#At file:///media/sdb2/hezx/work/mysql/bzrwork/b34227/6.0-bugteam/
3089 He Zhenxing 2009-03-12
BUG#34227 Replication permission error message is misleading
When multiple privileges are checked, and any of them is
sufficient, change the privileges separator from ',' to '|' in
the error message to make it clear that any (not all) of the
privileges listed is sufficient to grant the access.
modified:
sql/sp_head.cc
sql/sql_acl.cc
sql/sql_acl.h
sql/sql_parse.cc
=== modified file 'sql/sp_head.cc'
--- a/sql/sp_head.cc 2009-02-13 16:30:54 +0000
+++ b/sql/sp_head.cc 2009-03-12 07:51:22 +0000
@@ -1511,7 +1511,8 @@ sp_head::execute_trigger(THD *thd,
if (!(grant_info->privilege & TRIGGER_ACL))
{
char priv_desc[128];
- get_privilege_desc(priv_desc, sizeof(priv_desc), TRIGGER_ACL);
+ get_privilege_desc(priv_desc, sizeof(priv_desc), TRIGGER_ACL,
+ FALSE /* any */);
my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), priv_desc,
thd->security_ctx->priv_user, thd->security_ctx->host_or_ip,
=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc 2009-02-26 17:45:13 +0000
+++ b/sql/sql_acl.cc 2009-03-12 07:51:22 +0000
@@ -3003,7 +3003,7 @@ int mysql_table_grant(THD *thd, TABLE_LI
{
char command[128];
get_privilege_desc(command, sizeof(command),
- table_list->grant.want_privilege);
+ table_list->grant.want_privilege, FALSE /* any */);
my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
command, thd->security_ctx->priv_user,
thd->security_ctx->host_or_ip, table_list->alias);
@@ -3978,7 +3978,8 @@ err:
if (!no_errors) // Not a silent skip of table
{
char command[128];
- get_privilege_desc(command, sizeof(command), want_access);
+ get_privilege_desc(command, sizeof(command), want_access,
+ FALSE /* any */);
my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
command,
sctx->priv_user,
@@ -4134,7 +4135,7 @@ bool check_grant_column(THD *thd, GRANT_
err:
rw_unlock(&LOCK_grant);
char command[128];
- get_privilege_desc(command, sizeof(command), want_access);
+ get_privilege_desc(command, sizeof(command), want_access, FALSE /* any */);
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
command,
sctx->priv_user,
@@ -4296,7 +4297,8 @@ err:
rw_unlock(&LOCK_grant);
char command[128];
- get_privilege_desc(command, sizeof(command), want_access);
+ get_privilege_desc(command, sizeof(command), want_access,
+ FALSE /* any */);
/*
Do not give an error message listing a column name unless the user has
privilege to see all columns.
@@ -5052,12 +5054,15 @@ static int show_routine_grants(THD* thd,
Make a clear-text version of the requested privilege.
*/
-void get_privilege_desc(char *to, uint max_length, ulong access)
+void get_privilege_desc(char *to, uint max_length, ulong access, bool any)
{
uint pos;
char *start=to;
+ char sep=',';
DBUG_ASSERT(max_length >= 30); // For end ',' removal
+ if (any)
+ sep= '|';
if (access)
{
max_length--; // Reserve place for end-zero
@@ -5067,7 +5072,7 @@ void get_privilege_desc(char *to, uint m
command_lengths[pos] + (uint) (to-start) < max_length)
{
to= strmov(to, command_array[pos]);
- *to++=',';
+ *to++= sep;
}
}
to--; // Remove end ','
=== modified file 'sql/sql_acl.h'
--- a/sql/sql_acl.h 2008-08-18 05:43:50 +0000
+++ b/sql/sql_acl.h 2009-03-12 07:51:22 +0000
@@ -256,7 +256,7 @@ ulong get_column_grant(THD *thd, GRANT_I
const char *db_name, const char *table_name,
const char *field_name);
bool mysql_show_grants(THD *thd, LEX_USER *user);
-void get_privilege_desc(char *to, uint max_length, ulong access);
+void get_privilege_desc(char *to, uint max_length, ulong access, bool any);
void get_mqh(const char *user, const char *host, USER_CONN *uc);
bool mysql_create_user(THD *thd, List <LEX_USER> &list);
bool mysql_drop_user(THD *thd, List <LEX_USER> &list);
=== modified file 'sql/sql_parse.cc'
--- a/sql/sql_parse.cc 2009-03-06 10:25:21 +0000
+++ b/sql/sql_parse.cc 2009-03-12 07:51:22 +0000
@@ -5348,7 +5348,7 @@ bool check_global_access(THD *thd, ulong
char command[128];
if ((thd->security_ctx->master_access & want_access))
return 0;
- get_privilege_desc(command, sizeof(command), want_access);
+ get_privilege_desc(command, sizeof(command), want_access, TRUE /* any */);
my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
return 1;
#else
| Thread |
|---|
| • bzr commit into mysql-6.0-bugteam branch (zhenxing.he:3089) Bug#34227 | He Zhenxing | 12 Mar |
