Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-32984

Update federated table and column privileges

    XMLWordPrintable

Details

    Description

      Side A:

      create database my_user;
      		 
      create user 'my'@'x.x.x.x' identified by '1qaz2wsx';
      		 
      use my_user;
      		 
      CREATE TABLE `users` (
      		 
        `id` int(6) NOT NULL AUTO_INCREMENT,
      		 
        `name` varchar(50) DEFAULT NULL,
      		 
        `password` varchar(50) DEFAULT NULL,
      		 
        PRIMARY KEY (`id`),
      		 
        UNIQUE KEY `name` (`name`)
      		 
      );
      		 
      GRANT INSERT, SELECT (`id`, `name`, `password`), UPDATE (`password`) ON `my_user`.`users` TO `my`@`x.x.x.x`;

      Side B:

      create database prod_db;
      		 
      create user 'prod_user' identified by '2wsx3edc';
      		 
      GRANT ALL PRIVILEGES ON prod_db.* TO 'prod_user' WITH GRANT OPTION;
      		 
      CREATE TABLE `prod_f` (
      		 
        `id` int(6) NOT NULL AUTO_INCREMENT,
      		 
        `name` varchar(50) DEFAULT NULL,
      		 
        `password` varchar(50) DEFAULT NULL,
      		 
        PRIMARY KEY (`id`),
      		 
        UNIQUE KEY `name` (`name`)
      		 
      ) ENGINE=FEDERATED DEFAULT CHARSET=utf8 CONNECTION='mysql://my:1qaz2wsx@a.a.a.a:3306/my_user/users';
      		 
      insert into prod_f (name,password) values ('test','123');


      select * from prod_f\G
      		 
            id: 1
      		 
          name: test
      		 
      password: 123
      		 
       
      		 
      UPDATE prod_f SET password='123456' WHERE name='test';
      		 
      ERROR 1296 (HY000): Got error 10000 'Error on remote system: 1143: UPDATE command denied to user 'my'@'x.x.x.x' for column 'id' in table 'users'' from FEDERATED

      Why does mariadb need permissions on the 'id' field?
      In this case, update will work if grant update permissions on the 'id' field. In mysql 5.7 this works, no permissions for 'id' are required, but in 10.x it does not.

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-38674 Assertion `marked_for_read()' failed upon UPDATE on Spider table

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            People

              serg Sergei Golubchik
              sirkliv Vladimir
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.