~ubuntu-branches/ubuntu/trusty/mysql-5.6/trusty

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, CREATE TABLESPACE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

560

select current_user;

561

current_user

562

test_yesprivs@localhost

563

use priv_db;

564

show triggers;

565

Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation

566

select * from information_schema.triggers;

567

TRIGGER_CATALOG TRIGGER_SCHEMA TRIGGER_NAME EVENT_MANIPULATION EVENT_OBJECT_CATALOG EVENT_OBJECT_SCHEMA EVENT_OBJECT_TABLE ACTION_ORDER ACTION_CONDITION ACTION_STATEMENT ACTION_ORIENTATION ACTION_TIMING ACTION_REFERENCE_OLD_TABLE ACTION_REFERENCE_NEW_TABLE ACTION_REFERENCE_OLD_ROW ACTION_REFERENCE_NEW_ROW CREATED SQL_MODE DEFINER CHARACTER_SET_CLIENT COLLATION_CONNECTION DATABASE_COLLATION

568

drop trigger trg1_1;

569

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

570

select current_user;

571

current_user

572

root@localhost

573

show grants;

574

Grants for root@localhost

575

GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION

576

GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION

577

drop trigger trg1_1;

578

use priv_db;

579

580

no trigger privilege on db level for create:

581

--------------------------------------------

582

select current_user;

583

current_user

584

test_yesprivs@localhost

585

create trigger trg1_1 before INSERT on t1 for each row

586

set new.f1 = 'trig 1_1-no';

587

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

588

select current_user;

589

current_user

590

test_noprivs@localhost

591

use priv_db;

592

insert into t1 (f1) values ('insert-yes');

593

select f1 from t1 order by f1;

594

595

insert-yes

596

trig 1_1-yes

597

trig 1_1-yes

598

trig 1_1-yes

599

trig 1_1-yes

600

select current_user;

601

current_user

602

root@localhost

603

grant TRIGGER on priv_db.* to test_yesprivs@localhost;

604

show grants for test_yesprivs@localhost;

605

Grants for test_yesprivs@localhost

606

607

GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'

608

609

trigger privilege on db level for create:

610

-----------------------------------------

611

select current_user;

612

current_user

613

test_yesprivs@localhost

614

use priv_db;

615

create trigger trg1_2 before INSERT on t1 for each row

616

set new.f1 = 'trig 1_2-yes';

617

create trigger no_priv_db.trg1_9 before insert on no_priv_db.t1

618

for each row

619

set new.f1 = 'trig 1_9-yes';

620

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

621

use no_priv_db;

622

create trigger trg1_2 before INSERT on t1 for each row

623

set new.f1 = 'trig 1_2-no';

624

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

625

create trigger priv_db.trg1_9 before UPDATE on priv_db.t1

626

for each row

627

set new.f1 = 'trig 1_9-yes';

628

select current_user;

629

current_user

630

test_noprivs@localhost

631

use priv_db;

632

insert into t1 (f1) values ('insert-yes');

633

select f1 from t1 order by f1;

634

635

insert-yes

636

trig 1_1-yes

637

trig 1_1-yes

638

trig 1_1-yes

639

trig 1_1-yes

640

trig 1_2-yes

641

use no_priv_db;

642

insert into t1 (f1) values ('insert-yes');

643

select f1 from t1 order by f1;

644

645

insert-yes

646

drop trigger priv_db.trg1_9;

647

ERROR 42000: TRIGGER command denied to user 'test_noprivs'@'localhost' for table 't1'

648

select current_user;

649

current_user

650

root@localhost

651

drop trigger priv_db.trg1_9;

652

revoke TRIGGER on priv_db.* from test_yesprivs@localhost;

653

use priv_db;

654

insert into t1 (f1) values ('insert-yes');

655

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

656

select f1 from t1 order by f1;

657

658

insert-yes

659

trig 1_1-yes

660

trig 1_1-yes

661

trig 1_1-yes

662

trig 1_1-yes

663

trig 1_2-yes

664

grant TRIGGER on *.* to test_yesprivs@localhost;

665

show grants for test_yesprivs@localhost;

666

Grants for test_yesprivs@localhost

667

GRANT ALL PRIVILEGES ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

668

select current_user;

669

current_user

670

test_yesprivs@localhost

671

use no_priv_db;

672

create trigger trg1_2 before INSERT on t1 for each row

673

set new.f1 = 'trig 1_2-no';

674

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

675

select current_user;

676

current_user

677

test_noprivs@localhost

678

use priv_db;

679

insert into t1 (f1) values ('insert-no');

680

select f1 from t1 order by f1;

