From 9c6c527c769aaff8cee2fef2b4ae6b4babfcd6fe Mon Sep 17 00:00:00 2001
From: unknown <bell@sanja.is.com.ua>
Date: Fri, 28 Oct 2005 00:18:23 +0300
Subject: support of view underlying tables and SP functions security check
 added (BUG#9505) (WL#2787)

mysql-test/r/information_schema.result:
  error message changed
mysql-test/r/sp.result:
  error message changed
mysql-test/r/sql_mode.result:
  fixed test suite
mysql-test/r/view.result:
  error message changed
mysql-test/r/view_grant.result:
  test of underlying view tables check
mysql-test/t/sql_mode.test:
  fixed test suite
mysql-test/t/view_grant.test:
  test of underlying view tables check
sql/item.cc:
  check of underlying tables privilege added
sql/item.h:
  Name the resolution context points to the security  context of view (if item belong to the view)
sql/item_func.cc:
  a view error hiding for execution of prepared function belonged to a view
  fixed checking privileges if stored functions belonds to some view
sql/mysql_priv.h:
  refult of derived table processing functions changed to bool
  Security_context added as an argument to find_field_in_table()
sql/share/errmsg.txt:
  error message fixed
sql/sql_acl.cc:
  Storing requested privileges of tables added
  View underlying tables privilege check added
sql/sql_base.cc:
  View underlying tables privilege check added
sql/sql_cache.cc:
  Code cleunup: we should not register underlying tables of view second time
sql/sql_delete.cc:
  ancestor -> merge_underlying_list renaming
sql/sql_derived.cc:
  refult of derived table processing functions changed to bool
  do not give SELECT_ACL for TEMPTABLE views
sql/sql_lex.h:
  The comment added
sql/sql_parse.cc:
  registration of requested privileges added
sql/sql_prepare.cc:
  registration of requested privileges added
sql/sql_update.cc:
  manipulation of requested privileges for underlying tables made the same as for table which we are updating
sql/sql_view.cc:
  underlying tables of view security check support added
sql/table.cc:
  renaming and fixing view preparation methods, methods for checking underlyoing tables security context added
sql/table.h:
  storege for reuested privileges added
---
 sql/sql_derived.cc | 39 +++++++++++++++++++++------------------
 1 file changed, 21 insertions(+), 18 deletions(-)

(limited to 'sql/sql_derived.cc')

diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc
index 74b239e1637..e1817985cbd 100644
--- a/sql/sql_derived.cc
+++ b/sql/sql_derived.cc
@@ -35,14 +35,14 @@
     processor           procedure of derived table processing
 
   RETURN
-    0	ok
-    1	Error and error message given
+    FALSE  OK
+    TRUE   Error
 */
 
-int
-mysql_handle_derived(LEX *lex, int (*processor)(THD*, LEX*, TABLE_LIST*))
+bool
+mysql_handle_derived(LEX *lex, bool (*processor)(THD*, LEX*, TABLE_LIST*))
 {
-  int res= 0;
+  bool res= FALSE;
   if (lex->derived_tables)
   {
     lex->thd->derived_tables_processing= TRUE;
@@ -95,16 +95,16 @@ out:
     close_thread_tables()
 
   RETURN
-    0	ok
-    1	Error and an error message was given
+    FALSE  OK
+    TRUE   Error
 */
 
-int mysql_derived_prepare(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
+bool mysql_derived_prepare(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
 {
   SELECT_LEX_UNIT *unit= orig_table_list->derived;
-  int res= 0;
   ulonglong create_options;
   DBUG_ENTER("mysql_derived_prepare");
+  bool res= FALSE;
   if (unit)
   {
     SELECT_LEX *first_select= unit->first_select();
@@ -118,7 +118,7 @@ int mysql_derived_prepare(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
       sl->context.outer_context= 0;
 
     if (!(derived_result= new select_union))
-      DBUG_RETURN(1); // out of memory
+      DBUG_RETURN(TRUE); // out of memory
 
     // st_select_lex_unit::prepare correctly work for single select
     if ((res= unit->prepare(thd, derived_result, 0)))
@@ -184,7 +184,10 @@ exit:
       table->derived_select_number= first_select->select_number;
       table->s->tmp_table= TMP_TABLE;
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-      table->grant.privilege= SELECT_ACL;
+      if (orig_table_list->referencing_view)
+        table->grant= orig_table_list->grant;
+      else
+        table->grant.privilege= SELECT_ACL;
 #endif
       orig_table_list->db= (char *)"";
       orig_table_list->db_length= 0;
@@ -195,8 +198,8 @@ exit:
       thd->derived_tables= table;
     }
   }
-  else if (orig_table_list->ancestor)
-    orig_table_list->set_ancestor();
+  else if (orig_table_list->merge_underlying_list)
+    orig_table_list->set_underlying_merge();
   DBUG_RETURN(res);
 }
 
@@ -220,15 +223,15 @@ exit:
     Due to evaluation of LIMIT clause it can not be used at prepared stage.
 
   RETURN
-    0	ok
-    1   Error and an error message was given
+    FALSE  OK
+    TRUE   Error
 */
 
-int mysql_derived_filling(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
+bool mysql_derived_filling(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
 {
   TABLE *table= orig_table_list->table;
   SELECT_LEX_UNIT *unit= orig_table_list->derived;
-  int res= 0;
+  bool res= FALSE;
 
   /*check that table creation pass without problem and it is derived table */
   if (table && unit)
@@ -271,7 +274,7 @@ int mysql_derived_filling(THD *thd, LEX *lex, TABLE_LIST *orig_table_list)
         there were no derived tables
       */
       if (derived_result->flush())
-        res= 1;
+        res= TRUE;
 
       if (!lex->describe)
         unit->cleanup();
-- 
cgit v1.2.1