MySQL Lists: commits: bk commit into 5.1 tree (anozdrin:1.2120) BUG#9412

List:	Commits	« Previous Message Next Message »
From:	Alexander Nozdrin	Date:	February 1 2006 11:28am
Subject:	bk commit into 5.1 tree (anozdrin:1.2120) BUG#9412
View as plain text
Below is the list of changes that have just been committed into a local
5.1 repository of alik. When alik does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.2120 06/02/01 13:28:45 anozdrin@stripped +16 -0
  Fix for BUG#9412: Triggers: should have trigger privilege.
  
  Implement table-level TRIGGER privilege to control access to triggers.
  Before this path global SUPER privilege was used for this purpose, that
  was the big security problem.
  
  In details, before this patch SUPER privilege was required:
    - for the user at CREATE TRIGGER time to create a new trigger;
    - for the user at DROP TRIGGER time to drop the existing trigger;
    - for the definer at trigger activation time to execute the trigger (if the
      definer loses SUPER privilege, all its triggers become unavailable);
  
  This patch changes the behaviour in the following way:
    - TRIGGER privilege on the subject table for trigger is required:
      - for the user at CREATE TRIGGER time to create a new trigger;
      - for the user at DROP TRIGGER time to drop the existing trigger;
      - for the definer at trigger activation time to execute the trigger
        (if the definer loses TRIGGER privilege on the subject table, all its
        triggers on this table become unavailable).
    - SUPER privilege is still required:
      - for the user at CREATE TRIGGER time to explicitly set the trigger
        definer to the user other than CURRENT_USER().
  
  When the server works with database of the previous version (w/o TRIGGER
  privilege), or if the database is being upgraded from the previous versions,
  TRIGGER privilege is granted to whose users, who have CREATE privilege.

  sql/sql_yacc.yy
    1.448 06/02/01 13:28:40 anozdrin@stripped +1 -0
    Added TRIGGER privilege.

  sql/sql_trigger.cc
    1.44 06/02/01 13:28:40 anozdrin@stripped +25 -23
    Check TRIGGER privilege instead of SUPER.

  sql/sql_show.cc
    1.296 06/02/01 13:28:40 anozdrin@stripped +1 -0
    Added TRIGGER privilege.

  sql/sql_acl.h
    1.46 06/02/01 13:28:40 anozdrin@stripped +10 -6
    Added TRIGGER privilege.

  sql/sql_acl.cc
    1.176 06/02/01 13:28:40 anozdrin@stripped +8 -2
    Added TRIGGER privilege.

  scripts/mysql_fix_privilege_tables.sql
    1.39 06/02/01 13:28:40 anozdrin@stripped +9 -0
    Added TRIGGER privilege.

  scripts/mysql_create_system_tables.sh
    1.37 06/02/01 13:28:40 anozdrin@stripped +12 -9
    Added TRIGGER privilege.

  mysql-test/t/trigger-grant.test
    1.4 06/02/01 13:28:40 anozdrin@stripped +140 -10
    1. Grant table-level TRIGGER privilege instead of global SUPER one.
    2. Updated the test case to check that SUPER is required to specify
    the user other than the current as a definer.

  mysql-test/t/trigger-compat.test
    1.4 06/02/01 13:28:40 anozdrin@stripped +1 -2
    Grant table-level TRIGGER privilege instead of global SUPER one.

  mysql-test/r/trigger-grant.result
    1.3 06/02/01 13:28:40 anozdrin@stripped +57 -2
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/trigger-compat.result
    1.3 06/02/01 13:28:40 anozdrin@stripped +1 -2
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/sp.result
    1.181 06/02/01 13:28:40 anozdrin@stripped +2 -0
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/ps.result
    1.60 06/02/01 13:28:40 anozdrin@stripped +3 -3
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/lowercase_table_grant.result
    1.4 06/02/01 13:28:40 anozdrin@stripped +4 -4
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/information_schema.result
    1.105 06/02/01 13:28:40 anozdrin@stripped +1 -0
    Updated the result file after adding TRIGGER privilege.

  mysql-test/r/grant.result
    1.48 06/02/01 13:28:40 anozdrin@stripped +14 -13
    Updated the result file after adding TRIGGER privilege.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	anozdrin
# Host:	booka.home
# Root:	/mnt/hda4/home/alik/MySQL/devel/5.1-bug9412-latest

--- 1.175/sql/sql_acl.cc	2006-01-13 19:04:32 +03:00
+++ 1.176/sql/sql_acl.cc	2006-02-01 13:28:40 +03:00
@@ -361,6 +361,12 @@
       if (table->s->fields <= 37 && (user.access & CREATE_ACL))
         user.access|= EVENT_ACL;
 
