List:Commits« Previous MessageNext Message »
From:Georgi Kodinov Date:February 25 2009 10:23am
Subject:bzr commit into mysql-5.1-bugteam branch (kgeorge:2818) Bug#37191
View as plain text  
#At file:///Users/kgeorge/mysql/work/B37191-5.1-bugteam/ based on revid:kgeorge@stripped

 2818 Georgi Kodinov	2009-02-25
      backport the fix for bug #37191 to 5.1-bugteam

    modified:
      mysql-test/r/view_grant.result
      mysql-test/t/view_grant.test
      sql/sql_view.cc
=== modified file 'mysql-test/r/view_grant.result'
--- a/mysql-test/r/view_grant.result	2008-09-09 10:49:08 +0000
+++ b/mysql-test/r/view_grant.result	2009-02-25 10:19:29 +0000
@@ -956,6 +956,27 @@ Warnings:
 Warning	1356	View 'test.v1' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 DROP VIEW v1;
 DROP TABLE t1;
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+USE mysqltest1;
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+SELECT * FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+SELECT b FROM v1;
+ERROR 42000: SELECT command denied to user 'mysqluser1'@'localhost' for table 'v1'
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
 End of 5.1 tests.
 CREATE USER mysqluser1@localhost;
 CREATE DATABASE mysqltest1;

=== modified file 'mysql-test/t/view_grant.test'
--- a/mysql-test/t/view_grant.test	2008-09-09 10:49:08 +0000
+++ b/mysql-test/t/view_grant.test	2009-02-25 10:19:29 +0000
@@ -1218,6 +1218,44 @@ SHOW CREATE VIEW v1;
 DROP VIEW v1;
 DROP TABLE t1;
 
+#
+# Bug#37191: Failed assertion in CREATE VIEW
+#
+CREATE USER mysqluser1@localhost;
+CREATE DATABASE mysqltest1;
+
+USE mysqltest1;
+
+CREATE TABLE t1 ( a INT );
+CREATE TABLE t2 ( b INT );
+
+INSERT INTO t1 VALUES (1), (2);
+INSERT INTO t2 VALUES (1), (2);
+
+GRANT CREATE VIEW ON mysqltest1.* TO mysqluser1@localhost;
+
+GRANT SELECT ON t1 TO mysqluser1@localhost;
+GRANT INSERT ON t2 TO mysqluser1@localhost;
+
+--connect (connection1, localhost, mysqluser1, , mysqltest1)
+
+--echo This would lead to failed assertion.
+CREATE VIEW v1 AS SELECT a, b FROM t1, t2;
+
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT * FROM v1;
+--error ER_TABLEACCESS_DENIED_ERROR
+SELECT b FROM v1;
+
+--disconnect connection1
+--connection default
+
+DROP TABLE t1, t2;
+DROP VIEW v1;
+DROP DATABASE mysqltest1;
+DROP USER mysqluser1@localhost;
+USE test;
+
 --echo End of 5.1 tests.
 
 #

=== modified file 'sql/sql_view.cc'
--- a/sql/sql_view.cc	2009-01-15 18:11:25 +0000
+++ b/sql/sql_view.cc	2009-02-25 10:19:29 +0000
@@ -564,24 +564,36 @@ bool mysql_create_view(THD *thd, TABLE_L
   fill_effective_table_privileges(thd, &view->grant, view->db,
                                   view->table_name);
 
+  /*
+    Make sure that the current user does not have more column-level privileges
+    on the newly created view than he/she does on the underlying
+    tables. E.g. it must not be so that the user has UPDATE privileges on a
+    view column of he/she doesn't have it on the underlying table's
+    corresponding column. In that case, return an error for CREATE VIEW.
+   */
   {
     Item *report_item= NULL;
+    /* 
+       This will hold the intersection of the priviliges on all columns in the
+       view.
+     */
     uint final_priv= VIEW_ANY_ACL;
-
-  for (sl= select_lex; sl; sl= sl->next_select())
-  {
-    DBUG_ASSERT(view->db);                     /* Must be set in the parser */
-    List_iterator_fast<Item> it(sl->item_list);
-    Item *item;
-    while ((item= it++))
+    
+    for (sl= select_lex; sl; sl= sl->next_select())
     {
+      DBUG_ASSERT(view->db);                     /* Must be set in the parser */
+      List_iterator_fast<Item> it(sl->item_list);
+      Item *item;
+      while ((item= it++))
+      {
         Item_field *fld= item->filed_for_view_update();
-      uint priv= (get_column_grant(thd, &view->grant, view->db,
-                                    view->table_name, item->name) &
-                  VIEW_ANY_ACL);
+        uint priv= (get_column_grant(thd, &view->grant, view->db,
+                                     view->table_name, item->name) &
+                    VIEW_ANY_ACL);
 
         if (fld && !fld->field->table->s->tmp_table)
-      {
+        {
+
           final_priv&= fld->have_privileges;
 
           if (~fld->have_privileges & priv)
@@ -589,17 +601,15 @@ bool mysql_create_view(THD *thd, TABLE_L
         }
       }
     }
-
-    if (!final_priv)
-        {
-      DBUG_ASSERT(report_item);
-
-          my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
-                   "create view", thd->security_ctx->priv_user,
+    
+    if (!final_priv && report_item)
+    {
+      my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
+               "create view", thd->security_ctx->priv_user,
                thd->security_ctx->priv_host, report_item->name,
-                   view->table_name);
-          res= TRUE;
-          goto err;
+               view->table_name);
+      res= TRUE;
+      goto err;
     }
   }
 #endif


Attachment: [text/bzr-bundle] bzr/kgeorge@mysql.com-20090225101929-fk730uyt6qhoharc.bundle
Thread
bzr commit into mysql-5.1-bugteam branch (kgeorge:2818) Bug#37191Georgi Kodinov25 Feb