3,7 +3,7 @@ SET @saved_init_connect=@@GLOBAL.init_connect; SET GLOBAL init_connect="set @a=2;set @b=3"; SET GLOBAL profiling=on; create user mysqltest1@localhost; -connect con1,localhost,mysqltest1,,; +connect con1,localhost,mysqltest1,,"*NO-ONE*"; connection con1; SELECT @a, @b; @a @b diff --git a/mysql-test/main/nested_profiling.test b/mysql-test/main/nested_profiling.test index ba89aefc647..dc6b3dc2209 100644 --- a/mysql-test/main/nested_profiling.test +++ b/mysql-test/main/nested_profiling.test @@ -27,7 +27,7 @@ SET GLOBAL init_connect="set @a=2;set @b=3"; SET GLOBAL profiling=on; create user mysqltest1@localhost; -connect (con1,localhost,mysqltest1,,); +connect (con1,localhost,mysqltest1,,"*NO-ONE*"); connection con1; SELECT @a, @b; --replace_column 2 # diff --git a/mysql-test/main/not_embedded_server.result b/mysql-test/main/not_embedded_server.result index 0b952f93ad8..19e862e07a5 100644 --- a/mysql-test/main/not_embedded_server.result +++ b/mysql-test/main/not_embedded_server.result @@ -31,6 +31,7 @@ CREATE TABLE t2 (key2 INT); INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; connect con1,localhost,nopriv_user,,; connection con1; diff --git a/mysql-test/main/not_embedded_server.test b/mysql-test/main/not_embedded_server.test index 20f75db25d5..079c0c85bcd 100644 --- a/mysql-test/main/not_embedded_server.test +++ b/mysql-test/main/not_embedded_server.test @@ -59,6 +59,7 @@ INSERT INTO t1 VALUES (1),(2); CREATE FUNCTION f() RETURNS INT RETURN 1; GRANT FILE ON *.* TO 'nopriv_user'@'localhost'; +GRANT SELECT,INSERT,CREATE ON test.* TO 'nopriv_user'@'localhost'; FLUSH PRIVILEGES; diff --git a/mysql-test/main/partition_symlink.result b/mysql-test/main/partition_symlink.result index b5a976e3a9e..7ecb87a9f46 100644 --- a/mysql-test/main/partition_symlink.result +++ b/mysql-test/main/partition_symlink.result @@ -47,6 +47,7 @@ DROP TABLE t1, t2; # test.t1 have partitions in mysqltest2-directory! # user root: CREATE USER mysqltest_1@localhost; +GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/partition_symlink.test b/mysql-test/main/partition_symlink.test index 7e09c7d0642..4b205554202 100644 --- a/mysql-test/main/partition_symlink.test +++ b/mysql-test/main/partition_symlink.test @@ -73,6 +73,7 @@ DROP TABLE t1, t2; -- echo # test.t1 have partitions in mysqltest2-directory! -- echo # user root: CREATE USER mysqltest_1@localhost; + GRANT ALL ON test.* to mysqltest_1@localhost; CREATE DATABASE mysqltest2; USE mysqltest2; CREATE TABLE t1 (a INT) ENGINE = MyISAM; diff --git a/mysql-test/main/password_expiration.result b/mysql-test/main/password_expiration.result index 897811bb4ad..e3492af3934 100644 --- a/mysql-test/main/password_expiration.result +++ b/mysql-test/main/password_expiration.result @@ -4,7 +4,7 @@ create user user1@localhost; alter user user1@localhost password expire; create user user2@localhost; -connect con2,localhost,user2; +connect con2,localhost,user2,,"*NO-ONE*"; connection con2; alter user user1@localhost password expire; ERROR 42000: Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation @@ -22,7 +22,7 @@ connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); connect con1,localhost,user1; ERROR HY000: Your password has expired. To log in you must change it using a client that supports expired passwords set global disconnect_on_expired_password=OFF; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; select 1; ERROR HY000: You must SET PASSWORD before executing this statement @@ -55,7 +55,7 @@ drop user user1@localhost; create user user1@localhost password expire; grant create user on *.* to user1@localhost; set global disconnect_on_expired_password=OFF; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; select 1; ERROR HY000: You must SET PASSWORD before executing this statement @@ -198,7 +198,7 @@ connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); connect con1,localhost,user1; ERROR HY000: Your password has expired. To log in you must change it using a client that supports expired passwords set global disconnect_on_expired_password=OFF; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; select 1; ERROR HY000: You must SET PASSWORD before executing this statement @@ -234,7 +234,7 @@ drop user user1@localhost; # set global disconnect_on_expired_password= ON; create user user1@localhost password expire interval 2 day; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; disconnect con1; connection default; set @tstamp_expired= UNIX_TIMESTAMP(NOW() - INTERVAL 3 DAY); @@ -258,7 +258,7 @@ update mysql.global_priv set priv=json_set(priv, '$.password_last_changed', @tstamp_expired) where user='user1'; flush privileges; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; disconnect con1; connection default; drop user user1@localhost; diff --git a/mysql-test/main/password_expiration.test b/mysql-test/main/password_expiration.test index b7d1269537a..184af3a7a44 100644 --- a/mysql-test/main/password_expiration.test +++ b/mysql-test/main/password_expiration.test @@ -12,7 +12,7 @@ alter user user1@localhost password expire; create user user2@localhost; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con2,localhost,user2); +connect(con2,localhost,user2,,"*NO-ONE*"); connection con2; --error ER_SPECIFIC_ACCESS_DENIED_ERROR alter user user1@localhost password expire; @@ -35,7 +35,7 @@ connect(con1,localhost,user1); # should allow the client to enter sandbox mode set global disconnect_on_expired_password=OFF; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_MUST_CHANGE_PASSWORD select 1; @@ -74,7 +74,7 @@ create user user1@localhost password expire; grant create user on *.* to user1@localhost; set global disconnect_on_expired_password=OFF; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_MUST_CHANGE_PASSWORD select 1; @@ -180,7 +180,7 @@ connect(con1,localhost,user1); set global disconnect_on_expired_password=OFF; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; --error ER_MUST_CHANGE_PASSWORD select 1; @@ -224,7 +224,7 @@ drop user user1@localhost; set global disconnect_on_expired_password= ON; create user user1@localhost password expire interval 2 day; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); disconnect con1; connection default; @@ -254,7 +254,7 @@ update mysql.global_priv set flush privileges; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); disconnect con1; connection default; drop user user1@localhost; diff --git a/mysql-test/main/plugin_auth.result b/mysql-test/main/plugin_auth.result index 3d86d713009..5554755aeca 100644 --- a/mysql-test/main/plugin_auth.result +++ b/mysql-test/main/plugin_auth.result @@ -11,8 +11,8 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; plugin authentication_string test_plugin_server plug_dest ## test plugin auth -connect(localhost,plug,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); -connect plug_con,localhost,plug,plug_dest; +connect(localhost,plug,plug_dest,,MYSQL_PORT,MYSQL_SOCK); +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug; test proxies_priv columns @@ -33,7 +33,7 @@ proxies_priv CREATE TABLE `proxies_priv` ( PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`), KEY `Grantor` (`Grantor`) ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='User proxy privileges' -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -46,14 +46,14 @@ connect(localhost,plug,bad_credentials,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con,localhost,plug,bad_credentials; ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES) ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name; +connect plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% connection default; disconnect plug_con_wrongp; ## test correct default plugin -connect plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin; +connect plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug@localhost plug_dest@% @@ -67,7 +67,7 @@ DROP USER grant_user; ## test utf-8 user name CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect non_ascii,localhost,Ÿ,plug_dest; +connect non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() Ÿ@localhost plug_dest@% @@ -80,7 +80,8 @@ CREATE DATABASE test_grant_db; GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; -connect plug_con_grant,localhost,new_grant_user,plug_dest; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; +connect plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost plug_dest@% @@ -96,11 +97,10 @@ IDENTIFIED BY 'new_password'; connect(localhost,new_grant_user,plug_dest,test,MYSQL_PORT,MYSQL_SOCK); connect plug_con_grant_deny,localhost,new_grant_user,plug_dest; ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES) -connect plug_con_grant,localhost,new_grant_user,new_password; +connect plug_con_grant,localhost,new_grant_user,new_password,test_grant_db; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_grant_user@localhost new_grant_user@% -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -137,7 +137,7 @@ ERROR 42000: You have an error in your SQL syntax; check the manual that corresp # this should fail : no such grant REVOKE PROXY ON grant_plug_dest FROM grant_plug; ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%' -connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd; +connect grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"; ## testing what an ordinary user can grant this should fail : no rights to grant all GRANT PROXY ON ''@'%%' TO grant_plug; @@ -219,7 +219,7 @@ ERROR HY000: Variable 'proxy_user' is a read only variable SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.proxy_user; @@LOCAL.proxy_user 'plug'@'%' @@ -248,7 +248,7 @@ ERROR HY000: Variable 'external_user' is a read only variable SELECT @@LOCAL.external_user; @@LOCAL.external_user NULL -connect plug_con,localhost,plug,plug_dest; +connect plug_con,localhost,plug,plug_dest,"*NO-ONE*"; SELECT @@LOCAL.external_user; @@LOCAL.external_user plug_dest @@ -347,7 +347,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'cleartext_test'; ## test plugin auth ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES) -connect cleartext_con,localhost,uplain,cleartext_test; +connect cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() uplain@localhost uplain@localhost @@ -453,7 +453,7 @@ ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password CREATE USER bug12610784@localhost; SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); ERROR 28000: Access denied for user 'bug12610784'@'localhost' (using password: NO) -connect b12610784,localhost,bug12610784,secret,test; +connect b12610784,localhost,bug12610784,secret,"*NO-ONE*"; connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -466,14 +466,14 @@ IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest'; CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect bug12818542_con,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect bug12818542_con2,localhost,bug12818542,bug12818542_dest; +connect bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() bug12818542@localhost bug12818542_dest@localhost diff --git a/mysql-test/main/plugin_auth.test b/mysql-test/main/plugin_auth.test index 30e4fa6e0ad..82b116e2cc1 100644 --- a/mysql-test/main/plugin_auth.test +++ b/mysql-test/main/plugin_auth.test @@ -17,7 +17,7 @@ SELECT plugin,authentication_string FROM mysql.user WHERE User='plug'; --echo ## test plugin auth --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCESS_DENIED_ERROR : this should fail : no grant -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); GRANT PROXY ON plug_dest TO plug; --echo test proxies_priv columns @@ -26,7 +26,7 @@ SELECT * FROM mysql.proxies_priv WHERE user !