partition_grant.test 2.27 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
-- source include/have_partition.inc
# Grant tests not performed with embedded server
-- source include/not_embedded.inc

--disable_warnings
drop schema if exists mysqltest_1;
--enable_warnings


#
# Bug #17139: ALTER TABLE ... DROP PARTITION should require DROP privilege
#

create schema mysqltest_1;
use mysqltest_1;

create table t1 (a int) partition by list (a) (partition p1 values in (1), partition p2 values in (2), partition p3 values in (3));
insert into t1 values (1),(2);

unknown's avatar
unknown committed
20 21 22 23 24 25 26 27
# We don't have DROP USER IF EXISTS. Use this workaround to
# cleanup possible grants for mysqltest_1 left by previous tests
# and ensure consistent results of SHOW GRANTS command below.
--disable_warnings
grant usage on *.* to mysqltest_1@localhost;
revoke all privileges on *.* from mysqltest_1@localhost;
--enable_warnings

28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
grant select,alter on mysqltest_1.* to mysqltest_1@localhost;

connect (conn1,localhost,mysqltest_1,,mysqltest_1);
show grants for current_user;
alter table t1 add b int;
--error ER_TABLEACCESS_DENIED_ERROR
alter table t1 drop partition p2;
disconnect conn1;

connection default;
grant drop on mysqltest_1.* to mysqltest_1@localhost;

connect (conn2,localhost,mysqltest_1,,mysqltest_1);
alter table t1 drop partition p2;
disconnect conn2;

connection default;
revoke alter on mysqltest_1.* from mysqltest_1@localhost;

connect (conn3,localhost,mysqltest_1,,mysqltest_1);
--error ER_TABLEACCESS_DENIED_ERROR
alter table t1 drop partition p3;
disconnect conn3;

connection default;

revoke select,alter,drop on mysqltest_1.* from mysqltest_1@localhost;
drop table t1;
56 57 58 59 60 61 62 63 64 65

#
# Bug #23675 Partitions: possible security breach via alter 
#

create table t1 (s1 int);
insert into t1 values (1);
grant alter on mysqltest_1.* to mysqltest_1@localhost;
connect (conn4,localhost,mysqltest_1,,mysqltest_1);
connection conn4;
66
--error ER_NO_PARTITION_FOR_GIVEN_VALUE
67 68 69 70 71
alter table t1 partition by list (s1) (partition p1 values in (2));
connection default;
grant select, alter on mysqltest_1.* to mysqltest_1@localhost;
disconnect conn4;
connect (conn5,localhost,mysqltest_1,,mysqltest_1);
72
--error ER_NO_PARTITION_FOR_GIVEN_VALUE
73 74 75 76 77 78
alter table t1 partition by list (s1) (partition p1 values in (2));
disconnect conn5;
connection default;
drop table t1;

drop user mysqltest_1@localhost;
79 80 81
drop schema mysqltest_1;

--echo End of 5.1 tests