1# $engine_type must point to storage engine which is all time available.
2--source include/have_innodb.inc
3let $engine_type = InnoDB;
4
5# suite/funcs_1/t/is_basics_mixed.test
6#
7# Checks of some basic properties of the INFORMATION_SCHEMA which are not
8# related to a certain INFORMATION_SCHEMA table.
9#
10# This test should not check properties related to storage engines.
11#
12# Author:
13# 2008-01-23 mleich WL#4203 Reorganize and fix the data dictionary tests of
14#                           testsuite funcs_1
15#                   Create this script based on older scripts and new code.
16#
17
18# This test is strict adjusted to the behaviour of the non embedded server.
19# Example of common differences between both servers:
20#    USE information_schema; CREATE VIEW tables AS SELECT 'garbage';
21#    non embedded server:
22#        - errname ER_DBACCESS_DENIED_ERROR
23#        - ERROR 42000: Access denied for user 'root'@'localhost' to
24#          database 'information_schema'
25#    embedded server:
26#        - errno 1
27#        - Can't create/write to file
28#          '.../var/master-data/information_schema/tables.frm~
29--source include/not_embedded.inc
30
31--source suite/funcs_1/datadict/datadict.pre
32
33
34
35# The INFORMATION_SCHEMA database must exist.
36SHOW DATABASES LIKE 'information_schema';
37
38
39--echo #######################################################################
40--echo # Testcase 3.2.1.20: USE INFORMATION_SCHEMA is supported
41--echo #######################################################################
42# Ensure that USE INFORMATION_SCHEMA allows the user to switch to the
43# INFORMATION_SCHEMA database, for query purposes only.
44#
45# Note: The "for query purposes only" is checked in other tests.
46# High privileged user (root)
47--echo # Switch to connection default
48connection default;
49USE test;
50SELECT DATABASE();
51USE information_schema;
52SELECT DATABASE();
53#
54--error 0,ER_CANNOT_USER
55DROP   USER 'testuser1'@'localhost';
56CREATE USER 'testuser1'@'localhost';
57# Low privileged user
58--echo # Establish connection testuser1 (user=testuser1)
59--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
60connect (testuser1, localhost, testuser1, , test);
61SELECT DATABASE();
62USE information_schema;
63SELECT DATABASE();
64#
65--echo # Switch to connection default and close connection testuser1
66connection default;
67disconnect testuser1;
68DROP   USER 'testuser1'@'localhost';
69
70
71--echo #######################################################################
72--echo # Testcase TBD1: The INFORMATION_SCHEMA cannot be dropped.
73--echo #######################################################################
74--error ER_DBACCESS_DENIED_ERROR
75DROP DATABASE information_schema;
76
77
78--echo #######################################################################
79--echo # Testcase TBD2: There cannot be a second database INFORMATION_SCHEMA.
80--echo #######################################################################
81--error ER_DBACCESS_DENIED_ERROR
82CREATE DATABASE information_schema;
83
84
85--echo ##################################################################################
86--echo # Testcase 3.2.1.6+3.2.1.7: No user may create an INFORMATION_SCHEMA table or view
87--echo ##################################################################################
88# 3.2.1.6 Ensure that no user may create an INFORMATION_SCHEMA base table.
89# 3.2.1.7 Ensure that no user may create an INFORMATION_SCHEMA view
90#
91
92# 1. High privileged user (root)
93--echo # Switch to connection default (user=root)
94connection default;
95--source suite/funcs_1/datadict/basics_mixed1.inc
96
97# 2. High privileged user (testuser1)
98--error 0,ER_CANNOT_USER
99DROP   USER 'testuser1'@'localhost';
100CREATE USER 'testuser1'@'localhost';
101GRANT ALL ON *.* TO testuser1@localhost;
102SHOW GRANTS FOR testuser1@localhost;
103--echo # Establish connection testuser1 (user=testuser1)
104--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
105connect (testuser1, localhost, testuser1, , test);
106--source suite/funcs_1/datadict/basics_mixed1.inc
107
108--echo # Switch to connection default (user=root) and close connection testuser1
109connection default;
110disconnect testuser1;
111DROP   USER 'testuser1'@'localhost';
112
113--echo ###############################################################################
114--echo # Testcase 3.2.1.1+3.2.1.2: INFORMATION_SCHEMA tables can be queried via SELECT
115--echo ###############################################################################
116# 3.2.1.1 Ensure that every INFORMATION_SCHEMA table can be queried with
117#         a SELECT statement, just as if it were an ordinary user-defined table.
