List:Commits« Previous MessageNext Message »
From:eugene Date:August 15 2006 5:45pm
Subject:bk commit into 5.0 tree (evgen:1.2246) BUG#20989
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of evgen. When evgen does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2006-08-15 21:45:24+04:00, evgen@stripped +9 -0
  Fixed bug#21261: Wrong access rights was required for an insert into a view
  
  SELECT right instead of INSERT right was required for an insert into to a view.
  This wrong behaviour appeared after the fix for bug #20989. Its intention was
  to ask only SELECT right for all tables except the very first for a complex
  INSERT query. But that patch has done it in a wrong way and lead to asking 
  a wrong access right for an insert into a view.
  
  The setup_tables_and_check_access() function now accepts two want_access
  parameters. One will be used for the first table and the second for other
  tables.

  mysql-test/r/view.result@stripped, 2006-08-15 21:42:29+04:00, evgen@stripped +19 -0
    Added a test case for bug#21261: Wrong access rights was required for an insert into a view

  mysql-test/t/view.test@stripped, 2006-08-15 21:42:25+04:00, evgen@stripped +30 -0
    Added a test case for bug#21261: Wrong access rights was required for an insert into a view

  sql/mysql_priv.h@stripped, 2006-08-15 21:44:09+04:00, evgen@stripped +1 -0
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    The setup_tables_and_check_access() function now accepts two want_access
    parameters.

  sql/sql_base.cc@stripped, 2006-08-15 21:44:01+04:00, evgen@stripped +7 -2
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    The setup_tables_and_check_access() function now accepts two want_access
    parameters. One will be used for the first table and the second for other
    tables.

  sql/sql_delete.cc@stripped, 2006-08-15 21:43:57+04:00, evgen@stripped +2 -2
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    Modified to use updated setup_tables_and_check_access() function.

  sql/sql_insert.cc@stripped, 2006-08-15 21:43:56+04:00, evgen@stripped +1 -1
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    Modified to use updated setup_tables_and_check_access() function.

  sql/sql_load.cc@stripped, 2006-08-15 21:43:52+04:00, evgen@stripped +1 -0
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    Modified to use updated setup_tables_and_check_access() function.

  sql/sql_select.cc@stripped, 2006-08-15 21:43:23+04:00, evgen@stripped +1 -1
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    Modified to use updated setup_tables_and_check_access() function.

  sql/sql_update.cc@stripped, 2006-08-15 21:42:33+04:00, evgen@stripped +2 -2
    Fixed bug#21261: Wrong access rights was required for an insert into a view
    Modified to use updated setup_tables_and_check_access() function.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	evgen
# Host:	sunlight.local
# Root:	/local_work/21261-bug-5.0-mysql

--- 1.403/sql/mysql_priv.h	2006-08-15 21:45:29 +04:00
+++ 1.404/sql/mysql_priv.h	2006-08-15 21:45:29 +04:00
@@ -974,6 +974,7 @@
                                     TABLE_LIST *tables, Item **conds, 
                                     TABLE_LIST **leaves, 
                                     bool select_insert,
+                                    ulong want_access_first,
                                     ulong want_access);
 int setup_wild(THD *thd, TABLE_LIST *tables, List<Item> &fields,
 	       List<Item> *sum_func_list, uint wild_num);

--- 1.347/sql/sql_base.cc	2006-08-15 21:45:29 +04:00
+++ 1.348/sql/sql_base.cc	2006-08-15 21:45:29 +04:00
@@ -4563,9 +4563,11 @@
                                    TABLE_LIST *tables,
                                    Item **conds, TABLE_LIST **leaves,
                                    bool select_insert,
+                                   ulong want_access_first,
                                    ulong want_access)
 {
   TABLE_LIST *leaves_tmp = NULL;
+  bool first_table= true;
 
   if (setup_tables (thd, context, from_clause, tables, conds, 
                     &leaves_tmp, select_insert))
@@ -4575,13 +4577,16 @@
     *leaves = leaves_tmp;
 
   for (; leaves_tmp; leaves_tmp= leaves_tmp->next_leaf)
+  {
     if (leaves_tmp->belong_to_view && 
-        check_single_table_access(thd, want_access,  leaves_tmp))
+        check_single_table_access(thd, first_table ? want_access_first :
+                                  want_access,  leaves_tmp))
     {
       tables->hide_view_error(thd);
       return TRUE;
     }
-
+    first_table= false;
+  }
   return FALSE;
 }
 

--- 1.177/sql/sql_delete.cc	2006-08-15 21:45:29 +04:00
+++ 1.178/sql/sql_delete.cc	2006-08-15 21:45:29 +04:00
@@ -350,7 +350,7 @@
                                     &thd->lex->select_lex.top_join_list,
                                     table_list, conds, 
                                     &select_lex->leaf_tables, FALSE, 
-                                    DELETE_ACL) ||
+                                    DELETE_ACL, SELECT_ACL) ||
       setup_conds(thd, table_list, select_lex->leaf_tables, conds) ||
       setup_ftfuncs(select_lex))
     DBUG_RETURN(TRUE);
@@ -413,7 +413,7 @@
                                     &thd->lex->select_lex.top_join_list,
                                     lex->query_tables, &lex->select_lex.where,
                                     &lex->select_lex.leaf_tables, FALSE, 
-                                    DELETE_ACL))
+                                    DELETE_ACL, SELECT_ACL))
     DBUG_RETURN(TRUE);
 
 

