Changeset: 99d6669aa04f for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=99d6669aa04f
Modified Files:
sql/server/sql_privileges.c
sql/test/Users/Tests/renameUser.stable.err
Branch: Oct2020
Log Message:
Test for privilege first. This fixes bug 7037
diffs (51 lines):
diff --git a/sql/server/sql_privileges.c b/sql/server/sql_privileges.c
--- a/sql/server/sql_privileges.c
+++ b/sql/server/sql_privileges.c
@@ -862,11 +862,12 @@ sql_alter_user(mvc *sql, char *user, cha
if (strNil(user))
user = NULL;
/* USER == NULL -> current_user */
- if (user != NULL && backend_find_user(sql, user) < 0)
- throw(SQL,"sql.alter_user", SQLSTATE(42M32) "ALTER USER: no
such user '%s'", user);
if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id) && user !=
NULL && strcmp(user, sqlvar_get_string(find_global_var(sql,
mvc_bind_schema(sql, "sys"), "current_user"))) != 0)
throw(SQL,"sql.alter_user", SQLSTATE(M1M05) "Insufficient
privileges to change user '%s'", user);
+
+ if (user != NULL && backend_find_user(sql, user) < 0)
+ throw(SQL,"sql.alter_user", SQLSTATE(42M32) "ALTER USER: no
such user '%s'", user);
if (schema && (schema_id = sql_find_schema(sql, schema)) < 0)
throw(SQL,"sql.alter_user", SQLSTATE(3F000) "ALTER USER: no
such schema '%s'", schema);
if (backend_alter_user(sql, user, passwd, enc, schema_id, oldpasswd) ==
FALSE)
@@ -877,13 +878,13 @@ sql_alter_user(mvc *sql, char *user, cha
char *
sql_rename_user(mvc *sql, char *olduser, char *newuser)
{
+ if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id))
+ throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "ALTER USER:
insufficient privileges to rename user '%s'", olduser);
+
if (backend_find_user(sql, olduser) < 0)
throw(SQL,"sql.rename_user", SQLSTATE(42M32) "ALTER USER: no
such user '%s'", olduser);
if (backend_find_user(sql, newuser) >= 0)
throw(SQL,"sql.rename_user", SQLSTATE(42M31) "ALTER USER: user
'%s' already exists", newuser);
- if (!admin_privs(sql->user_id) && !admin_privs(sql->role_id))
- throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "ALTER USER:
insufficient privileges to rename user '%s'", olduser);
-
if (backend_rename_user(sql, olduser, newuser) == FALSE)
throw(SQL,"sql.rename_user", SQLSTATE(M1M05) "%s", sql->errstr);
return NULL;
diff --git a/sql/test/Users/Tests/renameUser.stable.err
b/sql/test/Users/Tests/renameUser.stable.err
--- a/sql/test/Users/Tests/renameUser.stable.err
+++ b/sql/test/Users/Tests/renameUser.stable.err
@@ -40,9 +40,9 @@ ERROR = !Role (bankadmin) missing
CODE = 42000
MAPI = (april) /var/tmp/mtest-12671/.s.monetdb.35429
QUERY = ALTER USER "april2" RENAME TO "april3"; --not enough privileges
-ERROR = !ALTER USER: no such user 'april2'
-CODE = 42M32
-MAPI = (monetdb) /var/tmp/mtest-30274/.s.monetdb.37685
+ERROR = !ALTER USER: insufficient privileges to rename user 'april2'
+CODE = M1M05
+MAPI = (monetdb) /var/tmp/mtest-19061/.s.monetdb.39073
QUERY = ALTER USER "april2" RENAME TO "april";
ERROR = !ALTER USER: user 'april' already exists
CODE = 42M31
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
