Bug #20363: Create view on just created view is now denied

There was a wrong determination of the DB name (witch is 
not always the one in TABLE_LIST because derived tables
may be calculated using temp tables that have their db name
set to "").
The fix determines the database name according to the type 
of table reference, and calls the function check_access() 
with the correct db name so the correct set of grants is found.


mysql-test/r/view_grant.result:
  testsuite for the bug
mysql-test/t/view_grant.test:
  testsuite for the bug
sql/sql_parse.cc:
  correct determination of the db name.

mysql-test/r/view_grant.result

@@ -618,3 +618,32 @@ ERROR HY000: There is no 'no-such-user'@'localhost' registered
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+CREATE USER mysqltest_db1@localhost identified by 'PWD';
+GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;
+CREATE SCHEMA mysqltest_db1 ;
+USE mysqltest_db1 ;
+CREATE TABLE t1 (f1 INTEGER);
+CREATE VIEW view1 AS
+SELECT * FROM t1;
+SHOW CREATE VIEW view1;
+View	Create View
+view1	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view1` AS select `t1`.`f1` AS `f1` from `t1`
+CREATE VIEW view2 AS
+SELECT * FROM view1;
+# Here comes a suspicious warning
+SHOW CREATE VIEW view2;
+View	Create View
+view2	CREATE ALGORITHM=UNDEFINED DEFINER=`mysqltest_db1`@`localhost` SQL SECURITY DEFINER VIEW `view2` AS select `view1`.`f1` AS `f1` from `view1`
+# But the view view2 is usable
+SELECT * FROM view2;
+f1
+CREATE VIEW view3 AS
+SELECT * FROM view2;
+SELECT * from view3;
+f1
+DROP VIEW mysqltest_db1.view3;
+DROP VIEW mysqltest_db1.view2;
+DROP VIEW mysqltest_db1.view1;
+DROP TABLE mysqltest_db1.t1;
+DROP SCHEMA mysqltest_db1;
+DROP USER mysqltest_db1@localhost;

mysql-test/t/view_grant.test

@@ -807,3 +807,42 @@ SELECT * FROM v;
 DROP VIEW v;
 DROP TABLE t1;
 USE test;
+
+#
+# Bug#20363: Create view on just created view is now denied
+#
+eval CREATE USER mysqltest_db1@localhost identified by 'PWD';
+eval GRANT ALL ON mysqltest_db1.* TO mysqltest_db1@localhost WITH GRANT OPTION;
+
+# The session with the non root user is needed.
+--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
+connect (session1,localhost,mysqltest_db1,PWD,test);
+
+CREATE SCHEMA mysqltest_db1 ;
+USE mysqltest_db1 ;
+
+CREATE TABLE t1 (f1 INTEGER);
+
+CREATE VIEW view1 AS
+SELECT * FROM t1;
+SHOW CREATE VIEW view1;
+
+CREATE VIEW view2 AS
+SELECT * FROM view1;
+--echo # Here comes a suspicious warning
+SHOW CREATE VIEW view2;
+--echo # But the view view2 is usable
+SELECT * FROM view2;
+
+CREATE VIEW view3 AS
+SELECT * FROM view2;
+
+SELECT * from view3;
+
+connection default;
+DROP VIEW mysqltest_db1.view3;
+DROP VIEW mysqltest_db1.view2;
+DROP VIEW mysqltest_db1.view1;
+DROP TABLE mysqltest_db1.t1;
+DROP SCHEMA mysqltest_db1;
+DROP USER mysqltest_db1@localhost;

sql/sql_parse.cc

@@ -5004,7 +5004,14 @@ bool check_one_table_access(THD *thd, ulong privilege, TABLE_LIST *all_tables)
   if (all_tables->security_ctx)
     thd->security_ctx= all_tables->security_ctx;
 
-  if (check_access(thd, privilege, all_tables->db,
+  const char *db_name;
+  if ((all_tables->view || all_tables->field_translation) &&
+      !all_tables->schema_table)
+    db_name= all_tables->view_db.str;
+  else
+    db_name= all_tables->db;
+
+  if (check_access(thd, privilege, db_name,
 		   &all_tables->grant.privilege, 0, 0,
                    test(all_tables->schema_table)))
     goto deny;