1 files changed, 420 insertions, 8 deletions
diff --git a/mysql-test/t/grant.test b/mysql-test/t/grant.test
index 3365145650a..d3781d58780 100644
--- a/mysql-test/t/grant.test
+++ b/mysql-test/t/grant.test
@@ -6,6 +6,7 @@
 # Cleanup
 --disable_warnings
 drop table if exists t1;
+drop database if exists mysqltest;
 --enable_warnings
 
 connect (master,localhost,root,,);
@@ -184,16 +185,18 @@ grant select(a) on test.t1 to drop_user1@localhost;
 grant select on test.t1 to drop_user2@localhost;
 grant select on test.* to drop_user3@localhost;
 grant select on *.* to drop_user4@localhost;
---error 1268
+# Drop user now implicitly revokes all privileges.
 drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
 drop_user4@localhost;
+--error 1269
 revoke all privileges, grant option from drop_user1@localhost, drop_user2@localhost,
 drop_user3@localhost, drop_user4@localhost;
+--error 1396
 drop user drop_user1@localhost, drop_user2@localhost, drop_user3@localhost,
 drop_user4@localhost;
 drop table t1;
 grant usage on *.* to mysqltest_1@localhost identified by "password";
-grant select, update, insert on test.* to mysqltest@localhost;
+grant select, update, insert on test.* to mysqltest_1@localhost;
 show grants for mysqltest_1@localhost;
 drop user mysqltest_1@localhost;
 
@@ -217,6 +220,9 @@ GRANT SELECT (���) ON ��.��� TO ����@localhost;
 SHOW GRANTS FOR ����@localhost;
 REVOKE SELECT (���) ON ��.��� FROM ����@localhost;
 
+# Revoke does not drop user. Leave a clean user table for the next tests.
+DROP USER ����@localhost;
+
 DROP DATABASE ��;
 SET NAMES latin1;
 
@@ -296,7 +302,7 @@ DROP DATABASE testdb10;
 create table t1(a int, b int, c int, d int);
 grant insert(b), insert(c), insert(d), insert(a) on t1 to grant_user@localhost;
 show grants for grant_user@localhost;
-select Host,Db,User,Table_name,Column_name,Column_priv from mysql.columns_priv;
+select Host,Db,User,Table_name,Column_name,Column_priv from mysql.columns_priv order by Column_name;
 revoke ALL PRIVILEGES on t1 from grant_user@localhost;
 show grants for grant_user@localhost;
 select Host,Db,User,Table_name,Column_name,Column_priv from mysql.columns_priv;
@@ -320,12 +326,25 @@ grant select (c) on mysqltest_2.t1 to mysqltest_3@localhost;
 grant update (d) on mysqltest_2.t2 to mysqltest_3@localhost;
 connect (conn1,localhost,mysqltest_3,,);
 connection conn1;
-show grants for mysqltest_3@localhost;
+SELECT * FROM INFORMATION_SCHEMA.COLUMN_PRIVILEGES 
+ WHERE GRANTEE = '''mysqltest_3''@''localhost''' 
+ ORDER BY TABLE_NAME,COLUMN_NAME,PRIVILEGE_TYPE;
+SELECT * FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES
+ WHERE GRANTEE = '''mysqltest_3''@''localhost''' 
+ ORDER BY TABLE_NAME,PRIVILEGE_TYPE;
+SELECT * from INFORMATION_SCHEMA.SCHEMA_PRIVILEGES
+ WHERE GRANTEE = '''mysqltest_3''@''localhost''' 
+ ORDER BY TABLE_SCHEMA,PRIVILEGE_TYPE;
+SELECT * from INFORMATION_SCHEMA.USER_PRIVILEGES
+ WHERE GRANTEE = '''mysqltest_3''@''localhost'''
+ ORDER BY TABLE_CATALOG,PRIVILEGE_TYPE;
 --error 1143
 update mysqltest_1.t1, mysqltest_1.t2 set q=10 where b=1;
+--error 1143
+update mysqltest_1.t2, mysqltest_2.t2 set d=20 where d=1;
 --error 1142
 update mysqltest_1.t1, mysqltest_2.t2 set d=20 where d=1;
---error 1143
+--error 1142
 update mysqltest_2.t1, mysqltest_1.t2 set c=20 where b=1;
 --error 1143
 update mysqltest_2.t1, mysqltest_2.t2 set d=10 where s=2;
@@ -352,7 +371,7 @@ connection conn2;
 use mysqltest_1;
 update mysqltest_2.t1, mysqltest_2.t2 set c=500,d=600;
 # the following failed before, should fail now.
---error 1143
+--error 1142
 update mysqltest_1.t1, mysqltest_1.t2 set a=100,b=200;
 use mysqltest_2;
 #the following used to succeed, it must fail now.
@@ -376,6 +395,11 @@ drop database mysqltest_1;
 drop database mysqltest_2;
 
