Added syntax detection for the GRANT role TO {user | role } command.

Also added syntax for GRANT privilege TO { role } command

Added syntax detection for the GRANT role TO {user | role } command.
Also added syntax for GRANT privilege TO { role } command
d40d3566 · Vicențiu Ciorbaru · Sergei Golubchik · dcf76e65 · d40d3566 · d40d3566
Commit d40d3566 authored Oct 18, 2013 by Vicențiu Ciorbaru Committed by Sergei Golubchik Oct 18, 2013
Showing with 104 additions and 25 deletions

sql/mysqld.cc sql/mysqld.cc +1 -0

sql/sql_acl.cc sql/sql_acl.cc +2 -2

sql/sql_lex.h sql/sql_lex.h +1 -1

sql/sql_parse.cc sql/sql_parse.cc +8 -0

sql/sql_yacc.yy sql/sql_yacc.yy +92 -22

No files found.
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -3456,6 +3456,7 @@ SHOW_VAR com_status_vars[]= {
  {"execute_sql",          (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_EXECUTE]), SHOW_LONG_STATUS},
  {"flush",                (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_FLUSH]), SHOW_LONG_STATUS},
  {"grant",                (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
+  {"grant_role",           (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_GRANT]), SHOW_LONG_STATUS},
  {"ha_close",             (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_CLOSE]), SHOW_LONG_STATUS},
  {"ha_open",              (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_OPEN]), SHOW_LONG_STATUS},
  {"ha_read",              (char*) offsetof(STATUS_VAR, com_stat[(uint) SQLCOM_HA_READ]), SHOW_LONG_STATUS},

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -2275,7 +2275,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
  role->flags|= ROLE_VISITED;

  (void) my_init_dynamic_array(&stack, sizeof(NODE_STATE), 20, 50, MYF(0));
-  push_dynamic(&stack, &state);
+  push_dynamic(&stack, (uchar*)&state);

  while (stack.elements)
  {
@@ -2343,7 +2343,7 @@ my_bool get_role_access(ACL_ROLE *role, ulong *access)
      neighbour->flags|= ROLE_VISITED;
      state.neigh_idx= 0;
      state.node_data= neighbour;
-      push_dynamic(&stack, &state);
+      push_dynamic(&stack, (uchar*)&state);
    }
    else
    {

--- a/sql/sql_lex.h
+++ b/sql/sql_lex.h
@@ -148,7 +148,7 @@ enum enum_sql_command {
  SQLCOM_SHOW_TRIGGERS,

  SQLCOM_LOAD,SQLCOM_SET_OPTION,SQLCOM_LOCK_TABLES,SQLCOM_UNLOCK_TABLES,
-  SQLCOM_GRANT,
+  SQLCOM_GRANT, SQLCOM_GRANT_ROLE,
  SQLCOM_CHANGE_DB, SQLCOM_CREATE_DB, SQLCOM_DROP_DB, SQLCOM_ALTER_DB,
  SQLCOM_REPAIR, SQLCOM_REPLACE, SQLCOM_REPLACE_SELECT,
  SQLCOM_CREATE_FUNCTION, SQLCOM_DROP_FUNCTION,

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -367,6 +367,7 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_RENAME_USER]=       CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_DROP_USER]=         CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_GRANT]=             CF_CHANGES_DATA;
+  sql_command_flags[SQLCOM_GRANT_ROLE]=        CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_REVOKE]=            CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_OPTIMIZE]=          CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_CREATE_FUNCTION]=   CF_CHANGES_DATA;
@@ -418,6 +419,7 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_REVOKE_ALL]=         CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_REVOKE]|=            CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_GRANT]|=             CF_AUTO_COMMIT_TRANS;
+  sql_command_flags[SQLCOM_GRANT_ROLE]|=        CF_AUTO_COMMIT_TRANS;

  sql_command_flags[SQLCOM_ASSIGN_TO_KEYCACHE]= CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_PRELOAD_KEYS]=       CF_AUTO_COMMIT_TRANS;
@@ -3877,6 +3879,12 @@ end_with_restore_list:
    }
    break;
  }
+  case SQLCOM_GRANT_ROLE:
+  {
+    /* TODO Implement grant */
+    my_ok(thd);
+    break;
+  }
 #endif /*!NO_EMBEDDED_ACCESS_CHECKS*/
  case SQLCOM_RESET:
    /*

--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -1459,6 +1459,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
        NCHAR_STRING opt_component key_cache_name
        sp_opt_label BIN_NUM label_ident TEXT_STRING_filesystem ident_or_empty
        opt_constraint constraint opt_ident opt_if_not_exists_ident
+        grant_role

