grant.pl

开启mysql的远程连接的方法 mysql-noinstall-5.1.6-alpha-win32.zip

#!/usr/bin/perl
#
# Testing of grants.
# Note that this will delete all table and column grants !
#

use DBI;
use Getopt::Long;
use strict;

use vars qw($dbh $user_dbh $opt_help $opt_Information $opt_force $opt_debug
	    $opt_verbose $opt_server $opt_root_user $opt_password $opt_user
	    $opt_database $opt_host $version $user $tables_cols $columns_cols
	    $tmp_table $opt_silent);

$version="1.1";
$opt_help=$opt_Information=$opt_force=$opt_debug=$opt_verbose=$opt_silent=0;
$opt_host="localhost",
$opt_server="mysql";
$opt_root_user="root";
$opt_password="";
$opt_user="grant_user";
$opt_database="grant_test";

GetOptions("Information","help","server=s","root-user=s","password=s","user","database=s","force","host=s","debug","verbose","silent") || usage();
usage() if ($opt_help || $opt_Information);

$user="$opt_user\@$opt_host";

if (!$opt_force)
{
  print_info()
}

$|=1;

$tables_cols="Host, Db, User, Table_name, Grantor, Table_priv, Column_priv";
$columns_cols="Host, Db, User, Table_name, Column_name, Column_priv";
$tmp_table="/tmp/mysql-grant.test"; # Can't use $$ as we are logging result
unlink($tmp_table);

#
# clear grant tables
#

$dbh = DBI->connect("DBI:mysql:mysql:$opt_host",
		    $opt_root_user,$opt_password,
		    { PrintError => 0}) || die "Can't connect to mysql server with user '$opt_root_user': $DBI::errstr\n";

safe_query("delete from user where user='$opt_user' or user='${opt_user}2'");
safe_query("delete from db where user='$opt_user'");
safe_query("delete from tables_priv");
safe_query("delete from columns_priv");
safe_query("lock tables mysql.user write"); # Test lock tables
safe_query("flush privileges");
safe_query("unlock tables");	     # should already be unlocked
safe_query("drop database $opt_database",3);	# Don't print possible error
safe_query("create database $opt_database");

# check that the user can't login yet

user_connect(1);
#goto test;

#
# Enable column grant code
#
safe_query("grant select(user) on mysql.user to $user");
safe_query("revoke select(user) on mysql.user from $user");

#
# Test grants on user level
#

safe_query("grant select on *.* to $user");
safe_query("set password FOR ${opt_user}2\@$opt_host = password('test')",1);
safe_query("set password FOR $opt_user\@$opt_host=password('test')");
user_connect(1);
safe_query("set password FOR $opt_user\@$opt_host=''");
user_connect(0);
user_query("select * from mysql.user where user = '$opt_user'");
user_query("select * from mysql.db where user = '$opt_user'");
safe_query("grant select on *.* to $user,$user");
safe_query("show grants for $user");
user_connect(0);

# The following should fail
user_query("insert into mysql.user (host,user) values ('error','$opt_user')",1);
user_query("update mysql.user set host='error' WHERE user='$opt_user'",1);
user_query("create table $opt_database.test (a int,b int)",1);
user_query("grant select on *.* to ${opt_user}2\@$opt_host",1);
safe_query("revoke select on $opt_database.test from $opt_user\@opt_host",1);
safe_query("revoke select on $opt_database.* from $opt_user\@opt_host",1);
safe_query("revoke select on *.* from $opt_user",1);
safe_query("grant select on $opt_database.not_exists to $opt_user",1);
safe_query("grant FILE on $opt_database.test to $opt_user",1);
safe_query("grant select on *.* to wrong___________user_name",1);
safe_query("grant select on $opt_database.* to wrong___________user_name",1);
user_connect(0);
user_query("grant select on $opt_database.test to $opt_user with grant option",1);
safe_query("set password FOR ''\@''=''",1);
user_query("set password FOR root\@$opt_host = password('test')",1);