+      /*
+        if it is pre 5.1.6 privilege then map TRIGGER privilege on CREATE.
+      */
+      if (table->s->fields <= 38 && (user.access & SUPER_ACL))
+        user.access|= TRIGGER_ACL;
+
       user.sort= get_sort(2,user.host.hostname,user.user);
       user.hostname_length= (user.host.hostname ?
                              (uint) strlen(user.host.hostname) : 0);
@@ -4070,13 +4076,13 @@
   "ALTER", "SHOW DATABASES", "SUPER", "CREATE TEMPORARY TABLES",
   "LOCK TABLES", "EXECUTE", "REPLICATION SLAVE", "REPLICATION CLIENT",
   "CREATE VIEW", "SHOW VIEW", "CREATE ROUTINE", "ALTER ROUTINE",
-  "CREATE USER", "EVENT"
+  "CREATE USER", "EVENT", "TRIGGER"
 };
 
 static uint command_lengths[]=
 {
   6, 6, 6, 6, 6, 4, 6, 8, 7, 4, 5, 10, 5, 5, 14, 5, 23, 11, 7, 17, 18, 11, 9,
-  14, 13, 11, 5
+  14, 13, 11, 5, 7
 };
 
 

--- 1.45/sql/sql_acl.h	2006-01-10 21:50:18 +03:00
+++ 1.46/sql/sql_acl.h	2006-02-01 13:28:40 +03:00
@@ -43,6 +43,7 @@
 #define ALTER_PROC_ACL  (1L << 24)
 #define CREATE_USER_ACL (1L << 25)
 #define EVENT_ACL       (1L << 26)
+#define TRIGGER_ACL     (1L << 27)
 /*
   don't forget to update
   1. static struct show_privileges_st sys_privileges[]
@@ -57,12 +58,12 @@
 (UPDATE_ACL | SELECT_ACL | INSERT_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
  GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_TMP_ACL | \
  LOCK_TABLES_ACL | EXECUTE_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | \
- CREATE_PROC_ACL | ALTER_PROC_ACL | EVENT_ACL)
+ CREATE_PROC_ACL | ALTER_PROC_ACL | EVENT_ACL | TRIGGER_ACL)
 
 #define TABLE_ACLS \
 (SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL | \
  GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_VIEW_ACL | \
- SHOW_VIEW_ACL)
+ SHOW_VIEW_ACL | TRIGGER_ACL)
 
 #define COL_ACLS \
 (SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)
@@ -79,7 +80,7 @@
  REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \
  CREATE_TMP_ACL | LOCK_TABLES_ACL | REPL_SLAVE_ACL | REPL_CLIENT_ACL | \
  EXECUTE_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | CREATE_PROC_ACL | \
- ALTER_PROC_ACL | CREATE_USER_ACL | EVENT_ACL)
+ ALTER_PROC_ACL | CREATE_USER_ACL | EVENT_ACL | TRIGGER_ACL)
 
 #define DEFAULT_CREATE_PROC_ACLS \
 (ALTER_PROC_ACL | EXECUTE_ACL)
@@ -97,7 +98,7 @@
 #define DB_CHUNK3 (CREATE_VIEW_ACL | SHOW_VIEW_ACL | \
 		   CREATE_PROC_ACL | ALTER_PROC_ACL )
 #define DB_CHUNK4 (EXECUTE_ACL)
-#define DB_CHUNK5 (EVENT_ACL)
+#define DB_CHUNK5 (EVENT_ACL | TRIGGER_ACL)
 
 #define fix_rights_for_db(A)  (((A)       & DB_CHUNK0) | \
 			      (((A) << 4) & DB_CHUNK1) | \
@@ -114,12 +115,15 @@
 #define TBL_CHUNK0 DB_CHUNK0
 #define TBL_CHUNK1 DB_CHUNK1
 #define TBL_CHUNK2 (CREATE_VIEW_ACL | SHOW_VIEW_ACL)
+#define TBL_CHUNK3 TRIGGER_ACL
 #define fix_rights_for_table(A) (((A)        & TBL_CHUNK0) | \
                                 (((A) <<  4) & TBL_CHUNK1) | \
-                                (((A) << 11) & TBL_CHUNK2))
+                                (((A) << 11) & TBL_CHUNK2) | \
+                                (((A) << 15) & TBL_CHUNK3))
 #define get_rights_for_table(A) (((A) & TBL_CHUNK0)        | \
                                 (((A) & TBL_CHUNK1) >>  4) | \
-                                (((A) & TBL_CHUNK2) >> 11))
+                                (((A) & TBL_CHUNK2) >> 11) | \
+                                (((A) & TBL_CHUNK3) >> 15))
 #define fix_rights_for_column(A) (((A) & 7) | (((A) & ~7) << 8))
 #define get_rights_for_column(A) (((A) & 7) | ((A) >> 8))
 #define fix_rights_for_procedure(A) ((((A) << 18) & EXECUTE_ACL) | \

--- 1.295/sql/sql_show.cc	2006-01-31 20:46:37 +03:00
+++ 1.296/sql/sql_show.cc	2006-02-01 13:28:40 +03:00
@@ -267,6 +267,7 @@
   {"Show view","Tables","To see views with SHOW CREATE VIEW"},
   {"Shutdown","Server Admin", "To shut down the server"},
   {"Super","Server Admin","To use KILL thread, SET GLOBAL, CHANGE MASTER, etc."},
+  {"Trigger","Tables", "To use triggers"},
   {"Update", "Tables",  "To update existing rows"},
   {"Usage","Server Admin","No privileges - allow connect only"},
   {NullS, NullS, NullS}

--- 1.447/sql/sql_yacc.yy	2006-01-30 15:31:21 +03:00
+++ 1.448/sql/sql_yacc.yy	2006-02-01 13:28:40 +03:00
@@ -10237,6 +10237,7 @@
 	| ALTER ROUTINE_SYM { Lex->grant |= ALTER_PROC_ACL; }
 	| CREATE USER { Lex->grant |= CREATE_USER_ACL; }
         | EVENT_SYM { Lex->grant |= EVENT_ACL;}
+        | TRIGGER_SYM { Lex->grant |= TRIGGER_ACL; }
 	;
 
 

--- 1.2/mysql-test/r/trigger-compat.result	2006-01-12 03:02:48 +03:00
+++ 1.3/mysql-test/r/trigger-compat.result	2006-02-01 13:28:40 +03:00
@@ -7,8 +7,7 @@
 CREATE DATABASE mysqltest_db1;
 CREATE USER mysqltest_dfn@localhost;
 CREATE USER mysqltest_inv@localhost;
-GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
-GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
+GRANT CREATE, TRIGGER ON mysqltest_db1.* TO mysqltest_dfn@localhost;
 
 ---> connection: wl2818_definer_con
 CREATE TABLE t1(num_value INT);

--- 1.2/mysql-test/r/trigger-grant.result	2006-01-12 03:02:48 +03:00
+++ 1.3/mysql-test/r/trigger-grant.result	2006-02-01 13:28:40 +03:00
@@ -7,12 +7,57 @@
 CREATE DATABASE mysqltest_db1;
 CREATE USER mysqltest_dfn@localhost;
 CREATE USER mysqltest_inv@localhost;
-GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
 GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
 
 ---> connection: wl2818_definer_con
 CREATE TABLE t1(num_value INT);
 CREATE TABLE t2(user_str TEXT);
+
+---> connection: default
+GRANT INSERT, DELETE ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+GRANT INSERT, DELETE ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
+
+---> connection: default
+GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
+CREATE TRIGGER trg1 AFTER INSERT ON t1
+FOR EACH ROW
+INSERT INTO t2 VALUES(CURRENT_USER());
+ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
+
+---> connection: default
+GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
+CREATE TRIGGER trg1 AFTER INSERT ON t1
+FOR EACH ROW
+INSERT INTO t2 VALUES(CURRENT_USER());
+
+---> connection: default
+REVOKE TRIGGER ON mysqltest_db1.t1 FROM mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
+DROP TRIGGER trg1;
+ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
+
+---> connection: wl2818_definer_con
+INSERT INTO t1 VALUES(0);
+ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
+
+---> connection: default
+GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
+INSERT INTO t1 VALUES(0);
+DROP TRIGGER trg1;
+DELETE FROM t1;
+DELETE FROM t2;
+
+---> connection: default
+REVOKE SUPER ON *.* FROM mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
 CREATE TRIGGER trg1 AFTER INSERT ON t1
 FOR EACH ROW
 INSERT INTO t2 VALUES(CURRENT_USER());
@@ -175,6 +220,17 @@
   TRIGGER trg1 BEFORE INSERT ON t1
 FOR EACH ROW
 SET @new_sum = 0;
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
+
+---> connection: default
+use mysqltest_db1;
+GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
+
+---> connection: wl2818_definer_con
+CREATE DEFINER='mysqltest_inv'@'localhost'
+  TRIGGER trg1 BEFORE INSERT ON t1
+FOR EACH ROW
+SET @new_sum = 0;
 CREATE DEFINER='mysqltest_nonexs'@'localhost'
   TRIGGER trg2 AFTER INSERT ON t1
 FOR EACH ROW
@@ -182,7 +238,6 @@
 Warnings:
 Note	1449	There is no 'mysqltest_nonexs'@'localhost' registered
 INSERT INTO t1 VALUES(6);
-ERROR 42000: Access denied; you need the SUPER privilege for this operation
 SHOW TRIGGERS;
 Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer
 trg1	INSERT	t1	SET @new_sum = 0	BEFORE	NULL		mysqltest_inv@localhost

--- 1.3/mysql-test/t/trigger-compat.test	2005-12-14 23:39:15 +03:00
+++ 1.4/mysql-test/t/trigger-compat.test	2006-02-01 13:28:40 +03:00
@@ -35,8 +35,7 @@
 CREATE USER mysqltest_dfn@localhost;
 CREATE USER mysqltest_inv@localhost;
 
-GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
-GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
+GRANT CREATE, TRIGGER ON mysqltest_db1.* TO mysqltest_dfn@localhost;
 
 #
 # Create a table and the first trigger.

--- 1.3/mysql-test/t/trigger-grant.test	2005-12-14 23:39:15 +03:00
+++ 1.4/mysql-test/t/trigger-grant.test	2006-02-01 13:28:40 +03:00
@@ -44,9 +44,124 @@
 CREATE USER mysqltest_dfn@localhost;
 CREATE USER mysqltest_inv@localhost;
 
-GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
 GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
 
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+CREATE TABLE t1(num_value INT);
+CREATE TABLE t2(user_str TEXT);
+
+--disconnect wl2818_definer_con
+
+--connection default
+--echo
+--echo ---> connection: default
+
+GRANT INSERT, DELETE ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+GRANT INSERT, DELETE ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
+
+#
+# Check that the user must have TRIGGER privilege to create a trigger.
+#
+
+--connection default
+--echo
+--echo ---> connection: default
+
+GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
+
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+--error ER_TABLEACCESS_DENIED_ERROR
+CREATE TRIGGER trg1 AFTER INSERT ON t1
+  FOR EACH ROW
+    INSERT INTO t2 VALUES(CURRENT_USER());
+
+--disconnect wl2818_definer_con
+
+#
+# Check that the user must have TRIGGER privilege to drop a trigger.
+#
+
+--connection default
+--echo
+--echo ---> connection: default
+
+GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+CREATE TRIGGER trg1 AFTER INSERT ON t1
+  FOR EACH ROW
+    INSERT INTO t2 VALUES(CURRENT_USER());
+
+--disconnect wl2818_definer_con
+
+--connection default
+--echo
+--echo ---> connection: default
+
+REVOKE TRIGGER ON mysqltest_db1.t1 FROM mysqltest_dfn@localhost;
+
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+--error ER_TABLEACCESS_DENIED_ERROR
+DROP TRIGGER trg1;
+
+--disconnect wl2818_definer_con
+
+#
+# Check that the definer must have TRIGGER privilege to activate a trigger.
+#
+
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+--error ER_TABLEACCESS_DENIED_ERROR
+INSERT INTO t1 VALUES(0);
+
+--disconnect wl2818_definer_con
+
+--connection default
+--echo
+--echo ---> connection: default
+
+GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
+
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
+
+INSERT INTO t1 VALUES(0);
+
+# Cleanup for further tests.
+DROP TRIGGER trg1;
+DELETE FROM t1;
+DELETE FROM t2;
+
+--disconnect wl2818_definer_con
+
+--connection default
+--echo
+--echo ---> connection: default
+
+REVOKE SUPER ON *.* FROM mysqltest_dfn@localhost;
+
 #
 # Check that triggers are executed under the authorization of the definer:
 #   - create two tables under "definer";
@@ -64,9 +179,6 @@
 --echo
 --echo ---> connection: wl2818_definer_con
 
-CREATE TABLE t1(num_value INT);
-CREATE TABLE t2(user_str TEXT);
-
 CREATE TRIGGER trg1 AFTER INSERT ON t1
   FOR EACH ROW
     INSERT INTO t2 VALUES(CURRENT_USER());
@@ -362,10 +474,6 @@
 #
 # Check DEFINER clause of CREATE TRIGGER statement.
 #
-# NOTE: there is no dedicated TRIGGER privilege for CREATE TRIGGER statement.
-# SUPER privilege is used instead. I.e., if one invokes CREATE TRIGGER, it should
-# have SUPER privilege, so this test is meaningless right now.
-#
 #   - Check that SUPER privilege required to create a trigger with different
 #     definer:
 #     - try to create a trigger with DEFINER="definer@localhost" under
@@ -391,7 +499,26 @@
 DROP TRIGGER trg1;
 
 # Check that SUPER is required to specify different DEFINER.
-# NOTE: meaningless at the moment
+
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+CREATE DEFINER='mysqltest_inv'@'localhost'
+  TRIGGER trg1 BEFORE INSERT ON t1
+  FOR EACH ROW
+    SET @new_sum = 0;
+
+--connection default
+--echo
+--echo ---> connection: default
+
+use mysqltest_db1;
+
+GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
+
+--disconnect wl2818_definer_con
+--connect (wl2818_definer_con,localhost,mysqltest_dfn,,mysqltest_db1)
+--connection wl2818_definer_con
+--echo
+--echo ---> connection: wl2818_definer_con
 
 CREATE DEFINER='mysqltest_inv'@'localhost'
   TRIGGER trg1 BEFORE INSERT ON t1
@@ -407,7 +534,10 @@
 
 # Check that trg2 will not be activated.
 
---error ER_SPECIFIC_ACCESS_DENIED_ERROR
+# --error ER_SPECIFIC_ACCESS_DENIED_ERROR
+#
+# TODO: Due to the BUG#13198(SP executes if definer does not exist) the
+# following statement does not fail as it should.
 INSERT INTO t1 VALUES(6);
 
 #

--- 1.43/sql/sql_trigger.cc	2006-01-13 19:04:32 +03:00
+++ 1.44/sql/sql_trigger.cc	2006-02-01 13:28:40 +03:00
@@ -177,12 +177,20 @@
   DBUG_ASSERT(tables->next_global == 0);
 
   /*
-    TODO: We should check if user has TRIGGER privilege for table here.
-    Now we just require SUPER privilege for creating/dropping because
-    we don't have proper privilege checking for triggers in place yet.
+    Check that the user has TRIGGER privilege on the subject table.
   */
-  if (check_global_access(thd, SUPER_ACL))
-    DBUG_RETURN(TRUE);
+  {
+    bool err_status;
+    TABLE_LIST **save_query_tables_own_last= thd->lex->query_tables_own_last;
+    thd->lex->query_tables_own_last= 0;
+
+    err_status= check_table_access(thd, TRIGGER_ACL, tables, 0);
+
+    thd->lex->query_tables_own_last= save_query_tables_own_last;
+
+    if (err_status)
+      DBUG_RETURN(TRUE);
+  }
 
   /*
     There is no DETERMINISTIC clause for triggers, so can't check it.
@@ -1151,24 +1159,10 @@
     if (sp_change_security_context(thd, sp_trigger, &save_ctx))
       return TRUE;
 
-    /*
-      NOTE: TRIGGER_ACL should be used below.
-    */
-
-    if (check_global_access(thd, SUPER_ACL))
-    {
-      sp_restore_security_context(thd, save_ctx);
-      return TRUE;
-    }
-
-    /*
-      If the trigger uses special variables (NEW/OLD), check that we have
-      SELECT and UPDATE privileges on the subject table.
-    */
-    
-    if (is_special_var_used(event, time_type))
     {
       TABLE_LIST table_list, **save_query_tables_own_last;
+      ulong wanted_access = TRIGGER_ACL;
+      
       bzero((char *) &table_list, sizeof (table_list));
       table_list.db= (char *) table->s->db.str;
       table_list.db_length= table->s->db.length;
@@ -1178,9 +1172,17 @@
       table_list.table= table;
       save_query_tables_own_last= thd->lex->query_tables_own_last;
       thd->lex->query_tables_own_last= 0;
+      
+      /*
+         If the trigger uses special variables (NEW/OLD), check that we have
+         SELECT and UPDATE privileges on the subject table.
+       */
+
+      if (is_special_var_used(event, time_type))
+        wanted_access|= SELECT_ACL | UPDATE_ACL;
+
+      err_status= check_table_access(thd, wanted_access, &table_list, 0);
 
-      err_status= check_table_access(thd, SELECT_ACL | UPDATE_ACL,
-                                     &table_list, 0);
       thd->lex->query_tables_own_last= save_query_tables_own_last;
       if (err_status)
       {

--- 1.104/mysql-test/r/information_schema.result	2006-01-30 15:15:03 +03:00
+++ 1.105/mysql-test/r/information_schema.result	2006-02-01 13:28:40 +03:00
@@ -406,6 +406,7 @@
 'mysqltest_1'@'localhost'	NULL	test	CREATE ROUTINE	YES
 'mysqltest_1'@'localhost'	NULL	test	ALTER ROUTINE	YES
 'mysqltest_1'@'localhost'	NULL	test	EVENT	YES
+'mysqltest_1'@'localhost'	NULL	test	TRIGGER	YES
 select * from information_schema.TABLE_PRIVILEGES where grantee like '%mysqltest_1%';
 GRANTEE	TABLE_CATALOG	TABLE_SCHEMA	TABLE_NAME	PRIVILEGE_TYPE	IS_GRANTABLE
 'mysqltest_1'@'localhost'	NULL	test	t1	SELECT	NO

--- 1.3/mysql-test/r/lowercase_table_grant.result	2006-01-10 21:16:42 +03:00
+++ 1.4/mysql-test/r/lowercase_table_grant.result	2006-02-01 13:28:40 +03:00
@@ -6,8 +6,8 @@
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
 GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
 select * from db where user = 'mysqltest_1';
-Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv
-localhost	mysqltest	mysqltest_1	Y	Y	Y	Y	Y	Y	N	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y
+Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv	Trigger_priv
+localhost	mysqltest	mysqltest_1	Y	Y	Y	Y	Y	Y	N	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y
 update db set db = 'MYSQLtest' where db = 'mysqltest' and user = 'mysqltest_1' and host =
'localhost';
 flush privileges;
 show grants for mysqltest_1@localhost;
@@ -15,8 +15,8 @@
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
 GRANT ALL PRIVILEGES ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
 select * from db where user = 'mysqltest_1';
-Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv
-localhost	MYSQLtest	mysqltest_1	Y	Y	Y	Y	Y	Y	N	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y
+Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv	Trigger_priv
+localhost	MYSQLtest	mysqltest_1	Y	Y	Y	Y	Y	Y	N	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y	Y
 delete from db where db = 'MYSQLtest' and user = 'mysqltest_1' and host = 'localhost';
 flush privileges;
 drop user mysqltest_1@localhost;

--- 1.47/mysql-test/r/grant.result	2006-01-10 21:50:16 +03:00
+++ 1.48/mysql-test/r/grant.result	2006-02-01 13:28:40 +03:00
@@ -11,8 +11,8 @@
 GRANT SELECT ON `mysqltest`.* TO 'mysqltest_1'@'localhost'
 grant delete on mysqltest.* to mysqltest_1@localhost;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	SPECIFIED	EDH-RSA-DES-CBC3-SHA			0	0	0	0
+Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	SPECIFIED	EDH-RSA-DES-CBC3-SHA			0	0	0	0
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' REQUIRE CIPHER 'EDH-RSA-DES-CBC3-SHA'
@@ -42,15 +42,15 @@
 flush privileges;
 grant usage on *.* to mysqltest_1@localhost with max_queries_per_hour 10;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	0	0	0
+Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	0	0	0
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10
 grant usage on *.* to mysqltest_1@localhost with max_updates_per_hour 20
max_connections_per_hour 30;
 select * from mysql.user where user="mysqltest_1";
-Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
-localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	20	30	0
+Host	User	Password	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Reload_priv	Shutdown_priv	Process_priv	File_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Show_db_priv	Super_priv	Create_tmp_table_priv	Lock_tables_priv	Execute_priv	Repl_slave_priv	Repl_client_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Create_user_priv	Event_priv	Trigger_priv	ssl_type	ssl_cipher	x509_issuer	x509_subject	max_questions	max_updates	max_connections	max_user_connections
+localhost	mysqltest_1		N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N	N					10	20	30	0
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost' WITH MAX_QUERIES_PER_HOUR 10
MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30
@@ -85,7 +85,7 @@
 show grants for mysqltest_1@localhost;
 Grants for mysqltest_1@localhost
 GRANT USAGE ON *.* TO 'mysqltest_1'@'localhost'
-GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, CREATE TEMPORARY
TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT ON
`mysqltest`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
+GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, CREATE TEMPORARY
TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON
`mysqltest`.* TO 'mysqltest_1'@'localhost' WITH GRANT OPTION
 revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 delete from mysql.user where user='mysqltest_1';
 flush privileges;
@@ -465,6 +465,7 @@
 Show view	Tables	To see views with SHOW CREATE VIEW
 Shutdown	Server Admin	To shut down the server
 Super	Server Admin	To use KILL thread, SET GLOBAL, CHANGE MASTER, etc.
+Trigger	Tables	To use triggers
 Update	Tables	To update existing rows
 Usage	Server Admin	No privileges - allow connect only
 create database mysqltest;
@@ -491,8 +492,8 @@
 PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
 = '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
 TABLE_SCHEMA	TABLE_NAME	PRIVILEGES
-mysqltest	dummytable	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, UPDATE
-mysqltest	dummyview	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, UPDATE
+mysqltest	dummytable	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, TRIGGER, UPDATE
+mysqltest	dummyview	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, TRIGGER, UPDATE
 FLUSH PRIVILEGES;
 SHOW GRANTS FOR dummy@localhost;
 Grants for dummy@localhost
@@ -503,8 +504,8 @@
 PRIVILEGE_TYPE SEPARATOR ', ') AS PRIVILEGES FROM TABLE_PRIVILEGES WHERE GRANTEE
 = '\'dummy\'@\'localhost\'' GROUP BY TABLE_SCHEMA, TABLE_NAME;
 TABLE_SCHEMA	TABLE_NAME	PRIVILEGES
-mysqltest	dummytable	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, UPDATE
-mysqltest	dummyview	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, UPDATE
+mysqltest	dummytable	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, TRIGGER, UPDATE
+mysqltest	dummyview	ALTER, CREATE, CREATE VIEW, DELETE, DROP, INDEX, INSERT, REFERENCES,
SELECT, SHOW VIEW, TRIGGER, UPDATE
 SHOW FIELDS FROM mysql.tables_priv;
 Field	Type	Null	Key	Default	Extra
 Host	char(60)	NO	PRI		
@@ -513,7 +514,7 @@
 Table_name	char(64)	NO	PRI		
 Grantor	char(77)	NO	MUL		
 Timestamp	timestamp	YES		CURRENT_TIMESTAMP	
-Table_priv	set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create
View','Show view')	NO			
+Table_priv	set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create
View','Show view','Trigger')	NO			
 Column_priv	set('Select','Insert','Update','References')	NO			
 use test;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM dummy@localhost;
@@ -594,7 +595,7 @@
 flush privileges;
 set @user123="non-existent";
 select * from mysql.db where user=@user123;
-Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv
+Host	Db	User	Select_priv	Insert_priv	Update_priv	Delete_priv	Create_priv	Drop_priv	Grant_priv	References_priv	Index_priv	Alter_priv	Create_tmp_table_priv	Lock_tables_priv	Create_view_priv	Show_view_priv	Create_routine_priv	Alter_routine_priv	Execute_priv	Event_priv	Trigger_priv
 set names koi8r;
 create database ��;
 grant select on ��.* to root@localhost;

--- 1.38/scripts/mysql_fix_privilege_tables.sql	2006-02-01 01:28:50 +03:00
+++ 1.39/scripts/mysql_fix_privilege_tables.sql	2006-02-01 13:28:40 +03:00
@@ -667,3 +667,12 @@
                             'HIGH_NOT_PRECEDENCE'
                             ) DEFAULT '' NOT NULL AFTER on_completion;
 
+--
+-- TRIGGER privilege
+--
+
+SET @hadTriggerPriv := 0;
+SELECT @hadTriggerPriv :=1 FROM user WHERE Trigger_priv LIKE '%';
+
+ALTER TABLE user add Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL;
+UPDATE user SET Trigger_priv=Super_priv WHERE @hadTriggerPriv = 0;

--- 1.180/mysql-test/r/sp.result	2006-01-19 12:28:59 +03:00
+++ 1.181/mysql-test/r/sp.result	2006-02-01 13:28:40 +03:00
@@ -2197,6 +2197,7 @@
 Show view	Tables	To see views with SHOW CREATE VIEW
 Shutdown	Server Admin	To shut down the server
 Super	Server Admin	To use KILL thread, SET GLOBAL, CHANGE MASTER, etc.
+Trigger	Tables	To use triggers
 Update	Tables	To update existing rows
 Usage	Server Admin	No privileges - allow connect only
 Variable_name	Value
@@ -2250,6 +2251,7 @@
 Show view	Tables	To see views with SHOW CREATE VIEW
 Shutdown	Server Admin	To shut down the server
 Super	Server Admin	To use KILL thread, SET GLOBAL, CHANGE MASTER, etc.
+Trigger	Tables	To use triggers
 Update	Tables	To update existing rows
 Usage	Server Admin	No privileges - allow connect only
 Variable_name	Value

--- 1.59/mysql-test/r/ps.result	2006-01-26 16:36:22 +03:00
+++ 1.60/mysql-test/r/ps.result	2006-02-01 13:28:40 +03:00
@@ -533,13 +533,13 @@
 prepare my_stmt from @aux;
 execute my_stmt;
 COUNT(*)
-38
+39
 execute my_stmt;
 COUNT(*)
-38
+39
 execute my_stmt;
 COUNT(*)
-38
+39
 deallocate prepare my_stmt;
 drop procedure if exists p1|
 drop table if exists t1|