='root'; --echo test mysql.proxies_priv; SHOW CREATE TABLE mysql.proxies_priv; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); --echo ## test SET PASSWORD @@ -42,13 +42,13 @@ disconnect plug_con; connect(plug_con,localhost,plug,bad_credentials); --echo ## test bad default plugin : nothing bad happens, as that plugin was't required by the server -connect(plug_con_wrongp,localhost,plug,plug_dest,,,,,wrong_plugin_name); +connect(plug_con_wrongp,localhost,plug,plug_dest,"*NO-ONE*",,,,wrong_plugin_name); select USER(),CURRENT_USER(); connection default; disconnect plug_con_wrongp; --echo ## test correct default plugin -connect(plug_con_rightp,localhost,plug,plug_dest,,,,,auth_test_plugin); +connect(plug_con_rightp,localhost,plug,plug_dest,"*NO-ONE*",,,,auth_test_plugin); select USER(),CURRENT_USER(); connection default; disconnect plug_con_rightp; @@ -64,7 +64,7 @@ CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO `Ÿ`; -connect(non_ascii,localhost,Ÿ,plug_dest); +connect(non_ascii,localhost,Ÿ,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -80,8 +80,9 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'; GRANT PROXY ON plug_dest TO new_grant_user; +GRANT CREATE, DROP ON test_grant_db.* TO 'plug_dest'@'%'; -connect(plug_con_grant,localhost,new_grant_user,plug_dest); +connect(plug_con_grant,localhost,new_grant_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); USE test_grant_db; CREATE TABLE t1 (a INT); @@ -98,9 +99,8 @@ GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user --error ER_ACCESS_DENIED_ERROR connect(plug_con_grant_deny,localhost,new_grant_user,plug_dest); -connect(plug_con_grant,localhost,new_grant_user,new_password); +connect(plug_con_grant,localhost,new_grant_user,new_password,test_grant_db); select USER(),CURRENT_USER(); -USE test_grant_db; CREATE TABLE t1 (a INT); DROP TABLE t1; connection default; @@ -155,7 +155,7 @@ GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug; --error ER_NONEXISTING_GRANT REVOKE PROXY ON grant_plug_dest FROM grant_plug; -connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd); +connect(grant_plug_dest_con,localhost,grant_plug_dest,grant_plug_dest_passwd,"*NO-ONE*"); --echo ## testing what an ordinary user can grant --echo this should fail : no rights to grant all @@ -258,7 +258,7 @@ SET GLOBAL proxy_user = 'test'; SET LOCAL proxy_user = 'test'; SELECT @@LOCAL.proxy_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.proxy_user; connection default; disconnect plug_con; @@ -284,7 +284,7 @@ SET GLOBAL external_user = 'test'; SET LOCAL external_user = 'test'; SELECT @@LOCAL.external_user; -connect(plug_con,localhost,plug,plug_dest); +connect(plug_con,localhost,plug,plug_dest,"*NO-ONE*"); SELECT @@LOCAL.external_user; connection default; disconnect plug_con; @@ -414,7 +414,7 @@ CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server' connect(cleartext_fail_con,localhost,uplain,cleartext_test2); --enable_query_log -connect(cleartext_con,localhost,uplain,cleartext_test); +connect(cleartext_con,localhost,uplain,cleartext_test,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; @@ -529,7 +529,7 @@ SET PASSWORD FOR bug12610784@localhost = PASSWORD('secret'); --error ER_ACCESS_DENIED_ERROR connect(b12610784,localhost,bug12610784,,test); --enable_query_log -connect(b12610784,localhost,bug12610784,secret,test); +connect(b12610784,localhost,bug12610784,secret,"*NO-ONE*"); connection default; disconnect b12610784; DROP USER bug12610784@localhost; @@ -546,7 +546,7 @@ CREATE USER bug12818542_dest@localhost IDENTIFIED BY 'bug12818542_dest_passwd'; GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost; -connect(bug12818542_con,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SET PASSWORD = PASSWORD('bruhaha'); @@ -554,7 +554,7 @@ SET PASSWORD = PASSWORD('bruhaha'); connection default; disconnect bug12818542_con; -connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest); +connect(bug12818542_con2,localhost,bug12818542,bug12818542_dest,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; diff --git a/mysql-test/main/plugin_auth_qa_1.result b/mysql-test/main/plugin_auth_qa_1.result index 24c86f1e2a8..d33662ab618 100644 --- a/mysql-test/main/plugin_auth_qa_1.result +++ b/mysql-test/main/plugin_auth_qa_1.result @@ -6,9 +6,11 @@ mariadb.sys mysql_native_password CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; current_user() plug_dest@% user() @@ -52,6 +54,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; 1) ERROR 1045 (28000): Access denied for user 'plug_user'@'localhost' (using password: YES) GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; 2) current_user() plug_dest@% @@ -103,14 +106,14 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect plug_user,localhost,new_user,plug_dest; +connect plug_user,localhost,new_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost plug_dest@% @@ -134,7 +137,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect plug_user,localhost,plug_user,plug_dest; +connect plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() plug_user@localhost plug_dest@% @@ -176,7 +179,7 @@ User plugin authentication_string mariadb.sys mysql_native_password new_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 new_user test_plugin_server new_dest -connect plug_user,localhost,new_user,new_dest; +connect plug_user,localhost,new_user,new_dest,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_user@localhost new_dest@% @@ -192,7 +195,7 @@ new_dest mysql_native_password *01422E86A6FFF84618914AF149F9AEF64B84170A new_user test_plugin_server new_dest plug_dest mysql_native_password *939AEE68989794C0F408277411C26055CDF41119 GRANT ALL PRIVILEGES ON test.* TO new_user; -connect plug_user,localhost,new_dest,new_dest_passwd; +connect plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"; select USER(),CURRENT_USER(); USER() CURRENT_USER() new_dest@localhost new_dest@% @@ -207,7 +210,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -219,13 +222,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -244,7 +247,7 @@ User plugin authentication_string test_plugin_server proxied_user mariadb.sys mysql_native_password proxied_user mysql_native_password *D7A51428CD38DB3C5293B9321DA1228BFB1611DD -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% @@ -255,13 +258,13 @@ connection default; disconnect proxy_con; ERROR 28000: Access denied for user 'proxy_user'@'localhost' (using password: YES) GRANT PROXY ON proxied_user TO ''@'%%'; -connect proxy_con,localhost,proxied_user,proxied_user_passwd; +connect proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxied_user@localhost proxied_user@% connection default; disconnect proxy_con; -connect proxy_con,localhost,proxy_user,proxied_user; +connect proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() proxy_user@localhost proxied_user@% @@ -291,11 +294,11 @@ proxied_user_2 mysql_native_password *3D948F77C6A988AFDCA9755AB2A6724362557220 proxied_user_3 mysql_native_password *41A18925D237DEE738C76581153990B037F462E3 proxied_user_4 mysql_native_password *F990073A9B96FF535C2D0721406042B8751E593F proxied_user_5 mysql_native_password *5AA915C5D0B5B1336336FD2BF7768BC09FD1F5B2 -connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'; -connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd; -connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd; -connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd; -connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd; +connect proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"; +connect proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"; +connect proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"; +connect proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"; +connect proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"; connection proxy_con_1; SELECT USER(),CURRENT_USER(); USER() CURRENT_USER() diff --git a/mysql-test/main/plugin_auth_qa_1.test b/mysql-test/main/plugin_auth_qa_1.test index c2435a1d800..2d6321a2416 100644 --- a/mysql-test/main/plugin_auth_qa_1.test +++ b/mysql-test/main/plugin_auth_qa_1.test @@ -14,10 +14,12 @@ SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON `plug%dest` TO plug_user; +GRANT ALL ON test_user_db.* TO plug_user; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON `plug%dest` FROM plug_user; GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 REVOKE PROXY ON plug_dest FROM plug_user; @@ -54,6 +56,7 @@ CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; --error 1 --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 GRANT PROXY ON plug_dest TO plug_user; +GRANT ALL ON test_user_db.* TO 'plug_dest'@'%'; --echo 2) --replace_result $MASTER_MYSOCK MASTER_MYSOCK --exec $MYSQL -u plug_user --password=plug_dest -e "SELECT current_user();SELECT user();USE test_user_db;CREATE TABLE t1(a int);SHOW TABLES;DROP TABLE t1;" 2>&1 @@ -103,12 +106,12 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; RENAME USER plug_user TO new_user; -connect(plug_user,localhost,new_user,plug_dest); +connect(plug_user,localhost,new_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; --sorted_result @@ -126,7 +129,7 @@ CREATE USER plug_user IDENTIFIED WITH test_plugin_server AS 'plug_dest'; CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd'; GRANT PROXY ON plug_dest TO plug_user; -connect(plug_user,localhost,plug_user,plug_dest); +connect(plug_user,localhost,plug_user,plug_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -154,7 +157,7 @@ FLUSH PRIVILEGES; GRANT PROXY ON new_dest TO new_user; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(plug_user,localhost,new_user,new_dest); +connect(plug_user,localhost,new_user,new_dest,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -164,7 +167,7 @@ CREATE USER new_dest IDENTIFIED BY 'new_dest_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; GRANT ALL PRIVILEGES ON test.* TO new_user; -connect(plug_user,localhost,new_dest,new_dest_passwd); +connect(plug_user,localhost,new_dest,new_dest_passwd,"*NO-ONE*"); select USER(),CURRENT_USER(); connection default; disconnect plug_user; @@ -176,7 +179,7 @@ CREATE USER ''@'%%' IDENTIFIED WITH test_plugin_server AS 'proxied_user'; CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -187,11 +190,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); --echo ========== test 2.2.1 ====================================== SELECT @@proxy_user; @@ -204,7 +207,7 @@ GRANT ALL PRIVILEGES ON test_user_db.