Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
2.4.4
-
None
Description
Let's say that a user has the following rule set:
{
|
"replace": {
|
"column": "COLNAME"
|
},
|
"with": {
|
"value": ".",
|
"fill": "."
|
}
|
},
|
Then the following queries are properly rejected:
> select COLNAME, upper(COLNAME) from TABNAME limit 10;
|
ERROR 1141 (HY000): The function upper is used in conjunction with a field that should be masked for 'user'@'::ffff:...', access is denied.
|
|
|
> select COLNAME from TABNAME where COLNAME like '1%' limit 10;
|
ERROR 1141 (HY000): The function upper is used in conjunction with a field that should be masked for 'user'@'::ffff:...', access is denied.
|
However, if the same columns are referred to in lowercase (and unquoted), then the filter allows the queries:
> select colname, upper(colname) from tabname limit 10;
|
|
|
> select colname from tabname where colname like '1%' limit 10;
|