Lines 776-790
GRANT CREATE VIEW ON db26813.v2 TO u2681
Link Here
|
776 |
GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost; |
776 |
GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost; |
777 |
GRANT SELECT ON db26813.t1 TO u26813@localhost; |
777 |
GRANT SELECT ON db26813.t1 TO u26813@localhost; |
778 |
ALTER VIEW v1 AS SELECT f2 FROM t1; |
778 |
ALTER VIEW v1 AS SELECT f2 FROM t1; |
779 |
ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1' |
779 |
ERROR 42000: Access denied; you need the SUPER privilege for this operation |
780 |
ALTER VIEW v2 AS SELECT f2 FROM t1; |
780 |
ALTER VIEW v2 AS SELECT f2 FROM t1; |
781 |
ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2' |
781 |
ERROR 42000: Access denied; you need the SUPER privilege for this operation |
782 |
ALTER VIEW v3 AS SELECT f2 FROM t1; |
782 |
ALTER VIEW v3 AS SELECT f2 FROM t1; |
|
|
783 |
ERROR 42000: Access denied; you need the SUPER privilege for this operation |
783 |
SHOW CREATE VIEW v3; |
784 |
SHOW CREATE VIEW v3; |
784 |
View Create View |
785 |
View Create View |
785 |
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1` |
786 |
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f1` AS `f1` from `t1` |
786 |
DROP USER u26813@localhost; |
787 |
DROP USER u26813@localhost; |
787 |
DROP DATABASE db26813; |
788 |
DROP DATABASE db26813; |
|
|
789 |
# |
790 |
# Bug#29908: A user can gain additional access through the ALTER VIEW. |
791 |
# |
792 |
CREATE DATABASE mysqltest_29908; |
793 |
USE mysqltest_29908; |
794 |
CREATE TABLE t1(f1 INT, f2 INT); |
795 |
CREATE USER u29908_1@localhost; |
796 |
CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1; |
797 |
CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS |
798 |
SELECT f1 FROM t1; |
799 |
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost; |
800 |
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost; |
801 |
GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost; |
802 |
CREATE USER u29908_2@localhost; |
803 |
GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost; |
804 |
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost; |
805 |
GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost; |
806 |
ALTER VIEW v1 AS SELECT f2 FROM t1; |
807 |
ERROR 42000: Access denied; you need the SUPER privilege for this operation |
808 |
ALTER VIEW v2 AS SELECT f2 FROM t1; |
809 |
SHOW CREATE VIEW v2; |
810 |
View Create View |
811 |
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1` |
812 |
ALTER VIEW v1 AS SELECT f2 FROM t1; |
813 |
SHOW CREATE VIEW v1; |
814 |
View Create View |
815 |
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1` |
816 |
ALTER VIEW v2 AS SELECT f1 FROM t1; |
817 |
SHOW CREATE VIEW v2; |
818 |
View Create View |
819 |
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1` |
820 |
ALTER VIEW v1 AS SELECT f1 FROM t1; |
821 |
SHOW CREATE VIEW v1; |
822 |
View Create View |
823 |
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1` |
824 |
ALTER VIEW v2 AS SELECT f2 FROM t1; |
825 |
SHOW CREATE VIEW v2; |
826 |
View Create View |
827 |
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1` |
828 |
DROP USER u29908_1@localhost; |
829 |
DROP USER u29908_2@localhost; |
830 |
DROP DATABASE mysqltest_29908; |
831 |
####################################################################### |
788 |
DROP DATABASE IF EXISTS mysqltest1; |
832 |
DROP DATABASE IF EXISTS mysqltest1; |
789 |
DROP DATABASE IF EXISTS mysqltest2; |
833 |
DROP DATABASE IF EXISTS mysqltest2; |
790 |
CREATE DATABASE mysqltest1; |
834 |
CREATE DATABASE mysqltest1; |