[Commits] dd2043012f8: MDEV-13439: Database permissions are not enough to run a subquery with GROUP BY within a view

Oleksandr Byelkin sanja at mariadb.com
Wed Aug 9 18:54:49 EEST 2017


revision-id: dd2043012f8cc664db7c02bd133393927cf536c0 (mariadb-10.2.7-61-gdd2043012f8)
parent(s): 86f9b7714791f45f386e9aaa6f469ada626cd69d
committer: Oleksandr Byelkin
timestamp: 2017-08-09 17:54:48 +0200
message:

MDEV-13439: Database permissions are not enough to run a subquery with GROUP BY within a view

The bug is result adding ability to have derived tables inside views.
Fixed checks should be a switch between view/derived or select derived and information schema.

---
 mysql-test/r/view.result | 19 +++++++++++++++++++
 mysql-test/t/view.test   | 25 +++++++++++++++++++++++++
 sql/sql_acl.cc           |  5 ++++-
 sql/sql_derived.cc       |  7 ++++---
 4 files changed, 52 insertions(+), 4 deletions(-)

diff --git a/mysql-test/r/view.result b/mysql-test/r/view.result
index 1fae4e6ec9f..e0bc7b3d984 100644
--- a/mysql-test/r/view.result
+++ b/mysql-test/r/view.result
@@ -6559,5 +6559,24 @@ Warnings:
 Warning	1356	View 'test.v' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
 DROP VIEW v;
 #
+# MDEV-13439: Database permissions are not enough to run a subquery
+# with GROUP BY within a view
+#
+create database test_db;
+use test_db;
+create table t (i int);
+create user foo at localhost;
+grant all on test_db.* to foo at localhost;
+connect  con1,localhost,foo,,;
+use test_db;
+create view v as select * from (select i from t group by i) sq;
+select * from v;
+i
+disconnect con1;
+connection default;
+use test;
+drop database test_db;
+drop user foo at localhost;
+#
 # End of 10.2 tests
 #
diff --git a/mysql-test/t/view.test b/mysql-test/t/view.test
index 4430b65e5f4..47dc62c1b96 100644
--- a/mysql-test/t/view.test
+++ b/mysql-test/t/view.test
@@ -6269,5 +6269,30 @@ SHOW CREATE VIEW v;
 DROP VIEW v;
 
 --echo #
+--echo # MDEV-13439: Database permissions are not enough to run a subquery
+--echo # with GROUP BY within a view
+--echo #
+
+create database test_db;
+use test_db;
+create table t (i int);
+
+create user foo at localhost;
+grant all on test_db.* to foo at localhost;
+
+--connect (con1,localhost,foo,,)
+
+use test_db;
+create view v as select * from (select i from t group by i) sq;
+select * from v;
+
+# Cleanup
+--disconnect con1
+--connection default
+use test;
+drop database test_db;
+drop user foo at localhost;
+
+--echo #
 --echo # End of 10.2 tests
 --echo #
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 77f502d3a7b..9bffcbe6a9e 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -7594,8 +7594,11 @@ bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
       /*
         It is subquery in the FROM clause. VIEW set t_ref->derived after
         table opening, but this function always called before table opening.
+
+        NOTE: is_derived() can't be used here bacause subquery in this case
+        the FROM clase (derived tables) can be not be marked yet.
       */
-      if (!t_ref->referencing_view)
+      if (t_ref->is_anonymous_derived_table() || t_ref->schema_table)
       {
         /*
           If it's a temporary table created for a subquery in the FROM
diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc
index 649f745fdc4..f788d35a297 100644
--- a/sql/sql_derived.cc
+++ b/sql/sql_derived.cc
@@ -822,13 +822,14 @@ bool mysql_derived_prepare(THD *thd, LEX *lex, TABLE_LIST *derived)
     table->derived_select_number= first_select->select_number;
     table->s->tmp_table= INTERNAL_TMP_TABLE;
 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-    if (derived->referencing_view)
+    if (derived->is_view())
       table->grant= derived->grant;
     else
     {
+      DBUG_ASSERT(derived->is_derived());
+      DBUG_ASSERT(derived->is_anonymous_derived_table());
       table->grant.privilege= SELECT_ACL;
-      if (derived->is_derived())
-        derived->grant.privilege= SELECT_ACL;
+      derived->grant.privilege= SELECT_ACL;
     }
 #endif
     /* Add new temporary table to list of open derived tables */


More information about the commits mailing list