681

682

insert-yes

683

trig 1_1-yes

684

trig 1_1-yes

685

trig 1_1-yes

686

trig 1_1-yes

687

trig 1_2-yes

688

trig 1_2-yes

689

use no_priv_db;

690

insert into t1 (f1) values ('insert-yes');

691

select f1 from t1 order by f1;

692

693

insert-yes

694

insert-yes

695

select current_user;

696

current_user

697

test_yesprivs@localhost

698

use no_priv_db;

699

create trigger trg1_2 before INSERT on t1 for each row

700

set new.f1 = 'trig 1_2-yes';

701

select current_user;

702

current_user

703

test_noprivs@localhost

704

use priv_db;

705

insert into t1 (f1) values ('insert-no');

706

select f1 from t1 order by f1;

707

708

insert-yes

709

trig 1_1-yes

710

trig 1_1-yes

711

trig 1_1-yes

712

trig 1_1-yes

713

trig 1_2-yes

714

trig 1_2-yes

715

trig 1_2-yes

716

use no_priv_db;

717

insert into t1 (f1) values ('insert-no');

718

select f1 from t1 order by f1;

719

720

insert-yes

721

insert-yes

722

trig 1_2-yes

723

select current_user;

724

current_user

725

root@localhost

726

drop database if exists priv_db;

727

drop database if exists no_priv_db;

728

drop database if exists h1;

729

drop user test_yesprivs@localhost;

730

drop user test_noprivs@localhost;

731

call mtr.add_suppression("Did not write failed .* into binary log while "

732

"storing table level and column level grants "

733

"in the privilege tables.");

734

735

####### Testcase for mix of db and table level: #######

736

-------------------------------------------------------

737

drop database if exists priv1_db;

738

drop database if exists priv2_db;

739

create database priv1_db;

740

create database priv2_db;

741

use priv1_db;

742

create table t1 (f1 char(20)) engine= innodb;

743

create table t2 (f1 char(20)) engine= innodb;

744

use priv2_db;

745

create table t1 (f1 char(20)) engine= innodb;

746

create User test_yesprivs@localhost;

747

set password for test_yesprivs@localhost = password('PWD');

748

revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;

749

grant ALL on priv1_db.* to test_yesprivs@localhost;

750

grant SELECT,UPDATE on priv2_db.* to test_yesprivs@localhost;

751

show grants for test_yesprivs@localhost;

752

Grants for test_yesprivs@localhost

753

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

754

GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'

755

GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'

756

create User test_noprivs@localhost;

757

set password for test_noprivs@localhost = password('PWD');

758

revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;

759

grant SELECT,INSERT,UPDATE on priv1_db.* to test_noprivs@localhost;

760

grant SELECT,INSERT on priv2_db.* to test_noprivs@localhost;

761

show grants for test_noprivs@localhost;

762

Grants for test_noprivs@localhost

763

GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

764

GRANT SELECT, INSERT, UPDATE ON `priv1_db`.* TO 'test_noprivs'@'localhost'

765

GRANT SELECT, INSERT ON `priv2_db`.* TO 'test_noprivs'@'localhost'

766

use priv1_db;

767

use priv1_db;

768

769

trigger privilege on one db1 db level, not on db2

770

-------------------------------------------------

771

select current_user;

772

current_user

773

test_yesprivs@localhost

774

use priv1_db;

775

create trigger trg1_1 before INSERT on t1 for each row

776

set new.f1 = 'trig 1_1-yes';

777

create trigger trg2_1 before INSERT on t2 for each row

778

set new.f1 = 'trig 2_1-yes';

779

use priv2_db;

780

create trigger trg1_1 before INSERT on t1 for each row

781

set new.f1 = 'trig1_1-yes';

782

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

783

select current_user;

784

current_user

785

test_noprivs@localhost

786

insert into t1 (f1) values ('insert1_no');

787

select f1 from t1 order by f1;

788

789

trig 1_1-yes

790

insert into t2 (f1) values ('insert1_no');

791

select f1 from t2 order by f1;

792

793

trig 2_1-yes

794

insert into priv2_db.t1 (f1) values ('insert21-yes');

795

select f1 from priv2_db.t1 order by f1;

796

797

insert21-yes

798

use priv2_db;

799

insert into t1 (f1) values ('insert1_yes');

800

select f1 from t1 order by f1;

801

802

insert1_yes

803

insert21-yes

804

insert into priv1_db.t1 (f1) values ('insert11-no');

805

select f1 from priv1_db.t1 order by f1;

806

807

trig 1_1-yes

808

trig 1_1-yes

809

insert into priv1_db.t2 (f1) values ('insert22-no');

