Commit 620438fd authored by Georgi Kodinov's avatar Georgi Kodinov

backport the fix for bug #37191 to 5.1-bugteam

parent e60b9650
...@@ -956,6 +956,27 @@ Warnings: ...@@ -956,6 +956,27 @@ Warnings:
Warning 1356 View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them Warning 1356 View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
DROP VIEW v1; DROP VIEW v1;
DROP TABLE t1; DROP TABLE t1;
CREATE USER mysqluser1@localhost;
CREATE DATABASE mysqltest1;
USE mysqltest1;
CREATE TABLE t1 ( a INT );
CREATE TABLE t2 ( b INT );
INSERT INTO t1 VALUES (1), (2);
INSERT INTO t2 VALUES (1), (2);
GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
GRANT SELECT ON t1 TO mysqluser1@localhost;
GRANT INSERT ON t2 TO mysqluser1@localhost;
This would lead to failed assertion.
CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
SELECT * FROM v1;
ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
SELECT b FROM v1;
ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
DROP TABLE t1, t2;
DROP VIEW v1;
DROP DATABASE mysqltest1;
DROP USER mysqluser1@localhost;
USE test;
End of 5.1 tests. End of 5.1 tests.
CREATE USER mysqluser1@localhost; CREATE USER mysqluser1@localhost;
CREATE DATABASE mysqltest1; CREATE DATABASE mysqltest1;
......
...@@ -1218,6 +1218,44 @@ SHOW CREATE VIEW v1; ...@@ -1218,6 +1218,44 @@ SHOW CREATE VIEW v1;
DROP VIEW v1; DROP VIEW v1;
DROP TABLE t1; DROP TABLE t1;
#
# Bug#37191: Failed assertion in CREATE VIEW
#
CREATE USER mysqluser1@localhost;
CREATE DATABASE mysqltest1;
USE mysqltest1;
CREATE TABLE t1 ( a INT );
CREATE TABLE t2 ( b INT );
INSERT INTO t1 VALUES (1), (2);
INSERT INTO t2 VALUES (1), (2);
GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
GRANT SELECT ON t1 TO mysqluser1@localhost;
GRANT INSERT ON t2 TO mysqluser1@localhost;
--connect (connection1, localhost, mysqluser1, , mysqltest1)
--echo This would lead to failed assertion.
CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
--error ER_TABLEACCESS_DENIED_ERROR
SELECT * FROM v1;
--error ER_TABLEACCESS_DENIED_ERROR
SELECT b FROM v1;
--disconnect connection1
--connection default
DROP TABLE t1, t2;
DROP VIEW v1;
DROP DATABASE mysqltest1;
DROP USER mysqluser1@localhost;
USE test;
--echo End of 5.1 tests. --echo End of 5.1 tests.
# #
......
...@@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, ...@@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
fill_effective_table_privileges(thd, &view->grant, view->db, fill_effective_table_privileges(thd, &view->grant, view->db,
view->table_name); view->table_name);
/*
Make sure that the current user does not have more column-level privileges
on the newly created view than he/she does on the underlying
tables. E.g. it must not be so that the user has UPDATE privileges on a
view column of he/she doesn't have it on the underlying table's
corresponding column. In that case, return an error for CREATE VIEW.
*/
{ {
Item *report_item= NULL; Item *report_item= NULL;
/*
This will hold the intersection of the priviliges on all columns in the
view.
*/
uint final_priv= VIEW_ANY_ACL; uint final_priv= VIEW_ANY_ACL;
for (sl= select_lex; sl; sl= sl->next_select()) for (sl= select_lex; sl; sl= sl->next_select())
{
DBUG_ASSERT(view->db); /* Must be set in the parser */
List_iterator_fast<Item> it(sl->item_list);
Item *item;
while ((item= it++))
{ {
DBUG_ASSERT(view->db); /* Must be set in the parser */
List_iterator_fast<Item> it(sl->item_list);
Item *item;
while ((item= it++))
{
Item_field *fld= item->filed_for_view_update(); Item_field *fld= item->filed_for_view_update();
uint priv= (get_column_grant(thd, &view->grant, view->db, uint priv= (get_column_grant(thd, &view->grant, view->db,
view->table_name, item->name) & view->table_name, item->name) &
VIEW_ANY_ACL); VIEW_ANY_ACL);
if (fld && !fld->field->table->s->tmp_table) if (fld && !fld->field->table->s->tmp_table)
{ {
final_priv&= fld->have_privileges; final_priv&= fld->have_privileges;
if (~fld->have_privileges & priv) if (~fld->have_privileges & priv)
...@@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views, ...@@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
} }
} }
} }
if (!final_priv) if (!final_priv && report_item)
{ {
DBUG_ASSERT(report_item); my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
"create view", thd->security_ctx->priv_user,
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
"create view", thd->security_ctx->priv_user,
thd->security_ctx->priv_host, report_item->name, thd->security_ctx->priv_host, report_item->name,
view->table_name); view->table_name);
res= TRUE; res= TRUE;
goto err; goto err;
} }
} }
#endif #endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment