1
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
2
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
3
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
4
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
6
DROP DATABASE IF EXISTS mysqltest_db1;
7
CREATE DATABASE mysqltest_db1;
8
CREATE USER mysqltest_dfn@localhost;
9
CREATE USER mysqltest_inv@localhost;
10
GRANT CREATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
12
---> connection: wl2818_definer_con
13
CREATE TABLE t1(num_value INT);
14
CREATE TABLE t2(user_str TEXT);
16
---> connection: default
17
GRANT INSERT, DELETE ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
18
GRANT INSERT, DELETE ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
20
---> connection: default
21
GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
23
---> connection: wl2818_definer_con
24
CREATE TRIGGER trg1 AFTER INSERT ON t1
26
INSERT INTO t2 VALUES(CURRENT_USER());
27
ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
29
---> connection: default
30
GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
32
---> connection: wl2818_definer_con
33
CREATE TRIGGER trg1 AFTER INSERT ON t1
35
INSERT INTO t2 VALUES(CURRENT_USER());
37
---> connection: default
38
REVOKE TRIGGER ON mysqltest_db1.t1 FROM mysqltest_dfn@localhost;
40
---> connection: wl2818_definer_con
42
ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
44
---> connection: wl2818_definer_con
45
INSERT INTO t1 VALUES(0);
46
ERROR 42000: TRIGGER command denied to user 'mysqltest_dfn'@'localhost' for table 't1'
48
---> connection: default
49
GRANT TRIGGER ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
51
---> connection: wl2818_definer_con
52
INSERT INTO t1 VALUES(0);
57
---> connection: default
58
REVOKE SUPER ON *.* FROM mysqltest_dfn@localhost;
60
---> connection: wl2818_definer_con
61
CREATE TRIGGER trg1 AFTER INSERT ON t1
63
INSERT INTO t2 VALUES(CURRENT_USER());
65
---> connection: default
66
GRANT ALL PRIVILEGES ON mysqltest_db1.t1 TO mysqltest_dfn@localhost;
67
GRANT ALL PRIVILEGES ON mysqltest_db1.t2 TO mysqltest_dfn@localhost;
68
GRANT ALL PRIVILEGES ON mysqltest_db1.t1
69
TO 'mysqltest_inv'@localhost;
70
GRANT SELECT ON mysqltest_db1.t2
71
TO 'mysqltest_inv'@localhost;
73
---> connection: wl2818_definer_con
75
INSERT INTO t1 VALUES(1);
81
mysqltest_dfn@localhost
83
---> connection: wl2818_invoker_con
85
INSERT INTO t1 VALUES(2);
92
mysqltest_dfn@localhost
93
mysqltest_dfn@localhost
95
---> connection: default
97
REVOKE INSERT ON mysqltest_db1.t2 FROM mysqltest_dfn@localhost;
99
---> connection: wl2818_invoker_con
101
INSERT INTO t1 VALUES(3);
102
ERROR 42000: INSERT command denied to user 'mysqltest_dfn'@'localhost' for table 't2'
109
mysqltest_dfn@localhost
110
mysqltest_dfn@localhost
112
---> connection: wl2818_definer_con
115
CREATE DEFINER='mysqltest_inv'@'localhost'
116
TRIGGER trg1 BEFORE INSERT ON t1
119
ERROR 42000: Access denied; you need the SUPER privilege for this operation
121
---> connection: default
123
GRANT SUPER ON *.* TO mysqltest_dfn@localhost;
125
---> connection: wl2818_definer_con
126
CREATE DEFINER='mysqltest_inv'@'localhost'
127
TRIGGER trg1 BEFORE INSERT ON t1
130
CREATE DEFINER='mysqltest_nonexs'@'localhost'
131
TRIGGER trg2 AFTER INSERT ON t1
135
Note 1449 There is no 'mysqltest_nonexs'@'localhost' registered
136
INSERT INTO t1 VALUES(6);
137
ERROR HY000: There is no 'mysqltest_nonexs'@'localhost' registered
139
Trigger Event Table Statement Timing Created sql_mode Definer
140
trg1 INSERT t1 SET @new_sum = 0 BEFORE NULL mysqltest_inv@localhost
141
trg2 INSERT t1 SET @new_sum = 0 AFTER NULL mysqltest_nonexs@localhost
144
CREATE TRIGGER trg1 BEFORE INSERT ON t1
147
CREATE TRIGGER trg2 AFTER INSERT ON t1
150
CREATE TRIGGER trg3 BEFORE UPDATE ON t1
153
CREATE TRIGGER trg4 AFTER UPDATE ON t1
156
CREATE TRIGGER trg5 BEFORE DELETE ON t1
160
SELECT trigger_name, definer FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
166
trg5 @abcdef@@@hostname
168
Warning 1454 No definer attribute for trigger 'mysqltest_db1'.'trg1'. The trigger will be activated under the authorization of the invoker, which may have insufficient privileges. Please recreate the trigger.
170
SELECT * FROM INFORMATION_SCHEMA.TRIGGERS ORDER BY trigger_name;
171
TRIGGER_CATALOG TRIGGER_SCHEMA TRIGGER_NAME EVENT_MANIPULATION EVENT_OBJECT_CATALOG EVENT_OBJECT_SCHEMA EVENT_OBJECT_TABLE ACTION_ORDER ACTION_CONDITION ACTION_STATEMENT ACTION_ORIENTATION ACTION_TIMING ACTION_REFERENCE_OLD_TABLE ACTION_REFERENCE_NEW_TABLE ACTION_REFERENCE_OLD_ROW ACTION_REFERENCE_NEW_ROW CREATED SQL_MODE DEFINER
172
NULL mysqltest_db1 trg1 INSERT NULL mysqltest_db1 t1 0 NULL SET @a = 1 ROW BEFORE NULL NULL OLD NEW NULL
173
NULL mysqltest_db1 trg2 INSERT NULL mysqltest_db1 t1 0 NULL SET @a = 2 ROW AFTER NULL NULL OLD NEW NULL @
174
NULL mysqltest_db1 trg3 UPDATE NULL mysqltest_db1 t1 0 NULL SET @a = 3 ROW BEFORE NULL NULL OLD NEW NULL @abc@def@@
175
NULL mysqltest_db1 trg4 UPDATE NULL mysqltest_db1 t1 0 NULL SET @a = 4 ROW AFTER NULL NULL OLD NEW NULL @hostname
176
NULL mysqltest_db1 trg5 DELETE NULL mysqltest_db1 t1 0 NULL SET @a = 5 ROW BEFORE NULL NULL OLD NEW NULL @abcdef@@@hostname
178
---> connection: default
179
DROP USER mysqltest_dfn@localhost;
180
DROP USER mysqltest_inv@localhost;
181
DROP DATABASE mysqltest_db1;
183
Warning 1454 No definer attribute for trigger 'mysqltest_db1'.'trg1'. The trigger will be activated under the authorization of the invoker, which may have insufficient privileges. Please recreate the trigger.
184
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
185
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
186
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
187
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
189
DROP DATABASE IF EXISTS mysqltest_db1;
190
CREATE DATABASE mysqltest_db1;
192
CREATE TABLE t1(col CHAR(20));
193
CREATE TABLE t2(col CHAR(20));
194
CREATE TABLE t3(col CHAR(20));
195
CREATE TABLE t4(col CHAR(20));
196
CREATE USER mysqltest_u1@localhost;
197
REVOKE ALL PRIVILEGES, GRANT OPTION FROM mysqltest_u1@localhost;
198
GRANT TRIGGER ON mysqltest_db1.* TO mysqltest_u1@localhost;
199
SET @mysqltest_var = NULL;
201
---> connection: default
203
GRANT DELETE ON mysqltest_db1.* TO mysqltest_u1@localhost;
204
SHOW GRANTS FOR mysqltest_u1@localhost;
205
Grants for mysqltest_u1@localhost
206
GRANT USAGE ON *.* TO 'mysqltest_u1'@'localhost'
207
GRANT DELETE, TRIGGER ON `mysqltest_db1`.* TO 'mysqltest_u1'@'localhost'
209
---> connection: bug15166_u1_con
211
CREATE TRIGGER t1_trg_after_delete AFTER DELETE ON t1
213
SET @mysqltest_var = 'Hello, world!';
215
---> connection: default
217
GRANT UPDATE ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
218
GRANT UPDATE ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
219
GRANT UPDATE(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
220
GRANT UPDATE(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
222
---> connection: bug15166_u1_con
224
CREATE TRIGGER t1_trg_err_1 BEFORE INSERT ON t1
226
SET @mysqltest_var = NEW.col;
227
DROP TRIGGER t1_trg_err_1;
228
CREATE TRIGGER t1_trg_err_2 BEFORE DELETE ON t1
230
SET @mysqltest_var = OLD.col;
231
DROP TRIGGER t1_trg_err_2;
232
CREATE TRIGGER t2_trg_before_insert BEFORE INSERT ON t2
234
SET NEW.col = 't2_trg_before_insert';
235
CREATE TRIGGER t3_trg_err_1 BEFORE INSERT ON t3
237
SET @mysqltest_var = NEW.col;
238
DROP TRIGGER t3_trg_err_1;
239
CREATE TRIGGER t3_trg_err_2 BEFORE DELETE ON t3
241
SET @mysqltest_var = OLD.col;
242
DROP TRIGGER t3_trg_err_2;
243
CREATE TRIGGER t4_trg_before_insert BEFORE INSERT ON t4
