Fixing check_access() not to be inlined in case of

embedded server, to make connect engine work with embedded server dynamically. modified: sql/sql_parse.cc sql/sql_parse.h

Fixing check_access() not to be inlined in case of
embedded server, to make connect engine work with embedded server dynamically. modified: sql/sql_parse.cc sql/sql_parse.h
39752566 · Alexander Barkov · 89bafdf4 · 39752566 · 39752566
Commit 39752566 authored Apr 18, 2013 by Alexander Barkov
Hide whitespace changes
Inline Side-by-side

Showing with 109 additions and 104 deletions

sql/sql_parse.cc sql/sql_parse.cc +100 -94

sql/sql_parse.h sql/sql_parse.h +9 -10

No files found.
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -5074,100 +5074,6 @@ static bool execute_rename_table(THD *thd, TABLE_LIST *first_table,
 }


-#ifndef NO_EMBEDDED_ACCESS_CHECKS
-/**
-  Check grants for commands which work only with one table.
-
-  @param thd                    Thread handler
-  @param privilege              requested privilege
-  @param all_tables             global table list of query
-  @param no_errors              FALSE/TRUE - report/don't report error to
-                            the client (using my_error() call).
-
-  @retval
-    0   OK
-  @retval
-    1   access denied, error is sent to client
-*/
-
-bool check_single_table_access(THD *thd, ulong privilege, 
-                               TABLE_LIST *all_tables, bool no_errors)
-{
-  Security_context * backup_ctx= thd->security_ctx;
-
-  /* we need to switch to the saved context (if any) */
-  if (all_tables->security_ctx)
-    thd->security_ctx= all_tables->security_ctx;
-
-  const char *db_name;
-  if ((all_tables->view || all_tables->field_translation) &&
-      !all_tables->schema_table)
-    db_name= all_tables->view_db.str;
-  else
-    db_name= all_tables->db;
-
-  if (check_access(thd, privilege, db_name,
-                   &all_tables->grant.privilege,
-                   &all_tables->grant.m_internal,
-                   0, no_errors))
-    goto deny;
-
-  /* Show only 1 table for check_grant */
-  if (!(all_tables->belong_to_view &&
-        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
-      check_grant(thd, privilege, all_tables, FALSE, 1, no_errors))
-    goto deny;
-
-  thd->security_ctx= backup_ctx;
-  return 0;
-
-deny:
-  thd->security_ctx= backup_ctx;
-  return 1;
-}
-
-/**
-  Check grants for commands which work only with one table and all other
-  tables belonging to subselects or implicitly opened tables.
-
-  @param thd			Thread handler
-  @param privilege		requested privilege
-  @param all_tables		global table list of query
-
-  @retval
-    0   OK
-  @retval
-    1   access denied, error is sent to client
-*/
-
-bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
-{
-  if (check_single_table_access (thd,privilege,all_tables, FALSE))
-    return 1;
-
-  /* Check rights on tables of subselects and implictly opened tables */
-  TABLE_LIST *subselects_tables, *view= all_tables->view ? all_tables : 0;
-  if ((subselects_tables= all_tables->next_global))
-  {
-    /*
-      Access rights asked for the first table of a view should be the same
-      as for the view
-    */
-    if (view && subselects_tables->belong_to_view == view)
-    {
-      if (check_single_table_access (thd, privilege, subselects_tables, FALSE))
-        return 1;
-      subselects_tables= subselects_tables->next_global;
-    }
-    if (subselects_tables &&
-        (check_table_access(thd, SELECT_ACL, subselects_tables, FALSE,
-                            UINT_MAX, FALSE)))
-      return 1;
-  }
-  return 0;
-}
-
-
 /**
  @brief Compare requested privileges with the privileges acquired from the
    User- and Db-tables.
@@ -5200,6 +5106,11 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
             GRANT_INTERNAL_INFO *grant_internal_info,
             bool dont_check_global_grants, bool no_errors)
 {
+#ifdef NO_EMBEDDED_ACCESS_CHECKS
+  if (save_priv)
+    *save_priv= GLOBAL_ACLS;
+  return false;
+#else
  Security_context *sctx= thd->security_ctx;
  ulong db_access;

