List:Commits« Previous MessageNext Message »
From:Martin Hansson Date:January 1 1970 12:00am
Subject:bzr push into mysql-6.0 branch (mhansson:2669) Bug#37191
View as plain text  
 2669 Martin Hansson	2008-06-16
      Bug#37191: Failed assertion in CREATE VIEW
            
      It was assumed that if the intersection of all column grants for all 
      underlying tables in a view was empty, it implied that the view had 
      more privileges on some column than the corresponding underlying table.
      Fixed by removing the assumption (which was an assert()) and raising an 
      error only when both hold.
modified:
  mysql-test/r/view_grant.result
  mysql-test/t/view_grant.test
  sql/sql_view.cc

=== modified file 'mysql-test/r/view_grant.result'
--- a/mysql-test/r/view_grant.result	2008-03-22 08:02:24 +0000
+++ b/mysql-test/r/view_grant.result	2008-06-16 11:27:02 +0000
@@ -947,4 +947,25 @@ Warnings:
 Warning	1356	View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 DROP VIEW v1;
 DROP TABLE t1;
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+USE mysqltest1;
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+SELECT * FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+SELECT b FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
 End of 5.1 tests.

=== modified file 'mysql-test/t/view_grant.test'
--- a/mysql-test/t/view_grant.test	2008-03-04 17:35:42 +0000
+++ b/mysql-test/t/view_grant.test	2008-06-16 11:27:02 +0000
@@ -1215,4 +1215,42 @@ SHOW CREATE VIEW v1;
 DROP VIEW v1;
 DROP TABLE t1;
 
+#
+# Bug#37191: Failed assertion in CREATE VIEW
+#
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+
+USE mysqltest1;
+
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+
+--connect (connection1, localhost, mysqluser1, , mysqltest1)
+
+--echo This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT * FROM v1;
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT b FROM v1;
+
+--disconnect connection1
+--connection default
+
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
+
 --echo End of 5.1 tests.

=== modified file 'sql/sql_view.cc'
--- a/sql/sql_view.cc	2008-05-14 13:49:41 +0000
+++ b/sql/sql_view.cc	2008-06-16 11:27:02 +0000
@@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_L
   fill_effective_table_privileges(thd, &view->grant, view->db,
                                   view->table_name);
 
+  /*
+    Make sure that the current user does not have more column-level privileges
+    on the newly created view than he/she does on the underlying
+    tables. E.g. it must not be so that the user has UPDATE privileges on a
+    view column of he/she doesn't have it on the underlying table's
+    corresponding column. In that case, return an error for CREATE VIEW.
+   */
   {
     Item *report_item= NULL;
+    /* 
+       This will hold the intersection of the priviliges on all columns in the
+       view.
+     */
     uint final_priv= VIEW_ANY_ACL;
-
-  for (sl= select_lex; sl; sl= sl->next_select())
-  {
-    DBUG_ASSERT(view->db);                     /* Must be set in the parser */
-    List_iterator_fast<Item> it(sl->item_list);
-    Item *item;
-    while ((item= it++))
+    
+    for (sl= select_lex; sl; sl= sl->next_select())
     {
+      DBUG_ASSERT(view->db);                     /* Must be set in the parser */
+      List_iterator_fast<Item> it(sl->item_list);
+      Item *item;
+      while ((item= it++))
+      {
         Item_field *fld= item->filed_for_view_update();
-      uint priv= (get_column_grant(thd, &view->grant, view->db,
-                                    view->table_name, item->name) &
-                  VIEW_ANY_ACL);
+        uint priv= (get_column_grant(thd, &view->grant, view->db,
+                                     view->table_name, item->name) &
+                    VIEW_ANY_ACL);
 
         if (fld && !fld->field->table->s->tmp_table)
-      {
+        {
+
           final_priv&= fld->have_privileges;
 
           if (~fld->have_privileges & priv)
@@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_L
         }
       }
     }
-
-    if (!final_priv)
-        {
-      DBUG_ASSERT(report_item);
-
-          my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
-                   "create view", thd->security_ctx->priv_user,
+    
+    if (!final_priv && report_item)
+    {
+      my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
+               "create view", thd->security_ctx->priv_user,
                thd->security_ctx->priv_host, report_item->name,
-                   view->table_name);
-          res= TRUE;
-          goto err;
+               view->table_name);
+      res= TRUE;
+      goto err;
     }
   }
 #endif

Thread
bzr push into mysql-6.0 branch (mhansson:2669) Bug#37191Martin Hansson16 Jun