245
SET NEW.col = 't4_trg_before_insert';
247
---> connection: default
249
REVOKE UPDATE ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
250
REVOKE UPDATE ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
251
GRANT SELECT ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
252
GRANT SELECT ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
253
REVOKE UPDATE(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
254
REVOKE UPDATE(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
255
GRANT SELECT(col) on mysqltest_db1.t3 TO mysqltest_u1@localhost;
256
GRANT SELECT(col) on mysqltest_db1.t4 TO mysqltest_u1@localhost;
258
---> connection: bug15166_u1_con
260
CREATE TRIGGER t1_trg_after_insert AFTER INSERT ON t1
262
SET @mysqltest_var = NEW.col;
263
CREATE TRIGGER t1_trg_after_update AFTER UPDATE ON t1
265
SET @mysqltest_var = OLD.col;
266
CREATE TRIGGER t2_trg_err_1 BEFORE UPDATE ON t2
268
SET NEW.col = 't2_trg_err_1';
269
DROP TRIGGER t2_trg_err_1;
270
CREATE TRIGGER t2_trg_err_2 BEFORE UPDATE ON t2
272
SET NEW.col = CONCAT(OLD.col, '(updated)');
273
DROP TRIGGER t2_trg_err_2;
274
CREATE TRIGGER t3_trg_after_insert AFTER INSERT ON t3
276
SET @mysqltest_var = NEW.col;
277
CREATE TRIGGER t3_trg_after_update AFTER UPDATE ON t3
279
SET @mysqltest_var = OLD.col;
280
CREATE TRIGGER t4_trg_err_1 BEFORE UPDATE ON t4
282
SET NEW.col = 't4_trg_err_1';
283
DROP TRIGGER t4_trg_err_1;
284
CREATE TRIGGER t4_trg_err_2 BEFORE UPDATE ON t4
286
SET NEW.col = CONCAT(OLD.col, '(updated)');
287
DROP TRIGGER t4_trg_err_2;
289
---> connection: default
291
REVOKE SELECT ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
292
REVOKE SELECT ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
293
GRANT UPDATE ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
294
GRANT UPDATE ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
295
REVOKE SELECT(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
296
REVOKE SELECT(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
297
GRANT UPDATE(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
298
GRANT UPDATE(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
299
INSERT INTO t1 VALUES('line1');
300
ERROR 42000: SELECT command denied to user 'mysqltest_u1'@'localhost' for column 'col' in table 't1'
303
SELECT @mysqltest_var;
306
INSERT INTO t2 VALUES('line2');
310
INSERT INTO t3 VALUES('t3_line1');
311
ERROR 42000: SELECT command denied to user 'mysqltest_u1'@'localhost' for column 'col' in table 't3'
314
SELECT @mysqltest_var;
317
INSERT INTO t4 VALUES('t4_line2');
322
---> connection: default
324
REVOKE UPDATE ON mysqltest_db1.t1 FROM mysqltest_u1@localhost;
325
REVOKE UPDATE ON mysqltest_db1.t2 FROM mysqltest_u1@localhost;
326
GRANT SELECT ON mysqltest_db1.t1 TO mysqltest_u1@localhost;
327
GRANT SELECT ON mysqltest_db1.t2 TO mysqltest_u1@localhost;
328
REVOKE UPDATE(col) ON mysqltest_db1.t3 FROM mysqltest_u1@localhost;
329
REVOKE UPDATE(col) ON mysqltest_db1.t4 FROM mysqltest_u1@localhost;
330
GRANT SELECT(col) ON mysqltest_db1.t3 TO mysqltest_u1@localhost;
331
GRANT SELECT(col) ON mysqltest_db1.t4 TO mysqltest_u1@localhost;
332
INSERT INTO t1 VALUES('line3');
336
SELECT @mysqltest_var;
339
INSERT INTO t2 VALUES('line4');
340
ERROR 42000: UPDATE command denied to user 'mysqltest_u1'@'localhost' for column 'col' in table 't2'
344
INSERT INTO t3 VALUES('t3_line2');
348
SELECT @mysqltest_var;
351
INSERT INTO t4 VALUES('t4_line2');
352
ERROR 42000: UPDATE command denied to user 'mysqltest_u1'@'localhost' for column 'col' in table 't4'
357
SELECT @mysqltest_var;
360
DROP USER mysqltest_u1@localhost;
361
DROP DATABASE mysqltest_db1;
362
DELETE FROM mysql.user WHERE User LIKE 'mysqltest_%';
363
DELETE FROM mysql.db WHERE User LIKE 'mysqltest_%';
364
DELETE FROM mysql.tables_priv WHERE User LIKE 'mysqltest_%';
365
DELETE FROM mysql.columns_priv WHERE User LIKE 'mysqltest_%';
367
DROP DATABASE IF EXISTS mysqltest_db1;
368
CREATE DATABASE mysqltest_db1;
370
CREATE TABLE t1 (i1 INT);
371
CREATE TABLE t2 (i1 INT);
372
CREATE USER mysqltest_dfn@localhost;
373
CREATE USER mysqltest_inv@localhost;
374
GRANT EXECUTE, CREATE ROUTINE, TRIGGER ON *.* TO mysqltest_dfn@localhost;
375
GRANT INSERT ON mysqltest_db1.* TO mysqltest_inv@localhost;
376
CREATE PROCEDURE p1(OUT i INT) DETERMINISTIC NO SQL SET i = 3;
377
CREATE PROCEDURE p2(INOUT i INT) DETERMINISTIC NO SQL SET i = i * 5;
378
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
380
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
382
INSERT INTO t1 VALUES (7);
383
ERROR 42000: UPDATE command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't1'
384
INSERT INTO t2 VALUES (11);
385
ERROR 42000: SELECT,UPDATE command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't2'
388
GRANT SELECT ON mysqltest_db1.* TO mysqltest_dfn@localhost;
389
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
391
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
393
INSERT INTO t1 VALUES (13);
394
ERROR 42000: UPDATE command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't1'
395
INSERT INTO t2 VALUES (17);
396
ERROR 42000: UPDATE command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't2'
397
REVOKE SELECT ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
400
GRANT UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
401
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
403
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
405
INSERT INTO t1 VALUES (19);
406
INSERT INTO t2 VALUES (23);
407
ERROR 42000: SELECT command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't2'
408
REVOKE UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
411
GRANT SELECT, UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
412
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
414
CREATE TRIGGER t2_bi BEFORE INSERT ON t2 FOR EACH ROW
416
INSERT INTO t1 VALUES (29);
417
INSERT INTO t2 VALUES (31);
418
REVOKE SELECT, UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
423
GRANT UPDATE ON mysqltest_db1.* TO mysqltest_dfn@localhost;
424
CREATE PROCEDURE p1(OUT i INT) DETERMINISTIC NO SQL SET i = 37;
425
CREATE TRIGGER t1_bi BEFORE INSERT ON t1 FOR EACH ROW
427
INSERT INTO t1 VALUES (41);
429
CREATE PROCEDURE p1(IN i INT) DETERMINISTIC NO SQL SET @v1 = i + 43;
430
INSERT INTO t1 VALUES (47);
431
ERROR 42000: SELECT command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't1'
433
CREATE PROCEDURE p1(INOUT i INT) DETERMINISTIC NO SQL SET i = i + 51;
434
INSERT INTO t1 VALUES (53);
435
ERROR 42000: SELECT command denied to user 'mysqltest_dfn'@'localhost' for column 'i1' in table 't1'
437
REVOKE UPDATE ON mysqltest_db1.* FROM mysqltest_dfn@localhost;
439
DROP USER mysqltest_inv@localhost;
440
DROP USER mysqltest_dfn@localhost;
443
DROP DATABASE mysqltest_db1;