@@ -5378,6 +5289,101 @@ check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
                         "unknown")));
  }
  DBUG_RETURN(TRUE);
+#endif // NO_EMBEDDED_ACCESS_CHECKS
+}
+
+
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+/**
+  Check grants for commands which work only with one table.
+
+  @param thd                    Thread handler
+  @param privilege              requested privilege
+  @param all_tables             global table list of query
+  @param no_errors              FALSE/TRUE - report/don't report error to
+                            the client (using my_error() call).
+
+  @retval
+    0   OK
+  @retval
+    1   access denied, error is sent to client
+*/
+
+bool check_single_table_access(THD *thd, ulong privilege, 
+                               TABLE_LIST *all_tables, bool no_errors)
+{
+  Security_context * backup_ctx= thd->security_ctx;
+
+  /* we need to switch to the saved context (if any) */
+  if (all_tables->security_ctx)
+    thd->security_ctx= all_tables->security_ctx;
+
+  const char *db_name;
+  if ((all_tables->view || all_tables->field_translation) &&
+      !all_tables->schema_table)
+    db_name= all_tables->view_db.str;
+  else
+    db_name= all_tables->db;
+
+  if (check_access(thd, privilege, db_name,
+                   &all_tables->grant.privilege,
+                   &all_tables->grant.m_internal,
+                   0, no_errors))
+    goto deny;
+
+  /* Show only 1 table for check_grant */
+  if (!(all_tables->belong_to_view &&
+        (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
+      check_grant(thd, privilege, all_tables, FALSE, 1, no_errors))
+    goto deny;
+
+  thd->security_ctx= backup_ctx;
+  return 0;
+
+deny:
+  thd->security_ctx= backup_ctx;
+  return 1;
+}
+
+/**
+  Check grants for commands which work only with one table and all other
+  tables belonging to subselects or implicitly opened tables.
+
+  @param thd			Thread handler
+  @param privilege		requested privilege
+  @param all_tables		global table list of query
+
+  @retval
+    0   OK
+  @retval
+    1   access denied, error is sent to client
+*/
+
+bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
+{
+  if (check_single_table_access (thd,privilege,all_tables, FALSE))
+    return 1;
+
+  /* Check rights on tables of subselects and implictly opened tables */
+  TABLE_LIST *subselects_tables, *view= all_tables->view ? all_tables : 0;
+  if ((subselects_tables= all_tables->next_global))
+  {
+    /*
+      Access rights asked for the first table of a view should be the same
+      as for the view
+    */
+    if (view && subselects_tables->belong_to_view == view)
+    {
+      if (check_single_table_access (thd, privilege, subselects_tables, FALSE))
+        return 1;
+      subselects_tables= subselects_tables->next_global;
+    }
+    if (subselects_tables &&
+        (check_table_access(thd, SELECT_ACL, subselects_tables, FALSE,
+                            UINT_MAX, FALSE)))
+      return 1;
+  }
+  return 0;
 }



--- a/sql/sql_parse.h
+++ b/sql/sql_parse.h
@@ -147,6 +147,15 @@ inline bool check_identifier_name(LEX_STRING *str)
  return check_identifier_name(str, NAME_CHAR_LEN, 0, "");
 }

+
+/*
+  check_access() is needed for the connect engine.
+  It cannot be inlined - it must be exported.
+*/
+bool check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
+                  GRANT_INTERNAL_INFO *grant_internal_info,
+                  bool dont_check_global_grants, bool no_errors);
+
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
 bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *tables);
 bool check_single_table_access(THD *thd, ulong privilege,
@@ -155,9 +164,6 @@ bool check_routine_access(THD *thd,ulong want_access,char *db,char *name,
 			  bool is_proc, bool no_errors);
 bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table);
 bool check_some_routine_access(THD *thd, const char *db, const char *name, bool is_proc);
-bool check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv,
-                  GRANT_INTERNAL_INFO *grant_internal_info,
-                  bool dont_check_global_grants, bool no_errors);
 bool check_table_access(THD *thd, ulong requirements,TABLE_LIST *tables,
                        bool any_combination_of_privileges_will_do,
                        uint number,
@@ -179,13 +185,6 @@ inline bool check_some_access(THD *thd, ulong want_access, TABLE_LIST *table)
 inline bool check_some_routine_access(THD *thd, const char *db,
                                      const char *name, bool is_proc)
 { return false; }
-inline bool check_access(THD *, ulong, const char *, ulong *save_priv,
-                         GRANT_INTERNAL_INFO *, bool, bool)
-{
-  if (save_priv)
-    *save_priv= GLOBAL_ACLS;
-  return false;
-}
 inline bool
 check_table_access(THD *thd, ulong requirements,TABLE_LIST *tables,
                   bool any_combination_of_privileges_will_do,