810

select f1 from priv1_db.t2 order by f1;

811

812

trig 2_1-yes

813

trig 2_1-yes

814

815

revoke trigger privilege on table level (not existing)

816

------------------------------------------------------

817

select current_user;

818

current_user

819

root@localhost

820

use priv1_db;

821

revoke TRIGGER on priv1_db.t1 from test_yesprivs@localhost;

822

ERROR 42000: There is no such grant defined for user 'test_yesprivs' on host 'localhost' on table 't1'

823

show grants for test_yesprivs@localhost;

824

Grants for test_yesprivs@localhost

825

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

826

GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'

827

GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'

828

select current_user;

829

current_user

830

test_yesprivs@localhost

831

drop trigger trg1_1;

832

ERROR HY000: Trigger does not exist

833

drop trigger trg2_1;

834

ERROR HY000: Trigger does not exist

835

use priv1_db;

836

drop trigger trg1_1;

837

drop trigger trg2_1;

838

select current_user;

839

current_user

840

root@localhost

841

use priv1_db;

842

revoke TRIGGER on priv1_db.* from test_yesprivs@localhost;

843

844

no trigger privilege on table level for create:

845

-----------------------------------------------

846

select current_user;

847

current_user

848

test_yesprivs@localhost

849

use priv1_db;

850

create trigger trg1_1 before INSERT on t1 for each row

851

set new.f1 = 'trig 1_1-no';

852

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

853

select current_user;

854

current_user

855

root@localhost

856

show triggers;

857

Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation

858

grant TRIGGER on priv1_db.t1 to test_yesprivs@localhost;

859

show grants for test_yesprivs@localhost;

860

Grants for test_yesprivs@localhost

861

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

862

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT ON `priv1_db`.* TO 'test_yesprivs'@'localhost'

863

GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'

864

GRANT TRIGGER ON `priv1_db`.`t1` TO 'test_yesprivs'@'localhost'

865

866

trigger privilege on table level for create:

867

--------------------------------------------

868

select current_user;

869

current_user

870

test_yesprivs@localhost

871

show triggers;

872

Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation

873

create trigger trg1_2 before INSERT on t1 for each row

874

set new.f1 = 'trig 1_2-yes';

875

create trigger trg2_1 before INSERT on t2 for each row

876

set new.f1 = 'trig 2_1-no';

877

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'

878

select current_user;

879

current_user

880

test_noprivs@localhost

881

use priv1_db;

882

insert into t1 (f1) values ('insert2-no');

883

select f1 from t1 order by f1;

884

885

trig 1_1-yes

886

trig 1_1-yes

887

trig 1_2-yes

888

insert into t2 (f1) values ('insert2-yes');

889

select f1 from t2 order by f1;

890

891

insert2-yes

892

trig 2_1-yes

893

trig 2_1-yes

894

insert into priv2_db.t1 (f1) values ('insert22-yes');

895

select f1 from priv2_db.t1 order by f1;

896

897

insert1_yes

898

insert21-yes

899

insert22-yes

900

select current_user;

901

current_user

902

root@localhost

903

grant TRIGGER on priv1_db.* to test_yesprivs@localhost;

904

show grants for test_yesprivs@localhost;

905

Grants for test_yesprivs@localhost

906

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

907

GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'

908

GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'

909

GRANT TRIGGER ON `priv1_db`.`t1` TO 'test_yesprivs'@'localhost'

910

select current_user;

911

current_user

912

test_yesprivs@localhost

913

create trigger trg2_1 before INSERT on t2 for each row

914

set new.f1 = 'trig 2_1-yes';

915

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'

916

use priv1_db;

917

create trigger trg2_1 before INSERT on t2 for each row

918

set new.f1 = 'trig 2_1-yes';

919

select current_user;

920

current_user

921

test_noprivs@localhost

922

use priv1_db;

923

insert into t1 (f1) values ('insert3-no');

924

select f1 from t1 order by f1;

925

926

trig 1_1-yes

927

trig 1_1-yes

928

trig 1_2-yes

929

trig 1_2-yes

930

insert into t2 (f1) values ('insert3-no');

931

select f1 from t2 order by f1;

932

933

insert2-yes

934

trig 2_1-yes

935

trig 2_1-yes

936

trig 2_1-yes

937

use priv2_db;

938

insert into priv1_db.t1 (f1) values ('insert12-no');

939

select f1 from priv1_db.t1 order by f1;

940

941

trig 1_1-yes

942

trig 1_1-yes

943

trig 1_2-yes

944

trig 1_2-yes

945

trig 1_2-yes

946

insert into priv1_db.t2 (f1) values ('insert23-no');