118# 3.2.1.2 Ensure that queries on an INFORMATION_SCHEMA table can accept all
119#         SELECT statement options and are always correctly evaluated.
120#
121# Some notes(mleich):
122# - Currently here only a subset of select statement options is checked, it's
123#   still not possible to check here all possible options
124# - The content of many INFORMATION_SCHEMA tables is checked in other tests.
125# - We work here only with a subset of the columns of information_schema.tables
126#   because we want have a stable base (all time existing table, stable layout).
127--disable_warnings
128DROP DATABASE IF EXISTS db_datadict;
129--enable_warnings
130CREATE DATABASE db_datadict;
131--replace_result $engine_type <some_engine>
132eval
133CREATE TABLE db_datadict.t1_first (f1 BIGINT UNIQUE, f2 BIGINT)
134ENGINE = $engine_type;
135--replace_result $engine_type <some_engine>
136eval
137CREATE TABLE db_datadict.t1_second (f1 BIGINT UNIQUE, f2 BIGINT)
138ENGINE = $engine_type;
139
140# SELECT *
141--echo # Attention: The protocolling of the next result set is disabled.
142--disable_result_log
143SELECT * FROM information_schema.tables;
144--enable_result_log
145#
146# SELECT <some columns> + WHERE
147--sorted_result
148SELECT table_name FROM information_schema.tables
149WHERE table_schema = 'db_datadict';
150#
151# SELECT string_function(<some column>) + ORDER BY
152SELECT LENGTH(table_name) FROM information_schema.tables
153WHERE table_schema = 'db_datadict' ORDER BY table_name;
154#
155# SELECT aggregate_function(<some column>) + WHERE with LIKE
156SELECT count(table_name) FROM information_schema.tables
157WHERE table_schema LIKE 'db_datadic%';
158#
159# SELECT with addition in column list
160--sorted_result
161SELECT CAST((LENGTH(table_schema) + LENGTH(table_name)) AS DECIMAL(15,1))
162FROM information_schema.tables
163WHERE table_schema = 'db_datadict';
164#
165# WHERE with IN + LIMIT
166SELECT table_name FROM information_schema.tables
167WHERE table_name IN ('t1_first','t1_second') ORDER BY table_name LIMIT 1;
168SELECT table_name FROM information_schema.tables
169WHERE table_name IN ('t1_first','t1_second') ORDER BY table_name LIMIT 1,1;
170#
171# WHERE with AND
172SELECT table_name,table_schema AS my_col FROM information_schema.tables
173WHERE table_name = 't1_first' AND table_schema = 'db_datadict';
174#
175# SELECT HIGH_PRIORITY + WHERE with OR
176--sorted_result
177SELECT HIGH_PRIORITY table_name AS my_col FROM information_schema.tables
178WHERE table_name = 't1_first' OR table_name = 't1_second';
179#
180# Empty result set
181SELECT 1 AS my_col FROM information_schema.tables
182WHERE table_name = 't1_third';
183#
184# SELECT INTO USER VARIABLE
185SELECT table_name,table_schema INTO @table_name,@table_schema
186FROM information_schema.tables
187WHERE table_schema = 'db_datadict' ORDER BY table_name LIMIT 1;
188SELECT @table_name,@table_schema;
189#
190# SELECT INTO OUTFILE
191let $OUTFILE = $MYSQLTEST_VARDIR/tmp/datadict.out;
192--error 0,1
193remove_file $OUTFILE;
194--replace_result $OUTFILE <OUTFILE>
195eval SELECT table_name,table_schema
196INTO OUTFILE '$OUTFILE'
197FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
198LINES TERMINATED BY '\n'
199FROM information_schema.tables
200WHERE table_schema = 'db_datadict' ORDER BY table_name;
201cat_file $OUTFILE;
202remove_file $OUTFILE;
203#
204# UNION
205--sorted_result
206SELECT table_name FROM information_schema.tables
207WHERE table_name = 't1_first'
208UNION ALL
209SELECT table_name FROM information_schema.tables
210WHERE table_name = 't1_second';
211#
212# DISTINCT + SUBQUERY
213--source include/turn_off_only_full_group_by.inc
214SELECT DISTINCT table_schema FROM information_schema.tables
215WHERE table_name IN (SELECT table_name FROM information_schema.tables
216                     WHERE table_schema = 'db_datadict')
217ORDER BY table_name;
218--source include/restore_sql_mode_after_turn_off_only_full_group_by.inc
219#
220# JOIN
221SELECT table_name FROM information_schema.tables t1
222LEFT JOIN information_schema.tables t2 USING(table_name,table_schema)
223WHERE t2.table_schema = 'db_datadict'
224ORDER BY table_name;
225#
226# No schema assigned in SELECT + we are in SCHEMA test
227#    --> The table tables does not exist
228USE test;
229--error ER_NO_SUCH_TABLE
230SELECT * FROM tables;
231
232
233--echo #########################################################################
234--echo # Testcase 3.2.1.17+3.2.1.18
235--echo #########################################################################
236# 3.2.1.17: Ensure that the SELECT privilege is granted TO PUBLIC WITH GRANT
237#           OPTION on every INFORMATION_SCHEMA table.
