diff options
Diffstat (limited to 'mysql-test/suite/roles')
41 files changed, 82 insertions, 68 deletions
diff --git a/mysql-test/suite/roles/acl_statistics.result b/mysql-test/suite/roles/acl_statistics.result index f43f692cc48..c60e0297af3 100644 --- a/mysql-test/suite/roles/acl_statistics.result +++ b/mysql-test/suite/roles/acl_statistics.result @@ -1,7 +1,7 @@ SHOW STATUS LIKE 'Acl%'; Variable_name Value Acl_column_grants 0 -Acl_database_grants 2 +Acl_database_grants 0 Acl_function_grants 0 Acl_procedure_grants 0 Acl_package_spec_grants 0 @@ -16,7 +16,7 @@ COLUMN_GRANTS 0 SELECT count(*) DATABASE_GRANTS from mysql.db; DATABASE_GRANTS -2 +0 SELECT count(*) FUNCTION_GRANTS from mysql.procs_priv where routine_type='FUNCTION'; FUNCTION_GRANTS 0 @@ -66,7 +66,7 @@ GRANT EXECUTE ON FUNCTION mysql.test_func TO r2; SHOW STATUS LIKE 'Acl%'; Variable_name Value Acl_column_grants 2 -Acl_database_grants 4 +Acl_database_grants 2 Acl_function_grants 3 Acl_procedure_grants 2 Acl_package_spec_grants 0 @@ -81,7 +81,7 @@ COLUMN_GRANTS 2 SELECT count(*) DATABASE_GRANTS from mysql.db; DATABASE_GRANTS -4 +2 SELECT count(*) FUNCTION_GRANTS from mysql.procs_priv where routine_type='FUNCTION'; FUNCTION_GRANTS 3 diff --git a/mysql-test/suite/roles/admin.result b/mysql-test/suite/roles/admin.result index 2ecbfae4516..be4c2088cc3 100644 --- a/mysql-test/suite/roles/admin.result +++ b/mysql-test/suite/roles/admin.result @@ -6,7 +6,7 @@ create role role3 with admin current_role; ERROR 0L000: Invalid definer create role role3 with admin role1; create role role4 with admin root@localhost; -connect c1, localhost, foo,,; +connect c1, localhost, foo,,"*NO-ONE*"; create role role5 with admin root@localhost; ERROR 42000: Access denied; you need (at least one of) the SUPER, SET USER privilege(s) for this operation create role role5 with admin role3; diff --git a/mysql-test/suite/roles/admin.test b/mysql-test/suite/roles/admin.test index 242518eb13d..8852b70d348 100644 --- a/mysql-test/suite/roles/admin.test +++ b/mysql-test/suite/roles/admin.test @@ -15,7 +15,7 @@ create role role3 with admin role1; create role role4 with admin root@localhost; # privilege checks, one needs SUPER to specify an arbitrary admin -connect (c1, localhost, foo,,); +connect (c1, localhost, foo,,"*NO-ONE*"); --error ER_SPECIFIC_ACCESS_DENIED_ERROR create role role5 with admin root@localhost; --error ER_SPECIFIC_ACCESS_DENIED_ERROR diff --git a/mysql-test/suite/roles/definer.result b/mysql-test/suite/roles/definer.result index a83a42a0c67..848bff333af 100644 --- a/mysql-test/suite/roles/definer.result +++ b/mysql-test/suite/roles/definer.result @@ -5,15 +5,19 @@ insert t1 values (1,10,100),(2,20,200); create role role1; grant select (a) on mysqltest1.t1 to role1; grant event,execute,trigger on mysqltest1.* to role1; +grant select on test.* to role1; grant role1 to current_user; create role role2; grant insert,select on mysqltest1.t1 to role2; grant event,execute,trigger on mysqltest1.* to role2; +grant select on test.* to role2; create user foo@localhost; grant create view on mysqltest1.* to foo@localhost; +grant select, create view on test.* to foo@localhost; create role role4; grant select on mysqltest1.t1 to role4; grant role4 to foo@localhost; +grant select on test.* to role4; create definer=current_role view test.v1 as select a+b,c from t1; ERROR 0L000: Invalid definer set role role1; @@ -41,6 +45,7 @@ Grants for foo@localhost GRANT `role4` TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT CREATE VIEW ON `mysqltest1`.* TO `foo`@`localhost` +GRANT SELECT, CREATE VIEW ON `test`.