Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugin should not require MySQL SUPER privileges to execute #10

Closed
RedSpid3r opened this issue Jan 15, 2019 · 4 comments
Closed

Plugin should not require MySQL SUPER privileges to execute #10

RedSpid3r opened this issue Jan 15, 2019 · 4 comments
Milestone
2.5.0

Comments

@RedSpid3r
Copy link

RedSpid3r commented Jan 15, 2019
edited
Loading

Using the updated version of the plugin gives me the following error when trying to view the issue ranking page:

APPLICATION ERROR #401

Database query failed. Error received from database was #1227: Access denied; you need (at least one of) the SUPER privilege(s) for this operation for the query: SET GLOBAL sql_mode=(SELECT REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY','')).
Please use the "Back" button in your web browser to return to the previous page. There you can correct whatever problems were identified in this error or select another action. You can also click an option from the menu bar to go directly to a new section.
@CasN
Copy link
Collaborator

CasN commented Jan 17, 2019

Can you check if the database user has full rights on the database? In order to execute apparanetly it requires Super privileges. I am in the process (slowly) of rewriting in order to avoid these errors and to make it fully compliant.

@stigzler
Copy link

Same issue here - not really sure many of us will be willing to grant SU permissions on this given what it could open databases up to. Look forward to a fixed release...

@Skyedra
Copy link

Skyedra commented Aug 6, 2019

+1 - Requiring super privileges on a database is a ridiculous (and frankly, suspicious) implementation decision

@dregad dregad changed the title APPLICATION ERROR #401 - Database query failed Plugin should not require MySQL SUPER privileges to execute Sep 5, 2019
@dregad
Copy link
Member

dregad commented Sep 5, 2019

The SUPER privileges are required to set sql_mode (to clear ONLY_FULL_GROUP_BY mode).

This mode rejects queries where non-aggregated columns are expected, and is enabled by default in MySQL 5.7 and later.

The SQL query retrieving the data in the Rankings page needs to be updated so it can be executed in ONLY_FULL_GROUP_BY mode. This requires declaring all unique columns in the GROUP BY clause.

dregad added a commit to dregad/GaugeSupport that referenced this issue Sep 6, 2019
@dregad
Compliance with ONLY_FULL_GROUP_BY sql_mode
6b490e3 
The SQL query retrieving rankings from the database was modified so it
is no longer necessary to set sql_mode, which requires SUPER privileges.

All columns referenced in the SELECT statement were added to the
GROUP BY clause.

Fixes mantisbt-plugins#10
dregad added a commit to dregad/GaugeSupport that referenced this issue Sep 6, 2019
@dregad
Compliance with ONLY_FULL_GROUP_BY sql_mode
f137a4b 
The SQL query retrieving rankings from the database was modified so it
is no longer necessary to set sql_mode, which requires SUPER privileges.

All columns referenced in the SELECT statement were added to the
GROUP BY clause.

Fixes mantisbt-plugins#10
@dregad dregad closed this as completed in a70520c Sep 8, 2019
@dregad dregad added this to the 2.5.0 milestone Sep 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.5.0
Development

No branches or pull requests
5 participants
@dregad @stigzler @CasN @RedSpid3r @Skyedra