238#
239# 3.2.1.18: Ensure that the CREATE VIEW privilege on an INFORMATION_SCHEMA table
240#           may be granted to any user.
241#
242# Note (mleich): The requirements are to some extend outdated.
243#                Every user is allowed to SELECT on the INFORMATION_SCHEMA.
244#                But the result sets depend on the privileges of the user.
245#
246--disable_warnings
247DROP DATABASE IF EXISTS db_datadict;
248--enable_warnings
249CREATE DATABASE db_datadict;
250--replace_result $engine_type <some_engine>
251eval
252CREATE TABLE db_datadict.t1 (f1 BIGINT UNIQUE, f2 BIGINT)
253ENGINE = $engine_type;
254SELECT * FROM db_datadict.t1;
255
256--error 0,ER_CANNOT_USER
257DROP   USER 'testuser1'@'localhost';
258CREATE USER 'testuser1'@'localhost';
259--error 0,ER_CANNOT_USER
260DROP   USER 'testuser2'@'localhost';
261CREATE USER 'testuser2'@'localhost';
262GRANT CREATE VIEW,SELECT ON db_datadict.* TO testuser1@localhost
263WITH GRANT OPTION;
264GRANT USAGE ON db_datadict.* TO testuser2@localhost;
265FLUSH PRIVILEGES;
266
267# Check 0: Reveal that GRANT <some privilege> ON INFORMATION_SCHEMA is no
268#          longer allowed.
269--error ER_DBACCESS_DENIED_ERROR
270GRANT SELECT on information_schema.* TO testuser1@localhost;
271--error ER_DBACCESS_DENIED_ERROR
272GRANT CREATE VIEW ON information_schema.* TO 'u_6_401018'@'localhost';
273
274# Check 1: Show that a "simple" user (<> root) has the permission to SELECT
275#          on some INFORMATION_SCHEMA table.
276--echo # Establish connection testuser1 (user=testuser1)
277--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
278connect (testuser1, localhost, testuser1, , db_datadict);
279SELECT table_schema,table_name FROM information_schema.tables
280WHERE table_schema = 'information_schema' AND table_name = 'tables';
281
282# Check 2: Show the privileges of the user on some INFORMATION_SCHEMA tables.
283SELECT * FROM information_schema.table_privileges
284WHERE table_schema = 'information_schema';
285SELECT * FROM information_schema.schema_privileges
286WHERE table_schema = 'information_schema';
287
288# Check 3: Show the following
289#          1. If a simple user (testuser1) has the privilege to create a VIEW
290#             than this VIEW could use a SELECT on an INFORMATION_SCHEMA table.
291#          2. This user (testuser1) is also able to GRANT the SELECT privilege
292#             on this VIEW to another user (testuser2).
293#          3. The other user (testuser2) must be able to SELECT on this VIEW
294#             but gets a different result set than testuser1.
295CREATE VIEW db_datadict.v2 AS
296SELECT TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE
297FROM information_schema.tables WHERE table_schema = 'db_datadict';
298SELECT TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE
299FROM db_datadict.v2;
300SELECT TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE
301FROM information_schema.tables WHERE table_schema = 'db_datadict';
302GRANT SELECT ON db_datadict.v2 to testuser2@localhost;
303#
304--echo # Establish connection testuser2 (user=testuser2)
305--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
306connect (testuser2, localhost, testuser2, , db_datadict);
307SELECT TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE
308FROM db_datadict.v2;
309SELECT TABLE_SCHEMA,TABLE_NAME,TABLE_TYPE
310FROM information_schema.tables WHERE table_schema = 'db_datadict';
311
312# Cleanup
313--echo # Switch to connection default and close connections testuser1 and testuser2
314connection default;
315disconnect testuser1;
316disconnect testuser2;
317DROP USER 'testuser1'@'localhost';
318DROP USER 'testuser2'@'localhost';
319DROP DATABASE db_datadict;
320
321
322--echo #########################################################################
323--echo # Testcase 3.2.1.19
324--echo #########################################################################
325# Ensure that no other privilege on an INFORMATION_SCHEMA table is granted, or
326# may be granted, to any user.