* TO `foo`@`localhost` select * from test.v1; ERROR HY000: View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them select * from test.v2; @@ -647,7 +652,7 @@ grant r1 to user1; grant r1 to r2; grant r2 to user1; grant r3 to user1; -connect user1, localhost,user1,,,,,; +connect user1, localhost,user1,,"*NO-ONE*",,,; set role r2; use rtest; CREATE DEFINER=current_role() PROCEDURE user1_proc() SQL SECURITY INVOKER @@ -722,7 +727,7 @@ CREATE DEFINER=`user_like_role`@`%` PROCEDURE sensitive_proc() SQL SECURITY INVO BEGIN SELECT NOW(), VERSION(); END;// -connect user_like_role, localhost, user_like_role,,,,,; +connect user_like_role, localhost, user_like_role,,"*NO-ONE*",,,; use rtest; show create procedure sensitive_proc; Procedure sql_mode Create Procedure character_set_client collation_connection Database Collation @@ -731,7 +736,7 @@ sensitive_proc STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USE BEGIN SELECT NOW(), VERSION(); END latin1 latin1_swedish_ci latin1_swedish_ci -connect foo, localhost, foo,,,,,; +connect foo, localhost, foo,,"*NO-ONE*",,,; set role user_like_role; use rtest; # diff --git a/mysql-test/suite/roles/definer.test b/mysql-test/suite/roles/definer.test index c1e56f3f94b..4cd42d59b24 100644 --- a/mysql-test/suite/roles/definer.test +++ b/mysql-test/suite/roles/definer.test @@ -19,6 +19,7 @@ insert t1 values (1,10,100),(2,20,200); create role role1; grant select (a) on mysqltest1.t1 to role1; grant event,execute,trigger on mysqltest1.* to role1; +grant select on test.* to role1; grant role1 to current_user; @@ -26,13 +27,16 @@ grant role1 to current_user; create role role2; grant insert,select on mysqltest1.t1 to role2; grant event,execute,trigger on mysqltest1.* to role2; +grant select on test.* to role2; # create a non-priv user and a priv role granted to him create user foo@localhost; grant create view on mysqltest1.* to foo@localhost; +grant select, create view on test.* to foo@localhost; create role role4; grant select on mysqltest1.t1 to role4; grant role4 to foo@localhost; +grant select on test.* to role4; ################################################## # views @@ -355,7 +359,7 @@ grant r1 to r2; grant r2 to user1; grant r3 to user1; -connect (user1, localhost,user1,,,,,); +connect (user1, localhost,user1,,"*NO-ONE*",,,); set role r2; use rtest; @@ -433,11 +437,11 @@ CREATE DEFINER=`user_like_role`@`%` PROCEDURE sensitive_proc() SQL SECURITY INVO END;// DELIMITER ;// -connect (user_like_role, localhost, user_like_role,,,,,); +connect (user_like_role, localhost, user_like_role,,"*NO-ONE*",,,); use rtest; show create procedure sensitive_proc; -connect (foo, localhost, foo,,,,,); +connect (foo, localhost, foo,,"*NO-ONE*",,,); set role user_like_role; use rtest; diff --git a/mysql-test/suite/roles/drop_current_user-5176.result b/mysql-test/suite/roles/drop_current_user-5176.result index 9c4041a0d1e..b45c23827e1 100644 --- a/mysql-test/suite/roles/drop_current_user-5176.result +++ b/mysql-test/suite/roles/drop_current_user-5176.result @@ -1,6 +1,6 @@ create user foo@localhost; grant create user on *.* to foo@localhost; -connect foo,localhost,foo,,; +connect foo,localhost,foo,,"*NO-ONE*"; drop user foo@localhost; select * from information_schema.applicable_roles; GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT diff --git a/mysql-test/suite/roles/drop_current_user-5176.test b/mysql-test/suite/roles/drop_current_user-5176.test index 27051345e8b..7b72fac6e39 100644 --- a/mysql-test/suite/roles/drop_current_user-5176.test +++ b/mysql-test/suite/roles/drop_current_user-5176.test @@ -5,7 +5,7 @@ create user foo@localhost; grant create user on *.* to foo@localhost; ---connect (foo,localhost,foo,,) +--connect (foo,localhost,foo,,"*NO-ONE*") drop user foo@localhost; select * from information_schema.applicable_roles; --error ER_NONEXISTING_GRANT diff --git a/mysql-test/suite/roles/flush_roles-12366.result b/mysql-test/suite/roles/flush_roles-12366.result index f65c97e0ee3..a282d47e314 100644 --- a/mysql-test/suite/roles/flush_roles-12366.result +++ b/mysql-test/suite/roles/flush_roles-12366.result @@ -12,6 +12,7 @@ CREATE USER u; CREATE ROLE operations_cluster; GRANT operations_cluster TO u; +GRANT select on test.