Commit 0ed57e34 authored by Vicențiu Ciorbaru's avatar Vicențiu Ciorbaru

MDEV-7025 ANALYZE SELECT/INSERT/UPDATE/DELETE from a view does not check...

MDEV-7025 ANALYZE SELECT/INSERT/UPDATE/DELETE from a view does not check access permissions on the view

Added access checking for the ANALYZE statement command.
parent c8035da9
...@@ -315,3 +315,43 @@ id select_type table type possible_keys key key_len ref rows r_rows filtered r_f ...@@ -315,3 +315,43 @@ id select_type table type possible_keys key key_len ref rows r_rows filtered r_f
1 SIMPLE t1 ALL NULL NULL NULL NULL 10 10.00 100.00 100.00 Using where 1 SIMPLE t1 ALL NULL NULL NULL NULL 10 10.00 100.00 100.00 Using where
1 SIMPLE t2 ref a a 5 test.t1.a 2 0.20 100.00 100.00 Using index 1 SIMPLE t2 ref a a 5 test.t1.a 2 0.20 100.00 100.00 Using index
drop table t1,t2; drop table t1,t2;
#
# MDEV-7025 and MDEV-7027 ANALYZE SELECT/INSERT/UPDATE/DELETE from a
# view does not check access permissions on the underlying table
#
create database db;
use db;
create table t1 (i int, c varchar(8));
insert into t1 values (1,'foo'),(2,'bar'),(3,'baz'),(4,'qux');
create view v1 as select * from t1 where i > 1;
grant ALL on db.v1 to u1@localhost;
connect con1,localhost,u1,,;
select * from db.t1;
ERROR 42000: SELECT command denied to user 'u1'@'localhost' for table 't1'
explain select * from db.t1;
ERROR 42000: SELECT command denied to user 'u1'@'localhost' for table 't1'
analyze select * from db.t1;
ERROR 42000: SELECT command denied to user 'u1'@'localhost' for table 't1'
select * from db.v1;
i c
2 bar
3 baz
4 qux
explain select * from db.v1;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
analyze select * from db.v1;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
UPDATE db.v1 SET i = 5;
explain UPDATE db.v1 SET i = 5;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
analyze UPDATE db.v1 SET i = 5;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
DELETE FROM db.v1 WHERE i = 5;
explain DELETE FROM db.v1 WHERE i = 5;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
analyze DELETE FROM db.v1 WHERE i = 5;
ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
disconnect con1;
connection default;
drop user u1@localhost;
drop database db;
...@@ -140,7 +140,7 @@ REVOKE ALL PRIVILEGES ON privtest_db.t1 FROM 'privtest'@'localhost'; ...@@ -140,7 +140,7 @@ REVOKE ALL PRIVILEGES ON privtest_db.t1 FROM 'privtest'@'localhost';
CREATE VIEW privtest_db.v1 (a) AS SELECT a FROM privtest_db.t1; CREATE VIEW privtest_db.v1 (a) AS SELECT a FROM privtest_db.t1;
GRANT SELECT, INSERT, UPDATE, DELETE ON privtest_db.v1 TO 'privtest'@'localhost'; GRANT SELECT, INSERT, UPDATE, DELETE ON privtest_db.v1 TO 'privtest'@'localhost';
EXPLAIN SELECT * FROM v1; EXPLAIN SELECT * FROM v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
SELECT * FROM v1; SELECT * FROM v1;
a a
11 11
...@@ -150,28 +150,28 @@ a ...@@ -150,28 +150,28 @@ a
4 4
4 4
EXPLAIN INSERT INTO v1 VALUES (10); EXPLAIN INSERT INTO v1 VALUES (10);
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
INSERT INTO v1 VALUES (10); INSERT INTO v1 VALUES (10);
EXPLAIN INSERT INTO v1 SELECT * FROM t2; EXPLAIN INSERT INTO v1 SELECT * FROM t2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
INSERT INTO v1 SELECT * FROM t2; INSERT INTO v1 SELECT * FROM t2;
EXPLAIN REPLACE INTO v1 VALUES (10); EXPLAIN REPLACE INTO v1 VALUES (10);
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
REPLACE INTO v1 VALUES (10); REPLACE INTO v1 VALUES (10);
EXPLAIN REPLACE INTO v1 SELECT * FROM t2; EXPLAIN REPLACE INTO v1 SELECT * FROM t2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
REPLACE INTO v1 SELECT * FROM t2; REPLACE INTO v1 SELECT * FROM t2;
EXPLAIN UPDATE v1 SET a = a + 1; EXPLAIN UPDATE v1 SET a = a + 1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
UPDATE v1 SET a = a + 1; UPDATE v1 SET a = a + 1;
EXPLAIN UPDATE v1, t2 SET v1.a = v1.a + 1 WHERE v1.a = t2.a; EXPLAIN UPDATE v1, t2 SET v1.a = v1.a + 1 WHERE v1.a = t2.a;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
UPDATE v1, t2 SET v1.a = v1.a + 1 WHERE v1.a = t2.a; UPDATE v1, t2 SET v1.a = v1.a + 1 WHERE v1.a = t2.a;
EXPLAIN DELETE FROM v1 WHERE a = 10; EXPLAIN DELETE FROM v1 WHERE a = 10;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
