1 files changed, 53 insertions, 0 deletions

diff --git a/mysql-test/suite/roles/password.test b/mysql-test/suite/roles/password.test
new file mode 100644
index 00000000..e5fff01d
--- /dev/null
+++ b/mysql-test/suite/roles/password.test
@@ -0,0 +1,53 @@
+#
+# setting authentication for roles
+#
+
+--source include/not_embedded.inc
+
+#identified by [password]...
+#identified with ... [using ...]
+#require [subject][issuer][cipher][ssl][x509]
+# max_queries_per_hour | max_updates_per_hour | max_connections_per_hour | max_user_connections
+#set password for ... = ...
+
+set sql_mode='';
+create role r1;
+
+# IDENTIFIED does not apply to roles, using it forces username context
+grant select on *.* to r1 identified by 'foobar';
+drop user r1;
+grant select on *.* to r1 identified by '';
+drop user r1;
+grant select on mysql.user to r1 identified by password '00000000000000000000000000000000000000000';
+drop user r1;
+--error ER_PLUGIN_IS_NOT_LOADED
+grant select on *.* to r1 identified via plugin;
+--error ER_PLUGIN_IS_NOT_LOADED
+grant select on mysql.user to r1 identified via plugin using 'param';
+
+# same for REQUIRE and mqh
+grant select on *.* to r1 require subject 'foobar';
+drop user r1;
+grant select on mysql.user to r1 require issuer 'foobar';
+drop user r1;
+grant select on *.* to r1 require cipher 'foobar';
+drop user r1;
+grant select on mysql.user to r1 require ssl;
+drop user r1;
+grant select on *.* to r1 require x509;
+drop user r1;
+grant select on mysql.user to r1 require none;
+drop user r1;
+grant select on *.* to r1 with max_queries_per_hour 10;
+drop user r1;
+grant select on mysql.user to r1 with max_updates_per_hour 10;
+drop user r1;
+grant select on *.* to r1 with max_connections_per_hour 10;
+drop user r1;
+grant select on mysql.user to r1 with max_user_connections 10;
+drop user r1;
+
+--error ER_PASSWORD_NO_MATCH
+set password for r1 = '00000000000000000000000000000000000000000';
+
+drop role r1;