WebGUI
      Click here to register.
      
Sprechen Sie WebGUI? Parlez vous WebGUI? Se habla WebGUI? Spreekt u WebGUI?

Do you speak WebGUI? Please help us translate WebGUI into your language.


     Report a Bug > WebGUI Bug Tracker

SQLForm - cannot add new asset (revisited)
User jhondius
Date 3/26/2007 5:02 am
Severity Critical (mostly not working)
Version WebGUI 7.3.13
Views 355
Rating 0    Rate [
|
]
Karma Rank 10.000000
Previous · Next
User Message
jhondius
Date: 3/26/2007 5:02 am   ·   Subject: SQLForm - cannot add new asset (revisited)   ·   Rating: 0

Hi all.

This bug has already been described.
http://www.plainblack.com/bugs/tracker/sqlform---cannot-add-new-asset/2#UiWL97KbWUhFA0hTtD77YQ
It was closed because it could not be reproduced.
I have a way to reproduce it, and a way to un-reproduce it,
and hints as to what the cause is. (i hope Laughing).

See below.

Problem description:
adding a new SQLForm asset generates error
"Some error(s) occurred: Databaselink does not have enough privileges (Needs ALTER, CREATE, DELETE, INDEX, INSERT, SELECT, UPDATE)"

Setup:
I use a mySQL outside the wre, on the localhost.
So i connect to it using ip 127.0.0.1 instead of 'localhost'
I use a databaseconnection to a db DB1 on 127.0.0.1, user jan, using database DB1

I guess the bug also exists for installations using the wre-mySQL.

Boils down to this:

if i query this on that link:
  SHOW GRANTS FOR CURRENT_USER();

SQLForm new asset does not work when mySQL returns this.
 

  • GRANT ALL PRIVILEGES ON *.* TO 'jan'@'127.0.0.1'  IDENTIFIED BY PASSWORD 'blahblah' WITH GRANT OPTION

SQLForm new asset DOES work if mySQL returns this.
 

But both situations DO grant sufficient privs.
Below is the code that i think is suspect.


------- +/- line 659 van /data/WebGUI/lib/WebGUI/Asset/Wobject/SQLForm.pm -------

        # Get all the grants for the db link user and fetch the one referring to the
        # database of the db link.
        @grants = $dbLink->db->buildArray('show grants for current_user');

        foreach (@grants) {
                if (m/GRANT ([\w\s\d,]*?) ON .$databaseName.*$/) {
                        push(@privileges, (split(/, /,$1)));
                }
        }

        # Check ik all required privs are present.
        return 1 if (isIn('ALL PRIVILEGES', @privileges));

----------------------------------------------------------------------------------


Also some handy statements to get the desired test situation: (mind the passwdhash!)

mysql -u root -h 127.0.0.1 -p DB1
GRANT ALL ON `DB1`.* TO 'jan'@'127.0.0.1' IDENTIFIED BY PASSWORD 'blahblah' WITH GRANT OPTION;
REVOKE ALL ON `DB1`.* FROM 'jan'@'127.0.0.1';
REVOKE GRANT OPTION ON `DB1`.* FROM 'jan'@'127.0.0.1';

Greetings from holland,
Joek Hondius, www.rem.nl
Back to Top
Rate [
|
]
 
 
jhondius
Date: 3/26/2007 9:39 am   ·   Subject: Re: SQLForm - cannot add new asset (revisited)   ·   Rating: 6

I forgot to mention that its the *.* that does it (wrong)

GRANT ALL PRIVILEGES TO *.*  

as opposed to

GRANT ALL PRIVILEGES TO DB1.*

Cheers, jhondius
Back to Top
Rate [
|
]
 
 
colink
Date: 3/27/2007 12:39 am   ·   Subject: Re: SQLForm - cannot add new asset (revisited)   ·   Rating: -2

Thank you for hunting this down and pointing it out.

The fix will be available in 7.3.14 
Back to Top
Rate [
|
]
 
 
     Report a Bug > WebGUI Bug Tracker