Lenheart
/
DP_S
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
DP_S/build/lib/mysql/mysql-test/t/grant3.test

211 lines
6.4 KiB
Plaintext
Raw Normal View History

初版
2024-04-24 10:25:44 +08:00
# Can't run with embedded server because we use GRANT
-- source include/not_embedded.inc
# Save the initial number of concurrent sessions
--source include/count_sessions.inc
# Test of GRANT commands
SET NAMES binary;
connect (master,localhost,root,,);
connection master;
# Cleanup
--disable_warnings
drop table if exists t1;
--enable_warnings
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
create user mysqltest_1@localhost;
grant create user on *.* to mysqltest_1@localhost;
grant select on `my\_1`.* to mysqltest_1@localhost with grant option;
connect (user_a,localhost,mysqltest_1,,);
connection user_a;
--error ER_CANT_CREATE_USER_WITH_GRANT
grant select on `my\_1`.* to mysqltest_2@localhost;
create user mysqltest_2@localhost;
disconnect user_a;
disconnect master;
connection default;
delete from mysql.user where user like 'mysqltest\_%';
delete from mysql.db where user like 'mysqltest\_%';
delete from mysql.tables_priv where user like 'mysqltest\_%';
delete from mysql.columns_priv where user like 'mysqltest\_%';
flush privileges;
#
# Bug#19828 Case sensitivity in Grant/Revoke
#
grant select on test.* to CUser@localhost;
grant select on test.* to CUser@LOCALHOST;
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
DROP USER CUser@localhost;
--error ER_CANNOT_USER
DROP USER CUser@LOCALHOST;
#### table grants
create table t1 (a int);
grant select on test.t1 to CUser@localhost;
grant select on test.t1 to CUser@LOCALHOST;
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
DROP USER CUser@localhost;
--error ER_CANNOT_USER
DROP USER CUser@LOCALHOST;
### column grants
grant select(a) on test.t1 to CUser@localhost;
grant select(a) on test.t1 to CUser@LOCALHOST;
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
DROP USER CUser@localhost;
--error ER_CANNOT_USER
DROP USER CUser@LOCALHOST;
drop table t1;
# revoke on a specific DB only
grant select on test.* to CUser2@localhost;
grant select on test.* to CUser2@LOCALHOST;
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
REVOKE SELECT ON test.* FROM 'CUser2'@'LOCALHOST';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
--error ER_NONEXISTING_GRANT
REVOKE SELECT ON test.* FROM 'CUser2'@'localhost';
flush privileges;
SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
DROP USER CUser2@localhost;
--error ER_CANNOT_USER
DROP USER CUser2@LOCALHOST;
#
# Bug#31194 Privilege ordering does not order properly for wildcard values
#
CREATE DATABASE mysqltest_1;
CREATE TABLE mysqltest_1.t1 (a INT);
CREATE USER 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%';
REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%';
GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%';
FLUSH PRIVILEGES;
connect (conn1,localhost,mysqltest1,,);
connection conn1;
SHOW GRANTS;
SELECT * FROM mysqltest_1.t1;
disconnect conn1;
connection default;
DROP USER 'mysqltest1'@'%';
DROP DATABASE mysqltest_1;
--echo #
--echo # Bug#41597 - After rename of user, there are additional grants
--echo # when grants are reapplied.
--echo #
CREATE DATABASE temp;
CREATE TABLE temp.t1(a INT, b VARCHAR(10));
INSERT INTO temp.t1 VALUES(1, 'name1');
INSERT INTO temp.t1 VALUES(2, 'name2');
INSERT INTO temp.t1 VALUES(3, 'name3');
CREATE USER 'user1'@'%';
RENAME USER 'user1'@'%' TO 'user2'@'%';
--echo # Show privileges after rename and BEFORE grant
SHOW GRANTS FOR 'user2'@'%';
GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%';
--echo # Show privileges after rename and grant
SHOW GRANTS FOR 'user2'@'%';
--echo # Connect as the renamed user
connect (conn1, localhost, user2,,);
connection conn1;
SHOW GRANTS;
SELECT a FROM temp.t1;
--echo # Check for additional privileges by accessing a
--echo # non privileged column. We shouldn't be able to
--echo # access this column.
--error ER_COLUMNACCESS_DENIED_ERROR
SELECT b FROM temp.t1;
disconnect conn1;
connection default;
DROP USER 'user2'@'%';
DROP DATABASE temp;
--echo End of 5.0 tests
# Wait till we reached the initial number of concurrent sessions
--source include/wait_until_count_sessions.inc