[Commits] 326db1a: Mdev-14853 Grant does not work correctly when table contains...

Sachin Setiya sachin.setiya at mariadb.com
Thu Apr 26 15:34:11 EEST 2018


Hi Vicentiu,

Now, I have run test with embedded mysql server and it passes.
May be embedded server does not support advance feature of grant like roles
, I dont know.

Thanks
sachin

On Thu, Apr 26, 2018 at 5:39 PM, Vicențiu Ciorbaru <cvicentiu at gmail.com>
wrote:

> Hi Sachin!
>
> Did you run this test on embedded server? Usually grant related tests
> require some form of not_embedded.inc include. (check roles suite for
> examples)
>
> Vicentiu
>
> On Thu, 26 Apr 2018 at 00:20 sachin <sachin.setiya at mariadb.com> wrote:
>
>> revision-id: 326db1a2aaa9b275a1a21a863e8cd2d9fa1b1d5f
>> (mariadb-10.3.6-46-g326db1a)
>> parent(s): 9477a2a9ba17c0db362e2bb39d5048e369096f39
>> author: Sachin Setiya
>> committer: Sachin Setiya
>> timestamp: 2018-04-26 12:47:25 +0530
>> message:
>>
>> Mdev-14853 Grant does not work correctly when table contains...
>> SYSTEM_INVISIBLE or COMPLETELY_INVISIBLE
>>
>> This commit does multiple things to solve this mdev
>> 1st add field into the parameter of check_column_grant_in_table_ref, so
>> that
>> we can find out field invisibility.
>> 2nd If field->invisible >= INVISIBLE_SYSTEM skip access check and simple
>> grant access.
>>
>> ---
>>  mysql-test/main/invisible_field_grant.result | 111
>> +++++++++++++++++++++++++++
>>  mysql-test/main/invisible_field_grant.test   |  77 +++++++++++++++++++
>>  sql/sp_rcontext.cc                           |   9 ++-
>>  sql/sql_acl.cc                               |  11 ++-
>>  sql/sql_acl.h                                |   2 +-
>>  sql/sql_base.cc                              |   4 +-
>>  6 files changed, 206 insertions(+), 8 deletions(-)
>>
>> diff --git a/mysql-test/main/invisible_field_grant.result
>> b/mysql-test/main/invisible_field_grant.result
>> new file mode 100644
>> index 0000000..c3ccbb1
>> --- /dev/null
>> +++ b/mysql-test/main/invisible_field_grant.result
>> @@ -0,0 +1,111 @@
>> +set @old_debug= @@debug_dbug;
>> +create user user_1;
>> +show grants for user_1;
>> +Grants for user_1@%
>> +GRANT USAGE ON *.* TO 'user_1'@'%'
>> +# create user
>> +create database d;
>> +use d;
>> +
>> +#System_Invisible
>> +set debug_dbug= "+d,test_pseudo_invisible";
>> +create table t1(a int);
>> +set debug_dbug=@old_debug;
>> +insert into t1 values(1);
>> +select a,invisible from t1;
>> +a      invisible
>> +1      9
>> +grant insert(a) on t1 to user_1;
>> +grant update(a) on t1 to user_1;
>> +grant select(a) on t1 to user_1;
>> +grant delete on t1 to user_1;
>> +connect  con1, localhost, user_1,,test;
>> +connection con1;
>> +select user();
>> +user()
>> +user_1 at localhost
>> +use d;
>> +select * from t1;
>> +a
>> +1
>> +insert into t1 values(2);
>> +select * from t1;
>> +a
>> +1
>> +2
>> +insert into t1(a) values(3);
>> +select * from t1;
>> +a
>> +1
>> +2
>> +3
>> +select invisible,a from t1;
>> +invisible      a
>> +9      1
>> +9      2
>> +9      3
>> +delete from t1 where a =1;
>> +update t1 set a=1 where a=3;
>> +select * from t1;
>> +a
>> +2
>> +1
>> +disconnect con1;
>> +
>> +#Cleanup
>> +connection default;
>> +drop table t1;
>> +REVOKE ALL PRIVILEGES, GRANT OPTION FROM user_1;
>> +
>> +#Completely Invisible
>> +set debug_dbug= "+d,test_completely_invisible";
>> +create table t1(a int);
>> +insert into t1 values(1);
>> +select a,invisible from t1;
>> +a      invisible
>> +1      9
>> +set debug_dbug=@old_debug;
>> +grant insert(a) on t1 to user_1;
>> +grant update(a) on t1 to user_1;
>> +grant select(a) on t1 to user_1;
>> +grant delete on t1 to user_1;
>> +connect  con1, localhost, user_1,,test;
>> +connection con1;
>> +select user();
>> +user()
>> +user_1 at localhost
>> +use d;
>> +select * from t1;
>> +a
>> +1
>> +insert into t1 values(2);
>> +select * from t1;
>> +a
>> +1
>> +2
>> +insert into t1(a) values(3);
>> +select * from t1;
>> +a
>> +1
>> +2
>> +3
>> +select invisible,a from t1;
>> +ERROR 42S22: Unknown column 'invisible' in 'field list'
>> +delete from t1 where a =1;
>> +update t1 set a=1 where a=3;
>> +select * from t1;
>> +a
>> +2
>> +1
>> +disconnect con1;
>> +
>> +#Final Cleanup
>> +connection default;
>> +set debug_dbug= "+d,test_completely_invisible";
