From c4bcc4ce88d97b7dc3c668beea83b443381b8594 Mon Sep 17 00:00:00 2001 From: Markus Makela Date: Mon, 15 Feb 2016 09:17:34 +0200 Subject: [PATCH] Table-level access to databases is now detected Previously the users needed at least SELECT permission on the database level to be able to connect with a default database through MaxScale. With this change, the query that retrieves the database users has been changed to also include table-level grants for users. This will allow users with grants to only some of the tables in a database to be able to connect through MaxScale with a default database. --- server/core/dbusers.c | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/server/core/dbusers.c b/server/core/dbusers.c index 4f78b7c99..e1bb3e1d2 100644 --- a/server/core/dbusers.c +++ b/server/core/dbusers.c @@ -69,8 +69,7 @@ /** MySQL 5.7 password column name */ #define MYSQL57_PASSWORD "authentication_string" -/** Alternate query templates which resolves user grants at the table level */ -#if 0 +/** Query template which resolves user grants and access to databases at the table level */ #define MYSQL_USERS_DB_QUERY_TEMPLATE \ "SELECT DISTINCT \ user.user AS user, \ @@ -87,21 +86,6 @@ mysql.tables_priv tp ON user.user=tp.user AND user.host=tp.host \ WHERE user.user IS NOT NULL AND user.user <> ''" -#else -/** Old user query templates */ -#define MYSQL_USERS_DB_QUERY_TEMPLATE "SELECT \ - user.user AS user, \ - user.host AS host, \ - user.%s AS password, \ - concat(user.user,user.host,user.%s,user.Select_priv,IFNULL(db,'')) AS userdata, \ - user.Select_priv AS anydb, \ - db.db AS db \ - FROM mysql.user LEFT JOIN mysql.db \ - ON user.user=db.user AND user.host=db.host \ - WHERE user.user IS NOT NULL " - -#endif - #define MYSQL_USERS_QUERY_TEMPLATE "SELECT \ user, host, %s, concat(user, host, %s, Select_priv) AS userdata, \ Select_priv AS anydb FROM mysql.user WHERE user.user IS NOT NULL AND user.user <> ''"