* TO ''@'%%' CREATE USER proxied_user IDENTIFIED BY 'proxied_user_passwd'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -214,11 +217,11 @@ disconnect proxy_con; connect(proxy_con,localhost,proxy_user,proxied_user); --enable_query_log GRANT PROXY ON proxied_user TO ''@'%%'; -connect(proxy_con,localhost,proxied_user,proxied_user_passwd); +connect(proxy_con,localhost,proxied_user,proxied_user_passwd,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); connection default; disconnect proxy_con; -connect(proxy_con,localhost,proxy_user,proxied_user); +connect(proxy_con,localhost,proxy_user,proxied_user,"*NO-ONE*"); SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; connection default; @@ -238,11 +241,11 @@ GRANT PROXY ON proxied_user_4 TO ''@'%%'; GRANT PROXY ON proxied_user_5 TO ''@'%%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; -connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd'); -connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd); -connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd); -connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd); -connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd); +connect(proxy_con_1,localhost,proxied_user_1,'proxied_user_1_pwd',"*NO-ONE*"); +connect(proxy_con_2,localhost,proxied_user_2,proxied_user_2_pwd,"*NO-ONE*"); +connect(proxy_con_3,localhost,proxied_user_3,proxied_user_3_pwd,"*NO-ONE*"); +connect(proxy_con_4,localhost,proxied_user_4,proxied_user_4_pwd,"*NO-ONE*"); +connect(proxy_con_5,localhost,proxied_user_5,proxied_user_5_pwd,"*NO-ONE*"); connection proxy_con_1; SELECT USER(),CURRENT_USER(); SELECT @@proxy_user; diff --git a/mysql-test/main/plugin_auth_qa_2.result b/mysql-test/main/plugin_auth_qa_2.result index de3023a3e42..c4ec8c0a364 100644 --- a/mysql-test/main/plugin_auth_qa_2.result +++ b/mysql-test/main/plugin_auth_qa_2.result @@ -5,6 +5,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string mariadb.sys mysql_native_password @@ -33,6 +34,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; User plugin authentication_string authenticated_as mysql_native_password *DFCACE76914AD7BD801FC1A1ECF6562272621A22 diff --git a/mysql-test/main/plugin_auth_qa_2.test b/mysql-test/main/plugin_auth_qa_2.test index 136419e571f..cc65c385278 100644 --- a/mysql-test/main/plugin_auth_qa_2.test +++ b/mysql-test/main/plugin_auth_qa_2.test @@ -15,6 +15,7 @@ CREATE USER qa_test_1_user IDENTIFIED WITH qa_auth_interface AS 'qa_test_1_dest' CREATE USER qa_test_1_dest IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_1_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_1_dest TO qa_test_1_user; +GRANT ALL ON test_user_db.* TO 'qa_test_1_user'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; @@ -37,6 +38,7 @@ CREATE USER authenticated_as IDENTIFIED BY 'dest_passwd'; GRANT ALL PRIVILEGES ON test_user_db.* TO qa_test_2_dest identified by 'dest_passwd'; GRANT PROXY ON qa_test_2_dest TO qa_test_2_user; GRANT PROXY ON authenticated_as TO qa_test_2_user; +GRANT ALL ON test_user_db.* TO 'authenticated_as'@'%'; --sorted_result SELECT user,plugin,authentication_string FROM mysql.user WHERE user != 'root'; SELECT @@proxy_user; diff --git a/mysql-test/main/plugin_not_embedded.result b/mysql-test/main/plugin_not_embedded.result index a9ac5735137..0f8d7a59527 100644 --- a/mysql-test/main/plugin_not_embedded.result +++ b/mysql-test/main/plugin_not_embedded.result @@ -3,7 +3,7 @@ # CREATE USER bug51770@localhost; GRANT INSERT ON mysql.plugin TO bug51770@localhost; -connect con1,localhost,bug51770,,; +connect con1,localhost,bug51770,,"*NO-ONE*"; INSTALL PLUGIN example SONAME 'ha_example.so'; UNINSTALL PLUGIN example; ERROR 42000: DELETE command denied to user 'bug51770'@'localhost' for table 'plugin' diff --git a/mysql-test/main/plugin_not_embedded.test b/mysql-test/main/plugin_not_embedded.test index a9126053f18..5d5b97fc984 100644 --- a/mysql-test/main/plugin_not_embedded.test +++ b/mysql-test/main/plugin_not_embedded.test @@ -7,7 +7,7 @@ CREATE USER bug51770@localhost; GRANT INSERT ON mysql.plugin TO bug51770@localhost; -connect(con1,localhost,bug51770,,); +connect(con1,localhost,bug51770,,"*NO-ONE*"); --replace_regex /\.dll/.so/ eval INSTALL PLUGIN example SONAME '$HA_EXAMPLE_SO'; --error ER_TABLEACCESS_DENIED_ERROR diff --git a/mysql-test/main/ps.result b/mysql-test/main/ps.result index bb4132d5c31..a78b7a2aa3c 100644 --- a/mysql-test/main/ps.result +++ b/mysql-test/main/ps.result @@ -5636,7 +5636,7 @@ DROP TABLE t1; CREATE USER user1@localhost PASSWORD EXPIRE; SET @disconnect_on_expired_password_save=@@global.disconnect_on_expired_password; SET GLOBAL disconnect_on_expired_password=OFF; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; connection con1; # Check that no regular statement like SELECT can be prepared # by a user with an expired password diff --git a/mysql-test/main/ps.test b/mysql-test/main/ps.test index 678c24db1eb..ded19850e27 100644 --- a/mysql-test/main/ps.test +++ b/mysql-test/main/ps.test @@ -5068,7 +5068,7 @@ CREATE USER user1@localhost PASSWORD EXPIRE; SET @disconnect_on_expired_password_save=@@global.disconnect_on_expired_password; SET GLOBAL disconnect_on_expired_password=OFF; -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); connection con1; --echo # Check that no regular statement like SELECT can be prepared --echo # by a user with an expired password diff --git a/mysql-test/main/ps_show_log.result b/mysql-test/main/ps_show_log.result index 63cd7789de4..dbe078e7d1b 100644 --- a/mysql-test/main/ps_show_log.result +++ b/mysql-test/main/ps_show_log.result @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; # and check that attempt to execute the statements SHOW BINLOG EVENTS/ # SHOW RELAYLOG EVENTS as a prepred statements by a user without required # privileges results in error. -connect con2,localhost,u1,,test; +connect con2,localhost,u1,,"*NO-ONE*"; PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; EXECUTE stmt_1; ERROR 42000: Access denied; you need (at least one of) the BINLOG MONITOR privilege(s) for this operation diff --git a/mysql-test/main/ps_show_log.test b/mysql-test/main/ps_show_log.test index 95000d2d7e0..411b15600e1 100644 --- a/mysql-test/main/ps_show_log.test +++ b/mysql-test/main/ps_show_log.test @@ -51,7 +51,7 @@ DEALLOCATE PREPARE stmt_1; --echo # SHOW RELAYLOG EVENTS as a prepred statements by a user without required --echo # privileges results in error. ---connect (con2,localhost,u1,,test) +--connect (con2,localhost,u1,,"*NO-ONE*") PREPARE stmt_1 FROM 'SHOW BINLOG EVENTS'; --error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/main/query_cache_notembedded.result b/mysql-test/main/query_cache_notembedded.result index 29a091b68c1..1f11e444a8b 100644 --- a/mysql-test/main/query_cache_notembedded.result +++ b/mysql-test/main/query_cache_notembedded.result @@ -383,7 +383,7 @@ INSERT INTO test1 VALUES (5, 'testit'); GRANT SELECT (id) ON TABLE bug30269.test1 TO 'bug30269'@'localhost'; GRANT SELECT ON TABLE bug30269.view1 TO 'bug30269'@'localhost'; set global query_cache_size= 81920; -connect bug30269, localhost, bug30269,,; +connect bug30269, localhost, bug30269,,"*NO-ONE*"; connection bug30269; USE bug30269; show status like 'Qcache_queries_in_cache'; diff --git a/mysql-test/main/query_cache_notembedded.test b/mysql-test/main/query_cache_notembedded.test index 03c9d9e4cd4..316d9f422cd 100644 --- a/mysql-test/main/query_cache_notembedded.test +++ b/mysql-test/main/query_cache_notembedded.test @@ -258,7 +258,7 @@ INSERT INTO test1 VALUES (5, 'testit'); GRANT SELECT (id) ON TABLE bug30269.test1 TO 'bug30269'@'localhost'; GRANT SELECT ON TABLE bug30269.view1 TO 'bug30269'@'localhost'; set global query_cache_size= 81920; -connect (bug30269, localhost, bug30269,,); +connect (bug30269, localhost, bug30269,,"*NO-ONE*"); connection bug30269; USE bug30269; show status like 'Qcache_queries_in_cache'; diff --git a/mysql-test/main/read_only.result b/mysql-test/main/read_only.result index 83dfada5f29..65cc12ffce9 100644 --- a/mysql-test/main/read_only.result +++ b/mysql-test/main/read_only.result @@ -2,6 +2,7 @@ set @start_read_only= @@global.read_only; DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -151,6 +152,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,; connection con_bug27440; @@ -191,6 +193,7 @@ USE test; CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect con1, localhost, user1; connection default; SET GLOBAL read_only= 1; diff --git a/mysql-test/main/read_only.test b/mysql-test/main/read_only.test index 5314b11154f..107a67c31fa 100644 --- a/mysql-test/main/read_only.test +++ b/mysql-test/main/read_only.test @@ -17,6 +17,7 @@ DROP TABLE IF EXISTS t1,t2,t3; create user test@localhost; grant CREATE, SELECT, DROP on *.* to test@localhost; +grant ALL on test.* to test@localhost; connect (con1,localhost,test,,test); @@ -265,6 +266,7 @@ create user `mysqltest_u1`@`%`; grant all on mysqltest_db2.* to `mysqltest_u1`@`%`; create database mysqltest_db1; grant all on mysqltest_db1.* to `mysqltest_u1`@`%`; +grant select on test.* to `mysqltest_u1`@`%`; flush privileges; connect (con_bug27440,127.0.0.1,mysqltest_u1,,test,$MASTER_MYPORT,); connection con_bug27440; @@ -312,6 +314,7 @@ CREATE TABLE t1(a INT); INSERT INTO t1 VALUES (1), (2); CREATE USER user1; +GRANT ALL on test.* to user1; connect (con1, localhost, user1); connection default; diff --git a/mysql-test/main/read_only_innodb.result b/mysql-test/main/read_only_innodb.result index abfc5322ed0..cfc8f2ecb17 100644 --- a/mysql-test/main/read_only_innodb.result +++ b/mysql-test/main/read_only_innodb.result @@ -1,6 +1,6 @@ DROP TABLE IF EXISTS table_11733 ; create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect con1,localhost,test,,test; connection default; set global read_only=0; @@ -25,7 +25,7 @@ drop table table_11733 ; drop user test@localhost; disconnect con1; create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect con1, localhost, test, , test; connection default; CREATE TABLE t1(a INT) ENGINE=INNODB; diff --git a/mysql-test/main/read_only_innodb.test b/mysql-test/main/read_only_innodb.test index 9ba3ccaca07..525c62c1f6c 100644 --- a/mysql-test/main/read_only_innodb.test +++ b/mysql-test/main/read_only_innodb.test @@ -14,7 +14,7 @@ DROP TABLE IF EXISTS table_11733 ; # so we use a non-SUPER one: create user test@localhost; -grant CREATE, SELECT, DROP on *.* to test@localhost; +grant CREATE, SELECT, DROP, INSERT on *.* to test@localhost; connect (con1,localhost,test,,test); @@ -49,7 +49,7 @@ disconnect con1; # # Test 1: read only mode create user test@localhost; -GRANT CREATE, SELECT, DROP ON *.* TO test@localhost; +GRANT CREATE, SELECT, DROP, LOCK TABLES ON *.* TO test@localhost; connect(con1, localhost, test, , test); connection default; diff --git a/mysql-test/main/set_password.result b/mysql-test/main/set_password.result index a3d8683ee64..46d13f4a851 100644 --- a/mysql-test/main/set_password.result +++ b/mysql-test/main/set_password.result @@ -25,64 +25,64 @@ newpassnat localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 mysql_native_pass oldauth localhost 378b243e220ca493 mysql_old_password 378b243e220ca493 oldpass localhost 378b243e220ca493 mysql_old_password 378b243e220ca493 oldpassold localhost 378b243e220ca493 mysql_old_password 378b243e220ca493 -connect con,localhost,natauth,test,; +connect con,localhost,natauth,test,"*NO-ONE*"; select current_user(); current_user() natauth@localhost disconnect con; -connect con,localhost,newpass,test,; +connect con,localhost,newpass,test,"*NO-ONE*"; select current_user(); current_user() newpass@localhost disconnect con; -connect con,localhost,newpassnat,test,; +connect con,localhost,newpassnat,test,"*NO-ONE*"; select current_user(); current_user() newpassnat@localhost disconnect con; -connect con,localhost,oldauth,test,; +connect con,localhost,oldauth,test,"*NO-ONE*"; select current_user(); current_user() oldauth@localhost disconnect con; -connect con,localhost,oldpass,test,; +connect con,localhost,oldpass,test,"*NO-ONE*"; select current_user(); current_user() oldpass@localhost disconnect con; -connect con,localhost,oldpassold,test,; +connect con,localhost,oldpassold,test,"*NO-ONE*"; select current_user(); current_user() oldpassold@localhost disconnect con; connection default; flush privileges; -connect con,localhost,natauth,test,; +connect con,localhost,natauth,test,"*NO-ONE*"; select current_user(); current_user() natauth@localhost disconnect con; -connect con,localhost,newpass,test,; +connect con,localhost,newpass,test,"*NO-ONE*"; select current_user(); current_user() newpass@localhost disconnect con; -connect con,localhost,newpassnat,test,; +connect con,localhost,newpassnat,test,"*NO-ONE*"; select current_user(); current_user() newpassnat@localhost disconnect con; -connect con,localhost,oldauth,test,; +connect con,localhost,oldauth,test,"*NO-ONE*"; select current_user(); current_user() oldauth@localhost disconnect