>> +select a,invisible from t1;
>> +a      invisible
>> +2      9
>> +1      9
>> +drop user user_1;
>> +drop database d;
>> +set @old_debug= @@debug_dbug;
>> diff --git a/mysql-test/main/invisible_field_grant.test
>> b/mysql-test/main/invisible_field_grant.test
>> new file mode 100644
>> index 0000000..0d627e5
>> --- /dev/null
>> +++ b/mysql-test/main/invisible_field_grant.test
>> @@ -0,0 +1,77 @@
>> +--source include/have_debug.inc
>> +##TEST for invisible coloumn level 2
>> +set @old_debug= @@debug_dbug;
>> +create user user_1;
>> +show grants for user_1;
>> +--echo # create user
>> +create database d;
>> +use d;
>> +
>> +--echo
>> +--echo #System_Invisible
>> +set debug_dbug= "+d,test_pseudo_invisible";
>> +create table t1(a int);
>> +set debug_dbug=@old_debug;
>> +insert into t1 values(1);
>> +select a,invisible from t1;
>> +grant insert(a) on t1 to user_1;
>> +grant update(a) on t1 to user_1;
>> +grant select(a) on t1 to user_1;
>> +grant delete on t1 to user_1;
>> +connect (con1, localhost, user_1,,test);
>> +connection con1;
>> +select user();
>> +use d;
>> +select * from t1;
>> +insert into t1 values(2);
>> +select * from t1;
>> +insert into t1(a) values(3);
>> +select * from t1;
>> +select invisible,a from t1;
>> +delete from t1 where a =1;
>> +update t1 set a=1 where a=3;
>> +select * from t1;
>> +disconnect con1;
>> +--source include/wait_until_disconnected.inc
>> +
>> +--echo
>> +--echo #Cleanup
>> +--connection default
>> +drop table t1;
>> +REVOKE ALL PRIVILEGES, GRANT OPTION FROM user_1;
>> +
>> +--echo
>> +--echo #Completely Invisible
>> +set debug_dbug= "+d,test_completely_invisible";
>> +create table t1(a int);
>> +insert into t1 values(1);
>> +select a,invisible from t1;
>> +set debug_dbug=@old_debug;
>> +grant insert(a) on t1 to user_1;
>> +grant update(a) on t1 to user_1;
>> +grant select(a) on t1 to user_1;
>> +grant delete on t1 to user_1;
>> +connect (con1, localhost, user_1,,test);
>> +connection con1;
>> +select user();
>> +use d;
>> +select * from t1;
>> +insert into t1 values(2);
>> +select * from t1;
>> +insert into t1(a) values(3);
>> +select * from t1;
>> +--error ER_BAD_FIELD_ERROR
>> +select invisible,a from t1;
>> +delete from t1 where a =1;
>> +update t1 set a=1 where a=3;
>> +select * from t1;
>> +disconnect con1;
>> +--source include/wait_until_disconnected.inc
>> +--echo
>> +--echo #Final Cleanup
>> +connection default;
>> +set debug_dbug= "+d,test_completely_invisible";
>> +select a,invisible from t1;
>> +drop user user_1;
>> +drop database d;
>> +set @old_debug= @@debug_dbug;
>> diff --git a/sql/sp_rcontext.cc b/sql/sp_rcontext.cc
>> index 2e9ae23..dc103fa 100644
>> --- a/sql/sp_rcontext.cc
>> +++ b/sql/sp_rcontext.cc
>> @@ -196,11 +196,12 @@ bool sp_rcontext::init_var_table(THD *thd,
>>  */
>>  static inline bool
>>  check_column_grant_for_type_ref(THD *thd, TABLE_LIST *table_list,
>> -                                const char *str, size_t length)
>> +                                const char *str, size_t length,
>> +                                Field *fld)
>>  {
>>  #ifndef NO_EMBEDDED_ACCESS_CHECKS
>>    table_list->table->grant.want_privilege= SELECT_ACL;
>> -  return check_column_grant_in_table_ref(thd, table_list, str, length);
>> +  return check_column_grant_in_table_ref(thd, table_list, str, length,
>> fld);
>>  #else
>>    return false;
>>  #endif
>> @@ -238,7 +239,7 @@ bool Qualified_column_ident::resolve_type_ref(THD
>> *thd, Column_definition *def)
>>      {
>>        if (!(rc= check_column_grant_for_type_ref(thd, table_list,
>>                                                  m_column.str,
>> -                                                m_column.length)))
>> +                                                m_column.length, src)))
>>        {
>>          *def= Column_definition(thd, src, NULL/*No defaults,no
>> constraints*/);
>>          def->flags&= (uint) ~NOT_NULL_FLAG;
>> @@ -302,7 +303,7 @@ bool Table_ident::resolve_table_rowtype_ref(THD *thd,
>>        LEX_CSTRING tmp= src[0]->field_name;
>>        Spvar_definition *def;
>>        if ((rc= check_column_grant_for_type_ref(thd, table_list,
>> -                                               tmp.str, tmp.length)) ||
>> +                                               tmp.str,
