GIF89a; Mini Shell

Mini Shell

Direktori : /usr/share/mysql-test/suite/funcs_1/r/
Upload File :
Current File : //usr/share/mysql-test/suite/funcs_1/r/innodb_trig_03e.result

USE test;

Testcase for db level:
----------------------
drop database if exists priv_db;
drop database if exists no_priv_db;
create database priv_db;
create database no_priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
grant select on priv_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT ON `priv_db`.* TO 'test_yesprivs'@'localhost'
create User test_noprivs@localhost;
set password for test_noprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
grant select,insert on priv_db.* to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT ON `priv_db`.* TO 'test_noprivs'@'localhost'

no trigger privilege on db level for create:
--------------------------------------------
use priv_db;
create trigger trg1_1 before INSERT on t1 for each row
set new.f1 = 'trig 1_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
use priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'

trigger privilege on db level for create:
-----------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-yes';
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-yes');
ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't1'
select f1 from t1 order by f1;
f1
insert-yes
select current_user;
current_user
root@localhost
grant UPDATE on priv_db.* to test_yesprivs@localhost;
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_2-yes
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_2-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.* from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, UPDATE ON `priv_db`.* TO 'test_yesprivs'@'localhost'

no trigger privilege on db level for drop:
------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
test_noprivs@localhost
use priv_db;

no trigger privilege at activation time:
----------------------------------------
insert into t1 (f1) values ('insert-yes');
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
insert-yes
trig 1_2-yes
trig 1_2-yes

trigger privilege at activation time:
-------------------------------------
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes

trigger privilege on db level for drop:
---------------------------------------
select current_user;
current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, UPDATE, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

takes effect after use priv_db:
-------------------------------
use priv_db;
drop trigger trg1_2;
select current_user;
current_user
root@localhost
use priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
insert-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes

switch to db without having trigger priv for it:
------------------------------------------------
use no_priv_db;
create table t1 (f1 char(20)) engine= innodb;
grant SELECT,UPDATE on no_priv_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, UPDATE, TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT, UPDATE ON `no_priv_db`.* TO 'test_yesprivs'@'localhost'

use db with trigger privilege on db level and without...:
---------------------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use no_priv_db;
create trigger trg1_3 before INSERT  on t1 for each row
set new.f1 = 'trig 1_3-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
use priv_db;
create trigger trg1_3 before INSERT  on t1 for each row
set new.f1 = 'trig 1_3-yes';
use no_priv_db;
create trigger trg1_4 before UPDATE  on t1 for each row
set new.f1 = 'trig 1_4-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
use priv_db;
create trigger trg1_4 before UPDATE  on t1 for each row
set new.f1 = 'trig 1_4-yes';
select current_user;
current_user
test_noprivs@localhost
use no_priv_db;
ERROR 42000: Access denied for user 'test_noprivs'@'localhost' to database 'no_priv_db'
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
insert-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
trig 1_3-yes
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
insert-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
trig 1_3-yes
trig 1_3-yes
select current_user;
current_user
test_yesprivs@localhost
use no_priv_db;
drop trigger trg1_3;
ERROR HY000: Trigger does not exist
use priv_db;
drop trigger trg1_3;
use no_priv_db;
drop trigger trg1_4;
ERROR HY000: Trigger does not exist
use priv_db;
drop trigger trg1_4;
select current_user;
current_user
root@localhost
drop table priv_db.t1;
drop table no_priv_db.t1;
drop database if exists priv_db;
drop database if exists no_priv_db;
drop user test_yesprivs@localhost;
drop user test_noprivs@localhost;

#########      Testcase for table level:   ########
---------------------------------------------------
drop database if exists priv_db;
create database priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
create User test_noprivs@localhost;
set password for test_noprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;

no trigger privilege on table level for create:
-----------------------------------------------
select current_user;
current_user
root@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
grant  select, insert, update on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
grant select, update, insert on priv_db.t1 to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
show tables;
Tables_in_priv_db
t1
create trigger trg1_1 before INSERT on t1 for each row
set new.f1 = 'trig 1_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert1-yes');
select f1 from t1 order by f1;
f1
insert1-yes
select current_user;
current_user
root@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
show tables;
Tables_in_priv_db
t1
insert into t1 (f1) values ('insert2-yes');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