# Change privileges for user
safe_query("revoke select on *.* from $user");
safe_query("grant create,update on *.* to $user");
user_connect(0);
safe_query("flush privileges");
user_query("create table $opt_database.test (a int,b int)");
user_query("update $opt_database.test set b=b+1 where a > 0",1);
safe_query("show grants for $user");
safe_query("revoke update on *.* from $user");
user_connect(0);
safe_query("grant select(c) on $opt_database.test to $user",1);
safe_query("revoke select(c) on $opt_database.test from $user",1);
safe_query("grant select on $opt_database.test to wrong___________user_name",1);
user_query("INSERT INTO $opt_database.test values (2,0)",1);

safe_query("grant ALL PRIVILEGES on *.* to $user");
safe_query("REVOKE INSERT on *.* from $user");
user_connect(0);
user_query("INSERT INTO $opt_database.test values (1,0)",1);
safe_query("grant INSERT on *.* to $user");
user_connect(0);
user_query("INSERT INTO $opt_database.test values (2,0)");
user_query("select count(*) from $opt_database.test");
safe_query("revoke SELECT on *.* from $user");
user_connect(0);
user_query("select count(*) from $opt_database.test",1);
user_query("INSERT INTO $opt_database.test values (3,0)");
safe_query("grant SELECT on *.* to $user");
user_connect(0);
user_query("select count(*) from $opt_database.test");
safe_query("revoke ALL PRIVILEGES on *.* from $user");
user_connect(1);
safe_query("delete from user where user='$opt_user'");
safe_query("flush privileges");
if (0)				# Only if no anonymous user on localhost.
{
  safe_query("grant select on *.* to $opt_user");
  user_connect(0);
  safe_query("revoke select on *.* from $opt_user");
  user_connect(1);
}
safe_query("delete from user where user='$opt_user'");
safe_query("flush privileges");

#
# Test grants on database level
#
safe_query("grant select on $opt_database.* to $user");
safe_query("select * from mysql.user where user = '$opt_user'");
safe_query("select * from mysql.db where user = '$opt_user'");
user_connect(0);
user_query("select count(*) from $opt_database.test");
# The following should fail
user_query("select * from mysql.user where user = '$opt_user'",1);
user_query("insert into $opt_database.test values (4,0)",1);
user_query("update $opt_database.test set a=1",1); 
user_query("delete from $opt_database.test",1); 
user_query("create table $opt_database.test2 (a int)",1);
user_query("ALTER TABLE $opt_database.test add c int",1);
user_query("CREATE INDEX dummy ON $opt_database.test (a)",1);
user_query("drop table $opt_database.test",1);
user_query("grant ALL PRIVILEGES on $opt_database.* to ${opt_user}2\@$opt_host",1);

# Change privileges for user
safe_query("grant ALL PRIVILEGES on $opt_database.* to $user WITH GRANT OPTION");
user_connect(0);
user_query("insert into $opt_database.test values (5,0)");
safe_query("REVOKE ALL PRIVILEGES on * from $user",1);
safe_query("REVOKE ALL PRIVILEGES on *.* from $user");
safe_query("REVOKE ALL PRIVILEGES on $opt_database.* from $user");
safe_query("REVOKE ALL PRIVILEGES on $opt_database.* from $user");
user_connect(0);
user_query("insert into $opt_database.test values (6,0)",1);
safe_query("REVOKE GRANT OPTION on $opt_database.* from $user");
user_connect(1);
safe_query("grant ALL PRIVILEGES on $opt_database.* to $user");

user_connect(0);
user_query("select * from mysql.user where user = '$opt_user'",1);
user_query("insert into $opt_database.test values (7,0)");
user_query("update $opt_database.test set a=3 where a=2"); 
user_query("delete from $opt_database.test where a=3"); 
user_query("create table $opt_database.test2 (a int not null)");
user_query("alter table $opt_database.test2 add b int");
user_query("create index dummy on $opt_database.test2 (a)");
user_query("update test,test2 SET test.a=test2.a where test.a=test2.a");
user_query("drop table $opt_database.test2");
user_query("show tables from grant_test");
# These should fail
user_query("insert into mysql.user (host,user) values ('error','$opt_user',0)",1);

