List:Commits« Previous MessageNext Message »
From:gluh Date:May 23 2006 9:45am
Subject:bk commit into 5.0 tree (gluh:1.2137) BUG#16681
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of gluh. When gluh does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.2137 06/05/23 12:45:25 gluh@stripped +3 -0
  Bug#16681 information_schema shows forbidden VIEW details
  show view definition to users that have the needed privilleges

  sql/sql_show.cc
    1.317 06/05/23 12:45:19 gluh@stripped +25 -3
    Bug#16681 information_schema shows forbidden VIEW details
    show view definition to users that have the needed privilleges

  mysql-test/t/information_schema.test
    1.79 06/05/23 12:45:19 gluh@stripped +19 -0
    Bug#16681 information_schema shows forbidden VIEW details
    test case

  mysql-test/r/information_schema.result
    1.105 06/05/23 12:45:19 gluh@stripped +13 -0
    Bug#16681 information_schema shows forbidden VIEW details
    test case

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	gluh
# Host:	eagle.intranet.mysql.r18.ru
# Root:	/home/gluh/MySQL/Merge/5.0

--- 1.316/sql/sql_show.cc	Fri May 12 17:34:30 2006
+++ 1.317/sql/sql_show.cc	Tue May 23 12:45:19 2006
@@ -3076,11 +3076,33 @@ static int get_schema_views_record(THD *
 
   if (tables->view)
   {
+    Security_context *sctx= thd->security_ctx;
+    ulong grant= SHOW_VIEW_ACL;
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+    char *save_table_name= tables->table_name;
+    if (!my_strcasecmp(system_charset_info, tables->definer.user.str,
+                       sctx->priv_user) &&
+        !my_strcasecmp(system_charset_info, tables->definer.host.str,
+                       sctx->priv_host))
+      grant= SHOW_VIEW_ACL;
+    else
+    {
+      tables->table_name= tables->view_name.str;
+      if (check_access(thd, SHOW_VIEW_ACL , base_name,
+                       &tables->grant.privilege, 0, 1,
+                       test(tables->schema_table)))
+        grant= get_table_grant(thd, tables);
+      else
+        grant= tables->grant.privilege;
+    }
+    tables->table_name= save_table_name;
+#endif
+
     restore_record(table, s->default_values);
     table->field[1]->store(tables->view_db.str, tables->view_db.length, cs);
-    table->field[2]->store(tables->view_name.str, tables->view_name.length,
-                           cs);
-    table->field[3]->store(tables->query.str, tables->query.length, cs);
+    table->field[2]->store(tables->view_name.str, tables->view_name.length,
cs);
+    if (grant & SHOW_VIEW_ACL)
+      table->field[3]->store(tables->query.str, tables->query.length, cs);
 
     if (tables->with_check != VIEW_CHECK_NONE)
     {

--- 1.104/mysql-test/r/information_schema.result	Fri May 12 17:34:30 2006
+++ 1.105/mysql-test/r/information_schema.result	Tue May 23 12:45:19 2006
@@ -1108,3 +1108,16 @@ routine_name
 
 delete from proc where name='';
 use test;
+grant select on test.* to mysqltest_1@localhost;
+create table t1 (id int);
+create view v1 as select * from t1;
+create definer = mysqltest_1@localhost
+sql security definer view v2 as select 1;
+select * from information_schema.views
+where table_name='v1' or table_name='v2';
+TABLE_CATALOG	TABLE_SCHEMA	TABLE_NAME	VIEW_DEFINITION	CHECK_OPTION	IS_UPDATABLE	DEFINER	SECURITY_TYPE
+NULL	test	v1		NONE	YES	root@localhost	DEFINER
+NULL	test	v2	select 1 AS `1`	NONE	NO	mysqltest_1@localhost	DEFINER
+drop view v1, v2;
+drop table t1;
+drop user mysqltest_1@localhost;

--- 1.78/mysql-test/t/information_schema.test	Fri May 12 17:34:30 2006
+++ 1.79/mysql-test/t/information_schema.test	Tue May 23 12:45:19 2006
@@ -822,3 +822,22 @@ INSERT INTO `proc` VALUES ('test','','PR
 select routine_name from information_schema.routines;
 delete from proc where name='';
 use test;
+
+#
+# Bug#16681 information_schema shows forbidden VIEW details
+#
+grant select on test.* to mysqltest_1@localhost;
+create table t1 (id int);
+create view v1 as select * from t1;
+create definer = mysqltest_1@localhost
+sql security definer view v2 as select 1;
+
+connect (con16681,localhost,mysqltest_1,,test);
+connection con16681;
+
+select * from information_schema.views
+where table_name='v1' or table_name='v2';
+connection default;
+drop view v1, v2;
+drop table t1;
+drop user mysqltest_1@localhost;
Thread
bk commit into 5.0 tree (gluh:1.2137) BUG#16681gluh23 May