#781 (ok 4.3) Privileges for non superuser

Needs_decision
fixed
1
2014-12-05
2005-09-19
CompatCart
No

This was touched on by another support question, but
mine is slightly different.

I have a database provided by UK FastHosts. The owner
(whome I log in as) has privileges to add other users
and assign them privileges. I know this becuase I can
do a "GRANT select, update ...." statement (in
phpmyadmin's query window) and it adds users and
correctly assigns then the privileges.

The problem that I have is that in Phpmyadmin, there is
no easy way to modify the privileges that have been
assigned etc. The entire privileges link is not shown
even though the owner is able to modify database
privileges.

I quess this is becuse the privileges tab is only shown if
the logged in user has global privileges and database
privileges are not taken into account.

Is it feasible to add this as a RFC?

Discussion

  • Michal Čihař

    Michal Čihař - 2005-09-28

    Logged In: YES
    user_id=192186

    Moving to feature requests.

     
  • Michal Čihař

    Michal Čihař - 2005-09-28
    • labels: 509109 --> 509126
    • milestone: 504731 -->
    • summary: Privileges resrictions --> Privileges for non superuser
     
  • Michal Čihař

    Michal Čihař - 2005-09-28
    • labels: 509126 --> Privileges
     
  • Laughing boy

    Laughing boy - 2007-12-12

    Logged In: YES
    user_id=1303053
    Originator: NO

    Is this being addressed?

    I have exactly this problem. It means I am unable to create users and grant privileges thru phpmyadmin even though I can do so directly with SQL. It seems that phpmyadmin only displays the relevant "Privileges" option/tab for users who have global rather than database-specific privileges.

    This is surely a bug and was originally entered as such but was moved to Feature Requests.

    Any chance of it being fixed as it's well over two years now?

    (Many thanks to all those who have contributed to a great product.)

     
  • Marc Delisle

    Marc Delisle - 2008-07-12

    Logged In: YES
    user_id=210714
    Originator: NO

    Sorry, we are drowning in feature requests.

     
  • Aaron Maturen

    Aaron Maturen - 2010-03-30

    Hello all, I would like to try to patch this.

    It seems that if I write a function that checks if an User has Grant_priv = 'Y' in `mysql`.`User` that I can use that to set a flag $has_grantPrivilege and use that instead of $is_superuser for editing user privileges.

     
  • Marc Delisle

    Marc Delisle - 2010-03-30

    You won't have direct access to mysql.user, but you could use the output of SHOW GRANTS.

     
  • Aaron Maturen

    Aaron Maturen - 2010-04-14

    Alright, I got the tab to display for the server based on the results of 'SHOW GRANTS', but the query to get the list of users fails unless the user has SELECT on `mysql`.user which is how the superuser is set.

    I haven't found a way to load the grants of a given user without the `mysql`.user table. Is the proposal to be able to change the settings for an user that an administrator types in the name of? If thats the case there isn't a way to auto-check the privilege boxes for an user, so an administrator would be going in blind.

     
  • Mohamed Ashraf

    Mohamed Ashraf - 2013-03-21

    How do you want this to work. Since the user cannot access the mysql database he cannot see the users who have access to his database or choose an exiting user to give priviliges to. So do you want a text box for him to enter the username in?

     
  • Anonymous

    Anonymous - 2014-01-03

    Hi,
    I would like to ask if the following would be a valid starting point for this feature request:

    $ mysql -u root -h myserver-sever.com -p
    mysql> CREATE DATABASE demo;
    mysql> GRANT ALL ON demo.* TO user1@localhost IDENTIFIED BY 'mypassword';
    $ mysql -u user1 -h mysql.server.com -p demo
    
    • -u user1: MySQL Username
    • -h : MySQL server name (default is localhost)
    • -p : Prompt for password
    • demo: demo is name of mysql database (optional)

    GRANT ALL means all privileges i.e. user is permitted do anything. user can read, modify or delete data, but only on tables in the demo database. user cannot access any other database.

    Thank you for your time ~Sheressa

     
  • Marc Delisle

    Marc Delisle - 2014-01-03

    Sheressa,
    I don't see a relation between your example and this feature request.

     
  • Anonymous

    Anonymous - 2014-01-03

    Is the idea to implement something similar to what can be found in cpanel?
    please see 2 attachments, thanks

     
  • Anonymous

    Anonymous - 2014-01-03

    Attachment A

     
  • Anonymous

    Anonymous - 2014-01-03

    Attachment B

     
  • Marc Delisle

    Marc Delisle - 2014-01-03

    Sheressa,
    is there a part of the original text of this feature request that you do not understand? If so, please ask clarifications about this part.

     
  • Isaac Bennetch

    Isaac Bennetch - 2014-07-09
    • labels: Privileges --> Privileges, GSOC 2014
    • assigned_to: Isaac Bennetch
    • Group: --> Needs_decision
     
  • Isaac Bennetch

    Isaac Bennetch - 2014-07-21
    • summary: Privileges for non superuser --> (ok 4.3) Privileges for non superuser
    • status: open --> resolved
    • Priority: 5 --> 1
     
  • Marc Delisle

    Marc Delisle - 2014-12-05
    • Status: resolved --> fixed