trigger privilege on table level for create:
--------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-yes';
select current_user;
current_user
test_noprivs@localhost
insert into t1 (f1) values ('insert3-no');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
insert into t1 (f1) values ('insert4-no');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
trig 1_2-yes
trig 1_2-yes
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'

no trigger privilege on table level for drop:
---------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
drop trigger trg1_2;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'

no trigger privilege at activation time:
----------------------------------------
select current_user;
current_user
test_noprivs@localhost
insert into t1 (f1) values ('insert5-no');
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
trig 1_2-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;

trigger privilege at activation time:
-------------------------------------
select current_user;
current_user
test_noprivs@localhost
insert into t1 (f1) values ('insert6-no');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes

trigger privilege on table level for drop:
------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
drop trigger trg1_2;
select current_user;
current_user
test_noprivs@localhost
insert into t1 (f1) values ('insert7-yes');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
insert7-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
insert into t1 (f1) values ('insert8-yes');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
insert7-yes
insert8-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes

switch to table without having trigger priv for it:
---------------------------------------------------
create table t2 (f1 char(20)) engine= innodb;
grant SELECT, INSERT, UPDATE on priv_db.t2 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
grant SELECT, INSERT, UPDATE on priv_db.t2 to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_noprivs'@'localhost'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t2` TO 'test_noprivs'@'localhost'

use table with trigger privilege and without...:
------------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
create trigger trg2_1 before INSERT  on t2 for each row
set new.f1 = 'trig 2_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
create trigger trg1_3 before INSERT  on t1 for each row
set new.f1 = 'trig 1_3-yes';
create trigger trg2_2 before UPDATE  on t2 for each row
set new.f1 = 'trig 2_2-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
create trigger trg1_4 before UPDATE  on t1 for each row
set new.f1 = 'trig 1_4-yes';
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
trg1_3	INSERT	t1	set new.f1 = 'trig 1_3-yes'	BEFORE	NULL	NO_ENGINE_SUBSTITUTION	test_yesprivs@localhost	latin1	latin1_swedish_ci	latin1_swedish_ci
trg1_4	UPDATE	t1	set new.f1 = 'trig 1_4-yes'	BEFORE	NULL	NO_ENGINE_SUBSTITUTION	test_yesprivs@localhost	latin1	latin1_swedish_ci	latin1_swedish_ci
select current_user;
current_user
test_noprivs@localhost
insert into t2 (f1) values ('insert9-yes');
select f1 from t2 order by f1;
f1
insert9-yes
insert into t1 (f1) values ('insert10-no');
select f1 from t1 order by f1;
f1
insert1-yes
insert2-yes
insert7-yes
insert8-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
trig 1_3-yes
select current_user;
current_user
test_yesprivs@localhost
drop trigger trg2_1;
ERROR HY000: Trigger does not exist
drop trigger trg1_3;
drop trigger trg2_2;
ERROR HY000: Trigger does not exist
drop trigger trg1_4;
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop user test_yesprivs@localhost;
drop user test_noprivs@localhost;

#### Testcase for mix of user(global) and db level: ####
--------------------------------------------------------
drop database if exists priv_db;
drop database if exists no_priv_db;
create database priv_db;
create database no_priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
use no_priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
grant ALL  on *.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT ALL PRIVILEGES ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
create User test_noprivs@localhost;
set password for test_noprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
grant SELECT,INSERT  on *.* to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT SELECT, INSERT ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
select current_user;
current_user
test_yesprivs@localhost

trigger privilege on user level for create:
-------------------------------------------
use priv_db;
create trigger trg1_1 before INSERT  on t1 for each row
set new.f1 = 'trig 1_1-yes';
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
use no_priv_db;
create trigger priv_db.trg1_5 before UPDATE  on priv_db.t1
for each row
set new.f1 = 'trig 1_5-yes';
insert into priv_db.t1 (f1) values ('insert-no');
select f1 from priv_db.t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
drop trigger priv_db.trg1_5;
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
revoke TRIGGER on *.* from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, CREATE TABLESPACE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
select * from information_schema.triggers;
TRIGGER_CATALOG	TRIGGER_SCHEMA	TRIGGER_NAME	EVENT_MANIPULATION	EVENT_OBJECT_CATALOG	EVENT_OBJECT_SCHEMA	EVENT_OBJECT_TABLE	ACTION_ORDER	ACTION_CONDITION	ACTION_STATEMENT	ACTION_ORIENTATION	ACTION_TIMING	ACTION_REFERENCE_OLD_TABLE	ACTION_REFERENCE_NEW_TABLE	ACTION_REFERENCE_OLD_ROW	ACTION_REFERENCE_NEW_ROW	CREATED	SQL_MODE	DEFINER	CHARACTER_SET_CLIENT	COLLATION_CONNECTION	DATABASE_COLLATION
drop trigger trg1_1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
root@localhost
show grants;
Grants for root@localhost
GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION
drop trigger trg1_1;
use priv_db;