con; -connect con,localhost,oldpass,test,; +connect con,localhost,oldpass,test,"*NO-ONE*"; select current_user(); current_user() oldpass@localhost disconnect con; -connect con,localhost,oldpassold,test,; +connect con,localhost,oldpassold,test,"*NO-ONE*"; select current_user(); current_user() oldpassold@localhost @@ -107,76 +107,76 @@ newpassnat localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_pass oldauth localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E oldpass localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E oldpassold localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E -connect con,localhost,natauth,test2,; +connect con,localhost,natauth,test2,"*NO-ONE*"; select current_user(); current_user() natauth@localhost disconnect con; -connect con,localhost,newpass,test2,; +connect con,localhost,newpass,test2,"*NO-ONE*"; select current_user(); current_user() newpass@localhost disconnect con; -connect con,localhost,newpassnat,test2,; +connect con,localhost,newpassnat,test2,"*NO-ONE*"; select current_user(); current_user() newpassnat@localhost disconnect con; -connect con,localhost,oldauth,test2,; +connect con,localhost,oldauth,test2,"*NO-ONE*"; select current_user(); current_user() oldauth@localhost disconnect con; -connect con,localhost,oldpass,test2,; +connect con,localhost,oldpass,test2,"*NO-ONE*"; select current_user(); current_user() oldpass@localhost disconnect con; -connect con,localhost,oldpassold,test2,; +connect con,localhost,oldpassold,test2,"*NO-ONE*"; select current_user(); current_user() oldpassold@localhost disconnect con; connection default; flush privileges; -connect con,localhost,natauth,test2,; +connect con,localhost,natauth,test2,"*NO-ONE*"; select current_user(); current_user() natauth@localhost disconnect con; -connect con,localhost,newpass,test2,; +connect con,localhost,newpass,test2,"*NO-ONE*"; select current_user(); current_user() newpass@localhost disconnect con; -connect con,localhost,newpassnat,test2,; +connect con,localhost,newpassnat,test2,"*NO-ONE*"; select current_user(); current_user() newpassnat@localhost disconnect con; -connect(localhost,invalidauth,invalid,test,MASTER_PORT,MASTER_SOCKET); -connect con,localhost,invalidauth,invalid,; +connect(localhost,invalidauth,invalid,,MASTER_PORT,MASTER_SOCKET); +connect con,localhost,invalidauth,invalid,"*NO-ONE*"; ERROR 28000: Access denied for user 'invalidauth'@'localhost' (using password: YES) -connect(localhost,invalidpass,invalid,test,MASTER_PORT,MASTER_SOCKET); -connect con,localhost,invalidpass,invalid,; +connect(localhost,invalidpass,invalid,,MASTER_PORT,MASTER_SOCKET); +connect con,localhost,invalidpass,invalid,"*NO-ONE*"; ERROR 28000: Access denied for user 'invalidpass'@'localhost' (using password: YES) -connect(localhost,invalidpassnat,invalid,test,MASTER_PORT,MASTER_SOCKET); -connect con,localhost,invalidpassnat,invalid,; +connect(localhost,invalidpassnat,invalid,,MASTER_PORT,MASTER_SOCKET); +connect con,localhost,invalidpassnat,invalid,"*NO-ONE*"; ERROR 28000: Access denied for user 'invalidpassnat'@'localhost' (using password: YES) -connect(localhost,invalidmysql57auth,invalid,test,MASTER_PORT,MASTER_SOCKET); -connect con,localhost,invalidmysql57auth,invalid,; +connect(localhost,invalidmysql57auth,invalid,,MASTER_PORT,MASTER_SOCKET); +connect con,localhost,invalidmysql57auth,invalid,"*NO-ONE*"; ERROR 28000: Access denied for user 'invalidmysql57auth'@'localhost' (using password: YES) -connect con,localhost,oldauth,test2,; +connect con,localhost,oldauth,test2,"*NO-ONE*"; select current_user(); current_user() oldauth@localhost disconnect con; -connect con,localhost,oldpass,test2,; +connect con,localhost,oldpass,test2,"*NO-ONE*"; select current_user(); current_user() oldpass@localhost disconnect con; -connect con,localhost,oldpassold,test2,; +connect con,localhost,oldpassold,test2,"*NO-ONE*"; select current_user(); current_user() oldpassold@localhost @@ -191,7 +191,7 @@ create user foo@localhost identified with mysql_native_password; update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost'; set password for 'foo'@'localhost' = password('bar'); flush privileges; -connect foo, localhost, foo, bar; +connect foo, localhost, foo, bar,"*NO-ONE*"; select user(), current_user(); user() current_user() foo@localhost foo@localhost diff --git a/mysql-test/main/set_password.test b/mysql-test/main/set_password.test index ec652a09274..a4801ba2b6b 100644 --- a/mysql-test/main/set_password.test +++ b/mysql-test/main/set_password.test @@ -36,22 +36,22 @@ create user invalidmysql57auth@localhost identified via 'mysql_native_password' --sorted_result select user, host, password, plugin, authentication_string from mysql.user where user != 'root'; ---connect(con,localhost,natauth,test,) +--connect(con,localhost,natauth,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpass,test,) +--connect(con,localhost,newpass,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpassnat,test,) +--connect(con,localhost,newpassnat,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldauth,test,) +--connect(con,localhost,oldauth,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpass,test,) +--connect(con,localhost,oldpass,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpassold,test,) +--connect(con,localhost,oldpassold,test,"*NO-ONE*") select current_user(); --disconnect con @@ -59,22 +59,22 @@ select current_user(); flush privileges; ---connect(con,localhost,natauth,test,) +--connect(con,localhost,natauth,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpass,test,) +--connect(con,localhost,newpass,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpassnat,test,) +--connect(con,localhost,newpassnat,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldauth,test,) +--connect(con,localhost,oldauth,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpass,test,) +--connect(con,localhost,oldpass,test,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpassold,test,) +--connect(con,localhost,oldpassold,test,"*NO-ONE*") select current_user(); --disconnect con @@ -91,22 +91,22 @@ set password for oldpassold@localhost = PASSWORD('test2'); --sorted_result select user, host, password, plugin, authentication_string from mysql.user where user != 'root'; ---connect(con,localhost,natauth,test2,) +--connect(con,localhost,natauth,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpass,test2,) +--connect(con,localhost,newpass,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpassnat,test2,) +--connect(con,localhost,newpassnat,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldauth,test2,) +--connect(con,localhost,oldauth,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpass,test2,) +--connect(con,localhost,oldpass,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpassold,test2,) +--connect(con,localhost,oldpassold,test2,"*NO-ONE*") select current_user(); --disconnect con @@ -114,36 +114,36 @@ select current_user(); flush privileges; ---connect(con,localhost,natauth,test2,) +--connect(con,localhost,natauth,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpass,test2,) +--connect(con,localhost,newpass,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,newpassnat,test2,) +--connect(con,localhost,newpassnat,test2,"*NO-ONE*") select current_user(); --disconnect con --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR ---connect(con,localhost,invalidauth,invalid,) +--connect(con,localhost,invalidauth,invalid,"*NO-ONE*") --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR ---connect(con,localhost,invalidpass,invalid,) +--connect(con,localhost,invalidpass,invalid,"*NO-ONE*") --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR ---connect(con,localhost,invalidpassnat,invalid,) +--connect(con,localhost,invalidpassnat,invalid,"*NO-ONE*") --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR ---connect(con,localhost,invalidmysql57auth,invalid,) +--connect(con,localhost,invalidmysql57auth,invalid,"*NO-ONE*") ---connect(con,localhost,oldauth,test2,) +--connect(con,localhost,oldauth,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpass,test2,) +--connect(con,localhost,oldpass,test2,"*NO-ONE*") select current_user(); --disconnect con ---connect(con,localhost,oldpassold,test2,) +--connect(con,localhost,oldpassold,test2,"*NO-ONE*") select current_user(); --disconnect con @@ -161,7 +161,7 @@ create user foo@localhost identified with mysql_native_password; update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost'; set password for 'foo'@'localhost' = password('bar'); flush privileges; ---connect foo, localhost, foo, bar +--connect foo, localhost, foo, bar,"*NO-ONE*" select user(), current_user(); show grants; --disconnect foo diff --git a/mysql-test/main/show_check.result b/mysql-test/main/show_check.result index 9c7d45ba3a4..2f2ca86b0c5 100644 --- a/mysql-test/main/show_check.result +++ b/mysql-test/main/show_check.result @@ -545,7 +545,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_1'@'localhost' for table 't1 drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_1'@'localhost' to database 'mysqltest' disconnect con1; -connect con2,localhost,mysqltest_2,,test; +connect con2,localhost,mysqltest_2,,"*NO-ONE*"; connection con2; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table 't1' @@ -556,7 +556,7 @@ ERROR 42000: DROP command denied to user 'mysqltest_2'@'localhost' for table 't1 drop database mysqltest; ERROR 42000: Access denied for user 'mysqltest_2'@'localhost' to database 'mysqltest' disconnect con2; -connect con3,localhost,mysqltest_3,,test; +connect con3,localhost,mysqltest_3,,"*NO-ONE*"; connection con3; select * from mysqltest.t1; ERROR 42000: SELECT command denied to user 'mysqltest_3'@'localhost' for table 't1' @@ -1471,7 +1471,7 @@ DROP EVENT ev1; SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect conn1, localhost, test_u,,; +connect conn1, localhost, test_u,,"*NO-ONE*"; SHOW ENGINE MYISAM MUTEX; SHOW ENGINE MYISAM STATUS; disconnect conn1; diff --git a/mysql-test/main/show_check.test b/mysql-test/main/show_check.test index 15beaaf0401..2a001866186 100644 --- a/mysql-test/main/show_check.test +++ b/mysql-test/main/show_check.test @@ -349,7 +349,7 @@ drop database mysqltest; disconnect con1; --source include/wait_until_disconnected.inc -connect (con2,localhost,mysqltest_2,,test); +connect (con2,localhost,mysqltest_2,,"*NO-ONE*"); connection con2; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -362,7 +362,7 @@ drop database mysqltest; disconnect con2; --source include/wait_until_disconnected.inc -connect (con3,localhost,mysqltest_3,,test); +connect (con3,localhost,mysqltest_3,,"*NO-ONE*"); connection con3; --error ER_TABLEACCESS_DENIED_ERROR select * from mysqltest.t1; @@ -1255,7 +1255,7 @@ SHOW STORAGE ENGINES; CREATE USER test_u@localhost; GRANT PROCESS ON *.