MXS-872: Also check that mysql.user.default_role exists

The column is used so it should be checked that it exists. Also altered the SQL to use statements that do not return resultsets.
2018-06-21 13:29:02 +03:00 · 2018-06-21 13:29:02 +03:00 · 0f61c4b6a4
commit 0f61c4b6a4
parent 254084fc5e
1 changed files with 6 additions and 5 deletions
--- a/server/modules/authenticator/MySQLAuth/dbusers.c
+++ b/server/modules/authenticator/MySQLAuth/dbusers.c
@ -802,17 +802,18 @@ static bool roles_are_available(MYSQL* conn, SERVICE* service, SERVER* server)
    {
        static bool log_missing_privs = true;

-        if (mxs_mysql_query(conn, "SELECT 1 FROM mysql.roles_mapping LIMIT 1") == 0)
+        if (mxs_mysql_query(conn, "SET @roles_are_available=(SELECT 1 FROM mysql.roles_mapping LIMIT 1)") == 0 &&
+            mxs_mysql_query(conn, "SET @roles_are_available=(SELECT default_role FROM mysql.user LIMIT 1)") == 0)
        {
-            mysql_free_result(mysql_store_result(conn));
            rval = true;
        }
        else if (log_missing_privs)
        {
            log_missing_privs = false;
-            MXS_WARNING("The user for service '%s' is missing the SELECT grant on "
-                        "`mysql.roles_mapping`. Use of default roles is disabled "
-                        "until the missing privileges are added.", service->name);
+            MXS_WARNING("The user for service '%s' might be missing the SELECT grant on "
+                        "`mysql.roles_mapping` or `mysql.user`. Use of default roles is disabled "
+                        "until the missing privileges are added. Error was: %s",
+                        service->name, mysql_error(conn));
        }
    }