From: Alexander&nbsp;Nozdrin
Date: March 27 2011 5:09pm
Subject: Re: bzr commit into mysql-trunk branch (Dmitry.Lenev:3533) Bug#11746602
List-Archive: http://lists.mysql.com/commits/133956
Message-Id: <4D8F6F2F.9030301@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Ok to push.

Thank you.

On 03/26/11 19:51, Dmitry Lenev wrote:
> #At file:///home/dlenev/src/bzr/mysql-trunk-bug27480/ based on revid:dmitry.lenev@stripped
>
>   3533 Dmitry Lenev	2011-03-26
>        A follow-up for the patch for Bug#11746602 (27480: Extend
>        CREATE TEMPORARY TABLES privilege to allow temp table
>        operations).
>
>        After main patch for this bug additional check for privileges
>        required for SHOW statements might require opening and closing
>        of temporary tables. Since doing this from within
>        check_table_access() function looks like a dangerous thing,
>        the current patch moves this additional check outside of
>        this function. To support this change it also removes some
>        duplicated code.
>       @ sql/sql_parse.cc
>          - Moved code responsible for the first stage of checking
>            privileges for SELECT statement (global, db and table-level
>            privileges) to a separate function - select_precheck().
>            Adjusted code for select-like statements to use this
>            function.
>          - Got rid of duplicate code handling SHOW EVENTS and SHOW
>            PROCEDURE/FUNCTION STATUS. As a side-effect of this change
>            now these statements reset last_query_cost status variable
>            like most of other SHOW statements.
>          - Moved code which performs additional check for privileges
>            required to perform SHOW statement from check_table_access()
>            function to newly created select_precheck() function. Doing
>            this privilege check, which might require opening and closing
>            of temporary tables, inside of check_table_access() looks
>            like a dangerous thing.
>          - Got rid of redundant code in check_show_access() which
>            automatically granted SELECT_ACL on I_S table for SHOW
>            statement. This is already done for all I_S tables in
>            IS_internal_schema_access::check() member function.
>       @ sql/sql_parse.h
>          Introduced select_precheck() function which performs first
>          stage of privilege checking for SELECT statements.
>       @ sql/sql_prepare.cc
>          Code responsible for the first stage of checking privileges
>          for SELECT statements (global, db and table-level privileges)
>          has been moved to new function select_precheck().
>
>      modified:
>        sql/sql_parse.cc
>        sql/sql_parse.h
>        sql/sql_prepare.cc