* TO test_u@localhost; -connect (conn1, localhost, test_u,,); +connect (conn1, localhost, test_u,,"*NO-ONE*"); --disable_result_log SHOW ENGINE MYISAM MUTEX; diff --git a/mysql-test/main/shutdown.result b/mysql-test/main/shutdown.result index 681c184f640..2775f1b518e 100644 --- a/mysql-test/main/shutdown.result +++ b/mysql-test/main/shutdown.result @@ -1,5 +1,5 @@ create user user1@localhost; -connect c1,localhost,user1,,; +connect c1,localhost,user1,,"*NO-ONE*"; shutdown; ERROR 42000: Access denied; you need (at least one of) the SHUTDOWN privilege(s) for this operation connection default; diff --git a/mysql-test/main/shutdown.test b/mysql-test/main/shutdown.test index 69616f535b2..e409359a451 100644 --- a/mysql-test/main/shutdown.test +++ b/mysql-test/main/shutdown.test @@ -4,7 +4,7 @@ # create user user1@localhost; -connect (c1,localhost,user1,,); +connect (c1,localhost,user1,,"*NO-ONE*"); --error ER_SPECIFIC_ACCESS_DENIED_ERROR shutdown; diff --git a/mysql-test/main/skip_name_resolve.result b/mysql-test/main/skip_name_resolve.result index fe71b714cbc..a6fb75119ff 100644 --- a/mysql-test/main/skip_name_resolve.result +++ b/mysql-test/main/skip_name_resolve.result @@ -50,7 +50,7 @@ create role r1; create role r2; grant r2 to r1; grant r1 to u1@`%`; -connect u1,127.0.0.1,u1,,,$MASTER_MYPORT; +connect u1,127.0.0.1,u1,,"*NO-ONE*",$MASTER_MYPORT; set role r2; ERROR OP000: User `u1`@`%` has not been granted role `r2` disconnect u1; diff --git a/mysql-test/main/skip_name_resolve.test b/mysql-test/main/skip_name_resolve.test index 0ff19092b82..88ab58adeff 100644 --- a/mysql-test/main/skip_name_resolve.test +++ b/mysql-test/main/skip_name_resolve.test @@ -64,7 +64,7 @@ create role r2; grant r2 to r1; grant r1 to u1@`%`; -connect u1,127.0.0.1,u1,,,$MASTER_MYPORT; +connect u1,127.0.0.1,u1,,"*NO-ONE*",$MASTER_MYPORT; error ER_INVALID_ROLE; set role r2; disconnect u1; diff --git a/mysql-test/main/sp-security.result b/mysql-test/main/sp-security.result index 2571f9d8696..d05357cd3f8 100644 --- a/mysql-test/main/sp-security.result +++ b/mysql-test/main/sp-security.result @@ -42,8 +42,8 @@ set sql_mode=''; grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect con2user1,localhost,user1,,; -connect con3anon,localhost,anon,,; +connect con2user1,localhost,user1,,"*NO-ONE*"; +connect con3anon,localhost,anon,,"*NO-ONE*"; connection con2user1; call db1_secret.stamp(2); select db1_secret.db(); @@ -128,7 +128,7 @@ use db2; create procedure p () insert into t2 values (1); call p(); ERROR 42000: INSERT command denied to user 'user1'@'localhost' for table 't2' -connect con4user2,localhost,user2,,; +connect con4user2,localhost,user2,,"*NO-ONE*"; connection con4user2; use db2; call p(); @@ -203,9 +203,9 @@ show grants for userc@localhost; Grants for userc@localhost GRANT USAGE ON *.* TO `userc`@`localhost` GRANT EXECUTE ON PROCEDURE `sptest`.`p1` TO `userc`@`localhost` WITH GRANT OPTION -connect con2usera,localhost,usera,,; -connect con3userb,localhost,userb,,; -connect con4userc,localhost,userc,,; +connect con2usera,localhost,usera,,"*NO-ONE*"; +connect con3userb,localhost,userb,,"*NO-ONE*"; +connect con4userc,localhost,userc,,"*NO-ONE*"; connection con2usera; call sptest.p1(1); grant execute on procedure sptest.p1 to userb@localhost; @@ -270,6 +270,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// connect user1,localhost,user1,,test; @@ -349,6 +350,7 @@ return 'ok'; end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| connect test_user_12812,localhost,user_bug12812,ABC,test; SELECT test.bug12812()| ERROR 42000: execute command denied to user 'user_bug12812'@'localhost' for routine 'test.bug12812' @@ -398,6 +400,7 @@ sql security definer select * from db_bug14533.t1; grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect user_bug14533,localhost,user_bug14533,,test; call db_bug14533.bug14533_1(); Field Type Null Key Default Extra @@ -670,7 +673,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect conn1, localhost, bug57061_user,,; +connect conn1, localhost, bug57061_user,,"*NO-ONE*"; # Attempt to drop routine on which user doesn't have privileges # should result in the same 'access denied' type of error whether # routine exists or not. @@ -695,7 +698,7 @@ CREATE DATABASE db1; CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect con2, localhost, user2; +connect con2, localhost, user2,,"*NO-ONE*"; # The statement below before disclosed info from body_utf8 column. SHOW CREATE PROCEDURE db1.p1; ERROR 42000: PROCEDURE p1 does not exist @@ -714,6 +717,7 @@ DROP USER user2@localhost; DROP DATABASE db1; create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -723,11 +727,13 @@ foo@localhost foo@local_ost show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` create procedure fooproc() select 'i am fooproc'; show grants; Grants for foo@local_ost GRANT USAGE ON *.* TO `foo`@`local_ost` +GRANT SELECT, CREATE ROUTINE ON `test`.* TO `foo`@`local_ost` GRANT CREATE ROUTINE ON `foodb`.* TO `foo`@`local_ost` GRANT EXECUTE, ALTER ROUTINE ON PROCEDURE `test`.`fooproc` TO `foo`@`local_ost` disconnect con1; @@ -747,6 +753,7 @@ create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect conn1, localhost, bug12602983_user,,; # Attempt to execute routine on which user doesn't have privileges # should result in the same 'access denied' error whether @@ -794,8 +801,7 @@ CREATE USER u1@localhost; GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect u1, localhost, u1,,; -USE u1; +connect u1, localhost, u1,,u1; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ disconnect u1; diff --git a/mysql-test/main/sp-security.test b/mysql-test/main/sp-security.test index e11e8911b60..a0bf1334fa7 100644 --- a/mysql-test/main/sp-security.test +++ b/mysql-test/main/sp-security.test @@ -67,8 +67,8 @@ grant execute on procedure db1_secret.stamp to ''@'%'; grant execute on function db1_secret.db to ''@'%'; set sql_mode=default; -connect (con2user1,localhost,user1,,); -connect (con3anon,localhost,anon,,); +connect (con2user1,localhost,user1,,"*NO-ONE*"); +connect (con3anon,localhost,anon,,"*NO-ONE*"); # @@ -195,7 +195,7 @@ create procedure p () insert into t2 values (1); --error ER_TABLEACCESS_DENIED_ERROR call p(); -connect (con4user2,localhost,user2,,); +connect (con4user2,localhost,user2,,"*NO-ONE*"); connection con4user2; use db2; @@ -284,9 +284,9 @@ show grants for usera@localhost; grant execute on procedure sptest.p1 to userc@localhost with grant option; show grants for userc@localhost; -connect (con2usera,localhost,usera,,); -connect (con3userb,localhost,userb,,); -connect (con4userc,localhost,userc,,); +connect (con2usera,localhost,usera,,"*NO-ONE*"); +connect (con3userb,localhost,userb,,"*NO-ONE*"); +connect (con4userc,localhost,userc,,"*NO-ONE*"); connection con2usera; call sptest.p1(1); @@ -357,6 +357,7 @@ use mysqltest// create table t1 (s1 int)// create user user1@localhost// grant select on t1 to user1@localhost// +grant select on test.* to user1@localhost// create function bug_9503 () returns int sql security invoker begin declare v int; select min(s1) into v from t1; return v; end// delimiter ;// @@ -467,6 +468,7 @@ begin end; | create user user_bug12812@localhost IDENTIFIED BY 'ABC'| +grant select,create view on test.* to user_bug12812@localhost| --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK connect (test_user_12812,localhost,user_bug12812,ABC,test)| --error ER_PROCACCESS_DENIED_ERROR @@ -543,6 +545,7 @@ create procedure bug14533_2() grant execute on procedure db_bug14533.bug14533_1 to user_bug14533@localhost; grant execute on procedure db_bug14533.bug14533_2 to user_bug14533@localhost; +grant select on test.* to user_bug14533@localhost; connect (user_bug14533,localhost,user_bug14533,,test); @@ -926,7 +929,7 @@ create database mysqltest_db; create user bug57061_user@localhost; create function mysqltest_db.f1() returns int return 0; create procedure mysqltest_db.p1() begin end; -connect (conn1, localhost, bug57061_user,,); +connect (conn1, localhost, bug57061_user,,"*NO-ONE*"); --echo # Attempt to drop routine on which user doesn't have privileges --echo # should result in the same 'access denied' type of error whether --echo # routine exists or not. @@ -958,7 +961,7 @@ CREATE PROCEDURE db1.p1() SELECT 1; CREATE USER user2@localhost IDENTIFIED BY ''; GRANT SELECT(db) ON mysql.proc TO user2@localhost; -connect (con2, localhost, user2); +connect (con2, localhost, user2,,"*NO-ONE*"); --echo # The statement below before disclosed info from body_utf8 column. --error ER_SP_DOES_NOT_EXIST SHOW CREATE PROCEDURE db1.p1; @@ -981,6 +984,7 @@ DROP DATABASE db1; # create user foo@local_ost; create user foo@`local\_ost` identified via mysql_old_password using '0123456789ABCDEF'; +grant select,create routine on test.* to foo@local_ost; create database foodb; grant create routine on foodb.* to foo@local_ost; connect con1,localhost,foo; @@ -1009,6 +1013,7 @@ create procedure mysqltest_db.p1() begin end; --echo # Create user with no privileges on mysqltest_db database. create user bug12602983_user@localhost; +grant create view on test.* to bug12602983_user@localhost; connect (conn1, localhost, bug12602983_user,,); @@ -1066,8 +1071,7 @@ GRANT CREATE ROUTINE ON u1.* TO u1@localhost; GRANT ALTER ROUTINE ON FUNCTION u1.f1 TO u1@localhost; GRANT ALTER ROUTINE ON PROCEDURE u1.p1 TO u1@localhost; -connect (u1, localhost, u1,,); -USE u1; +connect (u1, localhost, u1,,u1); DELIMITER $$; CREATE OR REPLACE FUNCTION f1() RETURNS INT BEGIN RETURN 2; END; $$ CREATE OR REPLACE PROCEDURE p1() BEGIN SELECT 1; END; $$ diff --git a/mysql-test/main/sql_mode.result b/mysql-test/main/sql_mode.result index 25a90703bf5..bdc9adc127e 100644 --- a/mysql-test/main/sql_mode.result +++ b/mysql-test/main/sql_mode.result @@ -505,7 +505,7 @@ connection default; set @OLD_SQL_MODE=@@SESSION.SQL_MODE; set session sql_mode='PAD_CHAR_TO_FULL_LENGTH'; flush privileges; -connect user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK; +connect user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK; select current_user(); current_user() mysqltest_32753@localhost diff --git a/mysql-test/main/sql_mode.test b/mysql-test/main/sql_mode.test index 97f5cf42791..fc82ef23baa 100644 --- a/mysql-test/main/sql_mode.test +++ b/mysql-test/main/sql_mode.test @@ -298,7 +298,7 @@ flush privileges; # if user-table is affected by PAD_CHAR_TO_FULL_LENGTH, our connect will fail # --error 1045 -connect (user_32753,localhost,mysqltest_32753,,test,$MASTER_MYPORT,$MASTER_MYSOCK); +connect (user_32753,localhost,mysqltest_32753,,"*NO-ONE*",$MASTER_MYPORT,$MASTER_MYSOCK); select current_user(); # clean up diff --git a/mysql-test/main/ssl_cipher.result b/mysql-test/main/ssl_cipher.result index 66d817b7b41..93a93128b7a 100644 --- a/mysql-test/main/ssl_cipher.result +++ b/mysql-test/main/ssl_cipher.result @@ -3,15 +3,15 @@ create user ssl_user2@localhost require cipher 'AES256-SHA'; create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; -connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; -connect(localhost,ssl_user2,,test,MASTER_PORT,MASTER_SOCKET); -connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA; +connect con1,localhost,ssl_user1,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user2,,,MASTER_PORT,MASTER_SOCKET); +connect con2,localhost,ssl_user2,,"*NO-ONE*",,,SSL-CIPHER=AES128-SHA; ERROR 28000: Access denied for user 'ssl_user2'@'localhost' (using password: NO) -connect con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA; -connect con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA; -connect con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA; -connect(localhost,ssl_user5,,test,MASTER_PORT,MASTER_SOCKET); -connect con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA; +connect con2,localhost,ssl_user2,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA; +connect con3,localhost,ssl_user3,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA; +connect con4,localhost,ssl_user4,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA; +connect(localhost,ssl_user5,,,MASTER_PORT,MASTER_SOCKET); +connect con5,localhost,ssl_user5,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA; ERROR 28000: Access denied for user 'ssl_user5'@'localhost' (using password: NO) connection con1; SHOW STATUS LIKE 'Ssl_cipher'; diff --git a/mysql-test/main/ssl_cipher.test b/mysql-test/main/ssl_cipher.test index d4cdcffb276..99b5819632e 100644 --- a/mysql-test/main/ssl_cipher.test +++ b/mysql-test/main/ssl_cipher.test @@ -14,16 +14,16 @@ create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/S create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; -connect (con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA); +connect (con1,localhost,ssl_user1,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA); --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR -connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES128-SHA); -connect (con2,localhost,ssl_user2,,,,,SSL-CIPHER=AES256-SHA); -connect (con3,localhost,ssl_user3,,,,,SSL-CIPHER=AES256-SHA); -connect (con4,localhost,ssl_user4,,,,,SSL-CIPHER=AES256-SHA); +connect (con2,localhost,ssl_user2,,"*NO-ONE*",,,SSL-CIPHER=AES128-SHA); +connect (con2,localhost,ssl_user2,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA); +connect (con3,localhost,ssl_user3,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA); +connect (con4,localhost,ssl_user4,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA); --replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT --error ER_ACCESS_DENIED_ERROR -connect (con5,localhost,ssl_user5,,,,,SSL-CIPHER=AES256-SHA); +connect (con5,localhost,ssl_user5,,"*NO-ONE*",,,SSL-CIPHER=AES256-SHA); connection con1; SHOW STATUS LIKE 'Ssl_cipher'; diff --git a/mysql-test/main/system_mysql_db_507.result b/mysql-test/main/system_mysql_db_507.result index 8069405aa3a..780ab5bf204 100644 --- a/mysql-test/main/system_mysql_db_507.result +++ b/mysql-test/main/system_mysql_db_507.result @@ -173,14 +173,14 @@ connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); connect con1,localhost,user1; ERROR HY000: Access denied, this account is locked flush privileges; -connect(localhost,user1,,test,MYSQL_PORT,MYSQL_SOCK); -connect con1,localhost,user1; +connect(localhost,user1,,,MYSQL_PORT,MYSQL_SOCK); +connect con1,localhost,user1,,"*NO-ONE*"; ERROR HY000: Access denied, this account is locked show create user user1@localhost; CREATE USER for user1@localhost CREATE USER `user1`@`localhost` ACCOUNT LOCK alter user user1@localhost account unlock; -connect con1,localhost,user1; +connect con1,localhost,user1,,"*NO-ONE*"; disconnect con1; connection default; show create user user1@localhost; diff --git a/mysql-test/main/system_mysql_db_507.test b/mysql-test/main/system_mysql_db_507.test index cfefcdc602e..f78b1e5994a 100644 --- a/mysql-test/main/system_mysql_db_507.test +++ b/mysql-test/main/system_mysql_db_507.test @@ -98,10 +98,10 @@ connect(con1,localhost,user1); flush privileges; --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_ACCOUNT_HAS_BEEN_LOCKED -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); show create user user1@localhost; alter user user1@localhost account unlock; -connect(con1,localhost,user1); +connect(con1,localhost,user1,,"*NO-ONE*"); disconnect con1; connection default; show create user user1@localhost; diff --git a/mysql-test/main/system_mysql_db_fix40123.result b/mysql-test/main/system_mysql_db_fix40123.result index 4ab80425a35..d30c2ccdffc 100644 --- a/mysql-test/main/system_mysql_db_fix40123.result +++ b/mysql-test/main/system_mysql_db_fix40123.result @@ -100,7 +100,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50030.result b/mysql-test/main/system_mysql_db_fix50030.result index 4244ab47d50..e77d79f1bd7 100644 --- a/mysql-test/main/system_mysql_db_fix50030.result +++ b/mysql-test/main/system_mysql_db_fix50030.result @@ -104,7 +104,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/system_mysql_db_fix50117.result b/mysql-test/main/system_mysql_db_fix50117.result index 59341406315..0d74a7f552b 100644 --- a/mysql-test/main/system_mysql_db_fix50117.result +++ b/mysql-test/main/system_mysql_db_fix50117.result @@ -84,7 +84,7 @@ db CREATE TABLE `db` ( ) ENGINE=Aria DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin PAGE_CHECKSUM=1 TRANSACTIONAL=1 COMMENT='Database privileges' show create table user; View Create View character_set_client collation_connection -user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `global_priv`.`Host` AS `Host`,`global_priv`.`User` AS `User`,if(json_value(`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci +user CREATE ALGORITHM=UNDEFINED DEFINER=`mariadb.sys`@`localhost` SQL SECURITY DEFINER VIEW `user` AS select `test`.`global_priv`.`Host` AS `Host`,`test`.`global_priv`.`User` AS `User`,if(json_value(`test`.`global_priv`.`Priv`,'$.plugin') in ('mysql_native_password','mysql_old_password'),ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),''),'') AS `Password`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1,'Y','N') AS `Select_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2,'Y','N') AS `Insert_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4,'Y','N') AS `Update_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8,'Y','N') AS `Delete_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16,'Y','N') AS `Create_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32,'Y','N') AS `Drop_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 64,'Y','N') AS `Reload_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 128,'Y','N') AS `Shutdown_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 256,'Y','N') AS `Process_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 512,'Y','N') AS `File_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1024,'Y','N') AS `Grant_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2048,'Y','N') AS `References_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4096,'Y','N') AS `Index_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8192,'Y','N') AS `Alter_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16384,'Y','N') AS `Show_db_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 32768,'Y','N') AS `Super_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 65536,'Y','N') AS `Create_tmp_table_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 131072,'Y','N') AS `Lock_tables_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 262144,'Y','N') AS `Execute_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 524288,'Y','N') AS `Repl_slave_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 1048576,'Y','N') AS `Repl_client_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 2097152,'Y','N') AS `Create_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 4194304,'Y','N') AS `Show_view_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 8388608,'Y','N') AS `Create_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 16777216,'Y','N') AS `Alter_routine_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 33554432,'Y','N') AS `Create_user_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 67108864,'Y','N') AS `Event_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 134217728,'Y','N') AS `Trigger_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 268435456,'Y','N') AS `Create_tablespace_priv`,if(json_value(`test`.`global_priv`.`Priv`,'$.access') & 536870912,'Y','N') AS `Delete_history_priv`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_type'),0) + 1,'','ANY','X509','SPECIFIED') AS `ssl_type`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.ssl_cipher'),'') AS `ssl_cipher`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_issuer'),'') AS `x509_issuer`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.x509_subject'),'') AS `x509_subject`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_questions'),0) as unsigned) AS `max_questions`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_updates'),0) as unsigned) AS `max_updates`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_connections'),0) as unsigned) AS `max_connections`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_user_connections'),0) as signed) AS `max_user_connections`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.plugin'),'') AS `plugin`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.authentication_string'),'') AS `authentication_string`,if(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.password_last_changed'),1) = 0,'Y','N') AS `password_expired`,elt(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.is_role'),0) + 1,'N','Y') AS `is_role`,ifnull(json_value(`test`.`global_priv`.`Priv`,'$.default_role'),'') AS `default_role`,cast(ifnull(json_value(`test`.`global_priv`.`Priv`,'$.max_statement_time'),0.0) as decimal(12,6)) AS `max_statement_time` from `global_priv` latin1 latin1_swedish_ci show create table func; Table Create Table func CREATE TABLE `func` ( diff --git a/mysql-test/main/trigger_notembedded.result b/mysql-test/main/trigger_notembedded.result index e276ddd1e48..ae8dd282f6f 100644 --- a/mysql-test/main/trigger_notembedded.result +++ b/mysql-test/main/trigger_notembedded.result @@ -533,7 +533,7 @@ INSERT INTO db1.t1 VALUES('Some very sensitive data goes here'); CREATE USER 'no_rights'@'localhost'; REVOKE ALL ON *.* FROM 'no_rights'@'localhost'; FLUSH PRIVILEGES; -connect con1,localhost,no_rights,,; +connect con1,localhost,no_rights,,"*NO-ONE*"; SELECT trigger_name FROM INFORMATION_SCHEMA.TRIGGERS WHERE trigger_schema = 'db1'; trigger_name diff --git a/mysql-test/main/trigger_notembedded.test b/mysql-test/main/trigger_notembedded.test index 313faea982c..a2d72364dcd 100644 --- a/mysql-test/main/trigger_notembedded.test +++ b/mysql-test/main/trigger_notembedded.test @@ -932,7 +932,7 @@ CREATE USER 'no_rights'@'localhost'; REVOKE ALL ON *.* FROM 'no_rights'@'localhost'; FLUSH PRIVILEGES; -connect (con1,localhost,no_rights,,); +connect (con1,localhost,no_rights,,"*NO-ONE*"); SELECT trigger_name FROM INFORMATION_SCHEMA.TRIGGERS WHERE trigger_schema = 'db1'; --error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/main/user_limits.result b/mysql-test/main/user_limits.result index acb34754caa..1cb4f9c03e8 100644 --- a/mysql-test/main/user_limits.result +++ b/mysql-test/main/user_limits.result @@ -7,7 +7,7 @@ delete from mysql.tables_priv where user like 'mysqltest\_%'; delete from mysql.columns_priv where user like 'mysqltest\_%'; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; flush user_resources; connect mqph, localhost, mysqltest_1,,; connection mqph; @@ -26,7 +26,7 @@ drop user mysqltest_1@localhost; disconnect mqph; disconnect mqph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect muph, localhost, mysqltest_1,,; connection muph; @@ -53,7 +53,7 @@ drop user mysqltest_1@localhost; disconnect muph; disconnect muph2; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect mcph1, localhost, mysqltest_1,,; connection mcph1; @@ -77,7 +77,7 @@ connection default; drop user mysqltest_1@localhost; flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect muc1, localhost, mysqltest_1,,; connection muc1; @@ -109,10 +109,12 @@ grant usage on *.* to mysqltest_1@localhost with max_user_connections -1; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` flush user_resources; show grants for mysqltest_1@localhost; Grants for mysqltest_1@localhost GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` WITH MAX_USER_CONNECTIONS -1 +GRANT ALL PRIVILEGES ON `test`.