947

select f1 from priv1_db.t2 order by f1;

948

949

insert2-yes

950

trig 2_1-yes

951

trig 2_1-yes

952

trig 2_1-yes

953

trig 2_1-yes

954

select current_user;

955

current_user

956

test_yesprivs@localhost

957

drop trigger trg1_2;

958

drop trigger trg2_1;

959

select current_user;

960

current_user

961

root@localhost

962

drop database if exists priv1_db;

963

drop database if exists priv2_db;

964

drop user test_yesprivs@localhost;

965

drop user test_noprivs@localhost;

966

967

#### Testcase for trigger privilege on execution time ########

968

--------------------------------------------------------------

969

drop database if exists priv_db;

970

create database priv_db;

971

use priv_db;

972

create table t1 (f1 char(20)) engine= innodb;

973

create User test_yesprivs@localhost;

974

set password for test_yesprivs@localhost = password('PWD');

975

create User test_useprivs@localhost;

976

set password for test_useprivs@localhost = password('PWD');

977

revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;

978

revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost;

979

select current_user;

980

current_user

981

root@localhost

982

show triggers;

983

Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation

984

grant select, insert, update ,trigger

985

on priv_db.t1 to test_yesprivs@localhost

986

with grant option;

987

grant select

988

on priv_db.t1 to test_useprivs@localhost;

989

show grants for test_yesprivs@localhost;

990

Grants for test_yesprivs@localhost

991

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

992

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

993

select current_user;

994

current_user

995

test_yesprivs@localhost

996

use priv_db;

997

create trigger trg1_1 before INSERT on t1 for each row

998

set new.f1 = 'trig 1_1-yes';

999

grant insert on t1 to test_useprivs@localhost;

1000

prepare ins1 from 'insert into t1 (f1) values (''insert1-no'')';

1001

execute ins1;

1002

select f1 from t1 order by f1;

1003

1004

trig 1_1-yes

1005

prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')';

1006

select current_user;

1007

current_user

1008

test_useprivs@localhost

1009

use priv_db;

1010

prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')';

1011

execute ins1;

1012

select f1 from t1 order by f1;

1013

1014

trig 1_1-yes

1015

trig 1_1-yes

1016

select current_user;

1017

current_user

1018

root@localhost

1019

revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;

1020

show grants for test_yesprivs@localhost;

1021

Grants for test_yesprivs@localhost

1022

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1023

GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1024

select current_user;

1025

current_user

1026

test_yesprivs@localhost

1027

execute ins1;

1028

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1029

select f1 from t1 order by f1;

1030

1031

trig 1_1-yes

1032

trig 1_1-yes

1033

prepare ins1 from 'insert into t1 (f1) values (''insert4-no'')';

1034

select current_user;

1035

current_user

1036

test_useprivs@localhost

1037

prepare ins1 from 'insert into t1 (f1) values (''insert5-no'')';

1038

execute ins1;

1039

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1040

select f1 from t1 order by f1;

1041

1042

trig 1_1-yes

1043

trig 1_1-yes

1044

select current_user;

1045

current_user

1046

root@localhost

1047

grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;

1048

show grants for test_yesprivs@localhost;

1049

Grants for test_yesprivs@localhost

1050

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1051

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1052

select current_user;

1053

current_user

1054

test_yesprivs@localhost

1055

execute ins1;

1056

select f1 from t1 order by f1;

1057

1058

trig 1_1-yes

1059

trig 1_1-yes

1060

trig 1_1-yes

1061

prepare ins1 from 'insert into t1 (f1) values (''insert6-no'')';

1062

select current_user;

1063

current_user

1064

test_useprivs@localhost

1065

execute ins1;

1066

select f1 from t1 order by f1;

1067

1068

trig 1_1-yes

1069

trig 1_1-yes

1070

trig 1_1-yes

1071

trig 1_1-yes

1072

prepare ins1 from 'insert into t1 (f1) values (''insert7-no'')';

1073

select current_user;

1074

current_user

1075

root@localhost

1076

revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;

1077

show grants for test_yesprivs@localhost;

1078

Grants for test_yesprivs@localhost

1079

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1080

GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1081

select current_user;

1082

current_user

1083

test_yesprivs@localhost

1084

execute ins1;

1085

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1086

select f1 from t1 order by f1;

1087

1088

trig 1_1-yes

1089

trig 1_1-yes

1090

trig 1_1-yes

1091

trig 1_1-yes

1092

select current_user;

1093

current_user

1094

test_useprivs@localhost

1095

execute ins1;

1096

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1097

select f1 from t1 order by f1;