no trigger privilege on db level for create:
--------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
create trigger trg1_1 before INSERT on t1 for each row
set new.f1 = 'trig 1_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, CREATE TABLESPACE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'

trigger privilege on db level for create:
-----------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-yes';
create trigger no_priv_db.trg1_9 before insert on no_priv_db.t1
for each row
set new.f1 = 'trig 1_9-yes';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
use no_priv_db;
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
create trigger priv_db.trg1_9 before UPDATE on priv_db.t1
for each row
set new.f1 = 'trig 1_9-yes';
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
use no_priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
drop trigger priv_db.trg1_9;
ERROR 42000: TRIGGER command denied to user 'test_noprivs'@'localhost' for table 't1'
select current_user;
current_user
root@localhost
drop trigger priv_db.trg1_9;
revoke TRIGGER on priv_db.* from test_yesprivs@localhost;
use priv_db;
insert into t1 (f1) values ('insert-yes');
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
insert-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
grant TRIGGER on *.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT ALL PRIVILEGES ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
select current_user;
current_user
test_yesprivs@localhost
use no_priv_db;
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
trig 1_2-yes
use no_priv_db;
insert into t1 (f1) values ('insert-yes');
select f1 from t1 order by f1;
f1
insert-yes
insert-yes
select current_user;
current_user
test_yesprivs@localhost
use no_priv_db;
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-yes';
select current_user;
current_user
test_noprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
use no_priv_db;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
insert-yes
insert-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop database if exists no_priv_db;
drop database if exists h1;
drop user test_yesprivs@localhost;
drop user test_noprivs@localhost;
call mtr.add_suppression("Did not write failed .* into binary log while "
                         "storing table level and column level grants "
                         "in the privilege tables.");

####### Testcase for mix of db and table level: #######
-------------------------------------------------------
drop database if exists priv1_db;
drop database if exists priv2_db;
create database priv1_db;
create database priv2_db;
use priv1_db;
create table t1 (f1 char(20)) engine= innodb;
create table t2 (f1 char(20)) engine= innodb;
use priv2_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
grant ALL  on priv1_db.* to test_yesprivs@localhost;
grant SELECT,UPDATE on priv2_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'
create User test_noprivs@localhost;
set password for test_noprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
grant SELECT,INSERT,UPDATE on priv1_db.* to test_noprivs@localhost;
grant SELECT,INSERT on priv2_db.* to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv1_db`.* TO 'test_noprivs'@'localhost'
GRANT SELECT, INSERT ON `priv2_db`.* TO 'test_noprivs'@'localhost'
use priv1_db;
use priv1_db;

trigger privilege on one db1 db level, not on db2
-------------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use priv1_db;
create trigger trg1_1 before INSERT  on t1 for each row
set new.f1 = 'trig 1_1-yes';
create trigger trg2_1 before INSERT  on t2 for each row
set new.f1 = 'trig 2_1-yes';
use priv2_db;
create trigger trg1_1 before INSERT  on t1 for each row
set new.f1 = 'trig1_1-yes';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
test_noprivs@localhost
insert into t1 (f1) values ('insert1_no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
insert into t2 (f1) values ('insert1_no');
select f1 from t2 order by f1;
f1
trig 2_1-yes
insert into priv2_db.t1 (f1) values ('insert21-yes');
select f1 from priv2_db.t1 order by f1;
f1
insert21-yes
use priv2_db;
insert into t1 (f1) values ('insert1_yes');
select f1 from t1 order by f1;
f1
insert1_yes
insert21-yes
insert into priv1_db.t1 (f1) values ('insert11-no');
select f1 from priv1_db.t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
insert into priv1_db.t2 (f1) values ('insert22-no');
select f1 from priv1_db.t2 order by f1;
f1
trig 2_1-yes
trig 2_1-yes