327#
328--error 0,ER_CANNOT_USER
329DROP   USER 'testuser1'@'localhost';
330CREATE USER 'testuser1'@'localhost';
331
332# Initial privileges on the INFORMATION_SCHEMA tables (empty result sets)
333let $my_select1 = SELECT 'empty result set was expected' AS my_col
334FROM information_schema.schema_privileges
335WHERE table_schema = 'information_schema';
336let $my_select2 = SELECT 'empty result set was expected' AS my_col
337FROM information_schema.table_privileges
338WHERE table_schema = 'information_schema';
339let $my_select3 = SELECT 'empty result set was expected' AS my_col
340FROM information_schema.column_privileges
341WHERE table_schema = 'information_schema';
342eval $my_select1;
343eval $my_select2;
344eval $my_select3;
345
346#FIXME: check GRANT on IS
347--error ER_DBACCESS_DENIED_ERROR
348GRANT ALTER ON information_schema.*
349TO 'testuser1'@'localhost';
350
351#FIXME: check GRANT on IS
352--error ER_DBACCESS_DENIED_ERROR
353GRANT ALTER ROUTINE ON information_schema.*
354TO 'testuser1'@'localhost';
355
356#FIXME: check GRANT on IS
357--error ER_DBACCESS_DENIED_ERROR
358GRANT CREATE ON information_schema.*
359TO 'testuser1'@'localhost';
360
361#FIXME: check GRANT on IS
362--error ER_DBACCESS_DENIED_ERROR
363GRANT CREATE ROUTINE ON information_schema.*
364TO 'testuser1'@'localhost';
365
366#FIXME: check GRANT on IS
367--error ER_DBACCESS_DENIED_ERROR
368GRANT CREATE TEMPORARY TABLES ON information_schema.*
369TO 'testuser1'@'localhost';
370
371#FIXME: check GRANT on IS
372--error ER_DBACCESS_DENIED_ERROR
373GRANT DELETE ON information_schema.*
374TO 'testuser1'@'localhost';
375
376#FIXME: check GRANT on IS
377--error ER_DBACCESS_DENIED_ERROR
378GRANT DROP ON information_schema.*
379TO 'testuser1'@'localhost';
380
381#FIXME: check GRANT on IS
382--error ER_DBACCESS_DENIED_ERROR
383GRANT EXECUTE ON information_schema.*
384TO 'testuser1'@'localhost';
385
386#FIXME: check GRANT on IS
387--error ER_DBACCESS_DENIED_ERROR
388GRANT INDEX ON information_schema.*
389TO 'testuser1'@'localhost';
390
391#FIXME: check GRANT on IS
392--error ER_DBACCESS_DENIED_ERROR
393GRANT INSERT ON information_schema.*
394TO 'testuser1'@'localhost';
395
396#FIXME: check GRANT on IS
397--error ER_DBACCESS_DENIED_ERROR
398GRANT LOCK TABLES ON information_schema.*
399TO 'testuser1'@'localhost';
400
401#FIXME: check GRANT on IS
402--error ER_DBACCESS_DENIED_ERROR
403GRANT UPDATE ON information_schema.*
404TO 'testuser1'@'localhost';
405
406# Has something accidently changed?
407eval $my_select1;
408eval $my_select2;
409eval $my_select3;
410
411# Cleanup
412DROP USER 'testuser1'@'localhost';
413
414
415--echo #########################################################################
416--echo # Testcase 3.2.1.16
417--echo #########################################################################
418# Ensure that no user may use any INFORMATION_SCHEMA table to determine any
419# information on a database and/or its structure unless authorized to get that
420# information.
421# Note: The plan is to create a new database and objects within it so that
422#       any INFORMATION_SCHEMA table gets additional rows if possible.
423#       A user having no rights on the new database and no rights on objects
424#       must nowhere see tha name of the new database.
