blob: 8cb45b13ae076eb978b0c1c38896d259e6ca91c8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#
# MDEV-10744 Roles are not fully case-sensitive
#
#
# Test creating two case-different roles.
#
create user test_user@'%';
create role test_ROLE;
create role test_role;
#
# Test if mysql.user has the roles created.
#
select user, host from mysql.user where is_role='y' and user like 'test%';
User Host
test_ROLE
test_role
create database secret_db;
create table secret_db.t1 (secret varchar(100));
insert into secret_db.t1 values ("Some Secret P4ssw0rd");
grant select on secret_db.* to test_role;
grant test_role to test_user;
show grants for test_user;
Grants for test_user@%
GRANT `test_role` TO `test_user`@`%`
GRANT USAGE ON *.* TO `test_user`@`%`
#
# Now test the UPPER case role.
#
grant test_ROLE to test_user;
grant insert on secret_db.t1 to test_ROLE;
show grants for test_user;
Grants for test_user@%
GRANT `test_role` TO `test_user`@`%`
GRANT `test_ROLE` TO `test_user`@`%`
GRANT USAGE ON *.* TO `test_user`@`%`
connect test_user,localhost,test_user;
#
# Test users privileges when interacting with those roles;
#
show tables from secret_db;
ERROR 42000: Access denied for user 'test_user'@'%' to database 'secret_db'
set role test_ROLE;
show tables from secret_db;
Tables_in_secret_db
t1
select * from secret_db.t1;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `secret_db`.`t1`
insert into secret_db.t1 values ("|-|4><");
set role test_role;
select * from secret_db.t1 order by secret;
secret
Some Secret P4ssw0rd
|-|4><
insert into secret_db.t1 values ("|_33T|-|4><");
ERROR 42000: INSERT command denied to user 'test_user'@'localhost' for table `secret_db`.`t1`
connection default;
drop role test_ROLE;
drop role test_role;
drop user test_user;
drop database secret_db;
|