* TO `mysqltest_1`@`localhost` connect(localhost,mysqltest_1,,test,MYSQL_PORT,MYSQL_SOCK); connect muc5, localhost, mysqltest_1,,; ERROR 42000: User 'mysqltest_1' has exceeded the 'max_user_connections' resource (current value: -1) @@ -130,7 +132,7 @@ select @@session.max_user_connections, @@global.max_user_connections; @@session.max_user_connections @@global.max_user_connections 2 2 create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect muca1, localhost, mysqltest_1,,; connection muca1; @@ -193,7 +195,7 @@ set global max_user_connections= @my_max_user_connections; # MDEV-17852 Altered connection limits for user have no effect # create user foo@'%' with max_user_connections 1; -connect con1,localhost,foo; +connect con1,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% @@ -202,7 +204,7 @@ connect con2,localhost,foo; ERROR 42000: User 'foo' has exceeded the 'max_user_connections' resource (current value: 1) connection default; alter user foo with max_user_connections 2; -connect con3,localhost,foo; +connect con3,localhost,foo,,"*NO-ONE*"; select current_user(); current_user() foo@% diff --git a/mysql-test/main/user_limits.test b/mysql-test/main/user_limits.test index 36524febd8d..10e15ca3c9c 100644 --- a/mysql-test/main/user_limits.test +++ b/mysql-test/main/user_limits.test @@ -27,7 +27,7 @@ flush privileges; # Test of MAX_QUERIES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_queries_per_hour 2; # This ensures that counters are reset and makes test scheduling independent flush user_resources; connect (mqph, localhost, mysqltest_1,,); @@ -48,7 +48,7 @@ disconnect mqph2; # Test of MAX_UPDATES_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_updates_per_hour 2; flush user_resources; connect (muph, localhost, mysqltest_1,,); connection muph; @@ -73,7 +73,7 @@ disconnect muph2; # Test of MAX_CONNECTIONS_PER_HOUR limit create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_connections_per_hour 2; +grant all on test.* to mysqltest_1@localhost with max_connections_per_hour 2; flush user_resources; connect (mcph1, localhost, mysqltest_1,,); connection mcph1; @@ -101,7 +101,7 @@ drop user mysqltest_1@localhost; # We need this to reset internal mqh_used variable flush privileges; create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost with max_user_connections 2; +grant all on test.* to mysqltest_1@localhost with max_user_connections 2; flush user_resources; connect (muc1, localhost, mysqltest_1,,); connection muc1; @@ -155,7 +155,7 @@ set global max_user_connections= 2; select @@session.max_user_connections, @@global.max_user_connections; # Let us check that global limit works create user mysqltest_1@localhost; -grant usage on *.* to mysqltest_1@localhost; +grant all on test.* to mysqltest_1@localhost; flush user_resources; connect (muca1, localhost, mysqltest_1,,); connection muca1; @@ -225,14 +225,14 @@ set global max_user_connections= @my_max_user_connections; --echo # MDEV-17852 Altered connection limits for user have no effect --echo # create user foo@'%' with max_user_connections 1; ---connect con1,localhost,foo +--connect con1,localhost,foo,,"*NO-ONE*" select current_user(); --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK --error ER_USER_LIMIT_REACHED --connect con2,localhost,foo --connection default alter user foo with max_user_connections 2; ---connect con3,localhost,foo +--connect con3,localhost,foo,,"*NO-ONE*" select current_user(); --disconnect con3 --disconnect con1 diff --git a/mysql-test/main/userstat-badlogin-4824.result b/mysql-test/main/userstat-badlogin-4824.result index 757b20e0ce0..143c73e9b4c 100644 --- a/mysql-test/main/userstat-badlogin-4824.result +++ b/mysql-test/main/userstat-badlogin-4824.result @@ -2,7 +2,7 @@ set @save_userstat=@@global.userstat; create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect foo, localhost, foo, foo; +connect foo, localhost, foo, foo,"*NO-ONE*"; select 1; 1 1 diff --git a/mysql-test/main/userstat-badlogin-4824.test b/mysql-test/main/userstat-badlogin-4824.test index 78f2150e446..7754d75098f 100644 --- a/mysql-test/main/userstat-badlogin-4824.test +++ b/mysql-test/main/userstat-badlogin-4824.test @@ -8,7 +8,7 @@ create user foo@localhost identified by 'foo'; flush user_statistics; set global userstat=1; -connect(foo, localhost, foo, foo); +connect(foo, localhost, foo, foo,"*NO-ONE*"); select 1; disconnect foo; connection default; diff --git a/mysql-test/main/view.result b/mysql-test/main/view.result index 712b8629c09..24f7de814e2 100644 --- a/mysql-test/main/view.result +++ b/mysql-test/main/view.result @@ -6635,8 +6635,7 @@ use test_db; create table t (i int); create user foo@localhost; grant all on test_db.* to foo@localhost; -connect con1,localhost,foo,,; -use test_db; +connect con1,localhost,foo,,test_db; create view v as select * from (select i from t group by i) sq; select * from v; i @@ -6662,8 +6661,7 @@ select `id` from `bugTest`.`procViewTable` ) `innerQuery` group by `innerQuery`.`id` ); -connect con1,localhost,procView,,; -use bugTest; +connect con1,localhost,procView,,bugTest; prepare stmt from "SELECT * FROM procViewSimple"; execute stmt; id diff --git a/mysql-test/main/view.test b/mysql-test/main/view.test index 49b339c9f4c..185b29b2b0a 100644 --- a/mysql-test/main/view.test +++ b/mysql-test/main/view.test @@ -6343,9 +6343,8 @@ create table t (i int); create user foo@localhost; grant all on test_db.* to foo@localhost; ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,test_db) -use test_db; create view v as select * from (select i from t group by i) sq; select * from v; @@ -6378,8 +6377,7 @@ CREATE DEFINER=`procView`@`%` VIEW `procViewSimple` AS ( group by `innerQuery`.`id` ); ---connect (con1,localhost,procView,,) -use bugTest; +--connect (con1,localhost,procView,,bugTest) prepare stmt from "SELECT * FROM procViewSimple"; execute stmt; diff --git a/mysql-test/main/view_grant.result b/mysql-test/main/view_grant.result index c31ba882e76..7b9ebbf9d22 100644 --- a/mysql-test/main/view_grant.result +++ b/mysql-test/main/view_grant.result @@ -46,11 +46,12 @@ revoke all privileges on mysqltest.t1 from mysqltest_1@localhost; revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; create database mysqltest; create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select d from mysqltest.v1; @@ -70,6 +71,7 @@ c select d from mysqltest.v1; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for column 'd' in table 'v1' connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -88,7 +90,7 @@ grant select on mysqltest.v2 to mysqltest_1@localhost; grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; select c from mysqltest.v1; c select c from mysqltest.v2; @@ -132,7 +134,7 @@ grant select on mysqltest.v5 to mysqltest_1@localhost; connection user1; show create view mysqltest.v5; View Create View character_set_client collation_connection -v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v5` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v5` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v1; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v1; @@ -141,13 +143,14 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v2; @@ -164,34 +167,36 @@ explain select c from mysqltest.v5; ERROR 42000: SELECT command denied to user 'mysqltest_1'@'localhost' for table 'v5' connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect user1,localhost,mysqltest_1,,mysqltest; explain select c from mysqltest.v1; id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE t1 system NULL NULL NULL NULL 0 Const row not found show create view mysqltest.v1; View Create View character_set_client collation_connection -v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v2; id select_type table type possible_keys key key_len ref rows Extra 1 PRIMARY <derived2> system NULL NULL NULL NULL 0 Const row not found 2 DERIVED NULL NULL NULL NULL NULL NULL NULL no matching row in const table show create view mysqltest.v2; View Create View character_set_client collation_connection -v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select `mysqltest`.`t1`.`a` + 1 AS `c`,`mysqltest`.`t1`.`b` + 1 AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci +v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select `t1`.`a` + 1 AS `c`,`t1`.`b` + 1 AS `d` from `t1` latin1 latin1_swedish_ci explain select c from mysqltest.v3; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v3; View Create View character_set_client collation_connection -v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci explain select c from mysqltest.v4; ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table show create view mysqltest.v4; View Create View character_set_client collation_connection -v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select `mysqltest`.`t2`.`a` + 1 AS `c`,`mysqltest`.`t2`.`b` + 1 AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci +v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v4` AS select `t2`.`a` + 1 AS `c`,`t2`.`b` + 1 AS `d` from `t2` latin1 latin1_swedish_ci connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -208,8 +213,7 @@ grant update (a) on mysqltest.v2 to mysqltest_1@localhost; grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; a b @@ -251,11 +255,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table 'v3' update v3 set a=a+c; ERROR 42000: UPDATE command denied to user 'mysqltest_1'@'localhost' for table 'v3' -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int, primary key(a)); @@ -267,7 +271,7 @@ create view mysqltest.v2 (a,c) as select a, b+1 from mysqltest.t1; create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; delete from v1 where c < 4; select * from t1; @@ -284,8 +288,8 @@ delete v2 from t2,v2 where t2.x=v2.c; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v2' delete from v2 where c < 4; ERROR 42000: DELETE command denied to user 'mysqltest_1'@'localhost' for table 'v2' -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -300,7 +304,7 @@ create view mysqltest.v2 (a,c) as select a, b from mysqltest.t1; create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,mysqltest; use mysqltest; insert into v1 values (5,6); select * from t1; @@ -319,11 +323,11 @@ insert into v2 values (5,6); ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table 'v2' insert into v2 select x,y from t2; ERROR 42000: INSERT command denied to user 'mysqltest_1'@'localhost' for table 'v2' -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); @@ -332,7 +336,7 @@ create user mysqltest_1@localhost; grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; create view mysqltest.v1 as select * from mysqltest.t1; @@ -366,26 +370,26 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; create table mysqltest.t1 (a int, b int); create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect user1,localhost,mysqltest_1,,test; create view v1 as select * from mysqltest.t1; connection root; show create view v1; @@ -401,6 +405,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -423,8 +428,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; f2() NULL @@ -437,7 +441,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop function f2; @@ -446,6 +449,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -461,13 +465,11 @@ create user mysqltest_1@localhost; grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; revoke execute on function f2 from mysqltest_1@localhost; @@ -490,6 +492,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -501,14 +504,12 @@ grant select on t1 to mysqltest_1@localhost; grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; select * from v1; @@ -528,6 +529,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; create database mysqltest; use mysqltest; @@ -544,8 +546,7 @@ grant select on v2 to mysqltest_1@localhost; grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; select * from v1; a b 1 1 @@ -558,7 +559,6 @@ select * from v4; ERROR HY000: View 'mysqltest.v4' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from v5; ERROR HY000: View 'mysqltest.v5' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them -use test; connection root; drop view v1, v2, v3, v4, v5; drop table t1; @@ -566,6 +566,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; create user 'test14256'@'%'; grant all on test.