* to u; CREATE DATABASE bob_live_sg; CREATE TABLE bob_live_sg.a (i INT(10)); CREATE TABLE bob_live_sg.b (i INT(10)); diff --git a/mysql-test/suite/roles/flush_roles-12366.test b/mysql-test/suite/roles/flush_roles-12366.test index 343ac4abf72..c117f19dd22 100644 --- a/mysql-test/suite/roles/flush_roles-12366.test +++ b/mysql-test/suite/roles/flush_roles-12366.test @@ -13,6 +13,7 @@ CREATE USER u; CREATE ROLE operations_cluster; GRANT operations_cluster TO u; +GRANT select on test.* to u; CREATE DATABASE bob_live_sg; CREATE TABLE bob_live_sg.a (i INT(10)); CREATE TABLE bob_live_sg.b (i INT(10)); diff --git a/mysql-test/suite/roles/grant-5771.result b/mysql-test/suite/roles/grant-5771.result index 14e033f4c29..9ddd2a06d89 100644 --- a/mysql-test/suite/roles/grant-5771.result +++ b/mysql-test/suite/roles/grant-5771.result @@ -6,7 +6,7 @@ grant all on mysqltest1.* to r1; grant all on mysqltest2.* to r2; grant r1 to r2; grant r2 to foo@localhost; -connect foo,localhost,foo,,; +connect foo,localhost,foo,,"*NO-ONE*"; select current_user; current_user foo@localhost diff --git a/mysql-test/suite/roles/grant-5771.test b/mysql-test/suite/roles/grant-5771.test index 3c8f5d2f7c0..eee24936d5c 100644 --- a/mysql-test/suite/roles/grant-5771.test +++ b/mysql-test/suite/roles/grant-5771.test @@ -13,7 +13,7 @@ grant all on mysqltest2.* to r2; grant r1 to r2; grant r2 to foo@localhost; ---connect (foo,localhost,foo,,) +--connect (foo,localhost,foo,,"*NO-ONE*") select current_user; --error ER_DBACCESS_DENIED_ERROR show tables in mysqltest1; diff --git a/mysql-test/suite/roles/grant_empty.result b/mysql-test/suite/roles/grant_empty.result index 2e4542993ba..922940cad63 100644 --- a/mysql-test/suite/roles/grant_empty.result +++ b/mysql-test/suite/roles/grant_empty.result @@ -3,7 +3,7 @@ ERROR OP000: Invalid role specification `` create user ''@localhost; create role r1; grant r1 to ''@localhost; -connect con1,localhost,nonexisting_user,,; +connect con1,localhost,nonexisting_user,,"*NO-ONE*"; select current_user; current_user @localhost diff --git a/mysql-test/suite/roles/grant_empty.test b/mysql-test/suite/roles/grant_empty.test index e419fffa2ba..e3bd6bbd4d3 100644 --- a/mysql-test/suite/roles/grant_empty.test +++ b/mysql-test/suite/roles/grant_empty.test @@ -13,7 +13,7 @@ create user ''@localhost; create role r1; grant r1 to ''@localhost; ---connect (con1,localhost,nonexisting_user,,) +--connect (con1,localhost,nonexisting_user,,"*NO-ONE*") select current_user; show grants; diff --git a/mysql-test/suite/roles/grant_role_auto_create_user.result b/mysql-test/suite/roles/grant_role_auto_create_user.result index 61ce0359c0d..ec99ede469f 100644 --- a/mysql-test/suite/roles/grant_role_auto_create_user.result +++ b/mysql-test/suite/roles/grant_role_auto_create_user.result @@ -6,12 +6,12 @@ create user foo@localhost; grant auto_create to foo@localhost; create user bar@localhost identified by 'baz'; grant auto_create to bar@localhost; -connect con1,localhost,foo,,; +connect con1,localhost,foo,,"*NO-ONE*"; set role 'auto_create'; use db; create table t1 (i int); disconnect con1; -connect con1,localhost,bar,baz,; +connect con1,localhost,bar,baz,"*NO-ONE*"; set role auto_create; use db; insert into t1 values (1); @@ -26,14 +26,14 @@ select user, host from mysql.user where user = 'bar'; User Host bar localhost set sql_mode = ''; -connect con1,localhost,bar,baz,; +connect con1,localhost,bar,baz,"*NO-ONE*"; set role auto_create; use db; drop table t1; disconnect con1; connection default; create user foo@localhost; -connect con1, localhost, foo,,; +connect con1, localhost, foo,,"*NO-ONE*"; set sql_mode = ''; grant auto_create to bar2@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' @@ -47,7 +47,7 @@ ERROR 28000: Access denied for user 'foo'@'localhost' disconnect con1; connection default; grant auto_create to foo@localhost; -connect con1, localhost, foo,,; +connect con1, localhost, foo,,"*NO-ONE*"; set sql_mode = ''; grant auto_create to bar@localhost; ERROR 28000: Access denied for user 'foo'@'localhost' @@ -63,7 +63,7 @@ ERROR 28000: Access denied for user 'foo'@'localhost' connection default; grant auto_create to foo@localhost with admin option; disconnect con1; -connect con1, localhost, foo,,; +connect