1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# Tests for PERFORMANCE_SCHEMA
# Test how columns privileges can be used on performance schema tables,
# for very fine control.
--source include/not_embedded.inc
--source include/have_perfschema.inc
show grants;
create user 'pfs_user_5'@localhost;
grant usage on *.* to 'pfs_user_5'@localhost with GRANT OPTION;
# Test per column privileges on performance_schema
grant SELECT(thread_id, event_id) on performance_schema.events_waits_current
to 'pfs_user_5'@localhost;
grant UPDATE(enabled) on performance_schema.setup_instruments
to 'pfs_user_5'@localhost;
flush privileges;
connect (con1, localhost, pfs_user_5, , );
# Commented because the result is not consistent (uppercase/lowercase)
# show grants;
# For statements that works, we do not look at the output
--disable_result_log
select thread_id from performance_schema.events_waits_current;
select thread_id, event_id from performance_schema.events_waits_current;
update performance_schema.setup_instruments set enabled='YES';
--enable_result_log
# For statements that are denied, check the error number and error text.
--error ER_COLUMNACCESS_DENIED_ERROR
select event_name from performance_schema.events_waits_current;
--error ER_COLUMNACCESS_DENIED_ERROR
select thread_id, event_id, event_name
from performance_schema.events_waits_current;
--error ER_COLUMNACCESS_DENIED_ERROR
update performance_schema.setup_instruments set name='illegal';
--error ER_COLUMNACCESS_DENIED_ERROR
update performance_schema.setup_instruments set timed='NO';
# Cleanup
--connection default
--disconnect con1
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'pfs_user_5'@localhost;
DROP USER 'pfs_user_5'@localhost;
flush privileges;
UPDATE performance_schema.setup_instruments SET enabled = 'YES', timed = 'YES';
|
