cleanup: reduce code duplication

sql/sql_acl.cc

@@ -7130,6 +7130,17 @@ err:
 }
 
 
+static void check_grant_column_int(GRANT_TABLE *grant_table, const char *name,
+                                   uint length, ulong *want_access)
+{
+  if (grant_table)
+  {
+    GRANT_COLUMN *grant_column= column_hash_search(grant_table, name, length);
+    if (grant_column)
+      *want_access&= ~grant_column->rights;
+  }
+}
+
 /*
   Check column rights in given security context
 
@@ -7152,9 +7163,6 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
 			const char *db_name, const char *table_name,
 			const char *name, uint length,  Security_context *sctx)
 {
-  GRANT_TABLE *grant_table;
-  GRANT_TABLE *grant_table_role;
-  GRANT_COLUMN *grant_column;
   ulong want_access= grant->want_privilege & ~grant->privilege;
   DBUG_ENTER("check_grant_column");
   DBUG_PRINT("enter", ("table: %s  want_access: %lu", table_name, want_access));
@@ -7179,45 +7187,18 @@ bool check_grant_column(THD *thd, GRANT_INFO *grant,
     grant->version= grant_version;		/* purecov: inspected */
   }
 
-  grant_table= grant->grant_table_user;
+  check_grant_column_int(grant->grant_table_user, name, length, &want_access);
-  grant_table_role= grant->grant_table_role;
+  check_grant_column_int(grant->grant_table_role, name, length, &want_access);
 
-  if (!grant_table && !grant_table_role)
+  mysql_rwlock_unlock(&LOCK_grant);
-    goto err;
-
-  if (grant_table)
-  {
-    grant_column= column_hash_search(grant_table, name, length);
-    if (grant_column)
-    {
-      want_access&= ~grant_column->rights;
-    }
-  }
-  if (grant_table_role)
-  {
-    grant_column= column_hash_search(grant_table_role, name, length);
-    if (grant_column)
-    {
-      want_access&= ~grant_column->rights;
-    }
-  }
   if (!want_access)
-  {
-    mysql_rwlock_unlock(&LOCK_grant);
     DBUG_RETURN(0);
-  }
 
-err:
-  mysql_rwlock_unlock(&LOCK_grant);
   char command[128];
   get_privilege_desc(command, sizeof(command), want_access);
   /* TODO perhaps error should print current rolename aswell */
-  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0),
+  my_error(ER_COLUMNACCESS_DENIED_ERROR, MYF(0), command, sctx->priv_user,
-           command,
+           sctx->host_or_ip, name, table_name);
-           sctx->priv_user,
-           sctx->host_or_ip,
-           name,
-           table_name);
   DBUG_RETURN(1);
 }
 

sql/sql_base.cc

@@ -8306,15 +8306,11 @@ bool setup_tables(THD *thd, Name_resolution_context *context,
     FALSE ok;  In this case *map will include the chosen index
     TRUE  error
 */
-bool setup_tables_and_check_access(THD *thd, 
+bool setup_tables_and_check_access(THD *thd, Name_resolution_context *context,
-                                   Name_resolution_context *context,
                                    List<TABLE_LIST> *from_clause,
-                                   TABLE_LIST *tables,
+                                   TABLE_LIST *tables, List<TABLE_LIST> &leaves,
-                                   List<TABLE_LIST> &leaves,
+                                   bool select_insert, ulong want_access_first,
-                                   bool select_insert,
+                                   ulong want_access, bool full_table_list)
-                                   ulong want_access_first,
-                                   ulong want_access,
-                                   bool full_table_list)
 {
   DBUG_ENTER("setup_tables_and_check_access");
 

sql/sql_update.cc

@@ -1119,8 +1119,7 @@ bool mysql_prepare_update(THD *thd, TABLE_LIST *table_list,
     DBUG_RETURN(TRUE);
 
   if (setup_tables_and_check_access(thd, &select_lex->context, 
-                                    &select_lex->top_join_list,
+                                    &select_lex->top_join_list, table_list,
-                                    table_list,
                                     select_lex->leaf_tables,
                                     FALSE, UPDATE_ACL, SELECT_ACL, TRUE) ||
       setup_conds(thd, table_list, select_lex->leaf_tables, conds) ||