con1, localhost, foo,,"*NO-ONE*"; set sql_mode = ''; grant auto_create to bar@localhost; grant auto_create to bar2@localhost; diff --git a/mysql-test/suite/roles/grant_role_auto_create_user.test b/mysql-test/suite/roles/grant_role_auto_create_user.test index e673934775e..5147e91ecae 100644 --- a/mysql-test/suite/roles/grant_role_auto_create_user.test +++ b/mysql-test/suite/roles/grant_role_auto_create_user.test @@ -13,13 +13,13 @@ create user bar@localhost identified by 'baz'; grant auto_create to bar@localhost; # Test if the users have been created and the role has been granted to them ---connect (con1,localhost,foo,,) +--connect (con1,localhost,foo,,"*NO-ONE*") set role 'auto_create'; use db; create table t1 (i int); --disconnect con1 ---connect (con1,localhost,bar,baz,) +--connect (con1,localhost,bar,baz,"*NO-ONE*") set role auto_create; use db; insert into t1 values (1); @@ -35,7 +35,7 @@ grant auto_create to bar@localhost identified by 'baz'; select user, host from mysql.user where user = 'bar'; set sql_mode = ''; ---connect (con1,localhost,bar,baz,) +--connect (con1,localhost,bar,baz,"*NO-ONE*") set role auto_create; use db; drop table t1; @@ -46,7 +46,7 @@ drop table t1; create user foo@localhost; # test all possible cases with a user who has no rights to grant the role ---connect (con1, localhost, foo,,) +--connect (con1, localhost, foo,,"*NO-ONE*") set sql_mode = ''; #try and grant roles, no rights however @@ -65,7 +65,7 @@ grant auto_create to foo2@localhost identified by 'pass'; --connection default grant auto_create to foo@localhost; ---connect (con1, localhost, foo,,) +--connect (con1, localhost, foo,,"*NO-ONE*") #we now have the role granted to us, but we don't have insert privileges, #we should not be able to create a new user @@ -93,7 +93,7 @@ grant auto_create to foo2@localhost identified by 'pass'; grant auto_create to foo@localhost with admin option; --disconnect con1 ---connect (con1, localhost, foo,,) +--connect (con1, localhost, foo,,"*NO-ONE*") #we now have the role granted to us, but we don't have insert privileges, #we should not be able to create a new user diff --git a/mysql-test/suite/roles/i_s_applicable_roles_is_default.result b/mysql-test/suite/roles/i_s_applicable_roles_is_default.result index ee7d17f3a1f..75c8f61c010 100644 --- a/mysql-test/suite/roles/i_s_applicable_roles_is_default.result +++ b/mysql-test/suite/roles/i_s_applicable_roles_is_default.result @@ -5,7 +5,7 @@ create role role3; grant role1 to foo; grant role2 to role1; grant role3 to foo; -connect foo, localhost, foo; +connect foo, localhost, foo,,"*NO-ONE*"; select * from information_schema.applicable_roles; GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT foo@% role1 NO NO @@ -32,7 +32,7 @@ root@localhost role1 YES NO root@localhost role2 YES NO root@localhost role3 YES NO set default role none for foo; -connect foo, localhost, foo; +connect foo, localhost, foo,,"*NO-ONE*"; select * from information_schema.applicable_roles; GRANTEE ROLE_NAME IS_GRANTABLE IS_DEFAULT foo@% role1 NO NO diff --git a/mysql-test/suite/roles/i_s_applicable_roles_is_default.test b/mysql-test/suite/roles/i_s_applicable_roles_is_default.test index 0e6436924a9..15a08254a68 100644 --- a/mysql-test/suite/roles/i_s_applicable_roles_is_default.test +++ b/mysql-test/suite/roles/i_s_applicable_roles_is_default.test @@ -9,7 +9,7 @@ grant role2 to role1; grant role3 to foo; -connect (foo, localhost, foo); +connect (foo, localhost, foo,,"*NO-ONE*"); --sorted_result select * from information_schema.applicable_roles; @@ -29,7 +29,7 @@ connection default; select * from information_schema.applicable_roles; set default role none for foo; -connect (foo, localhost, foo); +connect (foo, localhost, foo,,"*NO-ONE*"); --sorted_result select * from information_schema.applicable_roles; diff --git a/mysql-test/suite/roles/ip-6401.result b/mysql-test/suite/roles/ip-6401.result index 723916f9211..c366ffc8088 100644 --- a/mysql-test/suite/roles/ip-6401.result +++ b/mysql-test/suite/roles/ip-6401.result @@ -1,7 +1,7 @@ create role r1; create user foo@'127.0.0.1'; grant r1 to foo@'127.0.0.1'; -connect con1,127.0.0.1,foo,,; +connect con1,127.0.0.1,foo,,"*NO-ONE*"; show grants; Grants for foo@127.0.0.1 GRANT `r1` TO `foo`@`127.0.0.1` diff --git a/mysql-test/suite/roles/ip-6401.test b/mysql-test/suite/roles/ip-6401.test index b7d4b168b75..054564acdfd 100644 --- a/mysql-test/suite/roles/ip-6401.test +++ b/mysql-test/suite/roles/ip-6401.test @@ -6,7 +6,7 @@ create role r1; create user foo@'127.0.0.1'; grant r1 to foo@'127.0.0.1'; ---connect (con1,127.0.0.1,foo,,) +--connect (con1,127.0.0.1,foo,,"*NO-ONE*") show grants; set role r1; select * from information_schema.enabled_roles; diff --git a/mysql-test/suite/roles/rebuild_role_grants.result b/mysql-test/suite/roles/rebuild_role_grants.result index b8d747537aa..ef59d14957f 100644 --- a/mysql-test/suite/roles/rebuild_role_grants.result +++ b/mysql-test/suite/roles/rebuild_role_grants.result @@ -58,7 +58,7 @@ drop role r1; drop user u2; create user foo@localhost; grant create user on *.* to foo@localhost; -connect con1, localhost, foo,,; +connect con1, localhost, foo,,"*NO-ONE*"; create role look, isp, xxx, ppp; rename user current_user to nnnn@'%'; drop role look, isp, xxx, ppp; diff --git a/mysql-test/suite/roles/rebuild_role_grants.test b/mysql-test/suite/roles/rebuild_role_grants.test index 7007df0ecdd..2500efb7472 100644 --- a/mysql-test/suite/roles/rebuild_role_grants.test +++ b/mysql-test/suite/roles/rebuild_role_grants.test @@ -60,7 +60,7 @@ drop user u2; # create user foo@localhost; grant create user on *.* to foo@localhost; ---connect (con1, localhost, foo,,) +--connect (con1, localhost, foo,,"*NO-ONE*") create role look, isp, xxx, ppp; rename user current_user to nnnn@'%'; drop role look, isp, xxx, ppp; diff --git a/mysql-test/suite/roles/recursive.inc b/mysql-test/suite/roles/recursive.inc index 940a3c9e0db..7642f2d69bf 100644 --- a/mysql-test/suite/roles/recursive.inc +++ b/mysql-test/suite/roles/recursive.inc @@ -17,6 +17,7 @@ source include/not_embedded.inc; create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; diff --git a/mysql-test/suite/roles/recursive.result b/mysql-test/suite/roles/recursive.result index 0d45a0e03d0..b4d42ea7462 100644 --- a/mysql-test/suite/roles/recursive.result +++ b/mysql-test/suite/roles/recursive.result @@ -1,4 +1,5 @@ create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; @@ -26,6 +27,7 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2' connect foo, localhost, foo; show grants; Grants for foo@localhost +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT `role10` TO `foo`@`localhost` select * from information_schema.applicable_roles; @@ -57,6 +59,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON *.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role2` @@ -115,6 +118,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -158,6 +162,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -203,6 +208,7 @@ count(concat(User)) show grants; Grants for foo@localhost GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -238,6 +244,7 @@ show grants; Grants for foo@localhost GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO `role3` GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` diff --git a/mysql-test/suite/roles/recursive_dbug.result b/mysql-test/suite/roles/recursive_dbug.result index 417602c5c60..e17e4f8df64 100644 --- a/mysql-test/suite/roles/recursive_dbug.result +++ b/mysql-test/suite/roles/recursive_dbug.result @@ -3,6 +3,7 @@ Variable_name Value set @old_dbug=@@global.debug_dbug; set global debug_dbug="+d,role_merge_stats"; create user foo@localhost; +grant select on test.* to foo@localhost; create role role1; create role role2; create role role3; @@ -30,6 +31,7 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2' connect foo, localhost, foo; show grants; Grants for foo@localhost +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT `role10` TO `foo`@`localhost` select * from information_schema.applicable_roles; @@ -71,6 +73,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON *.