Description:
In my opinion much easier to administrate group of users, then single user.
Some of databases (f..e. Sybase) have group support. Why MySQL haven’t?
I found simple solution.
We have to add column User_group to table mysql.user.
mysql> alter table mysql.user add column User_group char(16) binary after max_connections;
and make some small changes in sql_acl.cc
How to repeat:
Example of groups usage:
insert into mysql.user(User) values ('teacher');
insert into mysql.user(User) values ('student');
grant all on marks to teacher;
grant select on marks to student;
insert into mysql.user(User, User_Group) values ('smith', 'teacher');
insert into mysql.user(User, User_Group) values ('john', 'student');
insert into mysql.user(User, User_Group) values ('peter', 'student');
flush privileges;
Suggested fix:
68c68
< char *user,*password;
---
> char *user,*password,*group;
229a230
> user.group= table->fields >= 32 ? get_field(&mem, table,31) : NULL;
819a821,822
> ACL_USER *acl_user;
> const char* group;
839a843,844
> group=(acl_user=find_acl_user(host, user)) && acl_user->group
> ? acl_user->group : user;
843c848
< if (!acl_db->user || !strcmp(user,acl_db->user))
---
> if (!acl_db->user || !strcmp(user,acl_db->user) || !strcmp(group, acl_db->user))
2443,2444c2448,2449
< bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
< uint show_table, bool no_errors)
---
> bool _check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
> uint show_table, bool no_errors, char *user)
2447d2451
< char *user = thd->priv_user;
2521a2526,2532
> bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables,
> uint show_table, bool no_errors)
> {
> ACL_USER *acl_user = find_acl_user(thd->host, thd->priv_user);
> return acl_user && acl_user->group && !_check_grant(thd, want_access, tables, show_table, 0, acl_user->group) ?
> _check_grant(thd, want_access, tables, show_table, no_errors, thd->priv_user) : 0;
> }
Description: In my opinion much easier to administrate group of users, then single user. Some of databases (f..e. Sybase) have group support. Why MySQL haven’t? I found simple solution. We have to add column User_group to table mysql.user. mysql> alter table mysql.user add column User_group char(16) binary after max_connections; and make some small changes in sql_acl.cc How to repeat: Example of groups usage: insert into mysql.user(User) values ('teacher'); insert into mysql.user(User) values ('student'); grant all on marks to teacher; grant select on marks to student; insert into mysql.user(User, User_Group) values ('smith', 'teacher'); insert into mysql.user(User, User_Group) values ('john', 'student'); insert into mysql.user(User, User_Group) values ('peter', 'student'); flush privileges; Suggested fix: 68c68 < char *user,*password; --- > char *user,*password,*group; 229a230 > user.group= table->fields >= 32 ? get_field(&mem, table,31) : NULL; 819a821,822 > ACL_USER *acl_user; > const char* group; 839a843,844 > group=(acl_user=find_acl_user(host, user)) && acl_user->group > ? acl_user->group : user; 843c848 < if (!acl_db->user || !strcmp(user,acl_db->user)) --- > if (!acl_db->user || !strcmp(user,acl_db->user) || !strcmp(group, acl_db->user)) 2443,2444c2448,2449 < bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, < uint show_table, bool no_errors) --- > bool _check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, > uint show_table, bool no_errors, char *user) 2447d2451 < char *user = thd->priv_user; 2521a2526,2532 > bool check_grant(THD *thd, ulong want_access, TABLE_LIST *tables, > uint show_table, bool no_errors) > { > ACL_USER *acl_user = find_acl_user(thd->host, thd->priv_user); > return acl_user && acl_user->group && !_check_grant(thd, want_access, tables, show_table, 0, acl_user->group) ? > _check_grant(thd, want_access, tables, show_table, no_errors, thd->priv_user) : 0; > }