summaryrefslogtreecommitdiffstats
path: root/mysql-test/main/public_basic.test
diff options
context:
space:
mode:
Diffstat (limited to 'mysql-test/main/public_basic.test')
-rw-r--r--mysql-test/main/public_basic.test134
1 files changed, 134 insertions, 0 deletions
diff --git a/mysql-test/main/public_basic.test b/mysql-test/main/public_basic.test
new file mode 100644
index 00000000..fb175820
--- /dev/null
+++ b/mysql-test/main/public_basic.test
@@ -0,0 +1,134 @@
+--source include/not_embedded.inc
+--echo #
+--echo # MDEV-5215 Granted to PUBLIC
+--echo #
+
+SHOW GRANTS FOR PUBLIC;
+
+--echo # it is not PUBLIC but an user
+--echo # (this should work as it allowed for roles for example)
+create user PUBLIC;
+create user PUBLIC@localhost;
+GRANT SELECT on test.* to PUBLIC@localhost;
+drop user PUBLIC@localhost;
+drop user PUBLIC;
+
+select * from mysql.global_priv where user="PUBLIC" ;
+GRANT SELECT on test.* to PUBLIC;
+GRANT SELECT on mysql.db to PUBLIC;
+--replace_regex /"version_id"\:[0-9]+/"version_id":VERSION/
+select * from mysql.global_priv where user="PUBLIC" ;
+
+SHOW GRANTS FOR PUBLIC;
+
+GRANT UPDATE on test.* to PUBLIC;
+grant update on mysql.db to public;
+
+show grants for public;
+
+revoke select on test.* from public;
+REVOKE SELECT on mysql.db from PUBLIC;
+
+SHOW GRANTS FOR PUBLIC;
+
+REVOKE UPDATE on test.* from PUBLIC;
+REVOKE UPDATE on mysql.db from PUBLIC;
+
+SHOW GRANTS FOR PUBLIC;
+
+--error ER_INVALID_ROLE
+GRANT XXXXXX TO CURRENT_USER;
+--echo # following should fail with the same error as above
+--error ER_INVALID_ROLE
+GRANT PUBLIC TO CURRENT_USER;
+
+--error ER_INVALID_ROLE
+revoke xxxxxx from current_user;
+--echo # following should fail with the same error as above
+--error ER_INVALID_ROLE
+revoke public from current_user;
+
+--error ER_CANNOT_USER
+drop role XXXXXX;
+--echo # following should fail with the same error as above
+--error ER_CANNOT_USER
+drop role public;
+
+--error ER_INVALID_ROLE
+SET ROLE XXXXXX;
+--echo # following should fail with the same error as above
+--error ER_INVALID_ROLE
+SET ROLE PUBLIC;
+
+--error ER_INVALID_ROLE
+SET DEFAULT ROLE XXXXXX;
+--echo # following should fail with the same error as above
+--error ER_INVALID_ROLE
+SET DEFAULT ROLE PUBLIC;
+--error ER_INVALID_ROLE
+set default role public;
+
+--echo #
+--echo # check prohibition of change security context to PUBLIC
+--echo #
+--echo # be sure that we have PUBLIC
+GRANT SELECT on test.* to PUBLIC;
+--echo # try with a view
+create table t1( a int);
+--error ER_INVALID_ROLE
+create definer = PUBLIC view v1 as select * from t1;
+drop table t1;
+--echo # try with a stored procedure
+--error ER_INVALID_ROLE
+create definer='PUBLIC' PROCEDURE p1() SELECT 1;
+--echo # this test cleanup
+revoke select on test.* from public;
+
+--echo #
+--echo # check autocreation of PUBLIC on GRANT role TO PUBLIC
+--echo #
+--echo # make sure that the privilege will be added automatically
+delete from mysql.global_priv where user="PUBLIC";
+flush privileges;
+create role roletest;
+grant roletest to public;
+drop role roletest;
+
+delete from mysql.global_priv where user="PUBLIC";
+flush privileges;
+grant select on mysql.global_priv to public;
+revoke select on mysql.global_priv from public;
+
+delete from mysql.global_priv where user="PUBLIC";
+flush privileges;
+grant select (user) on mysql.global_priv to public;
+revoke select (user) on mysql.global_priv from public;
+
+delete from mysql.global_priv where user="PUBLIC";
+flush privileges;
+grant execute on procedure mtr.add_suppression to public;
+revoke execute on procedure mtr.add_suppression from public;
+
+--echo #
+--echo # MDEV-30154: Assertion `strcasecmp(rolename, public_name.str) ||
+--echo # acl_public == role' failed in acl_update_role on GRANT ... TO PUBLIC
+--echo #
+call mtr.add_suppression("Can't open and lock privilege tables");
+USE test;
+GRANT SELECT ON *.* TO PUBLIC;
+LOCK TABLES mysql.time_zone WRITE,mysql.proc WRITE;
+--error 1100
+FLUSH PRIVILEGES;
+--error 1146
+LOCK TABLE nonexisting WRITE;
+GRANT SELECT ON *.* TO PUBLIC;
+
+REVOKE SELECT ON *.* FROM PUBLIC;
+
+--echo #
+--echo # End of 10.11 test
+--echo #
+
+-- echo # clean up
+delete from mysql.global_priv where user="PUBLIC";
+flush privileges;