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role2` @@ -139,6 +142,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.* TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -192,6 +196,7 @@ count(*) show grants; Grants for foo@localhost GRANT SELECT ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -247,6 +252,7 @@ count(concat(User)) show grants; Grants for foo@localhost GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` @@ -287,6 +293,7 @@ show grants; Grants for foo@localhost GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO `role3` GRANT SELECT (User) ON `mysql`.`roles_mapping` TO `role1` +GRANT SELECT ON `test`.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `foo`@`localhost` GRANT USAGE ON *.* TO `role10` GRANT USAGE ON *.* TO `role1` diff --git a/mysql-test/suite/roles/role_case_sensitive-10744.result b/mysql-test/suite/roles/role_case_sensitive-10744.result index 2f27db1525a..6795eb838c5 100644 --- a/mysql-test/suite/roles/role_case_sensitive-10744.result +++ b/mysql-test/suite/roles/role_case_sensitive-10744.result @@ -33,7 +33,7 @@ Grants for test_user@% GRANT `test_role` TO `test_user`@`%` GRANT `test_ROLE` TO `test_user`@`%` GRANT USAGE ON *.* TO `test_user`@`%` -connect test_user,localhost,test_user; +connect test_user,localhost,test_user,,"*NO-ONE*"; # # Test users privileges when interacting with those roles; # diff --git a/mysql-test/suite/roles/role_case_sensitive-10744.test b/mysql-test/suite/roles/role_case_sensitive-10744.test index 281d61bce00..a6e387e86e1 100644 --- a/mysql-test/suite/roles/role_case_sensitive-10744.test +++ b/mysql-test/suite/roles/role_case_sensitive-10744.test @@ -28,7 +28,7 @@ show grants for test_user; grant test_ROLE to test_user; grant insert on secret_db.t1 to test_ROLE; show grants for test_user; -connect (test_user,localhost,test_user); +connect (test_user,localhost,test_user,,"*NO-ONE*"); --echo # --echo # Test users privileges when interacting with those roles; diff --git a/mysql-test/suite/roles/set_and_drop.result b/mysql-test/suite/roles/set_and_drop.result index 87ccad2b447..9feca258a8b 100644 --- a/mysql-test/suite/roles/set_and_drop.result +++ b/mysql-test/suite/roles/set_and_drop.result @@ -14,7 +14,7 @@ grant select on mysql.* to role2; grant execute on procedure mysqltest1.pr1 to role2; grant select on mysqltest1.t1 to role2; grant select (a) on mysqltest1.t2 to role2; -connect foo,localhost,foo; +connect foo,localhost,foo,,"*NO-ONE*"; flush tables; ERROR 42000: Access denied; you need (at least one of) the RELOAD privilege(s) for this operation select * from mysql.roles_mapping; diff --git a/mysql-test/suite/roles/set_and_drop.test b/mysql-test/suite/roles/set_and_drop.test index 852e79fd109..75acfeaa6cd 100644 --- a/mysql-test/suite/roles/set_and_drop.test +++ b/mysql-test/suite/roles/set_and_drop.test @@ -23,7 +23,7 @@ grant execute on procedure mysqltest1.pr1 to role2; grant select on mysqltest1.t1 to role2; grant select (a) on mysqltest1.t2 to role2; -connect (foo,localhost,foo); +connect (foo,localhost,foo,,"*NO-ONE*"); --error ER_SPECIFIC_ACCESS_DENIED_ERROR flush tables; diff --git a/mysql-test/suite/roles/set_default_role_new_connection.result b/mysql-test/suite/roles/set_default_role_new_connection.result index 5c51b782ab7..6dafa966336 100644 --- a/mysql-test/suite/roles/set_default_role_new_connection.result +++ b/mysql-test/suite/roles/set_default_role_new_connection.result @@ -2,7 +2,7 @@ create user test_user@localhost; create role test_role; grant select on *.