Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
12.1.1
-
Ubuntu 20.04 LTS, MD EPYC 7742, 128 Cores, 2.25 GHz
Description
MariaDB's documentation states that: "Executing the ALTER TABLE statement generally requires at least the ALTER privilege for the table or the database." Howerver, in practice, ALTER TABLE ... TRUNCATE PARTITION statements only require DROP privilege. Besides, the required privileges for TRUNCATE PARTITION and DROP PARTITION are not consistent (DROP PARTITION requires both DROP and ALTER privileges).
How to repeat:
-- connect as root
|
CREATE DATABASE test; |
CREATE TABLE test.t1 ( |
id INT, |
year_col INT |
)
|
PARTITION BY RANGE (year_col) ( |
PARTITION p0 VALUES LESS THAN (1991), |
PARTITION p1 VALUES LESS THAN (1995), |
PARTITION p2 VALUES LESS THAN (1999), |
PARTITION p3 VALUES LESS THAN (2003), |
PARTITION p4 VALUES LESS THAN (2007) |
);
|
INSERT INTO test.t1 VALUES (100, 100); |
CREATE USER foo; |
GRANT DROP ON test.t1 TO foo; |
|
|
-- connect as foo
|
ALTER TABLE test.t1 TRUNCATE PARTITION p0; |
-- expected behavior: ALTER command denied to user 'foo' for table 't1'
|
-- actual behavior: Query OK
|
|
|
ALTER TABLE test.t1 DROP PARTITION p0; |
-- actual behavior: ALTER command denied to user 'foo' for table 'employees'
|
|
|
-- connect as root
|
GRANT ALTER ON test.t1 TO foo; |
|
|
-- connect as foo
|
ALTER TABLE test.t1 DROP PARTITION p0; |
-- actual behavior: Query OK |