DELETE FROM v1 WHERE a = 10; DELETE FROM v1 WHERE a = 10;
EXPLAIN DELETE FROM v1 USING v1, t2 WHERE v1.a = t2.a; EXPLAIN DELETE FROM v1 USING v1, t2 WHERE v1.a = t2.a;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
DELETE FROM v1 USING v1, t2 WHERE v1.a = t2.a; DELETE FROM v1 USING v1, t2 WHERE v1.a = t2.a;
DROP USER 'privtest'@localhost; DROP USER 'privtest'@localhost;
USE test; USE test;
......
...@@ -240,7 +240,7 @@ where table_schema = 'mysqltest' and table_name = 'v1'; ...@@ -240,7 +240,7 @@ where table_schema = 'mysqltest' and table_name = 'v1';
table_name column_name privileges table_name column_name privileges
v1 c select v1 c select
explain select * from v1; explain select * from v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
drop view v1, mysqltest.v1; drop view v1, mysqltest.v1;
drop tables mysqltest.t4, mysqltest.t1, t2, t3, t5; drop tables mysqltest.t4, mysqltest.t1, t2, t3, t5;
drop database mysqltest; drop database mysqltest;
......
...@@ -91,19 +91,19 @@ Field Type Null Key Default Extra ...@@ -91,19 +91,19 @@ Field Type Null Key Default Extra
c bigint(12) YES NULL c bigint(12) YES NULL
d bigint(12) YES NULL d bigint(12) YES NULL
explain select c from mysqltest.v1; explain select c from mysqltest.v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v1; show create view mysqltest.v1;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1'
explain select c from mysqltest.v2; explain select c from mysqltest.v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v2; show create view mysqltest.v2;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
explain select c from mysqltest.v3; explain select c from mysqltest.v3;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v3; show create view mysqltest.v3;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3'
explain select c from mysqltest.v4; explain select c from mysqltest.v4;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v4; show create view mysqltest.v4;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4'
explain select c from mysqltest.v5; explain select c from mysqltest.v5;
...@@ -115,7 +115,7 @@ show create view mysqltest.v5; ...@@ -115,7 +115,7 @@ show create view mysqltest.v5;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v5` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci v5 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v5` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci
explain select c from mysqltest.v1; explain select c from mysqltest.v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v1; show create view mysqltest.v1;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v1'
grant show view on mysqltest.v1 to mysqltest_1@localhost; grant show view on mysqltest.v1 to mysqltest_1@localhost;
...@@ -128,15 +128,15 @@ show create view mysqltest.v1; ...@@ -128,15 +128,15 @@ show create view mysqltest.v1;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci v1 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v1` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci
explain select c from mysqltest.v2; explain select c from mysqltest.v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v2; show create view mysqltest.v2;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v2'
explain select c from mysqltest.v3; explain select c from mysqltest.v3;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v3; show create view mysqltest.v3;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v3'
explain select c from mysqltest.v4; explain select c from mysqltest.v4;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v4; show create view mysqltest.v4;
ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4' ERROR 42000: SHOW VIEW command denied to user 'mysqltest_1'@'localhost' for table 'v4'
explain select c from mysqltest.v5; explain select c from mysqltest.v5;
...@@ -156,12 +156,12 @@ show create view mysqltest.v2; ...@@ -156,12 +156,12 @@ show create view mysqltest.v2;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci v2 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v2` AS select (`mysqltest`.`t1`.`a` + 1) AS `c`,(`mysqltest`.`t1`.`b` + 1) AS `d` from `mysqltest`.`t1` latin1 latin1_swedish_ci
