From 8317fec7452c565f4a21ed18f315ce32f4c9c994 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Tue, 21 May 2019 18:25:07 +0300
Subject: [PATCH] MXS-2496: Check for ALL PRIVILEGES grant

If a user has ALL PRIVILEGES as a global privilege, it overshadows the
SHOW DATABASES grant.
---
 server/modules/authenticator/MySQLAuth/dbusers.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/server/modules/authenticator/MySQLAuth/dbusers.cc b/server/modules/authenticator/MySQLAuth/dbusers.cc
index d8319ef18..69f17ac35 100644
--- a/server/modules/authenticator/MySQLAuth/dbusers.cc
+++ b/server/modules/authenticator/MySQLAuth/dbusers.cc
@@ -823,8 +823,10 @@ static bool check_server_permissions(SERVICE* service,
 
             for (MYSQL_ROW row = mysql_fetch_row(res); row; row = mysql_fetch_row(res))
             {
-                if (strcasestr(row[0], "SHOW DATABASES"))
+                if (strcasestr(row[0], "SHOW DATABASES") || strcasestr(row[0], "ALL PRIVILEGES ON *.*"))
                 {
+                    // GRANT ALL PRIVILEGES ON *.* will overwrite SHOW DATABASES so it needs to be checked
+                    // separately
                     found = true;
                     break;
                 }