--- 1.36/scripts/mysql_create_system_tables.sh	2006-01-31 18:01:14 +03:00
+++ 1.37/scripts/mysql_create_system_tables.sh	2006-02-01 13:28:40 +03:00
@@ -75,14 +75,15 @@
   c_d="$c_d   Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL,"
   c_d="$c_d   Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
   c_d="$c_d   Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
+  c_d="$c_d   Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
   c_d="$c_d PRIMARY KEY Host (Host,Db,User),"
   c_d="$c_d KEY User (User)"
   c_d="$c_d ) engine=MyISAM"
   c_d="$c_d CHARACTER SET utf8 COLLATE utf8_bin"
   c_d="$c_d comment='Database privileges';"
   
-  i_d="INSERT INTO db VALUES
('%','test','','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','N','N','Y');
-  INSERT INTO db VALUES
('%','test\_%','','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','N','N','Y');"
+  i_d="INSERT INTO db VALUES
('%','test','','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','N','N','Y','Y');
+  INSERT INTO db VALUES
('%','test\_%','','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','N','N','Y','Y');"
 fi
 
 if test ! -f $mdata/host.frm
@@ -111,6 +112,7 @@
   c_h="$c_h  Create_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL,"
   c_h="$c_h  Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL,"
   c_h="$c_h  Execute_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
+  c_h="$c_h  Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
   c_h="$c_h  PRIMARY KEY Host (Host,Db)"
   c_h="$c_h ) engine=MyISAM"
   c_h="$c_h CHARACTER SET utf8 COLLATE utf8_bin"
@@ -154,6 +156,7 @@
   c_u="$c_u   Alter_routine_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL,"
   c_u="$c_u   Create_user_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT
NULL,"
   c_u="$c_u   Event_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
+  c_u="$c_u   Trigger_priv enum('N','Y') COLLATE utf8_general_ci DEFAULT 'N' NOT NULL,"
   c_u="$c_u   ssl_type enum('','ANY','X509', 'SPECIFIED') COLLATE utf8_general_ci DEFAULT
'' NOT NULL,"
   c_u="$c_u   ssl_cipher BLOB NOT NULL,"
   c_u="$c_u   x509_issuer BLOB NOT NULL,"
@@ -169,22 +172,22 @@
 
   if test "$1" = "test" 
   then
-    i_u="INSERT INTO user VALUES
('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
-    INSERT INTO user VALUES
('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
-    REPLACE INTO user VALUES
('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+    i_u="INSERT INTO user VALUES
('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+    INSERT INTO user VALUES
('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+    REPLACE INTO user VALUES
('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
     INSERT INTO user (host,user) values ('localhost','');
     INSERT INTO user (host,user) values ('$hostname','');"
   else
-    i_u="INSERT INTO user VALUES
('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);"
+    i_u="INSERT INTO user VALUES
('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);"
     if test "$windows" = "0"
     then
       i_u="$i_u
-           INSERT INTO user VALUES
('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+           INSERT INTO user VALUES
('$hostname','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
            INSERT INTO user (host,user) values ('$hostname','');
            INSERT INTO user (host,user) values ('localhost','');"
     else
       i_u="$i_u
-	   INSERT INTO user VALUES
('localhost','','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);"
+	   INSERT INTO user VALUES
('localhost','','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0);"
     fi
   fi 
 fi
@@ -234,7 +237,7 @@
   c_t="$c_t   Table_name char(64) binary DEFAULT '' NOT NULL,"
   c_t="$c_t   Grantor char(77) DEFAULT '' NOT NULL,"
   c_t="$c_t   Timestamp timestamp,"
-  c_t="$c_t   Table_priv
set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create
View','Show view') COLLATE utf8_general_ci DEFAULT '' NOT NULL,"
+  c_t="$c_t   Table_priv
set('Select','Insert','Update','Delete','Create','Drop','Grant','References','Index','Alter','Create
View','Show view','Trigger') COLLATE utf8_general_ci DEFAULT '' NOT NULL,"
   c_t="$c_t   Column_priv set('Select','Insert','Update','References') COLLATE
utf8_general_ci DEFAULT '' NOT NULL,"
   c_t="$c_t   PRIMARY KEY (Host,Db,User,Table_name),"
   c_t="$c_t   KEY Grantor (Grantor)"
Thread
• bk commit into 5.1 tree (anozdrin:1.2120) BUG#9412	Alexander Nozdrin	1 Feb