1098

1099

trig 1_1-yes

1100

trig 1_1-yes

1101

trig 1_1-yes

1102

trig 1_1-yes

1103

select current_user;

1104

current_user

1105

root@localhost

1106

grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;

1107

show grants for test_yesprivs@localhost;

1108

Grants for test_yesprivs@localhost

1109

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1110

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1111

select current_user;

1112

current_user

1113

test_yesprivs@localhost

1114

execute ins1;

1115

select f1 from t1 order by f1;

1116

1117

trig 1_1-yes

1118

trig 1_1-yes

1119

trig 1_1-yes

1120

trig 1_1-yes

1121

trig 1_1-yes

1122

select current_user;

1123

current_user

1124

test_useprivs@localhost

1125

execute ins1;

1126

select f1 from t1 order by f1;

1127

1128

trig 1_1-yes

1129

trig 1_1-yes

1130

trig 1_1-yes

1131

trig 1_1-yes

1132

trig 1_1-yes

1133

trig 1_1-yes

1134

select current_user;

1135

current_user

1136

root@localhost

1137

revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;

1138

show grants for test_yesprivs@localhost;

1139

Grants for test_yesprivs@localhost

1140

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1141

GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1142

select current_user;

1143

current_user

1144

test_yesprivs@localhost

1145

execute ins1;

1146

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1147

select f1 from t1 order by f1;

1148

1149

trig 1_1-yes

1150

trig 1_1-yes

1151

trig 1_1-yes

1152

trig 1_1-yes

1153

trig 1_1-yes

1154

trig 1_1-yes

1155

deallocate prepare ins1;

1156

select current_user;

1157

current_user

1158

test_useprivs@localhost

1159

execute ins1;

1160

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1161

select f1 from t1 order by f1;

1162

1163

trig 1_1-yes

1164

trig 1_1-yes

1165

trig 1_1-yes

1166

trig 1_1-yes

1167

trig 1_1-yes

1168

trig 1_1-yes

1169

deallocate prepare ins1;

1170

select current_user;

1171

current_user

1172

root@localhost

1173

grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;

1174

show grants for test_yesprivs@localhost;

1175

Grants for test_yesprivs@localhost

1176

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1177

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1178

select current_user;

1179

current_user

1180

test_yesprivs@localhost

1181

drop trigger trg1_1;

1182

select current_user;

1183

current_user

1184

root@localhost

1185

select current_user;

1186

current_user

1187

root@localhost

1188

drop database if exists priv_db;

1189

drop user test_yesprivs@localhost;

1190

drop user test_useprivs@localhost;

1191

1192

######### Testcase for definer: ########

1193

-----------------------------------------------

1194

drop database if exists priv_db;

1195

create database priv_db;

1196

use priv_db;

1197

create table t1 (f1 char(20)) engine= innodb;

1198

create User test_yesprivs@localhost;

1199

set password for test_yesprivs@localhost = password('PWD');

1200

revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;

1201

select current_user;

1202

current_user

1203

root@localhost

1204

create definer=not_ex_user@localhost trigger trg1_0

1205

before INSERT on t1 for each row

1206

set new.f1 = 'trig 1_0-yes';

1207

Warnings:

1208

Note 1449 The user specified as a definer ('not_ex_user'@'localhost') does not exist

1209

drop trigger trg1_0;

1210

create definer=test_yesprivs@localhost trigger trg1_0

1211

before INSERT on t1 for each row

1212

set new.f1 = 'trig 1_0-yes';

1213

grant select, insert, update

1214

on priv_db.t1 to test_yesprivs@localhost;

1215

select current_user;

1216

current_user

1217

test_yesprivs@localhost

1218

use priv_db;

1219

insert into t1 (f1) values ('insert-no');

1220

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1221

select f1 from t1 order by f1;

1222

1223

drop trigger trg1_0;

1224

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1225

select current_user;

1226

current_user

1227

root@localhost

1228

grant select, insert, update ,trigger

1229

on priv_db.t1 to test_yesprivs@localhost;

1230

show grants for test_yesprivs@localhost;

1231

Grants for test_yesprivs@localhost

1232

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1233

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1234

select current_user;

1235

current_user

1236

test_yesprivs@localhost

1237

insert into t1 (f1) values ('insert-no');

1238

select f1 from t1 order by f1;

1239

1240

trig 1_0-yes

1241

drop trigger trg1_0;

1242

create definer=not_ex_user@localhost trigger trg1_0

1243

before INSERT on t1 for each row

1244

set new.f1 = 'trig 1_0-yes';

