1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup: reduce code duplication

Browse Source
This commit is contained in:
Sergei Golubchik 2020-07-29 12:05:12 +02:00
parent 0b5b2f8641
commit 2ba70f69fd
3 changed files with 23 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
sql/sql_acl.cc
View File

@ -7130,6 +7130,17 @@ err:
}
static void check_grant_column_int(GRANT_TABLE *grant_table, const char *name,
uint length, ulong *want_access)
{
if (grant_table)
{
GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length);
if (grant_column)
*want_access&= ~grant_column->rights;
}
}
/*
Check column rights in given security context
@ -7152,9 +7163,6 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
const char *db_name, const char *table_name,
const char *name, uint length, Security_context *sctx)
{
GRANT_TABLE *grant_table;
GRANT_TABLE *grant_table_role;
GRANT_COLUMN *grant_column;
ulong want_access= grant->want_privilege & ~grant->privilege;
DBUG_ENTER("check_grant_column");
DBUG_PRINT("enter", ("table: %s want_access: %lu", table_name, want_access));
@ -7179,45 +7187,18 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
grant->version= grant_version; /* purecov: inspected */
}
grant_table= grant->grant_table_user;
grant_table_role= grant->grant_table_role;
check_grant_column_int(grant->grant_table_user, name, length, &want_access);
check_grant_column_int(grant->grant_table_role, name, length, &want_access);
if (!grant_table && !grant_table_role)
goto err;
if (grant_table)
{
grant_column= column_hash_search(grant_table, name, length);
if (grant_column)
{
want_access&= ~grant_column->rights;
}
}
if (grant_table_role)
{
grant_column= column_hash_search(grant_table_role, name, length);
if (grant_column)
{
want_access&= ~grant_column->rights;
}
}
if (!want_access)
{
mysql_rwlock_unlock(&LOCK_grant);
DBUG_RETURN(0);
}
err:
mysql_rwlock_unlock(&LOCK_grant);
if (!want_access)
DBUG_RETURN(0);
char command[128];
get_privilege_desc(command, sizeof(command), want_access);
/* TODO perhaps error should print current rolename aswell */
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
command,
sctx->priv_user,
sctx->host_or_ip,
name,
table_name);
my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), command, sctx->priv_user,
sctx->host_or_ip, name, table_name);
DBUG_RETURN(1);
}

12
sql/sql_base.cc
View File

@ -8306,15 +8306,11 @@ bool setup_tables(THD *thd, Name_resolution_context *context,
FALSE ok; In this case *map will include the chosen index
TRUE error
*/
bool setup_tables_and_check_access(THD *thd,
Name_resolution_context *context,
bool setup_tables_and_check_access(THD *thd, Name_resolution_context *context,
List<TABLE_LIST> *from_clause,
TABLE_LIST *tables,
List<TABLE_LIST> &leaves,
bool select_insert,
ulong want_access_first,
ulong want_access,
bool full_table_list)
TABLE_LIST *tables, List<TABLE_LIST> &leaves,
bool select_insert, ulong want_access_first,
ulong want_access, bool full_table_list)
{
DBUG_ENTER("setup_tables_and_check_access");

3
sql/sql_update.cc
View File

@ -1119,8 +1119,7 @@ bool mysql_prepare_update(THD *thd, TABLE_LIST *table_list,
DBUG_RETURN(TRUE);
if (setup_tables_and_check_access(thd, &select_lex->context,
&select_lex->top_join_list,
table_list,
&select_lex->top_join_list, table_list,
select_lex->leaf_tables,
FALSE, UPDATE_ACL, SELECT_ACL, TRUE) ||
setup_conds(thd, table_list, select_lex->leaf_tables, conds) ||