# Revoke database privileges
safe_query("revoke ALL PRIVILEGES on $opt_database.* from $user");
safe_query("select * from mysql.user where user = '$opt_user'");
safe_query("select * from mysql.db where user = '$opt_user'");

# Test multi-updates
safe_query("grant CREATE,UPDATE,DROP on $opt_database.* to $user");
user_connect(0);
user_query("create table $opt_database.test2 (a int not null)");
user_query("update test,test2 SET test.a=1 where 1",1);
user_query("update test,test2 SET test.a=test2.a where 1",1);
safe_query("grant SELECT on $opt_database.* to $user");
user_connect(0);
user_query("update test,test2 SET test.a=test2.a where test2.a=test.a");
user_query("drop table $opt_database.test2");

# Revoke database privileges
safe_query("revoke ALL PRIVILEGES on $opt_database.* from $user");
user_connect(1);

#
# Test of grants on table level
#

safe_query("grant create on $opt_database.test2 to $user");
user_connect(0);
user_query("create table $opt_database.test2 (a int not null)");
user_query("show tables");	# Should only show test, not test2
user_query("show columns from test",1);
user_query("show keys from test",1);
user_query("show columns from test2");
user_query("show keys from test2");
user_query("select * from test",1);
safe_query("grant insert on $opt_database.test to $user");
user_query("show tables");
user_query("insert into $opt_database.test values (8,0)");
user_query("update $opt_database.test set b=1",1);
safe_query("grant update on $opt_database.test to $user");
user_query("update $opt_database.test set b=2");

user_query("update $opt_database.test,test2 SET test.b=3",1);
safe_query("grant select on $opt_database.test2 to $user");
user_query("update $opt_database.test,test2 SET test.b=3");
safe_query("revoke select on $opt_database.test2 from $user");

user_query("delete from $opt_database.test",1);
safe_query("grant delete on $opt_database.test to $user");
user_query("delete from $opt_database.test where a=1",1);
user_query("update $opt_database.test set b=3 where b=1",1);
user_query("update $opt_database.test set b=b+1",1);
user_query("update $opt_database.test,test2 SET test.a=test2.a",1);

#
# Test global SELECT privilege combined with table level privileges
#

safe_query("grant SELECT on *.* to $user");
user_connect(0);
user_query("update $opt_database.test set b=b+1");
user_query("update $opt_database.test set b=b+1 where a > 0");
user_query("update $opt_database.test,test2 SET test.a=test2.a");
user_query("update $opt_database.test,test2 SET test2.a=test.a",1);
safe_query("revoke SELECT on *.* from $user");
safe_query("grant SELECT on $opt_database.* to $user");
user_connect(0);
user_query("update $opt_database.test set b=b+1");
user_query("update $opt_database.test set b=b+1 where a > 0");
safe_query("grant UPDATE on *.* to $user");
user_connect(0);
user_query("update $opt_database.test set b=b+1");
user_query("update $opt_database.test set b=b+1 where a > 0");
safe_query("revoke UPDATE on *.* from $user");
safe_query("revoke SELECT on $opt_database.* from $user");
user_connect(0);
user_query("update $opt_database.test set b=b+1 where a > 0",1);
user_query("update $opt_database.test set b=b+1",1);

# Add one privilege at a time until the user has all privileges
user_query("select * from test",1);
safe_query("grant select on $opt_database.test to $user");
user_query("delete from $opt_database.test where a=1");
user_query("update $opt_database.test set b=2 where b=1");
user_query("update $opt_database.test set b=b+1");
user_query("select count(*) from test");
user_query("update test,test2 SET test.b=4",1);
user_query("update test,test2 SET test2.a=test.a",1);
user_query("update test,test2 SET test.a=test2.a",1);