* to test_role; grant test_role to test_user@localhost; -connect c1, localhost, test_user,,; +connect c1, localhost, test_user,,"*NO-ONE*"; show grants; Grants for test_user@localhost GRANT `test_role` TO `test_user`@`localhost` @@ -33,7 +33,7 @@ connection default; select user, host, default_role from mysql.user where user = 'test_user'; User Host default_role test_user localhost -connect c1, localhost, test_user,,; +connect c1, localhost, test_user,,"*NO-ONE*"; show grants; Grants for test_user@localhost GRANT `test_role` TO `test_user`@`localhost` diff --git a/mysql-test/suite/roles/set_default_role_new_connection.test b/mysql-test/suite/roles/set_default_role_new_connection.test index 81f7f2ffb58..d4b7b26dd66 100644 --- a/mysql-test/suite/roles/set_default_role_new_connection.test +++ b/mysql-test/suite/roles/set_default_role_new_connection.test @@ -5,7 +5,7 @@ create role test_role; grant select on *.* to test_role; grant test_role to test_user@localhost; ---connect (c1, localhost, test_user,,) +--connect (c1, localhost, test_user,,"*NO-ONE*") show grants; --error ER_TABLEACCESS_DENIED_ERROR select user, host, default_role from mysql.user where user = 'test_user'; @@ -27,7 +27,7 @@ disconnect c1; connection default; select user, host, default_role from mysql.user where user = 'test_user'; ---connect (c1, localhost, test_user,,) +--connect (c1, localhost, test_user,,"*NO-ONE*") show grants; --error ER_TABLEACCESS_DENIED_ERROR select user, host, default_role from mysql.user where user = 'test_user'; diff --git a/mysql-test/suite/roles/set_role-13655.result b/mysql-test/suite/roles/set_role-13655.result index 9da16c1dd51..b58c8a5c8e8 100644 --- a/mysql-test/suite/roles/set_role-13655.result +++ b/mysql-test/suite/roles/set_role-13655.result @@ -31,7 +31,7 @@ grant all on t.* to admin; # create user foo; grant admin to foo; -connect foo,localhost,foo,,,,,; +connect foo,localhost,foo,,"*NO-ONE*",,,; create database t; ERROR 42000: Access denied for user 'foo'@'%' to database 't' set role admin; diff --git a/mysql-test/suite/roles/set_role-13655.test b/mysql-test/suite/roles/set_role-13655.test index 97a82109276..161a429e218 100644 --- a/mysql-test/suite/roles/set_role-13655.test +++ b/mysql-test/suite/roles/set_role-13655.test @@ -34,7 +34,7 @@ grant all on t.* to admin; create user foo; grant admin to foo; -connect (foo,localhost,foo,,,,,); +connect (foo,localhost,foo,,"*NO-ONE*",,,); --error ER_DBACCESS_DENIED_ERROR create database t; set role admin; diff --git a/mysql-test/suite/roles/set_role-5232.result b/mysql-test/suite/roles/set_role-5232.result index 31cb4b105ec..473c7e7b7d6 100644 --- a/mysql-test/suite/roles/set_role-5232.result +++ b/mysql-test/suite/roles/set_role-5232.result @@ -3,7 +3,7 @@ create user c; grant select on mysql.* to c; create role r1; grant r1 to c; -connect c,localhost,c,,,,,; +connect c,localhost,c,,"*NO-ONE*",,,; select user(), current_user(); user() current_user() c@localhost @localhost diff --git a/mysql-test/suite/roles/set_role-5232.test b/mysql-test/suite/roles/set_role-5232.test index c6cb3d925a4..b7aa6e00aa9 100644 --- a/mysql-test/suite/roles/set_role-5232.test +++ b/mysql-test/suite/roles/set_role-5232.test @@ -7,7 +7,7 @@ create user c; grant select on mysql.* to c; create role r1; grant r1 to c; -connect (c,localhost,c,,,,,); +connect (c,localhost,c,,"*NO-ONE*",,,); select user(), current_user(); --error ER_TABLEACCESS_DENIED_ERROR select user from mysql.user group by user; diff --git a/mysql-test/suite/roles/set_role-9614.result b/mysql-test/suite/roles/set_role-9614.result index 318d9ced73e..d4d689b87e4 100644 --- a/mysql-test/suite/roles/set_role-9614.result +++ b/mysql-test/suite/roles/set_role-9614.result @@ -61,13 +61,11 @@ connect john, localhost, john,,information_schema; show databases; Database information_schema -test set role client; show databases; Database bug_db information_schema -test use bug_db; # # Try using the database as usertestjohn. @@ -76,13 +74,11 @@ connect usertestjohn, localhost, usertestjohn,,information_schema; show databases; Database information_schema -test set role client; show databases; Database bug_db information_schema -test show grants; Grants for usertestjohn@% GRANT `client` TO `usertestjohn`@`%` diff --git a/mysql-test/suite/roles/set_role-database-recursive.result b/mysql-test/suite/roles/set_role-database-recursive.result index bc3914413a3..a5924d3043a 100644 --- a/mysql-test/suite/roles/set_role-database-recursive.result +++ b/mysql-test/suite/roles/set_role-database-recursive.result @@ -19,8 +19,6 @@ localhost test_user test_role1 N localhost test_user test_role2 N select user, host from mysql.db; user host - % - % grant select on mysql.