Skip to content

Commit

Permalink
Merge pull request #12 from trimble-oss/additional_skips
Browse files Browse the repository at this point in the history 
Skip validation unless directly involved in auth.
  • Loading branch information
@joel-rieke
joel-rieke authored Mar 7, 2024
2 parents f08eaec + 657755d commit a6f6d95
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion sql/analyzer/privileges.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func validatePrivileges(ctx *sql.Context, a *Analyzer, n sql.Node, scope *Scope,
}

client := ctx.Session.Client()
user := mysqlDb.GetUser(client.User, client.Address, false, false)
user := mysqlDb.GetUser(client.User, client.Address, false, true)
if user == nil {
return nil, transform.SameTree, mysql.NewSQLError(mysql.ERAccessDeniedError, mysql.SSAccessDeniedError, "Access denied for user '%v'", ctx.Session.Client().User)
}
Expand Down
4 changes: 2 additions & 2 deletions sql/mysql_db/mysql_db.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,7 +384,7 @@ func (db *MySQLDb) UserActivePrivilegeSet(ctx *sql.Context) PrivilegeSet {
}

client := ctx.Session.Client()
user := db.GetUser(client.User, client.Address, false, false)
user := db.GetUser(client.User, client.Address, false, true)
if user == nil {
return NewPrivilegeSet()
}
Expand All @@ -398,7 +398,7 @@ func (db *MySQLDb) UserActivePrivilegeSet(ctx *sql.Context) PrivilegeSet {
//TODO: System variable "activate_all_roles_on_login", if set, will set all roles as active upon logging in
for _, roleEdgeEntry := range roleEdgeEntries {
roleEdge := roleEdgeEntry.(*RoleEdge)
role := db.GetUser(roleEdge.FromUser, roleEdge.FromHost, true, false)
role := db.GetUser(roleEdge.FromUser, roleEdge.FromHost, true, true)
if role != nil {
privSet.UnionWith(role.PrivilegeSet)
}
Expand Down

0 comments on commit a6f6d95

Please sign in to comment.