From 51508bcda308199087a47c6fafbe8efef3373233 Mon Sep 17 00:00:00 2001 From: Kate Galieva Date: Wed, 12 Feb 2025 11:40:06 -0500 Subject: [PATCH] Support MySQL GRANT SENSITIVE_VARIABLES_OBSERVER --- sql/mysql/Oracle/examples/grant.sql | 1 + sql/mysql/Positive-Technologies/MySqlLexer.g4 | 1 + sql/mysql/Positive-Technologies/MySqlParser.g4 | 2 ++ sql/mysql/Positive-Technologies/examples/grant.sql | 1 + 4 files changed, 5 insertions(+) diff --git a/sql/mysql/Oracle/examples/grant.sql b/sql/mysql/Oracle/examples/grant.sql index 6c4f6a3fd3..085a3337b5 100644 --- a/sql/mysql/Oracle/examples/grant.sql +++ b/sql/mysql/Oracle/examples/grant.sql @@ -23,6 +23,7 @@ ENCRYPTION_KEY_ADMIN, FIREWALL_ADMIN, FIREWALL_USER, GROUP_REPLICATION_ADMIN, IN NDB_STORED_USER, PERSIST_RO_VARIABLES_ADMIN, REPLICATION_APPLIER, REPLICATION_SLAVE_ADMIN, RESOURCE_GROUP_ADMIN, RESOURCE_GROUP_USER, ROLE_ADMIN, SESSION_VARIABLES_ADMIN, SET_USER_ID, SHOW_ROUTINE, SYSTEM_VARIABLES_ADMIN, AUTHENTICATION_POLICY_ADMIN, TABLE_ENCRYPTION_ADMIN, VERSION_TOKEN_ADMIN, XA_RECOVER_ADMIN, AUDIT_ABORT_EXEMPT, FIREWALL_EXEMPT, SKIP_QUERY_REWRITE, TP_CONNECTION_ADMIN ON *.* TO `admin`@`localhost`; +GRANT SENSITIVE_VARIABLES_OBSERVER ON *.* TO `admin`@`%`; #NB: GRANT SELECT, INSERT, UPDATE ON *.* TO u4 AS u1 WITH ROLE r1; #NB: GRANT SELECT, RELOAD, REPLICATION SLAVE, REPLICATION CLIENT, SHOW VIEW, EVENT, TRIGGER ON *.* TO 'xuser1'@'%', 'xuser2'@'%' # AS 'root'@'%' WITH ROLE 'cloudsqlsuperuser'@'%'; diff --git a/sql/mysql/Positive-Technologies/MySqlLexer.g4 b/sql/mysql/Positive-Technologies/MySqlLexer.g4 index 5f67a4ebe5..934a956d58 100644 --- a/sql/mysql/Positive-Technologies/MySqlLexer.g4 +++ b/sql/mysql/Positive-Technologies/MySqlLexer.g4 @@ -811,6 +811,7 @@ RESOURCE_GROUP_USER : 'RESOURCE_GROUP_USER'; ROLE_ADMIN : 'ROLE_ADMIN'; ROUTINE : 'ROUTINE'; S3 : 'S3'; +SENSITIVE_VARIABLES_OBSERVER: 'SENSITIVE_VARIABLES_OBSERVER'; SERVICE_CONNECTION_ADMIN : 'SERVICE_CONNECTION_ADMIN'; SESSION_VARIABLES_ADMIN : QUOTE_SYMB? 'SESSION_VARIABLES_ADMIN' QUOTE_SYMB?; SET_USER_ID : 'SET_USER_ID'; diff --git a/sql/mysql/Positive-Technologies/MySqlParser.g4 b/sql/mysql/Positive-Technologies/MySqlParser.g4 index d3da727fed..b5be3a433b 100644 --- a/sql/mysql/Positive-Technologies/MySqlParser.g4 +++ b/sql/mysql/Positive-Technologies/MySqlParser.g4 @@ -1681,6 +1681,7 @@ privilege | RESOURCE_GROUP_ADMIN | RESOURCE_GROUP_USER | ROLE_ADMIN + | SENSITIVE_VARIABLES_OBSERVER | SERVICE_CONNECTION_ADMIN | SESSION_VARIABLES_ADMIN | SET_USER_ID @@ -3057,6 +3058,7 @@ keywordsCanBeId | SCHEMA_NAME | SECURITY | SECONDARY_ENGINE_ATTRIBUTE + | SENSITIVE_VARIABLES_OBSERVER | SEQUENCE_TABLE | SERIAL | SERVER diff --git a/sql/mysql/Positive-Technologies/examples/grant.sql b/sql/mysql/Positive-Technologies/examples/grant.sql index e77e920abb..fa40e47735 100644 --- a/sql/mysql/Positive-Technologies/examples/grant.sql +++ b/sql/mysql/Positive-Technologies/examples/grant.sql @@ -25,6 +25,7 @@ ENCRYPTION_KEY_ADMIN, FIREWALL_ADMIN, FIREWALL_USER, GROUP_REPLICATION_ADMIN, IN NDB_STORED_USER, PERSIST_RO_VARIABLES_ADMIN, REPLICATION_APPLIER, REPLICATION_SLAVE_ADMIN, RESOURCE_GROUP_ADMIN, RESOURCE_GROUP_USER, ROLE_ADMIN, SESSION_VARIABLES_ADMIN, SET_USER_ID, SHOW_ROUTINE, SYSTEM_VARIABLES_ADMIN, AUTHENTICATION_POLICY_ADMIN, TABLE_ENCRYPTION_ADMIN, VERSION_TOKEN_ADMIN, XA_RECOVER_ADMIN, AUDIT_ABORT_EXEMPT, FIREWALL_EXEMPT, SKIP_QUERY_REWRITE, TELEMETRY_LOG_ADMIN, TP_CONNECTION_ADMIN ON *.* TO `admin`@`localhost`; +GRANT SENSITIVE_VARIABLES_OBSERVER ON *.* TO `admin`@`%`; GRANT SELECT, INSERT, UPDATE ON *.* TO u4 AS u1 WITH ROLE r1; GRANT SELECT, RELOAD, REPLICATION SLAVE, REPLICATION CLIENT, SHOW VIEW, EVENT, TRIGGER ON *.* TO 'xuser1'@'%', 'xuser2'@'%' AS 'root'@'%' WITH ROLE 'cloudsqlsuperuser'@'%';