* to test_role2; flush privileges; select * from mysql.roles_mapping; diff --git a/mysql-test/suite/roles/set_role-simple.result b/mysql-test/suite/roles/set_role-simple.result index 59e61d4836a..8f04e45025a 100644 --- a/mysql-test/suite/roles/set_role-simple.result +++ b/mysql-test/suite/roles/set_role-simple.result @@ -47,7 +47,7 @@ delete from mysql.roles_mapping where Role='test_role1'; flush privileges; drop user 'test_user'@'localhost'; create user user1; -connect con1,localhost,user1,,; +connect con1,localhost,user1,,"*NO-ONE*"; select current_user; current_user user1@% diff --git a/mysql-test/suite/roles/set_role-simple.test b/mysql-test/suite/roles/set_role-simple.test index ed884fa2407..ac8e4fc24f8 100644 --- a/mysql-test/suite/roles/set_role-simple.test +++ b/mysql-test/suite/roles/set_role-simple.test @@ -44,7 +44,7 @@ drop user 'test_user'@'localhost'; create user user1; ---connect (con1,localhost,user1,,) +--connect (con1,localhost,user1,,"*NO-ONE*") select current_user; show grants; set role none; diff --git a/mysql-test/suite/roles/show_create_database-10463.result b/mysql-test/suite/roles/show_create_database-10463.result index 7bebc954840..0cfa3fabf9a 100644 --- a/mysql-test/suite/roles/show_create_database-10463.result +++ b/mysql-test/suite/roles/show_create_database-10463.result @@ -8,11 +8,10 @@ create table db.t1 (i int); create table db.t2 (b int); grant select on db.* to r1; grant r1 to beep@'%'; -connect con1,localhost,beep,,; +connect con1,localhost,beep,,"*NO-ONE*"; show databases; Database information_schema -test show create database db; ERROR 42000: Access denied for user 'beep'@'localhost' to database 'db' select table_schema, table_name from information_schema.tables @@ -23,7 +22,6 @@ show databases; Database db information_schema -test show create database db; Database Create Database db CREATE DATABASE `db` /*!40100 DEFAULT CHARACTER SET latin1 */ @@ -37,11 +35,10 @@ create role r2; create user beep2@'%'; grant update on db.* to r2; grant r2 to beep2; -connect con2,localhost,beep2,,; +connect con2,localhost,beep2,,"*NO-ONE*"; show databases; Database information_schema -test show create database db; ERROR 42000: Access denied for user 'beep2'@'localhost' to database 'db' select table_schema, table_name from information_schema.tables @@ -52,7 +49,6 @@ show databases; Database db information_schema -test show create database db; Database Create Database db CREATE DATABASE `db` /*!40100 DEFAULT CHARACTER SET latin1 */ diff --git a/mysql-test/suite/roles/show_create_database-10463.test b/mysql-test/suite/roles/show_create_database-10463.test index b1eaaf5ff5a..d60591443ee 100644 --- a/mysql-test/suite/roles/show_create_database-10463.test +++ b/mysql-test/suite/roles/show_create_database-10463.test @@ -12,7 +12,7 @@ create table db.t2 (b int); grant select on db.* to r1; grant r1 to beep@'%'; ---connect (con1,localhost,beep,,) +--connect (con1,localhost,beep,,"*NO-ONE*") show databases; --error ER_DBACCESS_DENIED_ERROR show create database db; @@ -32,7 +32,7 @@ create user beep2@'%'; grant update on db.* to r2; grant r2 to beep2; ---connect (con2,localhost,beep2,,) +--connect (con2,localhost,beep2,,"*NO-ONE*") show databases; --error ER_DBACCESS_DENIED_ERROR show create database db; diff --git a/mysql-test/suite/roles/show_grants.result b/mysql-test/suite/roles/show_grants.result index 7ae499a9cfc..21c5a74efe4 100644 --- a/mysql-test/suite/roles/show_grants.result +++ b/mysql-test/suite/roles/show_grants.result @@ -19,8 +19,6 @@ localhost test_user test_role1 N localhost test_user test_role2 N select user, host from mysql.db; user host - % - % grant select on mysql.* to test_role2; flush privileges; select * from information_schema.applicable_roles; |