revoke trigger privilege on table level (not existing)
------------------------------------------------------
select current_user;
current_user
root@localhost
use priv1_db;
revoke TRIGGER on priv1_db.t1 from test_yesprivs@localhost;
ERROR 42000: There is no such grant defined for user 'test_yesprivs' on host 'localhost' on table 't1'
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
drop trigger trg1_1;
ERROR HY000: Trigger does not exist
drop trigger trg2_1;
ERROR HY000: Trigger does not exist
use priv1_db;
drop trigger trg1_1;
drop trigger trg2_1;
select current_user;
current_user
root@localhost
use priv1_db;
revoke TRIGGER on priv1_db.* from test_yesprivs@localhost;

no trigger privilege on table level for create:
-----------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
use priv1_db;
create trigger trg1_1 before INSERT on t1 for each row
set new.f1 = 'trig 1_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
root@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
grant TRIGGER on priv1_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT ON `priv1_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'
GRANT TRIGGER ON `priv1_db`.`t1` TO 'test_yesprivs'@'localhost'

trigger privilege on table level for create:
--------------------------------------------
select current_user;
current_user
test_yesprivs@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
create trigger trg1_2 before INSERT  on t1 for each row
set new.f1 = 'trig 1_2-yes';
create trigger trg2_1 before INSERT  on t2 for each row
set new.f1 = 'trig 2_1-no';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
select current_user;
current_user
test_noprivs@localhost
use priv1_db;
insert into t1 (f1) values ('insert2-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
insert into t2 (f1) values ('insert2-yes');
select f1 from t2 order by f1;
f1
insert2-yes
trig 2_1-yes
trig 2_1-yes
insert into priv2_db.t1 (f1) values ('insert22-yes');
select f1 from priv2_db.t1 order by f1;
f1
insert1_yes
insert21-yes
insert22-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv1_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT ALL PRIVILEGES ON `priv1_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT, UPDATE ON `priv2_db`.* TO 'test_yesprivs'@'localhost'
GRANT TRIGGER ON `priv1_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
create trigger trg2_1 before INSERT  on t2 for each row
set new.f1 = 'trig 2_1-yes';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
use priv1_db;
create trigger trg2_1 before INSERT  on t2 for each row
set new.f1 = 'trig 2_1-yes';
select current_user;
current_user
test_noprivs@localhost
use priv1_db;
insert into t1 (f1) values ('insert3-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
trig 1_2-yes
insert into t2 (f1) values ('insert3-no');
select f1 from t2 order by f1;
f1
insert2-yes
trig 2_1-yes
trig 2_1-yes
trig 2_1-yes
use priv2_db;
insert into priv1_db.t1 (f1) values ('insert12-no');
select f1 from priv1_db.t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_2-yes
trig 1_2-yes
trig 1_2-yes
insert into priv1_db.t2 (f1) values ('insert23-no');
select f1 from priv1_db.t2 order by f1;
f1
insert2-yes
trig 2_1-yes
trig 2_1-yes
trig 2_1-yes
trig 2_1-yes
select current_user;
current_user
test_yesprivs@localhost
drop trigger trg1_2;
drop trigger trg2_1;
select current_user;
current_user
root@localhost
drop database if exists priv1_db;
drop database if exists priv2_db;
drop user test_yesprivs@localhost;
drop user test_noprivs@localhost;