explain select c from mysqltest.v3; explain select c from mysqltest.v3;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v3; show create view mysqltest.v3;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v3` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci
explain select c from mysqltest.v4; explain select c from mysqltest.v4;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
show create view mysqltest.v4; show create view mysqltest.v4;
View Create View character_set_client collation_connection View Create View character_set_client collation_connection
v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci v4 CREATE ALGORITHM=TEMPTABLE DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `mysqltest`.`v4` AS select (`mysqltest`.`t2`.`a` + 1) AS `c`,(`mysqltest`.`t2`.`b` + 1) AS `d` from `mysqltest`.`t2` latin1 latin1_swedish_ci
...@@ -1027,7 +1027,7 @@ grant select, show view on mysqltest1.v1 to quintessa@localhost; ...@@ -1027,7 +1027,7 @@ grant select, show view on mysqltest1.v1 to quintessa@localhost;
select * from v1; select * from v1;
i i
explain select * from v1; explain select * from v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as cecil ... as cecil
select * from v1; select * from v1;
ERROR 42000: SELECT command denied to user 'cecil'@'localhost' for table 'v1' ERROR 42000: SELECT command denied to user 'cecil'@'localhost' for table 'v1'
...@@ -1043,7 +1043,7 @@ id select_type table type possible_keys key key_len ref rows Extra ...@@ -1043,7 +1043,7 @@ id select_type table type possible_keys key key_len ref rows Extra
select * from v1; select * from v1;
i i
explain select * from v1; explain select * from v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as fiona ... as fiona
select * from v2; select * from v2;
i j i j
...@@ -1057,14 +1057,14 @@ ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table 'v1' ...@@ -1057,14 +1057,14 @@ ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table 'v1'
explain select * from t2; explain select * from t2;
ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table 't2' ERROR 42000: SELECT command denied to user 'fiona'@'localhost' for table 't2'
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as greg ... as greg
select * from v2; select * from v2;
i j i j
explain select * from v1; explain select * from v1;
ERROR 42000: SELECT command denied to user 'greg'@'localhost' for table 'v1' ERROR 42000: SELECT command denied to user 'greg'@'localhost' for table 'v1'
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as han ... as han
select * from t3; select * from t3;
ERROR 42000: SELECT command denied to user 'han'@'localhost' for table 't3' ERROR 42000: SELECT command denied to user 'han'@'localhost' for table 't3'
...@@ -1084,17 +1084,17 @@ id select_type table type possible_keys key key_len ref rows Extra ...@@ -1084,17 +1084,17 @@ id select_type table type possible_keys key key_len ref rows Extra
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as jamie ... as jamie
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as karl ... as karl
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as lena ... as lena
select * from v2; select * from v2;
ERROR 42000: SELECT command denied to user 'lena'@'localhost' for table 'v2' ERROR 42000: SELECT command denied to user 'lena'@'localhost' for table 'v2'
...@@ -1111,22 +1111,22 @@ id select_type table type possible_keys key key_len ref rows Extra ...@@ -1111,22 +1111,22 @@ id select_type table type possible_keys key key_len ref rows Extra
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as olga ... as olga
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as pjotr ... as pjotr
select * from v2; select * from v2;
i j i j
explain select * from v2; explain select * from v2;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as quintessa ... as quintessa
select * from v1; select * from v1;
i i
explain select * from v1; explain select * from v1;
ERROR HY000: EXPLAIN/SHOW can not be issued; lacking privileges for underlying table ERROR HY000: ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table
... as root again at last: clean-up time! ... as root again at last: clean-up time!
drop user alice@localhost; drop user alice@localhost;
drop user bob@localhost; drop user bob@localhost;
......