--- 1.197/sql/sql_insert.cc	2006-08-15 21:45:29 +04:00
+++ 1.198/sql/sql_insert.cc	2006-08-15 21:45:29 +04:00
@@ -847,7 +847,7 @@
                                     &thd->lex->select_lex.top_join_list,
                                     table_list, where, 
                                     &thd->lex->select_lex.leaf_tables,
-                                    select_insert, SELECT_ACL))
+                                    select_insert, INSERT_ACL, SELECT_ACL))
     DBUG_RETURN(TRUE);
 
   if (insert_into_view && !fields.elements)

--- 1.96/sql/sql_load.cc	2006-08-15 21:45:29 +04:00
+++ 1.97/sql/sql_load.cc	2006-08-15 21:45:29 +04:00
@@ -157,6 +157,7 @@
                                     &thd->lex->select_lex.top_join_list,
                                     table_list, &unused_conds,
                                     &thd->lex->select_lex.leaf_tables, FALSE,
+                                    INSERT_ACL | UPDATE_ACL,
                                     INSERT_ACL | UPDATE_ACL))
      DBUG_RETURN(-1);
   if (!table_list->table ||               // do not suport join view

--- 1.439/sql/sql_select.cc	2006-08-15 21:45:29 +04:00
+++ 1.440/sql/sql_select.cc	2006-08-15 21:45:29 +04:00
@@ -344,7 +344,7 @@
        setup_tables_and_check_access(thd, &select_lex->context, join_list,
                                      tables_list, &conds, 
                                      &select_lex->leaf_tables, FALSE, 
-                                     SELECT_ACL)) ||
+                                     SELECT_ACL, SELECT_ACL)) ||
       setup_wild(thd, tables_list, fields_list, &all_fields, wild_num) ||
       select_lex->setup_ref_array(thd, og_num) ||
       setup_fields(thd, (*rref_pointer_array), fields_list, 1,

--- 1.194/sql/sql_update.cc	2006-08-15 21:45:29 +04:00
+++ 1.195/sql/sql_update.cc	2006-08-15 21:45:29 +04:00
@@ -627,7 +627,7 @@
                                     &select_lex->top_join_list,
                                     table_list, conds, 
                                     &select_lex->leaf_tables,
-                                    FALSE, UPDATE_ACL) ||
+                                    FALSE, UPDATE_ACL, SELECT_ACL) ||
       setup_conds(thd, table_list, select_lex->leaf_tables, conds) ||
       select_lex->setup_ref_array(thd, order_num) ||
       setup_order(thd, select_lex->ref_pointer_array,
@@ -722,7 +722,7 @@
                                     &lex->select_lex.top_join_list,
                                     table_list, &lex->select_lex.where,
                                     &lex->select_lex.leaf_tables, FALSE,
-                                    UPDATE_ACL))
+                                    UPDATE_ACL, SELECT_ACL))
     DBUG_RETURN(TRUE);
 
   if (setup_fields_with_no_wrap(thd, 0, *fields, 1, 0, 0))

--- 1.169/mysql-test/r/view.result	2006-08-15 21:45:29 +04:00
+++ 1.170/mysql-test/r/view.result	2006-08-15 21:45:29 +04:00
@@ -2850,3 +2850,22 @@
 t1
 DROP TABLE t1;
 DROP VIEW IF EXISTS v1;
+CREATE DATABASE bug21261DB;
+CREATE TABLE t1 (x INT);
+CREATE SQL SECURITY INVOKER VIEW v1 AS SELECT x FROM t1;
+GRANT INSERT, UPDATE ON v1 TO 'user21261'@'localhost';
+GRANT INSERT, UPDATE ON t1 TO 'user21261'@'localhost';
+CREATE TABLE t2 (y INT);
+GRANT SELECT ON t2 TO 'user21261'@'localhost';
+INSERT INTO v1 (x) VALUES (5);
+UPDATE v1 SET x=1;
+GRANT SELECT ON v1 TO 'user21261'@'localhost';
+UPDATE v1,t2 SET x=1 WHERE x=y;
+SELECT * FROM t1;
+x
+1
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user21261'@'localhost';
+DROP USER 'user21261'@'localhost';
+DROP VIEW v1;
+DROP TABLE t1;
+DROP DATABASE bug21261DB;

--- 1.154/mysql-test/t/view.test	2006-08-15 21:45:29 +04:00
+++ 1.155/mysql-test/t/view.test	2006-08-15 21:45:29 +04:00
@@ -2718,3 +2718,33 @@
 --disable_warnings
 DROP VIEW IF EXISTS v1;
 --enable_warnings
+
+#
+# Bug #21261: Wrong access rights was required for an insert to a view
+#
+CREATE DATABASE bug21261DB;
+CONNECT (root,localhost,root,,bug21261DB);
+CONNECTION root;
+
+CREATE TABLE t1 (x INT);
+CREATE SQL SECURITY INVOKER VIEW v1 AS SELECT x FROM t1;
+GRANT INSERT, UPDATE ON v1 TO 'user21261'@'localhost';
+GRANT INSERT, UPDATE ON t1 TO 'user21261'@'localhost';
+CREATE TABLE t2 (y INT);
+GRANT SELECT ON t2 TO 'user21261'@'localhost';
+
+CONNECT (user21261, localhost, user21261,, bug21261DB);
+CONNECTION user21261;
+INSERT INTO v1 (x) VALUES (5);
+UPDATE v1 SET x=1;
+CONNECTION root;
+GRANT SELECT ON v1 TO 'user21261'@'localhost';
+CONNECTION user21261;
+UPDATE v1,t2 SET x=1 WHERE x=y;
+CONNECTION root;
+SELECT * FROM t1;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user21261'@'localhost';
+DROP USER 'user21261'@'localhost';
+DROP VIEW v1;
+DROP TABLE t1;
+DROP DATABASE bug21261DB;
Thread
bk commit into 5.0 tree (evgen:1.2246) BUG#20989eugene15 Aug