#### Testcase for trigger privilege on execution time ########
--------------------------------------------------------------
drop database if exists priv_db;
create database priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
create User test_useprivs@localhost;
set password for test_useprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
revoke ALL PRIVILEGES, GRANT OPTION FROM test_useprivs@localhost;
select current_user;
current_user
root@localhost
show triggers;
Trigger	Event	Table	Statement	Timing	Created	sql_mode	Definer	character_set_client	collation_connection	Database Collation
grant  select, insert, update ,trigger
on priv_db.t1 to test_yesprivs@localhost
with grant option;
grant  select
on priv_db.t1 to test_useprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
create trigger trg1_1 before INSERT on t1 for each row
set new.f1 = 'trig 1_1-yes';
grant insert on t1 to test_useprivs@localhost;
prepare ins1 from 'insert into t1 (f1) values (''insert1-no'')';
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
prepare ins1 from 'insert into t1 (f1) values (''insert2-no'')';
select current_user;
current_user
test_useprivs@localhost
use priv_db;
prepare ins1 from 'insert into t1 (f1) values (''insert3-no'')';
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
prepare ins1 from 'insert into t1 (f1) values (''insert4-no'')';
select current_user;
current_user
test_useprivs@localhost
prepare ins1 from 'insert into t1 (f1) values (''insert5-no'')';
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
prepare ins1 from 'insert into t1 (f1) values (''insert6-no'')';
select current_user;
current_user
test_useprivs@localhost
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
prepare ins1 from 'insert into t1 (f1) values (''insert7-no'')';
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
test_useprivs@localhost
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
test_useprivs@localhost
execute ins1;
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
deallocate prepare ins1;
select current_user;
current_user
test_useprivs@localhost
execute ins1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
deallocate prepare ins1;
select current_user;
current_user
root@localhost
grant TRIGGER on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
select current_user;
current_user
test_yesprivs@localhost
drop trigger trg1_1;
select current_user;
current_user
root@localhost
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop user test_yesprivs@localhost;
drop user test_useprivs@localhost;

#########      Testcase for definer:   ########
-----------------------------------------------
drop database if exists priv_db;
create database priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
select current_user;
current_user
root@localhost
create definer=not_ex_user@localhost trigger trg1_0
before INSERT on t1 for each row
set new.f1 = 'trig 1_0-yes';
Warnings:
Note	1449	The user specified as a definer ('not_ex_user'@'localhost') does not exist
drop trigger trg1_0;
create definer=test_yesprivs@localhost trigger trg1_0
before INSERT on t1 for each row
set new.f1 = 'trig 1_0-yes';
grant  select, insert, update
on priv_db.t1 to test_yesprivs@localhost;
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert-no');
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f1 from t1 order by f1;
f1
drop trigger trg1_0;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select current_user;
current_user
root@localhost
grant  select, insert, update ,trigger
on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_0-yes
drop trigger trg1_0;
create definer=not_ex_user@localhost trigger trg1_0
before INSERT on t1 for each row
set new.f1 = 'trig 1_0-yes';
ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation
create definer=current_user trigger trg1_1
before INSERT on t1 for each row
set new.f1 = 'trig 1_1-yes';
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_0-yes
trig 1_1-yes
create definer=test_yesprivs@localhost trigger trg1_2
before UPDATE on t1 for each row
set new.f1 = 'trig 1_2-yes';
update t1 set f1 = 'update-yes' where f1 like '%trig%';
select f1 from t1 order by f1;
f1
trig 1_2-yes
trig 1_2-yes
select current_user;
current_user
root@localhost
grant trigger on priv_db.* to test_yesprivs@localhost
with grant option;
select current_user;
current_user
test_yesprivs@localhost
show grants;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD <secret>
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost' WITH GRANT OPTION
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
create definer=not_ex_user@localhost trigger trg1_3
after UPDATE on t1 for each row
set @var1 = 'trig 1_3-yes';
ERROR 42000: Access denied; you need (at least one of) the SUPER privilege(s) for this operation
select current_user;
current_user
root@localhost
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop user test_yesprivs@localhost;

#########      Testcase for transactions:   ########
----------------------------------------------------
drop database if exists priv_db;
create database priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
select current_user;
current_user
root@localhost
grant  select, insert, update ,trigger
on priv_db.t1 to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, INSERT, UPDATE, TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
set autocommit=0;
create definer=current_user trigger trg1_1
before INSERT on t1 for each row
set new.f1 = 'trig 1_1-yes';
rollback work;
insert into t1 (f1) values ('insert-no');
select f1 from t1 order by f1;
f1
trig 1_1-yes
create definer=test_yesprivs@localhost trigger trg1_2
before UPDATE on t1 for each row
set new.f1 = 'trig 1_2-yes';
commit work;
update t1 set f1 = 'update-yes' where f1 like '%trig%';
select f1 from t1 order by f1;
f1
trig 1_2-yes
commit work;
drop trigger trg1_1;
rollback work;
drop trigger trg1_1;
ERROR HY000: Trigger does not exist
drop trigger trg1_2;
commit work;
set autocommit=1;
select current_user;
current_user
root@localhost
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop user test_yesprivs@localhost;