 #
+# just SHOW PRIVILEGES test
+#
+SHOW PRIVILEGES;
+
+#
 # Rights for renaming test (Bug #3270)
 #
 connect (root,localhost,root,,test,$MASTER_MYPORT,$MASTER_MYSOCK);
@@ -395,6 +419,71 @@ delete from mysql.user where user=_binary'mysqltest_1';
 drop database mysqltest;
 
 #
+# check all new table priveleges
+#
+CREATE USER dummy@localhost;
+CREATE DATABASE mysqltest;
+CREATE TABLE mysqltest.dummytable (dummyfield INT);
+CREATE VIEW mysqltest.dummyview AS SELECT dummyfield FROM mysqltest.dummytable;
+GRANT ALL PRIVILEGES ON mysqltest.dummytable TO dummy@localhost;
+GRANT ALL PRIVILEGES ON mysqltest.dummyview TO dummy@localhost;
+SHOW GRANTS FOR dummy@localhost;
+use INFORMATION_SCHEMA;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+FLUSH PRIVILEGES;
+SHOW GRANTS FOR dummy@localhost;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+SHOW FIELDS FROM mysql.tables_priv;
+use test;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM dummy@localhost;
+DROP USER dummy@localhost;
+DROP DATABASE mysqltest;
+# check view only privileges
+CREATE USER dummy@localhost;
+CREATE DATABASE mysqltest;
+CREATE TABLE mysqltest.dummytable (dummyfield INT);
+CREATE VIEW mysqltest.dummyview AS SELECT dummyfield FROM mysqltest.dummytable;
+GRANT CREATE VIEW ON mysqltest.dummytable TO dummy@localhost;
+GRANT CREATE VIEW ON mysqltest.dummyview TO dummy@localhost;
+SHOW GRANTS FOR dummy@localhost;
+use INFORMATION_SCHEMA;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+FLUSH PRIVILEGES;
+SHOW GRANTS FOR dummy@localhost;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+use test;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM dummy@localhost;
+DROP USER dummy@localhost;
+DROP DATABASE mysqltest;
+CREATE USER dummy@localhost;
+CREATE DATABASE mysqltest;
+CREATE TABLE mysqltest.dummytable (dummyfield INT);
+CREATE VIEW mysqltest.dummyview AS SELECT dummyfield FROM mysqltest.dummytable;
+GRANT SHOW VIEW ON mysqltest.dummytable TO dummy@localhost;
+GRANT SHOW VIEW ON mysqltest.dummyview TO dummy@localhost;
+SHOW GRANTS FOR dummy@localhost;
+use INFORMATION_SCHEMA;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+FLUSH PRIVILEGES;
+SHOW GRANTS FOR dummy@localhost;
+SELECT TABLE_SCHEMA, TABLE_NAME, GROUP_CONCAT(PRIVILEGE_TYPE ORDER BY
+PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
+= '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
+use test;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM dummy@localhost;
+DROP USER dummy@localhost;
+DROP DATABASE mysqltest;
+#
 # Bug #11330: Entry in tables_priv with host = '' causes crash
 #
 connection default;
@@ -403,6 +492,7 @@ insert into tables_priv values ('','test_db','mysqltest_1','test_table','test_gr
 flush privileges;
 delete from tables_priv where host = '' and user = 'mysqltest_1';
 flush privileges;
+use test;
 
 #
 # Bug #10892 user variables not auto cast for comparisons
@@ -427,8 +517,7 @@ set names latin1;
 # Bug #15598 Server crashes in specific case during setting new password
 # - Caused by a user with host ''
 #
-insert into mysql.user (host, user) values ('', 'mysqltest_7');
-flush privileges;
+create user mysqltest_7@;
 set password for mysqltest_7@ = password('systpass');
 show grants for mysqltest_7@;
 drop user mysqltest_7@;
@@ -452,3 +541,326 @@ flush privileges;
 drop database mysqltest;
 
