File: set_role-13655.test

package info (click to toggle)
mariadb 1%3A11.8.3-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 772,520 kB
  • sloc: ansic: 2,414,714; cpp: 1,791,394; asm: 381,336; perl: 62,905; sh: 49,647; pascal: 40,897; java: 39,363; python: 20,791; yacc: 20,432; sql: 17,907; xml: 12,344; ruby: 8,544; cs: 6,542; makefile: 6,145; ada: 1,879; lex: 1,193; javascript: 996; objc: 80; tcl: 73; awk: 46; php: 22
file content (49 lines) | stat: -rw-r--r-- 1,182 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
source include/not_embedded.inc;

--echo #
--echo # MDEV-13655: SET ROLE does not properly grant privileges.
--echo #
--echo # We must test that if aditional db privileges get granted to a role
--echo # which previously inherited privileges from another granted role
--echo # keep the internal memory structures intact.
--echo #

create role simple;

--echo #
--echo # First we create an entry with privileges for databases for the simple role.
--echo #
grant select, insert, update, delete, lock tables, execute on t.* to simple;
create role admin;

--echo #
--echo # Now we grant the simple role to admin. This means that db privileges
--echo # should propagate to admin.
--echo #
grant simple to admin;
show grants for admin;

--echo #
--echo # Finally, we give the admin all the available privileges for the db.
--echo #
grant all on t.* to admin;

--echo #
--echo # Create a user to test out the new roles;
--echo #
create user foo;
grant admin to foo;

connect (foo,localhost,foo,,,,,);
--error ER_DBACCESS_DENIED_ERROR
create database t;
set role admin;
show grants;
create database t;
drop database t;

connection default;

drop role simple;
drop role admin;
drop user foo;