Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

*: check visibility for show databases and tables #2934

Merged
merged 6 commits into from
Mar 28, 2017
Merged

*: check visibility for show databases and tables #2934

merged 6 commits into from
Mar 28, 2017

Conversation

tiancaiamao
Copy link
Contributor

show databases and show tables return just those visible to the user,
if the user doesn't have privilege, he should not see it.

@tiancaiamao tiancaiamao added the priority/P2 The issue has P2 priority. label Mar 27, 2017
shenli
shenli reviewed Mar 27, 2017
View reviewed changes
executor/show.go Outdated
// sort for tables
var tableNames []string
for _, v := range e.is.SchemaTables(e.DBName) {
// TODO: Should consider column privileges, which also make a table visible.
if checker != nil && !checker.RequestVerification(e.DBName.O, v.Meta().Name.O, "", mysql.AllPriv-1) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's mean by mysql.AllPriv-1?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All privilege bits set to 1, means any kind of privileges would be OK.

@shenli
Copy link
Member

shenli commented Mar 28, 2017

LGTM
@coocood @zimulala PTAL

coocood
coocood reviewed Mar 28, 2017
View reviewed changes
privilege/privileges/privileges.go Outdated
@@ -246,6 +246,31 @@ func (p *UserPrivileges) ConnectionVerification(user, host string, auth, salt []
return true
}

// ShowDatabase implements the Checker interface.
func (p *UserPrivileges) DBVisible(db string) bool {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/DBVisible/DBIsVisible

@zimulala
Copy link
Contributor

LGTM

coocood
coocood reviewed Mar 28, 2017
View reviewed changes
privilege/privileges/cache.go Outdated
@@ -418,6 +418,43 @@ func (p *MySQLPrivilege) RequestVerification(user, host, db, table, column strin
return false
}

// ShowDatabase checks whether the user can see the db.
func (p *MySQLPrivilege) ShowDatabase(user, host, db string) bool {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

DBIsVisible

@coocood
Copy link
Member

coocood commented Mar 28, 2017

LGTM

@tiancaiamao tiancaiamao merged commit 60ba388 into master Mar 28, 2017
@tiancaiamao tiancaiamao deleted the tiancaiamao/showdatabase-visibility branch March 28, 2017 03:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shenli shenli shenli left review comments

@coocood coocood coocood approved these changes

Assignees
No one assigned
Labels
priority/P2 The issue has P2 priority.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tiancaiamao @shenli @zimulala @coocood