MySQL Lists: commits: bzr commit into mysql-5.0 branch (gluh:2678) Bug#22763

List:	Commits	« Previous Message Next Message »
From:	Sergey Glukhov	Date:	August 28 2008 10:37am
Subject:	bzr commit into mysql-5.0 branch (gluh:2678) Bug#22763
View as plain text
#At file:///home/gluh/MySQL/bazaar/mysql-5.0-22763/

 2678 Sergey Glukhov	2008-08-28
      Bug#22763 Disrepancy between SHOW CREATE VIEW and I_S.VIEWS
      The problem:
      I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL privileges for a view.
      It leads to disrepancy between SHOW CREATE VIEW and I_S.VIEWS.
      The fix:
      added appropriate check.
modified:
  mysql-test/r/information_schema_db.result
  mysql-test/t/information_schema_db.test
  sql/sql_show.cc

per-file messages:
  mysql-test/r/information_schema_db.result
    test result
  mysql-test/t/information_schema_db.test
    test case
  sql/sql_show.cc
    The problem:
    I_S views table does not check the presence of SHOW_VIEW_ACL|SELECT_ACL privileges for a view.
    It leads to disrepancy between SHOW CREATE VIEW and I_S.VIEWS.
    The fix:
    added appropriate check.
=== modified file 'mysql-test/r/information_schema_db.result'
--- a/mysql-test/r/information_schema_db.result	2007-10-26 07:01:29 +0000
+++ b/mysql-test/r/information_schema_db.result	2008-08-28 08:36:50 +0000
@@ -209,3 +209,17 @@ drop view testdb_1.v1, v2, testdb_1.v3, 
 drop database testdb_1;
 drop user testdb_1@localhost;
 drop user testdb_2@localhost;
+create database testdb_1;
+create table testdb_1.t1 (a int);
+create view testdb_1.v1 as select * from testdb_1.t1;
+grant show view on testdb_1.* to mysqltest_1@localhost;
+grant select on testdb_1.v1 to mysqltest_1@localhost;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+table_schema	table_name	view_definition
+testdb_1	v1	/* ALGORITHM=UNDEFINED */ select `testdb_1`.`t1`.`a` AS `a` from `testdb_1`.`t1`
+show create view testdb_1.v1;
+View	Create View
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `testdb_1`.`v1` AS select `testdb_1`.`t1`.`a` AS `a` from `testdb_1`.`t1`
+drop user mysqltest_1@localhost;
+drop database testdb_1;

=== modified file 'mysql-test/t/information_schema_db.test'
--- a/mysql-test/t/information_schema_db.test	2007-03-23 18:24:03 +0000
+++ b/mysql-test/t/information_schema_db.test	2008-08-28 08:36:50 +0000
@@ -82,6 +82,7 @@ drop function func2;
 drop database `inf%`;
 drop procedure mbase.p1;
 drop database mbase;
+disconnect user1;
 
 #
 # Bug#18282 INFORMATION_SCHEMA.TABLES provides inconsistent info about invalid views
@@ -210,3 +211,24 @@ drop view testdb_1.v1, v2, testdb_1.v3, 
 drop database testdb_1;
 drop user testdb_1@localhost;
 drop user testdb_2@localhost;
+
+#
+# Bug#22763 Disrepancy between SHOW CREATE VIEW and I_S.VIEWS
+#
+create database testdb_1;
+create table testdb_1.t1 (a int);
+create view testdb_1.v1 as select * from testdb_1.t1;
+
+grant show view on testdb_1.* to mysqltest_1@localhost;
+grant select on testdb_1.v1 to mysqltest_1@localhost;
+
+connect (user1,localhost,mysqltest_1,,test);
+connection user1;
+select table_schema, table_name, view_definition from information_schema.views
+where table_name='v1';
+show create view testdb_1.v1;
+
+connection default;
+drop user mysqltest_1@localhost;
+drop database testdb_1;
+disconnect user1;

=== modified file 'sql/sql_show.cc'
--- a/sql/sql_show.cc	2008-08-15 20:13:27 +0000
+++ b/sql/sql_show.cc	2008-08-28 08:36:50 +0000
@@ -3170,6 +3170,29 @@ static int get_schema_views_record(THD *
           !my_strcasecmp(system_charset_info, tables->definer.host.str,
                          sctx->priv_host))
         tables->allowed_show= TRUE;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+      else
+      {
+        TABLE_LIST table_list;
+        uint view_access;
+        bzero((char*) &table_list,sizeof(table_list));
+        table_list.db= (char*) tables->view_db.str;
+        table_list.db_length= tables->view_db.length;
+        table_list.table_name= tables->view_name.str;
+        table_list.table_name_length= tables->view_name.length;
+        if ((thd->col_access & (SHOW_VIEW_ACL|SELECT_ACL)) ==
+            (SHOW_VIEW_ACL|SELECT_ACL))
+          tables->allowed_show= TRUE;
+        else
+        {
+          table_list.grant.privilege= thd->col_access;
+          view_access= get_table_grant(thd, &table_list);
+          if ((view_access & (SHOW_VIEW_ACL|SELECT_ACL)) ==
+              (SHOW_VIEW_ACL|SELECT_ACL))
+            tables->allowed_show= TRUE;
+        }
+      }
+#endif
     }
     restore_record(table, s->default_values);
     table->field[1]->store(tables->view_db.str, tables->view_db.length, cs);
Thread
• bzr commit into mysql-5.0 branch (gluh:2678) Bug#22763	Sergey Glukhov	28 Aug