 # End of 4.1 tests
+
+#
+# Bug #16297 In memory grant tables not flushed when users's hostname is ""
+#
+use test;
+create table t1 (a int);
+
+# Backup anonymous users and remove them. (They get in the way of
+# the one we test with here otherwise.)
+create table t2 as select * from mysql.user where user='';
+delete from mysql.user where user='';
+flush privileges;
+
+# Create some users with different hostnames
+create user mysqltest_8@'';
+create user mysqltest_8;
+create user mysqltest_8@host8;
+
+# Try to create them again
+--error 1396
+create user mysqltest_8@'';
+--error 1396
+create user mysqltest_8;
+--error 1396
+create user mysqltest_8@host8;
+
+select user, QUOTE(host) from mysql.user where user="mysqltest_8";
+
+--echo Schema privileges
+grant select on mysqltest.* to mysqltest_8@'';
+show grants for mysqltest_8@'';
+grant select on mysqltest.* to mysqltest_8@;
+show grants for mysqltest_8@;
+grant select on mysqltest.* to mysqltest_8;
+show grants for mysqltest_8;
+select * from  information_schema.schema_privileges
+where grantee like "'mysqltest_8'%";
+connect (conn3,localhost,mysqltest_8,,);
+select * from t1;
+disconnect conn3;
+connection master;
+revoke select on mysqltest.* from mysqltest_8@'';
+revoke select on mysqltest.* from mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.schema_privileges
+where grantee like "'mysqltest_8'%";
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8@;
+grant select on mysqltest.* to mysqltest_8@'';
+flush privileges;
+show grants for mysqltest_8@;
+revoke select on mysqltest.* from mysqltest_8@'';
+flush privileges;
+
+--echo Column privileges
+grant update (a) on t1 to mysqltest_8@'';
+grant update (a) on t1 to mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.column_privileges;
+connect (conn4,localhost,mysqltest_8,,);
+select * from t1;
+disconnect conn4;
+connection master;
+revoke update (a) on t1 from mysqltest_8@'';
+revoke update (a) on t1 from mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.column_privileges;
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+
+--echo Table privileges
+grant update on t1 to mysqltest_8@'';
+grant update on t1 to mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.table_privileges;
+connect (conn5,localhost,mysqltest_8,,);
+select * from t1;
+disconnect conn5;
+connection master;
+revoke update on t1 from mysqltest_8@'';
+revoke update on t1 from mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.table_privileges;
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+
+--echo "DROP USER" should clear privileges
+grant all privileges on mysqltest.* to mysqltest_8@'';
+grant select on mysqltest.* to mysqltest_8@'';
+grant update on t1 to mysqltest_8@'';
+grant update (a) on t1 to mysqltest_8@'';
+grant all privileges on mysqltest.* to mysqltest_8;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.user_privileges
+where grantee like "'mysqltest_8'%";
+connect (conn5,localhost,mysqltest_8,,);
+select * from t1;
+disconnect conn5;
+connection master;
+flush privileges;
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+drop user mysqltest_8@'';
+--error 1141
+show grants for mysqltest_8@'';
+show grants for mysqltest_8;
+select * from  information_schema.user_privileges
+where grantee like "'mysqltest_8'%";
+drop user mysqltest_8;
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error 1045
+connect (conn6,localhost,mysqltest_8,,);
+connection master;
+--error 1141
+show grants for mysqltest_8;
+drop user mysqltest_8@host8;
+--error 1141
+show grants for mysqltest_8@host8;
+
+# Restore the anonymous users.
+insert into mysql.user select * from t2;
+flush privileges;
+drop table t2;
+
+drop table t1;
+
+#
+# Bug#20214: Incorrect error when user calls SHOW CREATE VIEW on non
+#            privileged view
+#
+
+connection master;
+
+CREATE DATABASE mysqltest3;
+use mysqltest3;
+
+CREATE TABLE t_nn (c1 INT);
+CREATE VIEW  v_nn AS SELECT * FROM t_nn;
+
+CREATE DATABASE mysqltest2;
+use mysqltest2;
+
+CREATE TABLE t_nn (c1 INT);
+CREATE VIEW  v_nn AS SELECT * FROM t_nn;
+CREATE VIEW  v_yn AS SELECT * FROM t_nn;
+CREATE VIEW  v_gy AS SELECT * FROM t_nn;
+CREATE VIEW  v_ny AS SELECT * FROM t_nn;
+CREATE VIEW  v_yy AS SELECT * FROM t_nn WHERE c1=55;
+
+GRANT SHOW VIEW        ON mysqltest2.v_ny TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1';
