#711 Adminer doesn't show input fields for parameters while executing a stored procedure, if the user has only EXECUTE grant on it and the DEFINER is another user.

[Marco Marsala]

Create a procedure proc with at least one input parameter.

Create a sample user usr and give EXECUTE grant for such procedure:
SHOW GRANTS FOR usr
Grants for usr@%
GRANT USAGE ON . TO 'usr'@'%'
GRANT EXECUTE ON dbname.* TO 'usr'@'%'

Log in as username and ry to execute procedure from Adminer GUI. it won't show fields for the input parameters. Screenshot: https://pasteboard.co/Iz12BzN.png

Screenshot for DEFINER user: https://pasteboard.co/Iz130dF.png

Btw, unprivileged user can know parameters of the stored procedure, issuing the following query, having just EXECUTE grant on the DB:

SELECT *
FROM information_schema.parameters
WHERE SPECIFIC_NAME = 'proc';

This is on MySQL 5.7.26.

[James]

A work around seems to be to add permissions in the mysql.tables_priv table for the user to perform selects on mysql database, proc table.