File: grant.test

package info (click to toggle)
mariadb 1%3A11.8.2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, trixie
  • size: 765,428 kB
  • sloc: ansic: 2,382,827; cpp: 1,803,532; asm: 378,315; perl: 63,176; sh: 46,496; pascal: 40,776; java: 39,363; yacc: 20,428; python: 19,506; sql: 17,864; xml: 12,463; ruby: 8,544; makefile: 6,059; cs: 5,855; ada: 1,700; lex: 1,193; javascript: 1,039; objc: 80; tcl: 73; awk: 46; php: 22
file content (117 lines) | stat: -rw-r--r-- 3,037 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
 
#
# Test some grants with sequences
# Note that replication.test also does some grant testing
#

# Grant tests not performed with embedded server
-- source include/not_embedded.inc


SET @@SQL_MODE = REPLACE(@@SQL_MODE, 'NO_AUTO_CREATE_USER', '');
create database mysqltest_1;
use mysqltest_1;
grant all on mysqltest_1.* to 'normal'@'%';
grant select on mysqltest_1.* to 'read_only'@'%';
grant select,insert on mysqltest_1.* to 'read_write'@'%';
grant select,insert,alter on mysqltest_1.* to 'alter'@'%';
grant alter on mysqltest_1.* to only_alter@'%';

connect(normal,localhost,normal,,mysqltest_1);
connect(read_only,localhost,read_only,,mysqltest_1);
connect(read_write,localhost,read_write,,mysqltest_1);
connect(alter,localhost,alter,,mysqltest_1);
connect(only_alter, localhost, only_alter,,mysqltest_1);

--disable_ps2_protocol
connection normal;
create sequence s1;
select next value for s1;
alter sequence s1 restart= 11;
select * from s1;

connection read_only;
--error ER_TABLEACCESS_DENIED_ERROR
select next value for s1;
--error ER_TABLEACCESS_DENIED_ERROR
alter sequence s1 restart= 11;
select * from s1;

connection read_write;
select next value for s1;
--error ER_TABLEACCESS_DENIED_ERROR
alter sequence s1 restart= 11;
select * from s1;

connection alter;
select next value for s1;
alter sequence s1 restart= 11;
select * from s1;

connection only_alter;
--error ER_TABLEACCESS_DENIED_ERROR
select next value for s1;
alter sequence s1 restart= 11;
--error ER_TABLEACCESS_DENIED_ERROR
select * from s1;
--enable_ps2_protocol

#
# Cleanup
#

connection default;
drop user 'normal'@'%';
drop user 'read_only'@'%';
drop user 'read_write'@'%';
drop user 'alter'@'%';
drop user 'only_alter'@'%';
drop sequence s1;

--echo #
--echo # MDEV-36413  User without any privileges to a sequence can read from
--echo # it and modify it via column default
--echo #

create sequence s1;
create sequence s2;
select * from s2;
create table t2 (a int not null default(nextval(s1)));
insert into t2 values();

create user u;
grant create, insert, select, drop on mysqltest_1.t1 to u;
grant insert, select on mysqltest_1.s1 to u;
grant select on mysqltest_1.t2 to u;

--connect(con1,localhost,u,,mysqltest_1)
--error ER_TABLEACCESS_DENIED_ERROR
select nextval(s2);
--error ER_TABLEACCESS_DENIED_ERROR
show create sequence s2;

create table t1 (a int not null default(nextval(s1)));
drop table t1;
create table t1 (a int not null default(nextval(s1))) select a from t2;
insert into t1 values();
select * from t1;
drop table t1;
create table t1 (a int not null default(nextval(s1))) select a from (select t2.a from t2,t2 as t3 where t2.a=t3.a) as t4;
drop table t1;
--error ER_TABLEACCESS_DENIED_ERROR
create table t1 (a int not null default(nextval(s2)));
--error ER_TABLEACCESS_DENIED_ERROR
create table t1 (a int not null default(nextval(s1)),
                 b int not null default(nextval(s2)));
--disconnect con1
--connection default
drop user u;

#
# Cleanup
#

drop database mysqltest_1;

--echo #
--echo # End of 10.11 tests
--echo #