>> tmp.length,src[0])) ||
>>            (rc= !(src[0]->field_name.str= thd->strmake(tmp.str,
>> tmp.length))) ||
>>            (rc= !(def= new (thd->mem_root) Spvar_definition(thd, *src))))
>>          break;
>> diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
>> index de4e201..1c154a1 100644
>> --- a/sql/sql_acl.cc
>> +++ b/sql/sql_acl.cc
>> @@ -7775,6 +7775,8 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
>>      table_ref        table reference where to check the field
>>      name             name of field to check
>>      length           length of name
>> +    fld              use fld object to check invisibility when it is
>> +                     not 0, not_found_field, view_ref_found
>>
>>    DESCRIPTION
>>      Check the access rights to a column depending on the type of table
>> @@ -7789,13 +7791,17 @@ bool check_grant_column(THD *thd, GRANT_INFO
>> *grant,
>>  */
>>
>>  bool check_column_grant_in_table_ref(THD *thd, TABLE_LIST * table_ref,
>> -                                     const char *name, size_t length)
>> +                                     const char *name, size_t length,
>> +                                     Field *fld)
>>  {
>>    GRANT_INFO *grant;
>>    const char *db_name;
>>    const char *table_name;
>>    Security_context *sctx= table_ref->security_ctx ?
>>                            table_ref->security_ctx : thd->security_ctx;
>> +  if (fld && fld != not_found_field && fld != view_ref_found
>> +          && fld->invisible >= INVISIBLE_SYSTEM)
>> +      return false;
>>
>>    if (table_ref->view || table_ref->field_translation)
>>    {
>> @@ -7871,6 +7877,9 @@ bool check_grant_all_columns(THD *thd, ulong
>> want_access_arg,
>>
>>    for (; !fields->end_of_fields(); fields->next())
>>    {
>> +    if (fields->field() &&
>> +        fields->field()->invisible >= INVISIBLE_SYSTEM)
>> +      continue;
>>      LEX_CSTRING *field_name= fields->name();
>>
>>      if (table_name != fields->get_table_name())
>> diff --git a/sql/sql_acl.h b/sql/sql_acl.h
>> index a608ef0..6da7d4d 100644
>> --- a/sql/sql_acl.h
>> +++ b/sql/sql_acl.h
>> @@ -239,7 +239,7 @@ bool check_grant_column (THD *thd, GRANT_INFO *grant,
>>                           const char *db_name, const char *table_name,
>>                           const char *name, size_t length,
>> Security_context *sctx);
>>  bool check_column_grant_in_table_ref(THD *thd, TABLE_LIST * table_ref,
>> -                                     const char *name, size_t length);
>> +                                     const char *name, size_t length,
>> Field *fld);
>>  bool check_grant_all_columns(THD *thd, ulong want_access,
>>                               Field_iterator_table_ref *fields);
>>  bool check_grant_routine(THD *thd, ulong want_access,
>> diff --git a/sql/sql_base.cc b/sql/sql_base.cc
>> index 0081365..383341c 100644
>> --- a/sql/sql_base.cc
>> +++ b/sql/sql_base.cc
>> @@ -5880,7 +5880,7 @@ find_field_in_table_ref(THD *thd, TABLE_LIST
>> *table_list,
>>  #ifndef NO_EMBEDDED_ACCESS_CHECKS
>>      /* Check if there are sufficient access rights to the found field. */
>>      if (check_privileges &&
>> -        check_column_grant_in_table_ref(thd, *actual_table, name,
>> length))
>> +        check_column_grant_in_table_ref(thd, *actual_table, name,
>> length, fld))
>>        fld= WRONG_GRANT;
>>      else
>>  #endif
>> @@ -6057,7 +6057,7 @@ find_field_in_tables(THD *thd, Item_ident *item,
>>  #ifndef NO_EMBEDDED_ACCESS_CHECKS
>>        /* Check if there are sufficient access rights to the found field.
>> */
>>        if (found && check_privileges &&
>> -          check_column_grant_in_table_ref(thd, table_ref, name, length))
>> +          check_column_grant_in_table_ref(thd, table_ref, name, length,
>> found))
>>          found= WRONG_GRANT;
>>  #endif
>>      }
>> _______________________________________________
>> commits mailing list
>> commits at mariadb.org
>> https://lists.askmonty.org/cgi-bin/mailman/listinfo/commits
>
>


-- 
Regards
Sachin Setiya
Software Engineer at  MariaDB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.askmonty.org/pipermail/commits/attachments/20180426/0dcc93b1/attachment-0001.html>


More information about the commits mailing list