MySQL Lists are EOL. Please join:

List:Internals« Previous MessageNext Message »
From:sanja Date:July 1 2005 9:21am
Subject:bk commit into 5.0 tree (bell:1.1861) BUG#9505
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of bell. When bell does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet
  1.1861 05/07/01 12:21:33 bell@stripped +4 -0
  do not check rights if name resolution context require it (inside view) (BUG#9505)

  sql/sql_view.cc
    1.50 05/07/01 12:21:29 bell@stripped +13 -12
    set name resolution context for both algorithms

  sql/item_func.cc
    1.227 05/07/01 12:21:29 bell@stripped +13 -9
    do not check rights if name resolution context require it (inside view)

  mysql-test/t/view_grant.test
    1.3 05/07/01 12:21:29 bell@stripped +24 -0
    checking grants on view with function

  mysql-test/r/view_grant.result
    1.2 05/07/01 12:21:29 bell@stripped +20 -0
    checking grants on view with function

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	bell
# Host:	sanja.is.com.ua
# Root:	/home/bell/mysql/bk/work-bug7-5.0

--- 1.226/sql/item_func.cc	Fri Jul  1 07:05:35 2005
+++ 1.227/sql/item_func.cc	Fri Jul  1 12:21:29 2005
@@ -4827,14 +4827,17 @@
 #endif
 
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  if (check_routine_access(thd, EXECUTE_ACL, 
-			   m_sp->m_db.str, m_sp->m_name.str, 0, 0))
-    goto error_check;
-  sp_change_security_context(thd, m_sp, &save_ctx);
-  if (save_ctx.changed && 
-      check_routine_access(thd, EXECUTE_ACL, 
-			   m_sp->m_db.str, m_sp->m_name.str, 0, 0))
-    goto error_check;
+  if (context->check_privileges)
+  {
+    if (check_routine_access(thd, EXECUTE_ACL, 
+                             m_sp->m_db.str, m_sp->m_name.str, 0, 0))
+      goto error_check;
+    sp_change_security_context(thd, m_sp, &save_ctx);
+    if (save_ctx.changed && 
+        check_routine_access(thd, EXECUTE_ACL, 
+                             m_sp->m_db.str, m_sp->m_name.str, 0, 0))
+      goto error_check;
+  }
 #endif
   /*
     Like for SPs, we don't binlog the substatements. If the statement which
@@ -4859,7 +4862,8 @@
 
 error_check_ctx:
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  sp_restore_security_context(thd, m_sp, &save_ctx);
+  if (context->check_privileges)
+    sp_restore_security_context(thd, m_sp, &save_ctx);
 #endif
 
   thd->client_capabilities|= old_client_capabilites &  CLIENT_MULTI_RESULTS;

--- 1.49/sql/sql_view.cc	Fri Jul  1 07:05:36 2005
+++ 1.50/sql/sql_view.cc	Fri Jul  1 12:21:29 2005
@@ -810,6 +810,18 @@
     if (view_select->options & OPTION_TO_QUERY_CACHE)
       old_lex->select_lex.options|= OPTION_TO_QUERY_CACHE;
 
+    /* prepare view context */
+    lex->select_lex.context.outer_context= 0;
+    lex->select_lex.context.select_lex= table->select_lex;
+    /* do not check privileges & hide errors for view underlyings */
+    for (SELECT_LEX *sl= lex->all_selects_list;
+         sl;
+         sl= sl->next_select_in_list())
+    {
+      sl->context.check_privileges= FALSE;
+      sl->context.error_processor= &view_error_processor;
+      sl->context.error_processor_data= (void *)table;
+    }
     /*
       check MERGE algorithm ability
       - algorithm is not explicit TEMPORARY TABLE
@@ -831,20 +843,9 @@
       table->effective_with_check=
         old_lex->get_effective_with_check(table);
 
-      /* prepare view context */
+      /* merged view resolved only by tables */
       lex->select_lex.context.resolve_in_table_list_only(table->ancestor=
                                                          view_tables);
-      lex->select_lex.context.outer_context= 0;
-      lex->select_lex.context.select_lex= table->select_lex;
-      /* do not check privileges & hide errors for view underlyings */
-      for (SELECT_LEX *sl= lex->all_selects_list;
-           sl;
-           sl= sl->next_select_in_list())
-      {
-        sl->context.check_privileges= FALSE;
-        sl->context.error_processor= &view_error_processor;
-        sl->context.error_processor_data= (void *)table;
-      }
       /*
         Tables of the main select of the view should be marked as belonging
         to the same select as original view (again we can use LEX::select_lex

--- 1.1/mysql-test/r/view_grant.result	Mon Apr  4 22:43:55 2005
+++ 1.2/mysql-test/r/view_grant.result	Fri Jul  1 12:21:29 2005
@@ -302,3 +302,23 @@
 create view v1 as select * from t1;
 revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 drop database mysqltest;
+create database mysqltest;
+use mysqltest;
+create table t1 (s1 int);
+grant select on t1 to mysqltest_1@localhost;
+create function f1 () returns int begin declare v int; select s1 from t1
+into v; return v; end//
+create view v1 as select f1();
+grant select on v1 to mysqltest_1@localhost;
+use mysqltest;
+select * from v1;
+f1()
+NULL
+Warnings:
+Warning	1329	No data to FETCH
+use test;
+drop function f1;
+use test;
+drop database mysqltest;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
+drop user mysqltest_1@localhost;

--- 1.2/mysql-test/t/view_grant.test	Tue Apr  5 03:08:08 2005
+++ 1.3/mysql-test/t/view_grant.test	Fri Jul  1 12:21:29 2005
@@ -401,3 +401,27 @@
 revoke all privileges on mysqltest.* from mysqltest_1@localhost;
 drop database mysqltest;
 
+#
+# checking grants on view with function (BUG#9505)
+#
+connection root;
+create database mysqltest;
+use mysqltest;
+create table t1 (s1 int);
+grant select on t1 to mysqltest_1@localhost;
+delimiter //;
+create function f1 () returns int begin declare v int; select s1 from t1
+into v; return v; end//
+delimiter ;//
+create view v1 as select f1();
+grant select on v1 to mysqltest_1@localhost;
+connection user1;
+use mysqltest;
+select * from v1;
+use test;
+connection root;
+drop function f1;
+use test;
+drop database mysqltest;
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_1@localhost;
+drop user mysqltest_1@localhost;
Thread
bk commit into 5.0 tree (bell:1.1861) BUG#9505sanja1 Jul