MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:He Zhenxing Date:March 26 2009 6:34am
Subject:bzr commit into mysql-6.0-rpl branch (zhenxing.he:2834) Bug#34227
View as plain text  
#At file:///media/sdb2/hezx/work/mysql/bzrwork/b34227/6.0-rpl/

 2834 He Zhenxing	2009-03-26
      BUG#34227 Replication permission error message is misleading
      
      When multiple privileges are checked via check_global_access(),
      and any of them is sufficient, change the privileges separator
      from ',' to '|' in the error message to make it clear that any
      (not all) of the privileges listed is sufficient to grant the
      access.
modified:
  mysql-test/r/mysqldump.result
  sql/sp_head.cc
  sql/sql_acl.cc
  sql/sql_acl.h
  sql/sql_parse.cc

=== modified file 'mysql-test/r/mysqldump.result'
--- a/mysql-test/r/mysqldump.result	2009-03-12 16:18:40 +0000
+++ b/mysql-test/r/mysqldump.result	2009-03-26 06:34:23 +0000
@@ -3558,8 +3558,8 @@ reset master;
 mysqldump: Couldn't execute 'FLUSH /*!40101 LOCAL */ TABLES': Access denied; you need the RELOAD privilege for this operation (1227)
 mysqldump: Couldn't execute 'FLUSH /*!40101 LOCAL */ TABLES': Access denied; you need the RELOAD privilege for this operation (1227)
 grant RELOAD on *.* to mysqltest_1@localhost;
-mysqldump: Couldn't execute 'SHOW MASTER STATUS': Access denied; you need the SUPER,REPLICATION CLIENT privilege for this operation (1227)
-mysqldump: Couldn't execute 'SHOW MASTER STATUS': Access denied; you need the SUPER,REPLICATION CLIENT privilege for this operation (1227)
+mysqldump: Couldn't execute 'SHOW MASTER STATUS': Access denied; you need the SUPER|REPLICATION CLIENT privilege for this operation (1227)
+mysqldump: Couldn't execute 'SHOW MASTER STATUS': Access denied; you need the SUPER|REPLICATION CLIENT privilege for this operation (1227)
 grant REPLICATION CLIENT on *.* to mysqltest_1@localhost;
 drop table t1;
 drop user mysqltest_1@localhost;

=== modified file 'sql/sp_head.cc'
--- a/sql/sp_head.cc	2009-03-04 13:33:47 +0000
+++ b/sql/sp_head.cc	2009-03-26 06:34:23 +0000
@@ -1517,7 +1517,7 @@ sp_head::execute_trigger(THD *thd,
   if (!(grant_info->privilege & TRIGGER_ACL))
   {
     char priv_desc[128];
-    get_privilege_desc(priv_desc, sizeof(priv_desc), TRIGGER_ACL);
+    get_privilege_desc(priv_desc, sizeof(priv_desc), TRIGGER_ACL, FALSE);
 
     my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0), priv_desc,
              thd->security_ctx->priv_user, thd->security_ctx->host_or_ip,

=== modified file 'sql/sql_acl.cc'
--- a/sql/sql_acl.cc	2009-03-09 12:17:41 +0000
+++ b/sql/sql_acl.cc	2009-03-26 06:34:23 +0000
@@ -3003,7 +3003,7 @@ int mysql_table_grant(THD *thd, TABLE_LI
       {
         char command[128];
         get_privilege_desc(command, sizeof(command),
-                           table_list->grant.want_privilege);
+                           table_list->grant.want_privilege, FALSE);
         my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
                  command, thd->security_ctx->priv_user,
                  thd->security_ctx->host_or_ip, table_list->alias);
@@ -3978,7 +3978,7 @@ err:
   if (!no_errors)				// Not a silent skip of table
   {
     char command[128];
-    get_privilege_desc(command, sizeof(command), want_access);
+    get_privilege_desc(command, sizeof(command), want_access, FALSE);
     my_error(ER_TABLEACCESS_DENIED_ERROR, MYF(0),
              command,
              sctx->priv_user,
@@ -4134,7 +4134,7 @@ bool check_grant_column(THD *thd, GRANT_
 err:
   rw_unlock(&LOCK_grant);
   char command[128];
-  get_privilege_desc(command, sizeof(command), want_access);
+  get_privilege_desc(command, sizeof(command), want_access, FALSE);
   my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
            command,
            sctx->priv_user,
@@ -4296,7 +4296,7 @@ err:
   rw_unlock(&LOCK_grant);
 
   char command[128];
-  get_privilege_desc(command, sizeof(command), want_access);
+  get_privilege_desc(command, sizeof(command), want_access, FALSE);
   /*
     Do not give an error message listing a column name unless the user has
     privilege to see all columns.
@@ -5048,16 +5048,25 @@ static int show_routine_grants(THD* thd,
   return error;
 }
 
-/*
+/**
   Make a clear-text version of the requested privilege.
+
+  @param to         pointer to the buffer
+  @param max_length max length of the description message allowed
+  @param access     privileges to check for access
+  @param any        if TRUE, any of the privileges is sufficient,
+                    if FALSE, all privileges are required
 */
 
-void get_privilege_desc(char *to, uint max_length, ulong access)
+void get_privilege_desc(char *to, uint max_length, ulong access, bool any)
 {
   uint pos;
   char *start=to;
+  char sep=',';
   DBUG_ASSERT(max_length >= 30);		// For end ',' removal
 
+  if (any)
+    sep= '|';
   if (access)
   {
     max_length--;				// Reserve place for end-zero
@@ -5067,7 +5076,7 @@ void get_privilege_desc(char *to, uint m
 	  command_lengths[pos] + (uint) (to-start) < max_length)
       {
 	to= strmov(to, command_array[pos]);
-	*to++=',';
+	*to++= sep;
       }
     }
     to--;					// Remove end ','

=== modified file 'sql/sql_acl.h'
--- a/sql/sql_acl.h	2008-08-18 05:43:50 +0000
+++ b/sql/sql_acl.h	2009-03-26 06:34:23 +0000
@@ -256,7 +256,7 @@ ulong get_column_grant(THD *thd, GRANT_I
                        const char *db_name, const char *table_name,
                        const char *field_name);
 bool mysql_show_grants(THD *thd, LEX_USER *user);
-void get_privilege_desc(char *to, uint max_length, ulong access);
+void get_privilege_desc(char *to, uint max_length, ulong access, bool any);
 void get_mqh(const char *user, const char *host, USER_CONN *uc);
 bool mysql_create_user(THD *thd, List <LEX_USER> &list);
 bool mysql_drop_user(THD *thd, List <LEX_USER> &list);

=== modified file 'sql/sql_parse.cc'
--- a/sql/sql_parse.cc	2009-03-23 12:46:20 +0000
+++ b/sql/sql_parse.cc	2009-03-26 06:34:23 +0000
@@ -5359,7 +5359,7 @@ bool check_global_access(THD *thd, ulong
   char command[128];
   if ((thd->security_ctx->master_access & want_access))
     return 0;
-  get_privilege_desc(command, sizeof(command), want_access);
+  get_privilege_desc(command, sizeof(command), want_access, TRUE);
   my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
   return 1;
 #else

Thread
bzr commit into mysql-6.0-rpl branch (zhenxing.he:2834) Bug#34227He Zhenxing26 Mar