####### Testcase for column privileges of triggers: #######
-----------------------------------------------------------
drop database if exists priv_db;
drop database if exists no_priv_db;
create database priv_db;
use priv_db;
create table t1 (f1 char(20)) engine= innodb;
create table t2 (f1 char(20)) engine= innodb;
create User test_yesprivs@localhost;
set password for test_yesprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_yesprivs@localhost;
grant TRIGGER on priv_db.* to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
create User test_noprivs@localhost;
set password for test_noprivs@localhost = password('PWD');
revoke ALL PRIVILEGES, GRANT OPTION FROM test_noprivs@localhost;
grant SELECT,UPDATE on priv_db.* to test_noprivs@localhost;
show grants for test_noprivs@localhost;
Grants for test_noprivs@localhost
GRANT USAGE ON *.* TO 'test_noprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT, UPDATE ON `priv_db`.* TO 'test_noprivs'@'localhost'

update only on column:
----------------------
select current_user;
current_user
root@localhost
grant SELECT(f1),INSERT,UPDATE(f1) on priv_db.t1
to test_yesprivs@localhost;
grant SELECT(f1),INSERT,UPDATE(f1) on priv_db.t2
to test_yesprivs@localhost;
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert1-yes');
insert into t2 (f1) values ('insert1-yes');
create trigger trg1_1 before UPDATE on t1 for each row
set new.f1 = 'trig 1_1-yes';
create trigger trg2_1 before UPDATE on t2 for each row
set new.f1 = 'trig 2_1-yes';
select current_user;
current_user
test_noprivs@localhost
use priv_db;
select f1 from t1 order by f1;
f1
insert1-yes
update t1 set f1 = 'update1_no'
		where f1 like '%insert%';
select f1 from t1 order by f1;
f1
trig 1_1-yes
select f1 from t2 order by f1;
f1
insert1-yes
update t2 set f1 = 'update1_no'
                where f1 like '%insert%';
select f1 from t2 order by f1;
f1
trig 2_1-yes
select current_user;
current_user
root@localhost
revoke UPDATE     on priv_db.*
from test_yesprivs@localhost;
revoke UPDATE(f1) on priv_db.t2
from test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT TRIGGER ON `priv_db`.* TO 'test_yesprivs'@'localhost'
GRANT SELECT (f1), INSERT ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'
GRANT SELECT (f1), INSERT, UPDATE (f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
insert into t1 (f1) values ('insert2-yes');
insert into t2 (f1) values ('insert2-yes');
select current_user;
current_user
test_noprivs@localhost
use priv_db;
update t1 set f1 = 'update2_no'
                where f1 like '%insert%';
update t2 set f1 = 'update2_no'
                where f1 like '%insert%';
ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't2'
update t1 set f1 = 'update3_no'
                where f1 like '%insert%';
update t2 set f1 = 'update3_no'
                where f1 like '%insert%';
ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't2'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
select f1 from t2 order by f1;
f1
insert2-yes
trig 2_1-yes

check if access only on one of three columns
--------------------------------------------
select current_user;
current_user
root@localhost
alter table priv_db.t1 add f2 char(20), add f3 int;
revoke TRIGGER on priv_db.* from test_yesprivs@localhost;
grant TRIGGER,SELECT on priv_db.t1 to test_yesprivs@localhost;
grant UPDATE on priv_db.t2 to test_yesprivs@localhost;
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
insert into t1 values ('insert2-yes','insert2-yes',1);
insert into t1 values ('insert3-yes','insert3-yes',2);
select * from t1 order by f1;
f1	f2	f3
insert2-yes	insert2-yes	1
insert3-yes	insert3-yes	2
trig 1_1-yes	NULL	NULL
trig 1_1-yes	NULL	NULL
select current_user;
current_user
test_noprivs@localhost
use priv_db;
update t1 set 	f1 = 'update4-no',
f2 = 'update4-yes',
f3 = f3*10
where f2 like '%yes';
select * from t1 order by f1,f2,f3;
f1	f2	f3
trig 1_1-yes	NULL	NULL
trig 1_1-yes	NULL	NULL
trig 1_1-yes	update4-yes	10
trig 1_1-yes	update4-yes	20
select current_user;
current_user
test_yesprivs@localhost
create trigger trg1_2 after UPDATE on t1 for each row
set @f2 = 'trig 1_2-yes';
select current_user;
current_user
test_noprivs@localhost
update t1 set 	f1 = 'update5-yes',
f2 = 'update5-yes'
		where f2 like '%yes';
select * from t1 order by f1,f2,f3;
f1	f2	f3
trig 1_1-yes	NULL	NULL
trig 1_1-yes	NULL	NULL
trig 1_1-yes	update5-yes	10
trig 1_1-yes	update5-yes	20
select @f2;
@f2
trig 1_2-yes
update t1 set f1 = 'update6_no'
                where f1 like '%insert%';
update t2 set f1 = 'update6_no'
                where f1 like '%insert%';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
update t1 set f1 = 'update7_no'
                where f1 like '%insert%';
update t2 set f1 = 'update7_no'
                where f1 like '%insert%';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't2'
select f1 from t1 order by f1;
f1
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
trig 1_1-yes
select f1 from t2 order by f1;
f1
insert2-yes
trig 2_1-yes

