DbTool: Fix that all mysql privileges were checked regardless of thei…

…r context refs #8707
Icinga · Apr 13, 2015 · a21d544 · a21d544
1 parent e0891ae
commit a21d544
Showing 1 changed file with 5 additions and 9 deletions.
diff --git a/modules/setup/library/Setup/Utils/DbTool.php b/modules/setup/library/Setup/Utils/DbTool.php
@@ -629,10 +629,6 @@ protected function checkMysqlPrivileges(
         $mysqlPrivileges = array_intersect($privileges, array_keys($this->mysqlGrantContexts));
         list($_, $host) = explode('@', $this->query('select current_user()')->fetchColumn());
         $grantee = "'" . ($username === null ? $this->config['username'] : $username) . "'@'" . $host . "'";
-        $privilegeCondition = sprintf(
-            'privilege_type IN (%s)',
-            join(',', array_map(array($this, 'quote'), $mysqlPrivileges))
-        );
 
         if (isset($this->config['dbname'])) {
             $dbPrivileges = array();
@@ -653,7 +649,7 @@ protected function checkMysqlPrivileges(
                     . ' FROM information_schema.schema_privileges'
                     . ' WHERE grantee = :grantee'
                     . ' AND table_schema = :dbname'
-                    . ' AND ' . $privilegeCondition
+                    . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $dbPrivileges)) . ')'
                     . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
                     array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
                 );
@@ -666,14 +662,13 @@ protected function checkMysqlPrivileges(
                     !$dbPrivilegesGranted || array_intersect($dbPrivileges, $tablePrivileges) != $tablePrivileges
                 )
             ) {
-                $tableCondition = 'table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')';
                 $query = $this->query(
                     'SELECT COUNT(*) as matches'
                     . ' FROM information_schema.table_privileges'
                     . ' WHERE grantee = :grantee'
                     . ' AND table_schema = :dbname'
-                    . ' AND ' . $tableCondition
-                    . ' AND ' . $privilegeCondition
+                    . ' AND table_name IN (' . join(',', array_map(array($this, 'quote'), $context)) . ')'
+                    . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $tablePrivileges)) . ')'
                     . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
                     array(':grantee' => $grantee, ':dbname' => $this->config['dbname'])
                 );
@@ -688,7 +683,8 @@ protected function checkMysqlPrivileges(
 
         $query = $this->query(
             'SELECT COUNT(*) as matches FROM information_schema.user_privileges WHERE grantee = :grantee'
-            . ' AND ' . $privilegeCondition . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
+            . ' AND privilege_type IN (' . join(',', array_map(array($this, 'quote'), $mysqlPrivileges)) . ')'
+            . ($requireGrants ? " AND is_grantable = 'YES'" : ''),
             array(':grantee' => $grantee)
         );
         return (int) $query->fetchObject()->matches === count($mysqlPrivileges);