 %type <lex_str_ptr>
        opt_table_alias
@@ -1569,7 +1570,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);

 %type <symbol> keyword keyword_sp

-%type <lex_user> user grant_user
+%type <lex_user> user specified_user grant_user role

 %type <charset>
        opt_collate
@@ -1623,6 +1624,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, ulong *yystacksize);
        opt_option opt_place
        opt_attribute opt_attribute_list attribute column_list column_list_id
        opt_column_list grant_privileges grant_ident grant_list grant_option
+        grant_list_with_roles
        object_privilege object_privilege_list user_list rename_list
        clear_privileges flush_options flush_option
        opt_with_read_lock flush_options_list
@@ -13153,24 +13155,8 @@ ident_or_text:
        | LEX_HOSTNAME { $$=$1;}
        ;

-user:
-          ident_or_text
-          {
-            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
-              MYSQL_YYABORT;
-            $$->user = $1;
-            $$->host.str= (char *) "%";
-            $$->host.length= 1;
-            $$->password= null_lex_str; 
-            $$->plugin= empty_lex_str;
-            $$->auth= empty_lex_str;
-
-            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
-                                         username_char_length,
-                                         system_charset_info, 0))
-              MYSQL_YYABORT;
-          }
-        | ident_or_text '@' ident_or_text
+specified_user:
+          ident_or_text '@' ident_or_text
          {
            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
              MYSQL_YYABORT;
@@ -13195,8 +13181,8 @@ user:
          {
            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
              MYSQL_YYABORT;
-            /* 
-              empty LEX_USER means current_user and 
+            /*
+              empty LEX_USER means current_user and
              will be handled in the  get_current_user() function
              later
            */
@@ -13204,6 +13190,46 @@ user:
          }
        ;

+user:
+          ident_or_text
+          {
+            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
+              MYSQL_YYABORT;
+            $$->user = $1;
+            $$->host.str= (char *) "%";
+            $$->host.length= 1;
+            $$->password= null_lex_str; 
+            $$->plugin= empty_lex_str;
+            $$->auth= empty_lex_str;
+
+            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
+                                         username_char_length,
+                                         system_charset_info, 0))
+              MYSQL_YYABORT;
+          }
+        |
+          specified_user {$$ = $1;}
+        ;
+
+role:
+          ident_or_text
+          {
+            if (!($$=(LEX_USER*) thd->alloc(sizeof(st_lex_user))))
+              MYSQL_YYABORT;
+            $$->user = $1;
+            $$->host.str= (char *) "";
+            $$->host.length= 0;
+            $$->password= null_lex_str;
+            $$->plugin= empty_lex_str;
+            $$->auth= empty_lex_str;
+
+            if (check_string_char_length(&$$->user, ER(ER_USERNAME),
+                                         username_char_length,
+                                         system_charset_info, 0))
+              MYSQL_YYABORT;
+          }
+        ;
+
 /* Keyword that we allow for identifiers (except SP labels) */
 keyword:
          keyword_sp            {}
@@ -14282,7 +14308,27 @@ grant_command:
            lex->users_list.push_front ($3);
            lex->sql_command= SQLCOM_GRANT;
            lex->type= TYPE_ENUM_PROXY;
-          } 
+          }
+        | grant_privileges TO_SYM grant_list
+          {
+            LEX *lex= Lex;
+            lex->sql_command= SQLCOM_GRANT_ROLE;
+            lex->type= 0;
+            printf("Need to grant privileges to a role / user\n");
+          }
+        | grant_role TO_SYM grant_list_with_roles
+          {
+            LEX *lex= Lex;
+            lex->sql_command= SQLCOM_GRANT_ROLE;
+            lex->type= 0;
+            printf("The rolename to be granted is: %s\n", $1.str);
+          }
+
+        ;
+
+grant_role:
+          IDENT_sys             {$$=$1;}
+        | TEXT_STRING_sys       {$$=$1;}
        ;

 opt_table:
@@ -14459,6 +14505,30 @@ user_list:
          }
        ;

+grant_list_with_roles:
+          role
+          {
+            if (Lex->users_list.push_back($1))
+              MYSQL_YYABORT;
+          }
+        | specified_user
+          {
+            if (Lex->users_list.push_back($1))
+              MYSQL_YYABORT;
+          }
+        | grant_list_with_roles ',' role
+          {
+            if (Lex->users_list.push_back($3))
+              MYSQL_YYABORT;
+          }
+        | grant_list_with_roles ',' specified_user
+          {
+            if (Lex->users_list.push_back($3))
+              MYSQL_YYABORT;
+          }
+        ;
+
+
 grant_list:
          grant_user
          {