Description:
As root, I grant USAGE privilege to peter@localhost. Nothing else.
As peter@localhost, I drop tablespace falcon_user + falcon_temporary.
As root, I try to create a temporary table. I can't.

I don't know what privilege should be necessary for DROP TABLESPACE.
But when I drop a tablespace, I can interfere with other users.
Therefore I should have something stronger than a USAGE privilege.

How to repeat:
As user root, say:
create temporary table t (s1 int) engine=falcon;
grant usage on test.* to peter@localhost;
quit

As user peter@localhost, say:
use test
drop tablespace falcon_user engine=falcon;
drop tablespace falcon_temporary engine=falcon;

As user root (after restarting mysql client), say:
create temporary table t2 (s1 int) engine=falcon;

Observe that the CREATE fails, with error message
ERROR 1005 (HY000): Can't create table 'test.t2' (errno: 156)

Thank you for the bug report. Verified as described:

c:\dev\6.0>bin\mysql -uroot test
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 6.0.2-alpha-nt Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create temporary table t2 (s1 int) engine=falcon;
ERROR 1005 (HY000): Can't create table 'test.t2' (errno: 156)
mysql>

See also;  Bug#31304

>Ann wrote;
>Bug#30281 is a mess.  Yes, someone ought to manage privileges
>for tablespaces, but no, Falcon doesn't do privileges, and no, 
>the server doesn't know anything about privileges.  What we 
>ought to do is refuse to drop FALCON_MASTER, FALCON_USER, and 
>FALCON_TEMPORARY.  What we should do about privileges for 
>dropping user defined tablespaces.  I truly don't know.

>>Kostja (Konstantin Osipov) wrote;
>>OK, tablespace implementation is incomplete.
>>A tablespace should belong to the database. It should be subject
>>for privilege checks. The syntax should be done right. These all
>>are not falcon issues.
>>We will be changing these.

>Kevin Lewis wrote; 
> Kostja,
> 
> Currently in Falcon, a tablespace may contain multiple databases, and all
> databases are split between two tablespaces, one for data and one for
> metadata.  In other words, the tablespace FALCON_DICTIONARY contains all
> metadata while data pages are either in FALCON_USER or some there
> tablespace.  FALCON_USER contains data from all databases unless specified
> otherwise.

-------------------------------
Kostja (Konstantin Osipov) wrote;
Tablespaces are currently not present in MySQL system catalog
(mysql.* tables). I wonder whether they are backed up and restored
properly with mysqldump and/or online backup - this needs to be
checked.

Privileges is another concern, indeed. We don't currently have a
dedicated privilege bit for CREATE/ALTER/DROP TABLESPACE.

Neither we have chosen any other privilege that would cover 
them. If we decide that tablespaces are global, i.e.
do not belong to any database, we should choose or add a global
privilege.

Current global-only privileges:

FILE, PROCESS, RELOAD, REPLICATION CLIENT, REPLICATION SLAVE, SHOW
DATABASES, SHUTDOWN

Other privileges can be granted globally, and then they apply to
all databases, or on database/table level.

StorageHandler::deleteTablespace() now rejects requests to delete system tablespaces.  Changeset 1.2673.

The larger issues of tablespace privileges is being addressed by Bug#31304.

Rejecting requests to delete system tablespaces will not fix this bug.

Pushed into 6.0.4-alpha

No changelog entry. CREATE TABLESPACE privilege has already been documented.