blob: 97a82109276bc712af9751cdee68b71bbf8ca0b0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
source include/not_embedded.inc;
--echo #
--echo # MDEV-13655: SET ROLE does not properly grant privileges.
--echo #
--echo # We must test that if aditional db privileges get granted to a role
--echo # which previously inherited privileges from another granted role
--echo # keep the internal memory structures intact.
--echo #
create role simple;
--echo #
--echo # First we create an entry with privileges for databases for the simple role.
--echo #
grant select, insert, update, delete, lock tables, execute on t.* to simple;
create role admin;
--echo #
--echo # Now we grant the simple role to admin. This means that db privileges
--echo # should propagate to admin.
--echo #
grant simple to admin;
show grants for admin;
--echo #
--echo # Finally, we give the admin all the available privileges for the db.
--echo #
grant all on t.* to admin;
--echo #
--echo # Create a user to test out the new roles;
--echo #
create user foo;
grant admin to foo;
connect (foo,localhost,foo,,,,,);
--error ER_DBACCESS_DENIED_ERROR
create database t;
set role admin;
show grants;
create database t;
drop database t;
connection default;
drop role simple;
drop role admin;
drop user foo;
|