diff options
Diffstat (limited to 'mysql-test/suite/binlog/r/binlog_grant.result')
| -rw-r--r-- | mysql-test/suite/binlog/r/binlog_grant.result | 155 |
1 files changed, 155 insertions, 0 deletions
diff --git a/mysql-test/suite/binlog/r/binlog_grant.result b/mysql-test/suite/binlog/r/binlog_grant.result new file mode 100644 index 00000000..edf70561 --- /dev/null +++ b/mysql-test/suite/binlog/r/binlog_grant.result @@ -0,0 +1,155 @@ +connection default; +reset master; +set @saved_binlog_format = @@global.binlog_format; +create user mysqltest_1@localhost; +GRANT SELECT on test.* to mysqltest_1@localhost; +show grants for mysqltest_1@localhost; +Grants for mysqltest_1@localhost +GRANT USAGE ON *.* TO `mysqltest_1`@`localhost` +GRANT SELECT ON `test`.* TO `mysqltest_1`@`localhost` +connect plain,localhost,mysqltest_1,,test; +connect root,localhost,root,,test; +**** Variable SQL_LOG_BIN **** +connection root; +[root] +set session sql_log_bin = 1; +connection plain; +[plain] +set session sql_log_bin = 1; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation +**** Variable BINLOG_FORMAT **** +connection root; +[root] +set global binlog_format = row; +set session binlog_format = row; +connection plain; +[plain] +set global binlog_format = row; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation +set session binlog_format = row; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation +**** Clean up **** +disconnect plain; +disconnect root; +connection default; +set global binlog_format = @saved_binlog_format; +drop user mysqltest_1@localhost; +CREATE USER 'mysqltest_1'@'localhost'; +GRANT REPLICATION CLIENT ON *.* TO 'mysqltest_1'@'localhost'; +connect rpl,localhost,mysqltest_1,,"*NO-ONE*"; +connection rpl; +SHOW MASTER LOGS; +SHOW BINARY LOGS; +SHOW BINLOG STATUS; +disconnect rpl; +connection default; +DROP USER 'mysqltest_1'@'localhost'; +# +# Start of 10.5 test +# +# +# MDEV-21743 Split up SUPER privilege to smaller privileges +# +# Test that REPLICATION CLIENT is an alias for BINLOG MONITOR +CREATE USER user1@localhost; +GRANT REPLICATION CLIENT ON *.* TO user1@localhost; +SHOW GRANTS FOR user1@localhost; +Grants for user1@localhost +GRANT BINLOG MONITOR ON *.* TO `user1`@`localhost` +REVOKE REPLICATION CLIENT ON *.* FROM user1@localhost; +SHOW GRANTS FOR user1@localhost; +Grants for user1@localhost +GRANT USAGE ON *.* TO `user1`@`localhost` +DROP USER user1@localhost; +# Test if SHOW BINARY LOGS and SHOW BINGLOG STATUS are not allowed without REPLICATION CLIENT or SUPER +CREATE USER user1@localhost; +GRANT ALL PRIVILEGES ON *.* TO user1@localhost; +REVOKE REPLICATION CLIENT, SUPER ON *.* FROM user1@localhost; +connect user1,localhost,user1,,; +connection user1; +SHOW MASTER LOGS; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG MONITOR privilege(s) for this operation +SHOW BINARY LOGS; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG MONITOR privilege(s) for this operation +SHOW BINLOG STATUS; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG MONITOR privilege(s) for this operation +disconnect user1; +connection default; +DROP USER user1@localhost; +# Test if PURGE BINARY LOGS is not allowed without BINLOG ADMIN or SUPER +CREATE USER user1@localhost; +GRANT ALL PRIVILEGES ON *.* TO user1@localhost; +REVOKE BINLOG ADMIN, SUPER ON *.* FROM user1@localhost; +connect user1,localhost,user1,,; +connection user1; +PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; +ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation +disconnect user1; +connection default; +DROP USER user1@localhost; +# Test if PURGE BINLOG is allowed with BINLOG ADMIN +CREATE USER user1@localhost; +GRANT BINLOG ADMIN ON *.* TO user1@localhost; +connect user1,localhost,user1,,"*NO-ONE*"; +connection user1; +PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; +disconnect user1; +connection default; +DROP USER user1@localhost; +# Test if PURGE BINLOG is allowed with SUPER +CREATE USER user1@localhost; +GRANT SUPER ON *.* TO user1@localhost; +connect user1,localhost,user1,,"*NO-ONE*"; +connection user1; +PURGE BINARY LOGS BEFORE '2001-01-01 00:00:00'; +disconnect user1; +connection default; +DROP USER user1@localhost; +# Test if SHOW BINLOG EVENTS is not allowed without BINLOG MONITOR +CREATE USER user1@localhost; +GRANT ALL PRIVILEGES ON *.* TO user1@localhost; +REVOKE BINLOG MONITOR ON *.* FROM user1@localhost; +connect user1,localhost,user1,,; +connection user1; +SHOW BINLOG EVENTS; +ERROR 42000: Access denied; you need (at least one of) the BINLOG MONITOR privilege(s) for this operation +disconnect user1; +connection default; +DROP USER user1@localhost; +# Test if SHOW BINLOG EVENTS is allowed with BINLOG MONITOR +CREATE USER user1@localhost; +GRANT BINLOG MONITOR ON *.* TO user1@localhost; +connect user1,localhost,user1,,"*NO-ONE*"; +connection user1; +SHOW BINLOG EVENTS; +disconnect user1; +connection default; +DROP USER user1@localhost; +# +# MDEV-21975 Add BINLOG REPLAY privilege and bind new privileges to +# gtid_seq_no, preudo_thread_id, server_id, gtid_domain_id +# +# Test combinations of BINLOG REPLAY guarded features which typically +# arise in mysqlbinlog output replay on server. +# +CREATE USER user1@localhost; +GRANT BINLOG REPLAY ON *.* TO user1@localhost; +GRANT ALL ON test.* TO user1@localhost; +RESET MASTER; +CREATE TABLE t1 (a INT); +INSERT INTO t1 VALUES (1),(2),(3); +connect user1,localhost,user1,,; +RENAME TABLE t1 to t2; +connection default; +REVOKE BINLOG REPLAY ON *.* FROM user1@localhost; +call mtr.add_suppression("Access denied; you need (at least one of) the SUPER, BINLOG REPLAY privilege(s) for this operation"); +# Privilege errors are expected now: +connection user1; +connection default; +include/diff_tables.inc [t1,t2] +# Test cleanup +DROP TABLE t2,t1; +DROP USER user1@localhost; +# +# End of 10.5 test +# |