Bug#16681 information_schema shows forbidden VIEW details

show view definition to users that have the needed privilleges mysql-test/r/information_schema.result: Bug#16681 information_schema shows forbidden VIEW details test case mysql-test/t/information_schema.test: Bug#16681 information_schema shows forbidden VIEW details test case

Bug#16681 information_schema shows forbidden VIEW details
show view definition to users that have the needed privilleges mysql-test/r/information_schema.result: Bug#16681 information_schema shows forbidden VIEW details test case mysql-test/t/information_schema.test: Bug#16681 information_schema shows forbidden VIEW details test case
2d98d243 · unknown · 0792cd92 · 2d98d243 · 2d98d243 · 2d98d243
Commit 2d98d243 authored May 23, 2006 by unknown
Showing with 57 additions and 3 deletions

mysql-test/r/information_schema.result mysql-test/r/information_schema.result +13 -0

mysql-test/t/information_schema.test mysql-test/t/information_schema.test +19 -0

sql/sql_show.cc sql/sql_show.cc +25 -3

No files found.
--- a/mysql-test/r/information_schema.result
+++ b/mysql-test/r/information_schema.result
@@ -1108,3 +1108,16 @@ routine_name

 delete from proc where name='';
 use test;
+grant select on test.* to mysqltest_1@localhost;
+create table t1 (id int);
+create view v1 as select * from t1;
+create definer = mysqltest_1@localhost
+sql security definer view v2 as select 1;
+select * from information_schema.views
+where table_name='v1' or table_name='v2';
+TABLE_CATALOG	TABLE_SCHEMA	TABLE_NAME	VIEW_DEFINITION	CHECK_OPTION	IS_UPDATABLE	DEFINER	SECURITY_TYPE
+NULL	test	v1		NONE	YES	root@localhost	DEFINER
+NULL	test	v2	select 1 AS `1`	NONE	NO	mysqltest_1@localhost	DEFINER
+drop view v1, v2;
+drop table t1;
+drop user mysqltest_1@localhost;
--- a/mysql-test/t/information_schema.test
+++ b/mysql-test/t/information_schema.test
@@ -822,3 +822,22 @@ INSERT INTO `proc` VALUES ('test','','PROCEDURE','','SQL','CONTAINS_SQL',
 select routine_name from information_schema.routines;
 delete from proc where name='';
 use test;
+
+#
+# Bug#16681 information_schema shows forbidden VIEW details
+#
+grant select on test.* to mysqltest_1@localhost;
+create table t1 (id int);
+create view v1 as select * from t1;
+create definer = mysqltest_1@localhost
+sql security definer view v2 as select 1;
+
+connect (con16681,localhost,mysqltest_1,,test);
+connection con16681;
+
+select * from information_schema.views
+where table_name='v1' or table_name='v2';
+connection default;
+drop view v1, v2;
+drop table t1;
+drop user mysqltest_1@localhost;
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -3076,11 +3076,33 @@ static int get_schema_views_record(THD *thd, struct st_table_list *tables,

  if (tables->view)
  {
+    Security_context *sctx= thd->security_ctx;
+    ulong grant= SHOW_VIEW_ACL;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+    char *save_table_name= tables->table_name;
+    if (!my_strcasecmp(system_charset_info, tables->definer.user.str,
+                       sctx->priv_user) &&
+        !my_strcasecmp(system_charset_info, tables->definer.host.str,
+                       sctx->priv_host))
+      grant= SHOW_VIEW_ACL;
+    else
+    {
+      tables->table_name= tables->view_name.str;
+      if (check_access(thd, SHOW_VIEW_ACL , base_name,
+                       &tables->grant.privilege, 0, 1,
+                       test(tables->schema_table)))
+        grant= get_table_grant(thd, tables);
+      else
+        grant= tables->grant.privilege;
+    }
+    tables->table_name= save_table_name;
+#endif
+
    restore_record(table, s->default_values);
    table->field[1]->store(tables->view_db.str, tables->view_db.length, cs);
-    table->field[2]->store(tables->view_name.str, tables->view_name.length,
-                           cs);
-    table->field[3]->store(tables->query.str, tables->query.length, cs);
+    table->field[2]->store(tables->view_name.str, tables->view_name.length, cs);
+    if (grant & SHOW_VIEW_ACL)
+      table->field[3]->store(tables->query.str, tables->query.length, cs);

    if (tables->with_check != VIEW_CHECK_NONE)
    {