user_query("create table $opt_database.test3 (a int)",1);
user_query("alter table $opt_database.test2 add c int",1);
safe_query("grant alter on $opt_database.test2 to $user");
user_query("alter table $opt_database.test2 add c int");
user_query("create index dummy ON $opt_database.test (a)",1);
safe_query("grant index on $opt_database.test2 to $user");
user_query("create index dummy ON $opt_database.test2 (a)");
user_query("insert into test2 SELECT a,a from test",1);
safe_query("grant insert on test2 to $user",1);	# No table: mysql.test2
safe_query("grant insert(a) on $opt_database.test2 to $user");
user_query("insert into test2 SELECT a,a from test",1);
safe_query("grant insert(c) on $opt_database.test2 to $user");
user_query("insert into test2 SELECT a,a from test");
user_query("select count(*) from test2,test",1);
user_query("select count(*) from test,test2",1);
user_query("replace into test2 SELECT a from test",1);
safe_query("grant update on $opt_database.test2 to $user");
user_query("update test,test2 SET test2.a=test.a");
user_query("update test,test2 SET test.b=test2.a where 0",1);
user_query("update test,test2 SET test.a=2 where test2.a>100",1);
user_query("update test,test2 SET test.a=test2.a",1);
user_query("replace into test2 SELECT a,a from test",1);
safe_query("grant DELETE on $opt_database.test2 to $user");
user_query("replace into test2 SELECT a,a from test");
user_query("insert into test (a) SELECT a from test2",1);
safe_query("grant SELECT on $opt_database.test2 to $user");
user_query("update test,test2 SET test.b=test2.a where 0");
user_query("update test,test2 SET test.a=test2.a where test2.a>100");

safe_query("revoke UPDATE on $opt_database.test2 from $user");
safe_query("grant UPDATE (c) on $opt_database.test2 to $user");
user_query("update test,test2 SET test.b=test2.a where 0");
user_query("update test,test2 SET test.a=test2.a where test2.a>100");
user_query("update test,test2 SET test2.a=test2.a where test2.a>100",1);
user_query("update test,test2 SET test2.c=test2.a where test2.a>100");

safe_query("revoke SELECT,UPDATE on $opt_database.test2 from $user");
safe_query("grant UPDATE on $opt_database.test2 to $user");

user_query("drop table $opt_database.test2",1);
user_query("grant select on $opt_database.test2 to $user with grant option",1);
safe_query("grant drop on $opt_database.test2 to $user with grant option");
user_query("grant drop on $opt_database.test2 to $user with grant option");
user_query("grant select on $opt_database.test2 to $user with grant option",1);

# check rename privileges
user_query("rename table $opt_database.test2 to $opt_database.test3",1);
safe_query("grant CREATE,DROP on $opt_database.test3 to $user");
user_query("rename table $opt_database.test2 to $opt_database.test3",1);
user_query("create table $opt_database.test3 (a int)");
safe_query("grant INSERT on $opt_database.test3 to $user");
user_query("drop table $opt_database.test3");
user_query("rename table $opt_database.test2 to $opt_database.test3");
user_query("rename table $opt_database.test3 to $opt_database.test2",1);
safe_query("grant ALTER on $opt_database.test3 to $user");
user_query("rename table $opt_database.test3 to $opt_database.test2");
safe_query("revoke DROP on $opt_database.test2 from $user");
user_query("rename table $opt_database.test2 to $opt_database.test3");
user_query("drop table if exists $opt_database.test2,$opt_database.test3",1);
safe_query("drop table if exists $opt_database.test2,$opt_database.test3");

# Check that the user doesn't have some user privileges
user_query("create database $opt_database",1);
user_query("drop database $opt_database",1);
user_query("flush tables",1);
safe_query("flush privileges");

safe_query("select $tables_cols from mysql.tables_priv");
safe_query("revoke ALL PRIVILEGES on $opt_database.test from $user");
safe_query("revoke ALL PRIVILEGES on $opt_database.test2 from $user");
safe_query("revoke ALL PRIVILEGES on $opt_database.test3 from $user");
safe_query("revoke GRANT OPTION on $opt_database.test2 from $user");
safe_query("select $tables_cols from mysql.tables_priv");
user_query("select count(a) from test",1);

#
# Test some grants on column level
#

safe_query("grant create,update on $opt_database.test2 to $user");
user_query("create table $opt_database.test2 (a int not null)");
user_query("delete from $opt_database.test where a=2",1);
user_query("delete from $opt_database.test where A=2",1);
user_query("update test set b=5 where b>0",1);
user_query("update test,test2 SET test.b=5 where b>0",1);