1245

ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation

1246

create definer=current_user trigger trg1_1

1247

before INSERT on t1 for each row

1248

set new.f1 = 'trig 1_1-yes';

1249

insert into t1 (f1) values ('insert-no');

1250

select f1 from t1 order by f1;

1251

1252

trig 1_0-yes

1253

trig 1_1-yes

1254

create definer=test_yesprivs@localhost trigger trg1_2

1255

before UPDATE on t1 for each row

1256

set new.f1 = 'trig 1_2-yes';

1257

update t1 set f1 = 'update-yes' where f1 like '%trig%';

1258

select f1 from t1 order by f1;

1259

1260

trig 1_2-yes

1261

trig 1_2-yes

1262

select current_user;

1263

current_user

1264

root@localhost

1265

grant trigger on priv_db.* to test_yesprivs@localhost

1266

with grant option;

1267

select current_user;

1268

current_user

1269

test_yesprivs@localhost

1270

show grants;

1271

Grants for test_yesprivs@localhost

1272

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1273

GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost' WITH GRANT OPTION

1274

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1275

create definer=not_ex_user@localhost trigger trg1_3

1276

after UPDATE on t1 for each row

1277

set @var1 = 'trig 1_3-yes';

1278

ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation

1279

select current_user;

1280

current_user

1281

root@localhost

1282

select current_user;

1283

current_user

1284

root@localhost

1285

drop database if exists priv_db;

1286

drop user test_yesprivs@localhost;

1287

1288

######### Testcase for transactions: ########

1289

----------------------------------------------------

1290

drop database if exists priv_db;

1291

create database priv_db;

1292

use priv_db;

1293

create table t1 (f1 char(20)) engine= innodb;

1294

create User test_yesprivs@localhost;

1295

set password for test_yesprivs@localhost = password('PWD');

1296

revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;

1297

select current_user;

1298

current_user

1299

root@localhost

1300

grant select, insert, update ,trigger

1301

on priv_db.t1 to test_yesprivs@localhost;

1302

show grants for test_yesprivs@localhost;

1303

Grants for test_yesprivs@localhost

1304

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1305

GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1306

select current_user;

1307

current_user

1308

test_yesprivs@localhost

1309

use priv_db;

1310

set autocommit=0;

1311

create definer=current_user trigger trg1_1

1312

before INSERT on t1 for each row

1313

set new.f1 = 'trig 1_1-yes';

1314

rollback work;

1315

insert into t1 (f1) values ('insert-no');

1316

select f1 from t1 order by f1;

1317

1318

trig 1_1-yes

1319

create definer=test_yesprivs@localhost trigger trg1_2

1320

before UPDATE on t1 for each row

1321

set new.f1 = 'trig 1_2-yes';

1322

commit work;

1323

update t1 set f1 = 'update-yes' where f1 like '%trig%';

1324

select f1 from t1 order by f1;

1325

1326

trig 1_2-yes

1327

commit work;

1328

drop trigger trg1_1;

1329

rollback work;

1330

drop trigger trg1_1;

1331

ERROR HY000: Trigger does not exist

1332

drop trigger trg1_2;

1333

commit work;

1334

set autocommit=1;

1335

select current_user;

1336

current_user

1337

root@localhost

1338

select current_user;

1339

current_user

1340

root@localhost

1341

drop database if exists priv_db;

1342

drop user test_yesprivs@localhost;

1343

1344

####### Testcase for column privileges of triggers: #######

1345

-----------------------------------------------------------

1346

drop database if exists priv_db;

1347

drop database if exists no_priv_db;

1348

create database priv_db;

1349

use priv_db;

1350

create table t1 (f1 char(20)) engine= innodb;

1351

create table t2 (f1 char(20)) engine= innodb;

1352

create User test_yesprivs@localhost;

1353

set password for test_yesprivs@localhost = password('PWD');

1354

revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;

1355

grant TRIGGER on priv_db.* to test_yesprivs@localhost;

1356

show grants for test_yesprivs@localhost;

1357

Grants for test_yesprivs@localhost

1358

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1359

GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'

1360

create User test_noprivs@localhost;

1361

set password for test_noprivs@localhost = password('PWD');

1362

revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;

1363

grant SELECT,UPDATE on priv_db.* to test_noprivs@localhost;

1364

show grants for test_noprivs@localhost;

1365

Grants for test_noprivs@localhost

1366

GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1367

GRANT SELECT, UPDATE ON `priv_db`.* TO 'test_noprivs'@'localhost'

1368

1369

update only on column:

1370

----------------------

1371

select current_user;

1372

current_user

1373

root@localhost

1374

grant SELECT(f1),INSERT,UPDATE(f1) on priv_db.t1

1375

to test_yesprivs@localhost;

