Merge bk@192.168.21.1:mysql-5.0-opt

into mysql.com:/home/hf/work/27957/my50-27957

Merge bk@192.168.21.1:mysql-5.0-opt
into mysql.com:/home/hf/work/27957/my50-27957
6fe0f52d · holyfoot/hf@mysql.com/hfmain.(none) · 17265468 · 9a427d8d · 6fe0f52d · 6fe0f52d
Commit 6fe0f52d authored May 12, 2007 by holyfoot/hf@mysql.com/hfmain.(none)
Showing with 50 additions and 4 deletions

mysql-test/r/grant.result mysql-test/r/grant.result +19 -0

mysql-test/t/grant.test mysql-test/t/grant.test +25 -0

sql/sql_prepare.cc sql/sql_prepare.cc +3 -2

sql/sql_update.cc sql/sql_update.cc +3 -2

No files found.
--- a/mysql-test/r/grant.result
+++ b/mysql-test/r/grant.result
@@ -1105,4 +1105,23 @@ ERROR 42000: SELECT command denied to user 'mysqltest_2'@'localhost' for table '
 DROP DATABASE mysqltest1;
 DROP DATABASE mysqltest2;
 DROP USER mysqltest_1@localhost;
+use test;
+CREATE TABLE t1 (f1 int, f2 int);
+INSERT INTO t1 VALUES(1,1), (2,2);
+CREATE DATABASE db27878;
+GRANT UPDATE(f1) ON t1 TO 'mysqltest_1'@'localhost';
+GRANT SELECT ON `test`.* TO 'mysqltest_1'@'localhost';
+GRANT ALL ON db27878.* TO 'mysqltest_1'@'localhost';
+use db27878;
+CREATE SQL SECURITY INVOKER VIEW db27878.v1 AS SELECT * FROM test.t1;
+use db27878;
+UPDATE v1 SET f2 = 4;
+ERROR HY000: View 'db27878.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
+SELECT * FROM test.t1;
+f1	f2
+1	1
+2	2
+DROP VIEW v1;
+use test;
+DROP TABLE t1;
 End of 5.0 tests
--- a/mysql-test/t/grant.test
+++ b/mysql-test/t/grant.test
@@ -413,6 +413,7 @@ connect (user1,localhost,mysqltest_1,,mysqltest,$MASTER_MYPORT,$MASTER_MYSOCK);
 connection user1;
 -- error 1142
 alter table t1 rename t2;
+disconnect user1;
 connection root;
 revoke all privileges on mysqltest.t1 from mysqltest_1@localhost;
 delete from mysql.user where user=_binary'mysqltest_1';
@@ -1122,5 +1123,29 @@ DROP DATABASE mysqltest2;

 DROP USER mysqltest_1@localhost;

+#
+# Bug#27878: Unchecked privileges on a view referring to a table from another 
+#            database.
+#
+use test;
+CREATE TABLE t1 (f1 int, f2 int);
+INSERT INTO t1 VALUES(1,1), (2,2);
+CREATE DATABASE db27878;
+GRANT UPDATE(f1) ON t1 TO 'mysqltest_1'@'localhost';
+GRANT SELECT ON `test`.* TO 'mysqltest_1'@'localhost';
+GRANT ALL ON db27878.* TO 'mysqltest_1'@'localhost';
+use db27878;
+CREATE SQL SECURITY INVOKER VIEW db27878.v1 AS SELECT * FROM test.t1;
+connect (user1,localhost,mysqltest_1,,test);
+connection user1;
+use db27878;
+--error 1356
+UPDATE v1 SET f2 = 4;
+SELECT * FROM test.t1;
+disconnect user1;
+connection default;
+DROP VIEW v1;
+use test;
+DROP TABLE t1;

 --echo End of 5.0 tests
--- a/sql/sql_prepare.cc
+++ b/sql/sql_prepare.cc
@@ -1164,8 +1164,9 @@ static int mysql_test_update(Prepared_statement *stmt,
    goto error;

 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  /* TABLE_LIST contain right privilages request */
-  want_privilege= table_list->grant.want_privilege;
+  /* Force privilege re-checking for views after they have been opened. */
+  want_privilege= (table_list->view ? UPDATE_ACL :
+                   table_list->grant.want_privilege);
 #endif

  if (mysql_prepare_update(thd, table_list, &select->where,

--- a/sql/sql_update.cc
+++ b/sql/sql_update.cc
@@ -173,8 +173,9 @@ int mysql_update(THD *thd,
  table->quick_keys.clear_all();

 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  /* TABLE_LIST contain right privilages request */
-  want_privilege= table_list->grant.want_privilege;
+  /* Force privilege re-checking for views after they have been opened. */
+  want_privilege= (table_list->view ? UPDATE_ACL :
+                   table_list->grant.want_privilege);
 #endif
  if (mysql_prepare_update(thd, table_list, &conds, order_num, order))
    DBUG_RETURN(1);