MDEV-29632 SUPER users created before 10.11 should retain READ_ONLY ADMIN privilege upon upgrade

mysql-test/suite/sys_vars/r/read_only_grant.result

@@ -29,3 +29,12 @@ ERROR HY000: Variable 'read_only' is a GLOBAL variable and should be set with SE
 disconnect user1;
 connection default;
 DROP USER user1@localhost;
+#
+# MDEV-29632 SUPER users created before 10.11 should retain READ_ONLY ADMIN privilege upon upgrade
+#
+insert mysql.global_priv values ('bar', 'foo', '{"access":32768,"version_id":101000,"plugin":"mysql_native_password","authentication_string":""}');
+flush privileges;
+show grants for foo@bar;
+Grants for foo@bar
+GRANT SUPER, READ_ONLY ADMIN ON *.* TO `foo`@`bar`
+drop user foo@bar;

mysql-test/suite/sys_vars/t/read_only_grant.test

@@ -35,3 +35,11 @@ SET SESSION read_only=0;
 --disconnect user1
 --connection default
 DROP USER user1@localhost;
+
+--echo #
+--echo # MDEV-29632 SUPER users created before 10.11 should retain READ_ONLY ADMIN privilege upon upgrade
+--echo #
+insert mysql.global_priv values ('bar', 'foo', '{"access":32768,"version_id":101000,"plugin":"mysql_native_password","authentication_string":""}');
+flush privileges;
+show grants for foo@bar;
+drop user foo@bar;

sql/sql_acl.cc

@@ -1532,6 +1532,11 @@ class User_table_json: public User_table
   {
     privilege_t mask= ALL_KNOWN_ACL_100304;
     ulonglong orig_access= access;
+    if (version_id < 101100)
+    {
+      if (access & SUPER_ACL)
+        access|= READ_ONLY_ADMIN_ACL;
+    }
     if (version_id >= 100509)
     {
       mask= ALL_KNOWN_ACL_100509;