1376

grant SELECT(f1),INSERT,UPDATE(f1) on priv_db.t2

1377

to test_yesprivs@localhost;

1378

select current_user;

1379

current_user

1380

test_yesprivs@localhost

1381

use priv_db;

1382

insert into t1 (f1) values ('insert1-yes');

1383

insert into t2 (f1) values ('insert1-yes');

1384

create trigger trg1_1 before UPDATE on t1 for each row

1385

set new.f1 = 'trig 1_1-yes';

1386

create trigger trg2_1 before UPDATE on t2 for each row

1387

set new.f1 = 'trig 2_1-yes';

1388

select current_user;

1389

current_user

1390

test_noprivs@localhost

1391

use priv_db;

1392

select f1 from t1 order by f1;

1393

1394

insert1-yes

1395

update t1 set f1 = 'update1_no'

1396

where f1 like '%insert%';

1397

select f1 from t1 order by f1;

1398

1399

trig 1_1-yes

1400

select f1 from t2 order by f1;

1401

1402

insert1-yes

1403

update t2 set f1 = 'update1_no'

1404

where f1 like '%insert%';

1405

select f1 from t2 order by f1;

1406

1407

trig 2_1-yes

1408

select current_user;

1409

current_user

1410

root@localhost

1411

revoke UPDATE on priv_db.*

1412

from test_yesprivs@localhost;

1413

revoke UPDATE(f1) on priv_db.t2

1414

from test_yesprivs@localhost;

1415

show grants for test_yesprivs@localhost;

1416

Grants for test_yesprivs@localhost

1417

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1418

GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'

1419

GRANT SELECT (f1), INSERT ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'

1420

GRANT SELECT (f1), INSERT, UPDATE (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1421

select current_user;

1422

current_user

1423

test_yesprivs@localhost

1424

use priv_db;

1425

insert into t1 (f1) values ('insert2-yes');

1426

insert into t2 (f1) values ('insert2-yes');

1427

select current_user;

1428

current_user

1429

test_noprivs@localhost

1430

use priv_db;

1431

update t1 set f1 = 'update2_no'

1432

where f1 like '%insert%';

1433

update t2 set f1 = 'update2_no'

1434

where f1 like '%insert%';

1435

ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't2'

1436

update t1 set f1 = 'update3_no'

1437

where f1 like '%insert%';

1438

update t2 set f1 = 'update3_no'

1439

where f1 like '%insert%';

1440

ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't2'

1441

select f1 from t1 order by f1;

1442

1443

trig 1_1-yes

1444

trig 1_1-yes

1445

select f1 from t2 order by f1;

1446

1447

insert2-yes

1448

trig 2_1-yes

1449

1450

check if access only on one of three columns

1451

--------------------------------------------

1452

select current_user;

1453

current_user

1454

root@localhost

1455

alter table priv_db.t1 add f2 char(20), add f3 int;

1456

revoke TRIGGER on priv_db.* from test_yesprivs@localhost;

1457

grant TRIGGER,SELECT on priv_db.t1 to test_yesprivs@localhost;

1458

grant UPDATE on priv_db.t2 to test_yesprivs@localhost;

1459

select current_user;

1460

current_user

1461

test_yesprivs@localhost

1462

use priv_db;

1463

insert into t1 values ('insert2-yes','insert2-yes',1);

1464

insert into t1 values ('insert3-yes','insert3-yes',2);

1465

select * from t1 order by f1;

1466

f1 f2 f3

1467

insert2-yes insert2-yes 1

1468

insert3-yes insert3-yes 2

1469

trig 1_1-yes NULL NULL

1470

trig 1_1-yes NULL NULL

1471

select current_user;

1472

current_user

1473

test_noprivs@localhost

1474

use priv_db;

1475

update t1 set f1 = 'update4-no',

1476

f2 = 'update4-yes',

1477

f3 = f3*10

1478

where f2 like '%yes';

1479

select * from t1 order by f1,f2,f3;

1480

f1 f2 f3

1481

trig 1_1-yes NULL NULL

1482

trig 1_1-yes NULL NULL

1483

trig 1_1-yes update4-yes 10

1484

trig 1_1-yes update4-yes 20

1485

select current_user;

1486

current_user

1487

test_yesprivs@localhost

1488

create trigger trg1_2 after UPDATE on t1 for each row

1489

set @f2 = 'trig 1_2-yes';

1490

select current_user;

1491

current_user

1492

test_noprivs@localhost

1493

update t1 set f1 = 'update5-yes',

1494

f2 = 'update5-yes'

1495

where f2 like '%yes';

