Description:
There exists a shortcoming with the current implementation of Views.  If a user is granted
the basic privileges necessary to create a view (CREATE VIEW, SELECT), that user will be
unable to call SHOW CREATE VIEW on that object unless the user is also granted SHOW VIEW.

There are a few good reasons why a view definer should be implicitly granted SHOW VIEW at
the object level for that view.
* A user should be able to view something he created
* This would be a more consistent behavior given that routines work that way.  A procedure
definer can call SHOW CREATE PROCEDURE on that object, and receive a full description of
the definition.
* Most importantly this shortcoming becomes problematic when a super user like root tries
to perform an export using mysql-dump.  This client evidently uses SHOW CREATE VIEW in
order to read out the contents of views, and if the view is SQL SECURITY DEFINER, AND that
definer lacks SHOW VIEW, then the export will fail.  The below code demonstrates this
problem.

For some reason this behavior has changed between .22, and .25.  On .22 I was able to do
an export, however on .25 I had the failure shown below.  It appears that the problem is
that although root does have SHOW VIEW and can call SHOW CREATE VIEW v2, once inside v2,
the privileges of the definer of v2 are in effect, and user 'create' won't be able to call
SHOW CREATE VIEW on view v1, resulting in the failure.

How to repeat:
# do as root
CREATE DATABASE myDB;
use myDB;

GRANT CREATE VIEW, SELECT ON myDB.* TO
        'create'@'localhost' IDENTIFIED BY 'create';

CREATE TABLE t1 (c1 INT);
INSERT INTO t1 VALUES (30);

# do as user 'create'
CREATE VIEW myDB.v1 (c) AS SELECT c1 FROM myDB.t1;
CREATE VIEW myDB.v2 (c) AS SELECT c+1 FROM myDB.v1;

# Attempt to export the database
[emalossi@ericm mysql-test]$ ../client/mysqldump --user=root --all-databases
--add-drop-table --socket=./var/tmp/master.sock > ~/dump.out
mysqldump: mysqldump: Couldn't execute 'show create table `v2`': SHOW VIEW command denied
to user 'create'@'localhost' for table 'v1' (1142)

Suggested fix:
Trudy suggested a potential fix would be to create a dedicated 'backup' user who would
have the ability to perform this action without failures.  I think that a simpler
suggestion would be to follow the model that we have for routines.  In that case when a
user defines a routine that user is explicitly granted, EXECUTE, and ALTER on that
routine.  If a view definer were to be granted SHOW VIEW explicitly at the object level
for that view, all of the above problems would be solved.

Currently a workaround for the mysql-dump problem would be for the administrator to grant
SHOW VIEW to anyone who would potentially be creating views.  While this would be a
solution, it is certainly more troublesome to manage, but since there is a workaround, I'm
setting the priority to P3.

Thank you for the report.

Is command "[emalossi@ericm mysql-test]$ ../client/mysqldump --user=root
--all-databases --add-drop-table --socket=./var/tmp/master.sock >
~/dump.out" correct? Do you dump as user root?

If so, I can not repeat it using current sources:

ssmirnova@shella ~/mysql5.0b
$bin/mysql --socket=/tmp/mysql.sock -uroot test
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 5.0.26-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> CREATE DATABASE myDB;
Query OK, 1 row affected (0.05 sec)

mysql> use myDB;
Database changed
mysql>
mysql> GRANT CREATE VIEW, SELECT ON myDB.* TO
    ->         'create'@'localhost' IDENTIFIED BY 'create';
Query OK, 0 rows affected (0.05 sec)

mysql>
mysql> CREATE TABLE t1 (c1 INT);
Query OK, 0 rows affected (0.18 sec)

mysql> INSERT INTO t1 VALUES (30);
Query OK, 1 row affected (0.00 sec)

mysql> \q
Bye

ssmirnova@shella ~/mysql5.0b
$bin/mysql --socket=/tmp/mysql.sock -ucreate myDB -p
Enter password:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3 to server version: 5.0.26-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> CREATE VIEW myDB.v1 (c) AS SELECT c1 FROM myDB.t1;
Query OK, 0 rows affected (0.00 sec)

mysql> CREATE VIEW myDB.v2 (c) AS SELECT c+1 FROM myDB.v1;
Query OK, 0 rows affected (0.02 sec)

mysql> \q
Bye

ssmirnova@shella ~/mysql5.0b
$bin/mysqldump --user=root --all-databases --add-drop-table  --socket=/tmp/mysql.sock >
bug22062.sql

ssmirnova@shella ~/mysql5.0b

No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

I tried this again with 5.0.26.  This problem does appear to have been resolved in this
release.

There is duplicate bug #24070

This problem has re-appeared in version 5.0.45 but was not present in the previous version
that we had which was 5.0.15.

Sorry forgot to add that I dump the database as user root.  I have moved over scripts that
were executing with no problems on MySQL version 5.0.15, but on version 5.0.45 I get the
following error message:

mysqldump: Couldn't execute 'SHOW FIELDS FROM `v': View 'myDB.v' references invalid
table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
(1356)

I can not repeat described behaviour with version 5.0.45

just for reference, I got this problem on 5.0.27