425--source suite/funcs_1/datadict/basics_mixed3.inc
426
427--disable_warnings
428DROP DATABASE IF EXISTS db_datadict;
429--enable_warnings
430CREATE DATABASE db_datadict;
431--replace_result $engine_type <some_engine>
432eval
433CREATE TABLE db_datadict.t1 (f1 BIGINT, f2 BIGINT NOT NULL, f3 BIGINT,
434PRIMARY KEY(f1))
435ENGINE = $engine_type;
436CREATE UNIQUE INDEX UIDX ON db_datadict.t1(f3);
437CREATE PROCEDURE db_datadict.sproc1()      SELECT 'db_datadict';
438CREATE FUNCTION db_datadict.func1() RETURNS INT RETURN 0;
439CREATE TRIGGER db_datadict.trig1 BEFORE INSERT ON db_datadict.t1
440FOR EACH ROW SET @aux = 1;
441CREATE VIEW db_datadict.v1 AS SELECT * FROM db_datadict.t1;
442CREATE VIEW db_datadict.v2 AS SELECT * FROM information_schema.tables;
443
444--source suite/funcs_1/datadict/basics_mixed3.inc
445
446--error 0,ER_CANNOT_USER
447DROP   USER 'testuser1'@'localhost';
448CREATE USER 'testuser1'@'localhost';
449GRANT ALL ON test.* TO 'testuser1'@'localhost';
450
451--echo # Establish connection testuser1 (user=testuser1)
452--replace_result $MASTER_MYPORT MYSQL_PORT $MASTER_MYSOCK MYSQL_SOCK
453connect (testuser1, localhost, testuser1, , test);
454--source suite/funcs_1/datadict/basics_mixed3.inc
455
456# Cleanup
457--echo # Switch to connection default and close connections testuser1 and testuser2
458connection default;
459disconnect testuser1;
460DROP   USER 'testuser1'@'localhost';
461DROP DATABASE db_datadict;
462
463--echo ########################################################################
464--echo # Testcases 3.2.1.3-3.2.1.5 + 3.2.1.8-3.2.1.12: INSERT/UPDATE/DELETE and
465--echo #           DDL on INFORMATION_SCHEMA tables are not supported
466--echo ########################################################################
467# Thorough tests checking the requirements above per every INFORMATION_SCHEMA
468# table are within other scripts.
469# We check here only that the requirement is fulfilled even when using a
470# STORED PROCEDURE.
471--disable_warnings
472DROP PROCEDURE IF EXISTS test.p1;
473--enable_warnings
474--error ER_DBACCESS_DENIED_ERROR
475CREATE PROCEDURE test.p1()
476INSERT INTO information_schema.tables
477SELECT * FROM information_schema.tables LIMIT 1;
478
479CREATE PROCEDURE test.p1()
480UPDATE information_schema.columns SET table_schema = 'garbage';
481--error ER_DBACCESS_DENIED_ERROR
482CALL test.p1();
483
484DROP PROCEDURE test.p1;
485--error ER_DBACCESS_DENIED_ERROR
486CREATE PROCEDURE test.p1()
487DELETE FROM information_schema.schemata;
488
489
490--echo #########################################################################
491--echo # Testcase 3.2.17.1+3.2.17.2: To be implemented outside of this script
492--echo #########################################################################
493# 3.2.17.1 Ensure that every INFORMATION_SCHEMA table shows all the correct
494#          information, and no incorrect information, for a database to which
495#          100 different users, each of which has a randomly issued set of
496#          privileges and access to a randomly chosen set of database objects,
497#          have access.
498#          The database should contain a mixture of all types of database
499#          objects (i.e. tables, views, stored procedures, triggers).
500# 3.2.17.2 Ensure that every INFORMATION_SCHEMA table shows all the correct
501#          information, and no incorrect information, for 10 different
502#          databases to which 50 different users, each of which has a randomly
503#          issued set of privileges and access to a randomly chosen set of
504#          database objects in two or more of the databases, have access.
505#          The databases should each contain a mixture of all types of database
506#          objects (i.e. tables, views, stored procedures, triggers).
507#
508# Note(mleich): These requirements are kept here so that they do not get lost.
509#          The tests are not yet implemented.
510#          If they are ever developed than they should be stored in other
511#          scripts. They will have most probably a long runtime because
512#          the current INFORMATION_SCHEMA implementation has some performance
513#          issues if a lot of users, privileges and objects are involved.
514#
515