1496

select * from t1 order by f1,f2,f3;

1497

f1 f2 f3

1498

trig 1_1-yes NULL NULL

1499

trig 1_1-yes NULL NULL

1500

trig 1_1-yes update5-yes 10

1501

trig 1_1-yes update5-yes 20

1502

select @f2;

1503

@f2

1504

trig 1_2-yes

1505

update t1 set f1 = 'update6_no'

1506

where f1 like '%insert%';

1507

update t2 set f1 = 'update6_no'

1508

where f1 like '%insert%';

1509

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'

1510

update t1 set f1 = 'update7_no'

1511

where f1 like '%insert%';

1512

update t2 set f1 = 'update7_no'

1513

where f1 like '%insert%';

1514

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'

1515

select f1 from t1 order by f1;

1516

1517

trig 1_1-yes

1518

trig 1_1-yes

1519

trig 1_1-yes

1520

trig 1_1-yes

1521

select f1 from t2 order by f1;

1522

1523

insert2-yes

1524

trig 2_1-yes

1525

1526

check if rejected without trigger privilege:

1527

--------------------------------------------

1528

select current_user;

1529

current_user

1530

root@localhost

1531

revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;

1532

select current_user;

1533

current_user

1534

test_noprivs@localhost

1535

update t1 set f1 = 'update8-no',

1536

f2 = 'update8-no'

1537

where f2 like '%yes';

1538

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1539

select * from t1 order by f1,f2,f3;

1540

f1 f2 f3

1541

trig 1_1-yes NULL NULL

1542

trig 1_1-yes NULL NULL

1543

trig 1_1-yes update5-yes 10

1544

trig 1_1-yes update5-yes 20

1545

select @f2;

1546

@f2

1547

trig 1_2-yes

1548

1549

check trigger, but not update privilege on column:

1550

--------------------------------------------------

1551

select current_user;

1552

current_user

1553

root@localhost

1554

revoke UPDATE(f1) on priv_db.t1 from test_yesprivs@localhost;

1555

grant TRIGGER,UPDATE(f2),UPDATE(f3) on priv_db.t1

1556

to test_yesprivs@localhost;

1557

show grants for test_yesprivs@localhost;

1558

Grants for test_yesprivs@localhost

1559

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1560

GRANT SELECT (f1), INSERT, UPDATE ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'

1561

GRANT SELECT, SELECT (f1), INSERT, UPDATE (f3, f2), TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1562

select current_user;

1563

current_user

1564

test_yesprivs@localhost

1565

use priv_db;

1566

drop trigger trg1_1;

1567

create trigger trg1_3 before UPDATE on t1 for each row

1568

set new.f1 = 'trig 1_3-yes';

1569

select current_user;

1570

current_user

1571

test_noprivs@localhost

1572

use priv_db;

1573

update t1 set f1 = 'update9-no',

1574

f2 = 'update9-no'

1575

where f2 like '%yes';

1576

ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't1'

1577

select * from t1 order by f1,f2,f3;

1578

f1 f2 f3

1579

trig 1_1-yes NULL NULL

1580

trig 1_1-yes NULL NULL

1581

trig 1_1-yes update5-yes 10

1582

trig 1_1-yes update5-yes 20

1583

update t1 set f3= f3+1;

1584

ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't1'

1585

select f3 from t1 order by f3;

1586

1587

NULL

1588

NULL

1589

1590

1591

select current_user;

1592

current_user

1593

root@localhost

1594

revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;

1595

grant UPDATE(f1),UPDATE(f2),UPDATE(f3) on priv_db.t1

1596

to test_yesprivs@localhost;

1597

show grants for test_yesprivs@localhost;

1598

Grants for test_yesprivs@localhost

1599

GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'

1600

GRANT SELECT (f1), INSERT, UPDATE ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'

1601

GRANT SELECT, SELECT (f1), INSERT, UPDATE (f3, f2, f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

1602

select current_user;

1603

current_user

1604

test_noprivs@localhost

1605

use priv_db;

1606

update t1 set f3= f3+1;

1607

ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

1608

select f3 from t1 order by f3;

1609

1610

NULL

1611

NULL

1612

1613

1614

1615

##### trigger privilege on column level? #######

1616

------------------------------------------------

1617

grant TRIGGER(f1) on priv_db.t1 to test_yesprivs@localhost;

1618

ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(f1) on priv_db.t1 to test_yesprivs@localhost' at line 1

1619

select current_user;

1620

current_user

1621

root@localhost

1622

drop database if exists priv_db;

1623

drop user test_yesprivs@localhost;

1624

drop user test_noprivs@localhost;

Older »