check if rejected without trigger privilege:
--------------------------------------------
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
select current_user;
current_user
test_noprivs@localhost
update t1 set   f1 = 'update8-no',
f2 = 'update8-no'
                where f2 like '%yes';
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select * from t1 order by f1,f2,f3;
f1	f2	f3
trig 1_1-yes	NULL	NULL
trig 1_1-yes	NULL	NULL
trig 1_1-yes	update5-yes	10
trig 1_1-yes	update5-yes	20
select @f2;
@f2
trig 1_2-yes

check trigger, but not update privilege on column:
--------------------------------------------------
select current_user;
current_user
root@localhost
revoke UPDATE(f1) on priv_db.t1 from test_yesprivs@localhost;
grant TRIGGER,UPDATE(f2),UPDATE(f3) on priv_db.t1
to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT (f1), INSERT, UPDATE ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'
GRANT SELECT, SELECT (f1), INSERT, UPDATE (f3, f2), TRIGGER ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_yesprivs@localhost
use priv_db;
drop trigger trg1_1;
create trigger trg1_3 before UPDATE on t1 for each row
set new.f1 = 'trig 1_3-yes';
select current_user;
current_user
test_noprivs@localhost
use priv_db;
update t1 set   f1 = 'update9-no',
f2 = 'update9-no'
                where f2 like '%yes';
ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't1'
select * from t1 order by f1,f2,f3;
f1	f2	f3
trig 1_1-yes	NULL	NULL
trig 1_1-yes	NULL	NULL
trig 1_1-yes	update5-yes	10
trig 1_1-yes	update5-yes	20
update t1 set f3= f3+1;
ERROR 42000: UPDATE command denied to user 'test_yesprivs'@'localhost' for column 'f1' in table 't1'
select f3 from t1 order by f3;
f3
NULL
NULL
10
20
select current_user;
current_user
root@localhost
revoke TRIGGER on priv_db.t1 from test_yesprivs@localhost;
grant UPDATE(f1),UPDATE(f2),UPDATE(f3) on priv_db.t1
to test_yesprivs@localhost;
show grants for test_yesprivs@localhost;
Grants for test_yesprivs@localhost
GRANT USAGE ON *.* TO 'test_yesprivs'@'localhost' IDENTIFIED BY PASSWORD '*C49735D016A099C0CF104EF9183F374A54CA2576'
GRANT SELECT (f1), INSERT, UPDATE ON `priv_db`.`t2` TO 'test_yesprivs'@'localhost'
GRANT SELECT, SELECT (f1), INSERT, UPDATE (f3, f2, f1) ON `priv_db`.`t1` TO 'test_yesprivs'@'localhost'
select current_user;
current_user
test_noprivs@localhost
use priv_db;
update t1 set f3= f3+1;
ERROR 42000: TRIGGER command denied to user 'test_yesprivs'@'localhost' for table 't1'
select f3 from t1 order by f3;
f3
NULL
NULL
10
20

##### trigger privilege on column level? #######
------------------------------------------------
grant TRIGGER(f1) on priv_db.t1 to test_yesprivs@localhost;
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(f1) on priv_db.t1 to test_yesprivs@localhost' at line 1
select current_user;
current_user
root@localhost
drop database if exists priv_db;
drop user test_yesprivs@localhost;
drop user test_noprivs@localhost;

./BlackJoker Mini Shell 1.0