Bug #28588 | triggers are executed always as root so current_user() returns always root | ||
---|---|---|---|
Submitted: | 22 May 2007 10:27 | Modified: | 22 May 2007 21:14 |
Reporter: | Gaetano Piazza | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Stored Routines | Severity: | S2 (Serious) |
Version: | 5.0.27 | OS: | Linux |
Assigned to: | CPU Architecture: | Any |
[22 May 2007 10:27]
Gaetano Piazza
[22 May 2007 11:42]
Valeriy Kravchuk
Please, use explicit DEFINER clause. Read http://dev.mysql.com/doc/refman/5.0/en/create-trigger.html for the details. This is not a bug.
[22 May 2007 13:31]
Gaetano Piazza
Valeriy Kravchuk invite me to use explicit DEFINER clause. Really I have alredy do some tests with DEFINER clause, and that tests confirms that is reported in manual also: "Note that the introduction of the DEFINER clause changes the meaning of CURRENT_USER() within trigger definitions: The CURRENT_USER() function evaluates to the trigger DEFINER value as of MySQL 5.0.17 and to the user whose actions caused the trigger to be activated before 5.0.17." For this reason I don't still know how to assign to a field falue the name of the invoker user at the trigger activation time, as can be done with SQL SECURITY INVOKER characteristics clause in CREATE PROCEDURE/FUNCTION sintax.
[22 May 2007 21:14]
Gaetano Piazza
I have found the answer to my question in a comment to Bug report #5861 for the same bug written last 23 Nov 2005 from Alexander Nozdrin: +------+---------+---------+----------+----------+-----------+-------+ In order to get the user that triggered the action, USER() function (or SESSION_USER() that is basically an alias for USER()) can be used. However, this will return the current/actual user, not the user under whose authorization the action was triggered.