+GRANT SELECT           ON mysqltest2.v_yn TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1';
+GRANT SELECT           ON mysqltest2.*    TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1';
+GRANT SHOW VIEW,SELECT ON mysqltest2.v_yy TO 'mysqltest_1'@'localhost' IDENTIFIED BY 'mysqltest_1';
+
+connect (mysqltest_1, localhost, mysqltest_1, mysqltest_1,);
+
+# fail because of missing SHOW VIEW (have generic SELECT)
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE VIEW  mysqltest2.v_nn;
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE TABLE mysqltest2.v_nn;
+
+
+
+# fail because of missing SHOW VIEW
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE VIEW  mysqltest2.v_yn;
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE TABLE mysqltest2.v_yn;
+
+
+
+# succeed (despite of missing SELECT, having SHOW VIEW bails us out)
+SHOW CREATE TABLE mysqltest2.v_ny;
+
+# succeed (despite of missing SELECT, having SHOW VIEW bails us out)
+SHOW CREATE VIEW  mysqltest2.v_ny;
+
+
+
+# fail because of missing (specific or generic) SELECT
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE TABLE mysqltest3.t_nn;
+
+# fail because of missing (specific or generic) SELECT (not because it's not a view!)
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE VIEW  mysqltest3.t_nn;
+
+
+
+# fail because of missing missing (specific or generic) SELECT (and SHOW VIEW)
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE VIEW  mysqltest3.v_nn;
+--error ER_TABLEACCESS_DENIED_ERROR
+SHOW CREATE TABLE mysqltest3.v_nn;
+
+
+
+# succeed thanks to generic SELECT
+SHOW CREATE TABLE mysqltest2.t_nn;
+
+# fail because it's not a view!  (have generic SELECT though)
+--error ER_WRONG_OBJECT
+SHOW CREATE VIEW  mysqltest2.t_nn;
+
+
+
+# succeed, have SELECT and SHOW VIEW
+SHOW CREATE VIEW mysqltest2.v_yy;
+
+# succeed, have SELECT and SHOW VIEW
+SHOW CREATE TABLE mysqltest2.v_yy;
+
+
+
+#clean-up
+connection master;
+
+# succeed, we're root
+SHOW CREATE TABLE mysqltest2.v_nn;
+SHOW CREATE VIEW  mysqltest2.v_nn;
+
+SHOW CREATE TABLE mysqltest2.t_nn;
+
+# fail because it's not a view!
+--error ER_WRONG_OBJECT
+SHOW CREATE VIEW mysqltest2.t_nn;
+
+
+
+DROP VIEW  mysqltest2.v_nn;
+DROP VIEW  mysqltest2.v_yn;
+DROP VIEW  mysqltest2.v_ny;
+DROP VIEW  mysqltest2.v_yy;
+
+DROP TABLE mysqltest2.t_nn;
+
+DROP DATABASE mysqltest2;
+
+
+
+DROP VIEW  mysqltest3.v_nn;
+DROP TABLE mysqltest3.t_nn;
+
+DROP DATABASE mysqltest3;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'mysqltest_1'@'localhost';
+DROP USER 'mysqltest_1'@'localhost';
+
+# restore the original database
+use test;
+
+#
+# Bug #10668: CREATE USER does not enforce username length limit
+#
+--error ER_WRONG_STRING_LENGTH
+create user mysqltest1_thisisreallytoolong;
+
+#
+# Test for BUG#16899: Possible buffer overflow in handling of DEFINER-clause.
+#
+# These checks are intended to ensure that appropriate errors are risen when
+# illegal user name or hostname is specified in user-clause of GRANT/REVOKE
+# statements.
+#
+
+# Working with database-level privileges.
+
+--error ER_WRONG_STRING_LENGTH
+GRANT CREATE ON mysqltest.* TO 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+GRANT CREATE ON mysqltest.* TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE CREATE ON mysqltest.* FROM 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE CREATE ON mysqltest.* FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+
+# Working with table-level privileges.
+
+--error ER_WRONG_STRING_LENGTH
+GRANT CREATE ON t1 TO 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+GRANT CREATE ON t1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE CREATE ON t1 FROM 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE CREATE ON t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+
+# Working with routine-level privileges.
+
+--error ER_WRONG_STRING_LENGTH
+GRANT EXECUTE ON PROCEDURE p1 TO 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+GRANT EXECUTE ON PROCEDURE p1 TO some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE EXECUTE ON PROCEDURE p1 FROM 1234567890abcdefGHIKL@localhost;
+
+--error ER_WRONG_STRING_LENGTH
+REVOKE EXECUTE ON PROCEDURE t1 FROM some_user_name@1234567890abcdefghij1234567890abcdefghij1234567890abcdefghijQWERTY;
+--echo End of 5.0 tests