summaryrefslogtreecommitdiffstats
path: root/mysql-test/main/grant3.test
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 18:00:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 18:00:34 +0000
commit3f619478f796eddbba6e39502fe941b285dd97b1 (patch)
treee2c7b5777f728320e5b5542b6213fd3591ba51e2 /mysql-test/main/grant3.test
parentInitial commit. (diff)
downloadmariadb-upstream.tar.xz
mariadb-upstream.zip
Adding upstream version 1:10.11.6.upstream/1%10.11.6upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'mysql-test/main/grant3.test')
-rw-r--r--mysql-test/main/grant3.test242
1 files changed, 242 insertions, 0 deletions
diff --git a/mysql-test/main/grant3.test b/mysql-test/main/grant3.test
new file mode 100644
index 00000000..7842233d
--- /dev/null
+++ b/mysql-test/main/grant3.test
@@ -0,0 +1,242 @@
+# Can't run with embedded server because we use GRANT
+-- source include/not_embedded.inc
+
+# Save the initial number of concurrent sessions
+--source include/count_sessions.inc
+
+set global sql_mode="";
+set local sql_mode="";
+
+# Test of GRANT commands
+
+SET NAMES binary;
+connect (master,localhost,root,,);
+connection master;
+
+# Cleanup
+--disable_warnings
+drop table if exists t1;
+--enable_warnings
+
+delete from mysql.user where user like 'mysqltest\_%';
+delete from mysql.db where user like 'mysqltest\_%';
+delete from mysql.tables_priv where user like 'mysqltest\_%';
+delete from mysql.columns_priv where user like 'mysqltest\_%';
+flush privileges;
+
+create user mysqltest_1@localhost;
+grant create user on *.* to mysqltest_1@localhost;
+grant select on `my\_1`.* to mysqltest_1@localhost with grant option;
+connect (user_a,localhost,mysqltest_1,,);
+connection user_a;
+--error ER_CANT_CREATE_USER_WITH_GRANT
+grant select on `my\_1`.* to mysqltest_2@localhost;
+create user mysqltest_2@localhost;
+disconnect user_a;
+disconnect master;
+connection default;
+
+delete from mysql.user where user like 'mysqltest\_%';
+delete from mysql.db where user like 'mysqltest\_%';
+delete from mysql.tables_priv where user like 'mysqltest\_%';
+delete from mysql.columns_priv where user like 'mysqltest\_%';
+flush privileges;
+
+#
+# Bug#19828 Case sensitivity in Grant/Revoke
+#
+
+grant select on test.* to CUser@localhost;
+grant select on test.* to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+--error ER_CANNOT_USER
+DROP USER CUser@LOCALHOST;
+
+#### table grants
+create table t1 (a int);
+grant select on test.t1 to CUser@localhost;
+grant select on test.t1 to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+--error ER_CANNOT_USER
+DROP USER CUser@LOCALHOST;
+
+### column grants
+
+grant select(a) on test.t1 to CUser@localhost;
+grant select(a) on test.t1 to CUser@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'CUser'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser' order by 1,2;
+SELECT user, host, db, Table_name, Table_priv, Column_priv FROM mysql.tables_priv where user = 'CUser' order by 1,2;
+
+DROP USER CUser@localhost;
+--error ER_CANNOT_USER
+DROP USER CUser@LOCALHOST;
+
+drop table t1;
+
+# revoke on a specific DB only
+
+grant select on test.* to CUser2@localhost;
+grant select on test.* to CUser2@LOCALHOST;
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+REVOKE SELECT ON test.* FROM 'CUser2'@'LOCALHOST';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+--error ER_NONEXISTING_GRANT
+REVOKE SELECT ON test.* FROM 'CUser2'@'localhost';
+flush privileges;
+
+SELECT user, host FROM mysql.user where user = 'CUser2' order by 1,2;
+SELECT user, host, db, select_priv FROM mysql.db where user = 'CUser2' order by 1,2;
+
+DROP USER CUser2@localhost;
+--error ER_CANNOT_USER
+DROP USER CUser2@LOCALHOST;
+
+
+#
+# Bug#31194 Privilege ordering does not order properly for wildcard values
+#
+
+CREATE DATABASE mysqltest_1;
+CREATE TABLE mysqltest_1.t1 (a INT);
+CREATE USER 'mysqltest1'@'%';
+GRANT SELECT, UPDATE ON `mysqltest_1`.* TO 'mysqltest1'@'%';
+REVOKE SELECT ON `mysqltest_1`.* FROM 'mysqltest1'@'%';
+GRANT SELECT, UPDATE ON `mysqltest\_1`.* TO 'mysqltest1'@'%';
+FLUSH PRIVILEGES;
+
+connect (conn1,localhost,mysqltest1,,);
+connection conn1;
+SHOW GRANTS;
+SELECT * FROM mysqltest_1.t1;
+disconnect conn1;
+
+connection default;
+DROP USER 'mysqltest1'@'%';
+DROP DATABASE mysqltest_1;
+
+--echo #
+--echo # Bug#41597 - After rename of user, there are additional grants
+--echo # when grants are reapplied.
+--echo #
+
+CREATE DATABASE temp;
+CREATE TABLE temp.t1(a INT, b VARCHAR(10));
+INSERT INTO temp.t1 VALUES(1, 'name1');
+INSERT INTO temp.t1 VALUES(2, 'name2');
+INSERT INTO temp.t1 VALUES(3, 'name3');
+
+
+CREATE USER 'user1'@'%';
+RENAME USER 'user1'@'%' TO 'user2'@'%';
+--echo # Show privileges after rename and BEFORE grant
+SHOW GRANTS FOR 'user2'@'%';
+GRANT SELECT (a), INSERT (b) ON `temp`.`t1` TO 'user2'@'%';
+--echo # Show privileges after rename and grant
+SHOW GRANTS FOR 'user2'@'%';
+
+--echo # Connect as the renamed user
+connect (conn1, localhost, user2,,);
+connection conn1;
+SHOW GRANTS;
+SELECT a FROM temp.t1;
+--echo # Check for additional privileges by accessing a
+--echo # non privileged column. We shouldn't be able to
+--echo # access this column.
+--error ER_COLUMNACCESS_DENIED_ERROR
+SELECT b FROM temp.t1;
+disconnect conn1;
+
+connection default;
+DROP USER 'user2'@'%';
+DROP DATABASE temp;
+
+set global sql_mode=default;
+--echo #
+--echo # End of 5.0 tests
+--echo #
+
+create database db1;
+create user foo@localhost;
+grant create on db1.* to foo@localhost;
+grant all privileges on test.* to foo@localhost;
+connect foo,localhost,foo;
+create temporary table t as values (1),(2),(3);
+use db1;
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t1 as select * from test.t;
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t1 as values (1),(2),(3);
+create table t1 (a int);
+disconnect foo;
+connection default;
+
+revoke create on db1.* from foo@localhost;
+grant insert on db1.* to foo@localhost;
+connect foo,localhost,foo;
+use db1;
+--error ER_TABLEACCESS_DENIED_ERROR
+create table t2 as values (1),(2),(3);
+disconnect foo;
+
+connection default;
+drop user foo@localhost;
+drop database db1;
+
+# Wait till we reached the initial number of concurrent sessions
+--source include/wait_until_count_sessions.inc