* to 'test14256'@'%'; connect test14256,localhost,test14256,,test; @@ -601,13 +602,11 @@ View Create View character_set_client collation_connection v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`i` AS `i` from `t1` latin1 latin1_swedish_ci create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; -use mysqltest; +connect user1,localhost,mysqltest_1,,mysqltest; LOCK TABLES v1 READ; SHOW CREATE TABLE v1; ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1' UNLOCK TABLES; -use test; connection root; use test; drop user mysqltest_1@localhost; @@ -647,7 +646,7 @@ GRANT UPDATE ON mysqltest1.v_tu TO readonly@localhost; GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect n1,localhost,readonly,,; +connect n1,localhost,readonly,,mysqltest1; connection n1; SELECT * FROM mysqltest1.v_t1; ERROR HY000: View 'mysqltest1.v_t1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them @@ -720,7 +719,7 @@ DROP TABLE t1; USE test; CREATE USER mysqltest_db1@localhost identified by 'PWD'; GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; -connect session1,localhost,mysqltest_db1,PWD,test; +connect session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"; CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; CREATE TABLE t1 (f1 INTEGER); @@ -1085,9 +1084,7 @@ CREATE VIEW v1 AS SELECT f1, f2 FROM t1; CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect addconfoo, localhost, foo,,; -connection addconfoo; -USE db1; +connect addconfoo, localhost, foo,,db1; SELECT f1 FROM t1; f1 SELECT f2 FROM t1; @@ -1431,11 +1428,11 @@ CREATE TABLE t2 ( a INT, b INT ); CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; -connect connection1, localhost, mysqluser1, , test; +connect connection1, localhost, mysqluser1, ,mysqltest1; SELECT * FROM mysqltest1.v1; ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1' CREATE VIEW v1 AS SELECT * FROM mysqltest1.t2; -ERROR 42000: ANY command denied to user 'mysqluser1'@'localhost' for table 't2' +ERROR 42000: CREATE VIEW command denied to user 'mysqluser1'@'localhost' for table 'v1' disconnect connection1; connection default; DROP TABLE t1, t2; @@ -1858,7 +1855,7 @@ where t2.id = v1.id; create sql security invoker view v42 as select v2.id as id, v2.val as val from mysqltest2.t2 as t2, mysqltest2.v2_merge as v2 where t2.id = v2.id; -connect conn_11766767, localhost, user_11766767,,; +connect conn_11766767, localhost, user_11766767,,mysqltest2; # # A) Check how we handle privilege checking in multi-update for # directly used views. @@ -1959,6 +1956,7 @@ drop database mysqltest2; CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect con1,localhost,foo,,; SELECT * FROM foo.v; ERROR 42000: SELECT command denied to user 'foo'@'localhost' for table 'v' diff --git a/mysql-test/main/view_grant.test b/mysql-test/main/view_grant.test index 83bbeb3be77..9094c616a1f 100644 --- a/mysql-test/main/view_grant.test +++ b/mysql-test/main/view_grant.test @@ -71,6 +71,7 @@ revoke all privileges on test.* from mysqltest_1@localhost; drop database mysqltest; drop view test.v1; +disconnect user1; # # grants per columns @@ -84,7 +85,7 @@ create table mysqltest.t1 (a int, b int); create view mysqltest.v1 (c,d) as select a+1,b+1 from mysqltest.t1; grant select (c) on mysqltest.v1 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); select c from mysqltest.v1; # there are no privileges on column 'd' --error ER_COLUMNACCESS_DENIED_ERROR @@ -112,6 +113,7 @@ select c from mysqltest.v1; select d from mysqltest.v1; connection root; +disconnect user1; revoke all privileges on mysqltest.v1 from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -139,7 +141,7 @@ grant select on mysqltest.v3 to mysqltest_1@localhost; grant select on mysqltest.v4 to mysqltest_1@localhost; grant show view on mysqltest.v5 to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # all SELECTs works, except v5 which lacks SELECT privs select c from mysqltest.v1; select c from mysqltest.v2; @@ -188,7 +190,8 @@ connection root; grant show view on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; revoke select on mysqltest.v5 from mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); # EXPLAIN works explain select c from mysqltest.v1; show create view mysqltest.v1; @@ -213,7 +216,8 @@ explain select c from mysqltest.v5; # allow to see any view in mysqltest database connection root; grant show view on mysqltest.* to mysqltest_1@localhost; -connection user1; +disconnect user1; +connect (user1,localhost,mysqltest_1,,mysqltest); explain select c from mysqltest.v1; show create view mysqltest.v1; explain select c from mysqltest.v2; @@ -231,6 +235,7 @@ connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # UPDATE privileges on VIEW columns and whole VIEW @@ -256,8 +261,7 @@ grant update on mysqltest.v1 to mysqltest_1@localhost; grant update on mysqltest.t3 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); # update with rights on VIEW column update t2,v1 set v1.a=v1.a+v1.c where t2.x=v1.c; select * from t1; @@ -281,11 +285,11 @@ update t2,v3 set v3.a=v3.a+v3.c where t2.x=v3.c; --error ER_TABLEACCESS_DENIED_ERROR update v3 set a=a+c; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # DELETE privileges on VIEW @@ -306,7 +310,7 @@ create user mysqltest_1@localhost; grant delete on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column delete from v1 where c < 4; @@ -319,8 +323,8 @@ delete v2 from t2,v2 where t2.x=v2.c; --error ER_TABLEACCESS_DENIED_ERROR delete from v2 where c < 4; -use test; connection root; +disconnect user1; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; @@ -344,7 +348,7 @@ create user mysqltest_1@localhost; grant insert on mysqltest.v1 to mysqltest_1@localhost; grant select on mysqltest.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); use mysqltest; # update with rights on VIEW column insert into v1 values (5,6); @@ -357,11 +361,11 @@ insert into v2 values (5,6); --error ER_TABLEACCESS_DENIED_ERROR insert into v2 select x,y from t2; -use test; connection root; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # test of CREATE VIEW privileges if we have limited privileges @@ -379,7 +383,7 @@ grant update on mysqltest.t1 to mysqltest_1@localhost; grant update(b) on mysqltest.t2 to mysqltest_1@localhost; grant create view,update on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; create view v2 as select b from mysqltest.t2; @@ -426,6 +430,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; drop view v1,v2,v4; +disconnect user1; # # user with global DB privileges @@ -438,15 +443,14 @@ create table mysqltest.t1 (a int); create user mysqltest_1@localhost; grant all privileges on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create view v1 as select * from t1; -use test; connection root; revoke all privileges on mysqltest.* from mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # view definer grants revoking @@ -462,7 +466,7 @@ create user mysqltest_1@localhost; grant select on mysqltest.t1 to mysqltest_1@localhost; grant create view,select on test.* to mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,test); create view v1 as select * from mysqltest.t1; @@ -478,6 +482,7 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop view v1; drop database mysqltest; +disconnect user1; # # rights on execution of view underlying functiond (Bug#9505) @@ -512,8 +517,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -522,7 +526,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -532,6 +535,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # revertion of previous test, definer of view lost his/her rights to execute @@ -561,13 +565,11 @@ grant select on t1 to mysqltest_1@localhost; grant execute on function f2 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select f2() from t1; create algorithm=MERGE view v2 as select f2() from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select f2() from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select f2() from t1; -use test; connection root; create view v5 as select * from v1; @@ -588,6 +590,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # definer/invoker rights for columns @@ -607,14 +610,12 @@ grant select on v1 to mysqltest_1@localhost; grant create view on mysqltest.* to mysqltest_1@localhost; drop table v1; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); create algorithm=TEMPTABLE view v1 as select *, a as b from t1; create algorithm=MERGE view v2 as select *, a as b from t1; create algorithm=TEMPTABLE SQL SECURITY INVOKER view v3 as select *, a as b from t1; create algorithm=MERGE SQL SECURITY INVOKER view v4 as select *, a as b from t1; create view v5 as select * from v1; -use test; connection root; revoke select on t1 from mysqltest_1@localhost; @@ -633,6 +634,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; connection root; @@ -655,8 +657,7 @@ grant select on v3 to mysqltest_1@localhost; grant select on v4 to mysqltest_1@localhost; grant select on v5 to mysqltest_1@localhost; -connection user1; -use mysqltest; +connect (user1,localhost,mysqltest_1,,mysqltest); select * from v1; select * from v2; --error ER_VIEW_INVALID @@ -665,7 +666,6 @@ select * from v3; select * from v4; --error ER_VIEW_INVALID select * from v5; -use test; connection root; drop view v1, v2, v3, v4, v5; @@ -674,6 +674,7 @@ use test; REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost; drop user mysqltest_1@localhost; drop database mysqltest; +disconnect user1; # # Bug#14256 definer in view definition is not fully qualified @@ -723,14 +724,12 @@ SHOW CREATE VIEW v1; create user mysqltest_1@localhost; GRANT SELECT, LOCK TABLES ON mysqltest.* TO mysqltest_1@localhost; -connection user1; +connect (user1,localhost,mysqltest_1,,mysqltest); -use mysqltest; LOCK TABLES v1 READ; --error ER_TABLEACCESS_DENIED_ERROR SHOW CREATE TABLE v1; UNLOCK TABLES; -use test; connection root; use test; @@ -776,7 +775,7 @@ GRANT UPDATE,SELECT ON mysqltest1.v_tus TO readonly@localhost; GRANT DELETE ON mysqltest1.v_td TO readonly@localhost; GRANT DELETE,SELECT ON mysqltest1.v_tds TO readonly@localhost; -connect (n1,localhost,readonly,,); +connect (n1,localhost,readonly,,mysqltest1); connection n1; --error ER_VIEW_INVALID @@ -858,7 +857,7 @@ eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION; # The session with the non root user is needed. --replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK -connect (session1,localhost,mysqltest_db1,PWD,test); +connect (session1,localhost,mysqltest_db1,PWD,"*NO-ONE*"); CREATE SCHEMA mysqltest_db1 ; USE mysqltest_db1 ; @@ -1270,9 +1269,7 @@ CREATE USER foo; GRANT SELECT (f1) ON t1 TO foo; GRANT SELECT (f1) ON v1 TO foo; -connect (addconfoo, localhost, foo,,); -connection addconfoo; -USE db1; +connect (addconfoo, localhost, foo,,db1); SELECT f1 FROM t1; --error ER_COLUMNACCESS_DENIED_ERROR @@ -1714,7 +1711,7 @@ CREATE VIEW v1 AS SELECT a, b FROM t1; GRANT SELECT( a ) ON v1 TO mysqluser1@localhost; GRANT UPDATE( b ) ON t2 TO mysqluser1@localhost; ---connect (connection1, localhost, mysqluser1, , test) +--connect (connection1, localhost, mysqluser1, ,mysqltest1) --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM mysqltest1.v1; @@ -2106,7 +2103,7 @@ create sql security invoker view v42 as where t2.id = v2.id; -connect (conn_11766767, localhost, user_11766767,,); +connect (conn_11766767, localhost, user_11766767,,mysqltest2); --echo # --echo # A) Check how we handle privilege checking in multi-update for @@ -2215,6 +2212,7 @@ CREATE SCHEMA foo; CREATE VIEW foo.v AS SELECT * FROM JSON_TABLE('[1,2,3]', '$[*]' COLUMNS (num INT PATH '$[0]')) AS jt; CREATE USER foo@localhost; +GRANT SELECT on test.* to foo@localhost; connect (con1,localhost,foo,,); --error ER_TABLEACCESS_DENIED_ERROR SELECT * FROM foo.v; |