Commit f4676ae5 authored by Georgi Kodinov's avatar Georgi Kodinov

merge of bug #46019 to 5.1-bugteam

parents 388955a4 4207e50e
...@@ -947,6 +947,30 @@ DROP USER foo; ...@@ -947,6 +947,30 @@ DROP USER foo;
DROP VIEW db1.v1; DROP VIEW db1.v1;
DROP TABLE db1.t1; DROP TABLE db1.t1;
DROP DATABASE db1; DROP DATABASE db1;
#
# Bug #46019: ERROR 1356 When selecting from within another
# view that has Group By
#
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1 (a INT);
CREATE SQL SECURITY INVOKER VIEW v1 AS
SELECT a FROM t1 GROUP BY a;
CREATE SQL SECURITY INVOKER VIEW v2 AS
SELECT a FROM v1;
CREATE USER u1;
GRANT SELECT ON TABLE t1 TO u1;
GRANT SELECT, SHOW VIEW ON TABLE v1 TO u1;
GRANT SELECT, SHOW VIEW ON TABLE v2 TO u1;
SELECT a FROM v1;
a
SELECT a FROM v2;
a
DROP USER u1;
DROP VIEW v1,v2;
DROP TABLE t1;
USE test;
DROP DATABASE db1;
End of 5.0 tests. End of 5.0 tests.
DROP VIEW IF EXISTS v1; DROP VIEW IF EXISTS v1;
DROP TABLE IF EXISTS t1; DROP TABLE IF EXISTS t1;
......
...@@ -1237,6 +1237,41 @@ DROP VIEW db1.v1; ...@@ -1237,6 +1237,41 @@ DROP VIEW db1.v1;
DROP TABLE db1.t1; DROP TABLE db1.t1;
DROP DATABASE db1; DROP DATABASE db1;
--echo #
--echo # Bug #46019: ERROR 1356 When selecting from within another
--echo # view that has Group By
--echo #
CREATE DATABASE db1;
USE db1;
CREATE TABLE t1 (a INT);
CREATE SQL SECURITY INVOKER VIEW v1 AS
SELECT a FROM t1 GROUP BY a;
CREATE SQL SECURITY INVOKER VIEW v2 AS
SELECT a FROM v1;
CREATE USER u1;
GRANT SELECT ON TABLE t1 TO u1;
GRANT SELECT, SHOW VIEW ON TABLE v1 TO u1;
GRANT SELECT, SHOW VIEW ON TABLE v2 TO u1;
CONNECT (u1, localhost, u1,,db1);
CONNECTION u1;
SELECT a FROM v1;
SELECT a FROM v2;
CONNECTION default;
DISCONNECT u1;
DROP USER u1;
DROP VIEW v1,v2;
DROP TABLE t1;
USE test;
DROP DATABASE db1;
--echo End of 5.0 tests. --echo End of 5.0 tests.
......
...@@ -3905,11 +3905,15 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, ...@@ -3905,11 +3905,15 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
continue; // ok continue; // ok
if (!(~table->grant.privilege & want_access) || if (!(~table->grant.privilege & want_access) ||
table->is_anonymous_derived_table() || table->schema_table) (table->is_anonymous_derived_table() &&
table->is_non_materialized_derived_table()) || table->schema_table)
{ {
/* /*
It is subquery in the FROM clause. VIEW set table->derived after It is subquery in the FROM clause. VIEW set table->derived after
table opening, but this function always called before table opening. table opening, but this function is mostly called before table opening.
When it's called after table opening e.g. for nested views with
materialization we shoud check the materialized table for access as
any other table.
*/ */
if (!table->referencing_view) if (!table->referencing_view)
{ {
...@@ -3922,6 +3926,7 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, ...@@ -3922,6 +3926,7 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
} }
continue; continue;
} }
if (!(grant_table= table_hash_search(sctx->host, sctx->ip, if (!(grant_table= table_hash_search(sctx->host, sctx->ip,
table->get_db_name(), sctx->priv_user, table->get_db_name(), sctx->priv_user,
table->get_table_name(), FALSE))) table->get_table_name(), FALSE)))
......
...@@ -5058,7 +5058,8 @@ bool check_single_table_access(THD *thd, ulong privilege, ...@@ -5058,7 +5058,8 @@ bool check_single_table_access(THD *thd, ulong privilege,
if (!(all_tables->belong_to_view && if (!(all_tables->belong_to_view &&
(thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) && (thd->lex->sql_command == SQLCOM_SHOW_FIELDS)) &&
!(all_tables->view && !(all_tables->view &&
all_tables->effective_algorithm == VIEW_ALGORITHM_TMPTABLE) && all_tables->effective_algorithm == VIEW_ALGORITHM_TMPTABLE &&
all_tables->is_non_materialized_derived_table()) &&
check_grant(thd, privilege, all_tables, 0, 1, no_errors)) check_grant(thd, privilege, all_tables, 0, 1, no_errors))
goto deny; goto deny;
......
...@@ -1465,6 +1465,15 @@ struct TABLE_LIST ...@@ -1465,6 +1465,15 @@ struct TABLE_LIST
*/ */
bool is_anonymous_derived_table() const { return derived && !view; } bool is_anonymous_derived_table() const { return derived && !view; }
/**
@brief True if this TABLE_LIST represents an not yet materialized
derived table, i.e. the result of a subquery or view execution.
*/
bool is_non_materialized_derived_table() const
{
return derived && !derived_result;
}
/** /**
@brief Returns the name of the database that the referenced table belongs @brief Returns the name of the database that the referenced table belongs
to. to.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment