-
Notifications
You must be signed in to change notification settings - Fork 3.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
86700: sql: support SHOW SYSTEM GRANTS r=rafiss a=RichardJCai fixes #85549 Release justification: Observability only command Release note (sql change): SHOW SYSTEM GRANTS [FOR ROLE ...] allows you to see the grants done by GRANT SYSTEM ... 87081: sql: add catid.RoleID type for role ids r=rafiss a=RichardJCai Release justification: Tiny change, no functional change Release note: None Fixes #85241 Co-authored-by: richardjcai <[email protected]>
- Loading branch information
Showing
22 changed files
with
353 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
pkg/sql/logictest/testdata/logic_test/show_grants_on_virtual_table
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
query TTTTTB colnames | ||
SHOW GRANTS ON crdb_internal.tables | ||
---- | ||
database_name schema_name table_name grantee privilege_type is_grantable | ||
test crdb_internal tables public SELECT false | ||
|
||
statement ok | ||
GRANT SELECT ON crdb_internal.tables TO testuser | ||
|
||
query TTTTTB colnames | ||
SHOW GRANTS ON crdb_internal.tables | ||
---- | ||
database_name schema_name table_name grantee privilege_type is_grantable | ||
test crdb_internal tables public SELECT false | ||
test crdb_internal tables testuser SELECT false | ||
|
||
statement ok | ||
GRANT ALL ON crdb_internal.tables TO testuser | ||
|
||
statement ok | ||
CREATE USER testuser2 | ||
|
||
statement ok | ||
GRANT SELECT ON crdb_internal.tables TO testuser2 WITH GRANT OPTION | ||
|
||
query TTTTTB colnames | ||
SHOW GRANTS ON crdb_internal.tables | ||
---- | ||
database_name schema_name table_name grantee privilege_type is_grantable | ||
test crdb_internal tables public SELECT false | ||
test crdb_internal tables testuser ALL false | ||
test crdb_internal tables testuser2 SELECT true |
68 changes: 68 additions & 0 deletions
68
pkg/sql/logictest/testdata/logic_test/show_grants_synthetic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
statement ok | ||
GRANT SYSTEM MODIFYCLUSTERSETTING TO testuser | ||
|
||
statement ok | ||
GRANT SYSTEM VIEWACTIVITY TO testuser | ||
|
||
statement ok | ||
GRANT SYSTEM EXTERNALCONNECTION TO testuser WITH GRANT OPTION | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS | ||
---- | ||
grantee privilege is_grantable | ||
testuser EXTERNALCONNECTION true | ||
testuser MODIFYCLUSTERSETTING false | ||
testuser VIEWACTIVITY false | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS FOR testuser | ||
---- | ||
grantee privilege is_grantable | ||
testuser EXTERNALCONNECTION true | ||
testuser MODIFYCLUSTERSETTING false | ||
testuser VIEWACTIVITY false | ||
|
||
statement ok | ||
REVOKE SYSTEM VIEWACTIVITY FROM testuser | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS | ||
---- | ||
grantee privilege is_grantable | ||
testuser EXTERNALCONNECTION true | ||
testuser MODIFYCLUSTERSETTING false | ||
|
||
statement ok | ||
CREATE USER testuser2 | ||
|
||
statement ok | ||
GRANT SYSTEM VIEWACTIVITY TO testuser2 WITH GRANT OPTION | ||
|
||
statement ok | ||
GRANT SYSTEM EXTERNALCONNECTION TO testuser2 | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS | ||
---- | ||
grantee privilege is_grantable | ||
testuser EXTERNALCONNECTION true | ||
testuser MODIFYCLUSTERSETTING false | ||
testuser2 EXTERNALCONNECTION false | ||
testuser2 VIEWACTIVITY true | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS FOR testuser2 | ||
---- | ||
grantee privilege is_grantable | ||
testuser2 EXTERNALCONNECTION false | ||
testuser2 VIEWACTIVITY true | ||
|
||
query TTB colnames | ||
SHOW SYSTEM GRANTS FOR testuser, testuser2 | ||
---- | ||
grantee privilege is_grantable | ||
testuser EXTERNALCONNECTION true | ||
testuser MODIFYCLUSTERSETTING false | ||
testuser2 EXTERNALCONNECTION false | ||
testuser2 VIEWACTIVITY true |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
14 changes: 14 additions & 0 deletions
14
pkg/sql/logictest/tests/fakedist-vec-off/generated_test.go
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.