[Phpmyadmin-devel] RFE #1488, #781 User privilege tab not shown in all relevant cases

Hugues Peccatte hugues.peccatte at gmail.com
Sat Jul 12 00:10:31 CEST 2014 

Le 11 juil. 2014 22:15, "Isaac Bennetch" <bennetch at gmail.com> a écrit :
>
>
>
> On 7/11/14, 4:10 PM, Chirayu Chiripal wrote:
> > On Fri, Jul 11, 2014 at 7:15 PM, Isaac Bennetch <bennetch at gmail.com
> > <mailto:bennetch at gmail.com>> wrote:
> >
> >     On Fri, Jul 11, 2014 at 9:24 AM, Chirayu Chiripal
> >     <chirayu.chiripal at gmail.com <mailto:chirayu.chiripal at gmail.com>>
wrote:
> >     > On Fri, Jul 11, 2014 at 6:46 PM, Isaac Bennetch
> >     <bennetch at gmail.com <mailto:bennetch at gmail.com>> wrote:
> >     >>
> >     >> On Fri, Jul 11, 2014 at 8:21 AM, Chirayu Chiripal
> >     >> <chirayu.chiripal at gmail.com <mailto:chirayu.chiripal at gmail.com>>
> >     wrote:
> >     >> > Hi,
> >     >> >
> >     >> > From the discussion on RFE #781, it seems that without having
> >     select
> >     >> > access
> >     >> > to mysql database the user having only GRANT or CREATE USER
rights
> >     >> > cannot
> >     >> > see the list of users. So, what do you think should to be
> >     displayed in
> >     >> > Users
> >     >> > tab, only create user?
> >     >>
> >     >> This seems good to me.
> >     >
> >     >
> >     > And what if user is having only GRANT privileges?
> >
> >     If I correctly understand the MySQL privilege structure, what you're
> >     referring to is
> >     a situation where a user would be allowed to change privileges but
> >     can't see the list
> >     of other users. Obviously, that makes it difficult to provide a GUI
> >     for those users :)
> >
> >
> > Its not only about list of other users, we can't also see what
> > privileges they have.
>
> Ah, quite right.
>
> > Actually, I maybe wrong with this assumption but I
> > can't see use of such user (having GRANT_OPTION privilege but no SELECT
> > on mysql database) in practical but this may happen accidentally.
>
> That is my thought as well. I think this is something we should deal
> with appropriately (the message below, for instance), but not worry too
> much about.
>
> >
> >
> >     If I'm correct, there's no way to deal with this. The best I think
we
> >     can do is provide
> >     some text ("You have the GRANT_OPTION privilege but not SELECT on
> >     the mysql
> >     database. We are unable to show the list of users, but you can still
> >     write SQL directly."
> >     with a link to the MySQL documentation, perhaps). That's the best
idea
> >     I can come up
> >     with off hand.
> >
> >
> > This seems good to me too.
> >
> >
> >     Of course, I've been interrupted five times writing these two
> >     paragraphs, so I may be
> >     answering a completely different question at this point...

Hi,

I agree with Isaac. This is a strange case, but let's manage it simply by
displaying a message and forwarding the user to SQL console.

Hugues.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20140712/2711a239/attachment.html>

More information about the Developers mailing list