...@@ -259,3 +259,49 @@ analyze select * from t1 straight_join t2 force index(a) where t2.a=t1.a; ...@@ -259,3 +259,49 @@ analyze select * from t1 straight_join t2 force index(a) where t2.a=t1.a;
drop table t1,t2; drop table t1,t2;
# Analyze <statement> privilege checks testcase.
--echo #
--echo # MDEV-7025 and MDEV-7027 ANALYZE SELECT/INSERT/UPDATE/DELETE from a
--echo # view does not check access permissions on the underlying table
--echo #
--enable_connect_log
create database db;
use db;
create table t1 (i int, c varchar(8));
insert into t1 values (1,'foo'),(2,'bar'),(3,'baz'),(4,'qux');
create view v1 as select * from t1 where i > 1;
grant ALL on db.v1 to u1@localhost;
--connect (con1,localhost,u1,,)
--error ER_TABLEACCESS_DENIED_ERROR
select * from db.t1;
--error ER_TABLEACCESS_DENIED_ERROR
explain select * from db.t1;
--error ER_TABLEACCESS_DENIED_ERROR
analyze select * from db.t1;
select * from db.v1;
--error ER_VIEW_NO_EXPLAIN
explain select * from db.v1;
--error ER_VIEW_NO_EXPLAIN
analyze select * from db.v1;
UPDATE db.v1 SET i = 5;
--error ER_VIEW_NO_EXPLAIN
explain UPDATE db.v1 SET i = 5;
--error ER_VIEW_NO_EXPLAIN
analyze UPDATE db.v1 SET i = 5;
DELETE FROM db.v1 WHERE i = 5;
--error ER_VIEW_NO_EXPLAIN
explain DELETE FROM db.v1 WHERE i = 5;
--error ER_VIEW_NO_EXPLAIN
analyze DELETE FROM db.v1 WHERE i = 5;
--disconnect con1
--connection default
drop user u1@localhost;
drop database db;
...@@ -5194,10 +5194,10 @@ ER_FPARSER_EOF_IN_UNKNOWN_PARAMETER ...@@ -5194,10 +5194,10 @@ ER_FPARSER_EOF_IN_UNKNOWN_PARAMETER
rus "Неожиданный конец файла при пропуске неизвестного параметра '%-.192s'" rus "Неожиданный конец файла при пропуске неизвестного параметра '%-.192s'"
ukr "Несподіванний кінець файлу у спробі проминути невідомий параметр '%-.192s'" ukr "Несподіванний кінець файлу у спробі проминути невідомий параметр '%-.192s'"
ER_VIEW_NO_EXPLAIN ER_VIEW_NO_EXPLAIN
eng "EXPLAIN/SHOW can not be issued; lacking privileges for underlying table" eng "ANALYZE/EXPLAIN/SHOW can not be issued; lacking privileges for underlying table"
ger "EXPLAIN/SHOW kann nicht verlangt werden. Rechte für zugrunde liegende Tabelle fehlen" ger "ANALYZE/EXPLAIN/SHOW kann nicht verlangt werden. Rechte für zugrunde liegende Tabelle fehlen"
rus "EXPLAIN/SHOW не может быть выполнено; недостаточно прав на таблицы запроса" rus "ANALYZE/EXPLAIN/SHOW не может быть выполнено; недостаточно прав на таблицы запроса"
ukr "EXPLAIN/SHOW не може бути виконано; немає прав на таблиці запиту" ukr "ANALYZE/EXPLAIN/SHOW не може бути виконано; немає прав на таблиці запиту"
ER_FRM_UNKNOWN_TYPE ER_FRM_UNKNOWN_TYPE
eng "File '%-.192s' has unknown type '%-.64s' in its header" eng "File '%-.192s' has unknown type '%-.64s' in its header"
ger "Datei '%-.192s' hat unbekannten Typ '%-.64s' im Header" ger "Datei '%-.192s' hat unbekannten Typ '%-.64s' im Header"
......
...@@ -1292,11 +1292,12 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table, ...@@ -1292,11 +1292,12 @@ bool mysql_make_view(THD *thd, File_parser *parser, TABLE_LIST *table,
Security_context *security_ctx= 0; Security_context *security_ctx= 0;
/* /*
Check rights to run commands (EXPLAIN SELECT & SHOW CREATE) which show Check rights to run commands (ANALYZE SELECT, EXPLAIN SELECT &
underlying tables. SHOW CREATE) which show underlying tables.
Skip this step if we are opening view for prelocking only. Skip this step if we are opening view for prelocking only.
*/ */
if (!table->prelocking_placeholder && (old_lex->describe)) if (!table->prelocking_placeholder && (old_lex->describe ||
old_lex->analyze_stmt))
{ {
/* /*
The user we run EXPLAIN as (either the connected user who issued The user we run EXPLAIN as (either the connected user who issued
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment