MDEV-24486 Add `table_privileges` view to the `sys` schema

The existing INFORMATION_SCHEMA.TABLE_PRIVILEGES displays only those
privileges that were specifically granted on the table level,
whereas it may be useful to see privileges granted at the database
and global level.

This commit adds a new view `table_privileges` to the `sys` schema
for that purpose. The view shows privileges on existing tables
and views, combining all possible levels:
 - user_privileges
 - schema_privileges
 - table_privileges

mysql-test/main/ctype_upgrade.result

@@ -302,6 +302,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -464,6 +465,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/information_schema.result

@@ -140,6 +140,7 @@ TABLES	TABLES
 TABLESPACES	TABLESPACES
 TABLE_CONSTRAINTS	TABLE_CONSTRAINTS
 TABLE_PRIVILEGES	TABLE_PRIVILEGES
+TABLE_PRIVILEGES	table_privileges
 TABLE_STATISTICS	TABLE_STATISTICS
 TRIGGERS	TRIGGERS
 t1	t1
@@ -163,6 +164,7 @@ TABLES	TABLES
 TABLESPACES	TABLESPACES
 TABLE_CONSTRAINTS	TABLE_CONSTRAINTS
 TABLE_PRIVILEGES	TABLE_PRIVILEGES
+TABLE_PRIVILEGES	table_privileges
 TABLE_STATISTICS	TABLE_STATISTICS
 TRIGGERS	TRIGGERS
 t1	t1
@@ -186,6 +188,7 @@ TABLES	TABLES
 TABLESPACES	TABLESPACES
 TABLE_CONSTRAINTS	TABLE_CONSTRAINTS
 TABLE_PRIVILEGES	TABLE_PRIVILEGES
+TABLE_PRIVILEGES	table_privileges
 TABLE_STATISTICS	TABLE_STATISTICS
 TRIGGERS	TRIGGERS
 t1	t1
@@ -1508,6 +1511,7 @@ statements_with_runtimes_in_95th_percentile	YES
 statements_with_sorting	YES
 statements_with_temp_tables	YES
 statement_analysis	YES
+table_privileges	NO
 user	YES
 user_summary	NO
 user_summary_by_file_io	NO

mysql-test/main/log_tables_upgrade.result

@@ -87,6 +87,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/lowercase_fs_off.result

@@ -178,6 +178,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_json_mysql_upgrade.result

@@ -98,6 +98,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result

@@ -98,6 +98,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade-20228.result

@@ -91,6 +91,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade-28915.result

@@ -149,6 +149,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -413,6 +414,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade-6984.result

@@ -94,6 +94,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade.result

@@ -76,6 +76,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -229,6 +230,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -381,6 +383,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -539,6 +542,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -697,6 +701,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -858,6 +863,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -1059,6 +1065,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -1231,6 +1238,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -1411,6 +1419,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -1633,6 +1642,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -1813,6 +1823,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -2045,6 +2056,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -2265,6 +2277,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade_mysql_json_datatype.result

@@ -85,6 +85,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade_ssl.result

@@ -76,6 +76,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/mysql_upgrade_view.result

@@ -156,6 +156,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -409,6 +410,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -637,6 +639,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/upgrade_MDEV-19650.result

@@ -179,6 +179,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/upgrade_MDEV-23102-1.result

@@ -197,6 +197,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -399,6 +400,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/upgrade_MDEV-23102-2.result

@@ -181,6 +181,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK
@@ -375,6 +376,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/upgrade_geometrycolumn_procedure_definer.result

@@ -127,6 +127,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/main/upgrade_mdev_24363.result

@@ -141,6 +141,7 @@ sys.statements_with_full_table_scans               OK
 sys.statements_with_runtimes_in_95th_percentile    OK
 sys.statements_with_sorting                        OK
 sys.statements_with_temp_tables                    OK
+sys.table_privileges                               OK
 sys.user_summary                                   OK
 sys.user_summary_by_file_io                        OK
 sys.user_summary_by_file_io_type                   OK

mysql-test/suite/sysschema/r/all_sys_objects_exist.result

@@ -42,6 +42,7 @@ statements_with_sorting
 statements_with_temp_tables
 statement_analysis
 sys_config
+table_privileges
 user_summary
 user_summary_by_file_io
 user_summary_by_file_io_type
@@ -159,4 +160,4 @@ SELECT TRIGGER_NAME FROM INFORMATION_SCHEMA.TRIGGERS WHERE TRIGGER_SCHEMA = 'sys
 TRIGGER_NAME
 SELECT sys_version FROM sys.version;
 sys_version
-1.5.1
+1.5.2

mysql-test/suite/sysschema/r/v_table_privileges.result

+DESC sys.table_privileges;
+Field	Type	Null	Key	Default	Extra
+TABLE_SCHEMA	varchar(64)	NO		NULL	
+TABLE_NAME	varchar(64)	NO		NULL	
+GRANTEE	varchar(385)	NO			
+PRIVILEGE	varchar(64)	NO			
+LEVEL	varchar(6)	NO			
+SELECT * FROM sys.table_privileges;
+CREATE DATABASE test2;
+USE test2;
+CREATE TABLE t1 (a int);
+CREATE USER test2_user;
+# Grant everything first
+GRANT ALL ON t1 TO test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2_user%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+test2	t1	'test2_user'@'%'	SELECT	TABLE
+test2	t1	'test2_user'@'%'	INSERT	TABLE
+test2	t1	'test2_user'@'%'	UPDATE	TABLE
+test2	t1	'test2_user'@'%'	DELETE	TABLE
+test2	t1	'test2_user'@'%'	CREATE	TABLE
+test2	t1	'test2_user'@'%'	DROP	TABLE
+test2	t1	'test2_user'@'%'	REFERENCES	TABLE
+test2	t1	'test2_user'@'%'	INDEX	TABLE
+test2	t1	'test2_user'@'%'	ALTER	TABLE
+test2	t1	'test2_user'@'%'	SHOW VIEW	TABLE
+test2	t1	'test2_user'@'%'	TRIGGER	TABLE
+test2	t1	'test2_user'@'%'	DELETE HISTORY	TABLE
+# Then revoke some privileges
+REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2_user%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+test2	t1	'test2_user'@'%'	SELECT	TABLE
+test2	t1	'test2_user'@'%'	INSERT	TABLE
+test2	t1	'test2_user'@'%'	UPDATE	TABLE
+test2	t1	'test2_user'@'%'	CREATE	TABLE
+test2	t1	'test2_user'@'%'	INDEX	TABLE
+test2	t1	'test2_user'@'%'	SHOW VIEW	TABLE
+test2	t1	'test2_user'@'%'	TRIGGER	TABLE
+test2	t1	'test2_user'@'%'	DELETE HISTORY	TABLE
+CREATE ROLE test2_role;
+GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role;
+# Must show both the user and the role
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+test2	t1	'test2_user'@'%'	SELECT	TABLE
+test2	t1	'test2_user'@'%'	INSERT	TABLE
+test2	t1	'test2_user'@'%'	UPDATE	TABLE
+test2	t1	'test2_user'@'%'	CREATE	TABLE
+test2	t1	'test2_user'@'%'	INDEX	TABLE
+test2	t1	'test2_user'@'%'	SHOW VIEW	TABLE
+test2	t1	'test2_user'@'%'	TRIGGER	TABLE
+test2	t1	'test2_user'@'%'	DELETE HISTORY	TABLE
+test2	t1	'test2_role'@''	SELECT	TABLE
+test2	t1	'test2_role'@''	UPDATE	TABLE
+test2	t1	'test2_role'@''	DELETE	TABLE
+test2	t1	'test2_role'@''	DROP	TABLE
+test2	t1	'test2_role'@''	INDEX	TABLE
+CREATE VIEW v1 AS SELECT * FROM t1;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+GRANT SELECT ON v1 TO test2_role;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+test2	v1	'test2_role'@''	SELECT	TABLE
+GRANT ALL ON v1 TO test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+TABLE_SCHEMA	TABLE_NAME	GRANTEE	PRIVILEGE	LEVEL
+test2	v1	'test2_user'@'%'	SELECT	TABLE
+test2	v1	'test2_user'@'%'	INSERT	TABLE
+test2	v1	'test2_user'@'%'	UPDATE	TABLE
+test2	v1	'test2_user'@'%'	DELETE	TABLE
+test2	v1	'test2_user'@'%'	CREATE	TABLE
+test2	v1	'test2_user'@'%'	DROP	TABLE
+test2	v1	'test2_user'@'%'	REFERENCES	TABLE
+test2	v1	'test2_user'@'%'	INDEX	TABLE
+test2	v1	'test2_user'@'%'	ALTER	TABLE
+test2	v1	'test2_user'@'%'	SHOW VIEW	TABLE
+test2	v1	'test2_user'@'%'	TRIGGER	TABLE
+test2	v1	'test2_user'@'%'	DELETE HISTORY	TABLE
+test2	v1	'test2_role'@''	SELECT	TABLE
+DROP TABLE t1;
+DROP VIEW v1;
+DROP USER test2_user;
+DROP ROLE test2_role;
+DROP DATABASE test2;

mysql-test/suite/sysschema/r/v_version.result

 SELECT sys_version FROM sys.version;
 sys_version
-1.5.1
+1.5.2

mysql-test/suite/sysschema/t/v_table_privileges.test

+-- source include/not_embedded.inc
+# -- source ../include/ps_truncate_all_tables.inc
+# Tests for sys schema
+# Verify the sys.table_privileges view
+
+# Ensure structure changes don't slip in
+DESC sys.table_privileges;
+
+# Make sure view select does not error, but ignore results
+--disable_result_log
+SELECT * FROM sys.table_privileges;
+--enable_result_log
+
+CREATE DATABASE test2;
+USE test2;
+CREATE TABLE t1 (a int);
+
+CREATE USER test2_user;
+
+--echo # Grant everything first
+GRANT ALL ON t1 TO test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2_user%';
+
+--echo # Then revoke some privileges
+REVOKE REFERENCES, DELETE, ALTER, DROP ON t1 FROM test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2_user%';
+
+CREATE ROLE test2_role;
+GRANT SELECT, UPDATE, DELETE, DROP, INDEX ON t1 to test2_role;
+--echo # Must show both the user and the role
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='t1'
+  AND grantee LIKE '%test2%';
+
+CREATE VIEW v1 AS SELECT * FROM t1;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+
+GRANT SELECT ON v1 TO test2_role;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+GRANT ALL ON v1 TO test2_user;
+SELECT * FROM sys.table_privileges WHERE table_schema='test2' AND table_name='v1'
+  AND grantee LIKE '%test2%';
+
+DROP TABLE t1;
+DROP VIEW v1;
+DROP USER test2_user;
+DROP ROLE test2_role;
+DROP DATABASE test2;
+
+

scripts/sys_schema/CMakeLists.txt

@@ -38,6 +38,7 @@ ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_object_overview.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_auto_increment_columns.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/x_schema_flattened_keys.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/schema_redundant_indexes.sql
+${CMAKE_CURRENT_SOURCE_DIR}/views/i_s/table_privileges.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/ps_check_lost_instrumentation_57.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/latest_file_io.sql
 ${CMAKE_CURRENT_SOURCE_DIR}/views/p_s/x_latest_file_io.sql

scripts/sys_schema/NEWS.md

 # Change history for the MySQL sys schema
 
-## 1.5.1 (07/07/16)
+## 1.5.2 (2023-11-20)
+
+### Improvements
+
+* A new `table_privileges` view was added, which displays privileges on tables granted at all levels (user, schema, table)
+
+
+## 1.5.1 (2016-07-07)
 
 ### Improvements
 
@@ -24,7 +31,7 @@
 * Oracle Bug #21970806 - The `sysschema.fn_ps_thread_trx_info` test was unstable
 * Oracle Bug #23621189 - The `ps_trace_statement_digest` procedure ran EXPLAIN incorrectly in certain cases (such as on a SHOW statement, no query being specified, or not having a full qualified table), the procedure now catches these issues and ignores them
 
-## 1.5.0 (11/09/15)
+## 1.5.0 (2015-09-11)
 
 ### Improvements
 
@@ -84,7 +91,7 @@
 * Template files were added for stored procedures and functions
 * Improved the sys_config_cleanup.inc procedure in tests to be able to reset the sys_config table completely (including the set_by column to NULL). The triggers can now be set to not update the column by setting the @sys.ignore_sys_config_triggers user variable to true
 
-## 1.4.0 (09/03/2015)
+## 1.4.0 (2015-03-09)
 
 ### Backwards Incompatible Changes
 
@@ -126,7 +133,7 @@ Various changes were made to allow better generation of integration sql files:
 * Each object has been created within it's own file. No longer do x$ views live with their non-x$ counterparts
 * DELIMITERs were standardized to $$
 
-## 1.3.0 (23/10/2014)
+## 1.3.0 (2014-10-23)
 
 ### Improvements
 
@@ -136,7 +143,7 @@ Various changes were made to allow better generation of integration sql files:
 
 * Fixed broken `host_summary_by_stages` views, broken with a last minute change before the 1.2.0 release that went unnoticed (facepalm)
 
-## 1.2.0 (22/10/2014)
+## 1.2.0 (2014-10-22)
 
 ### Backwards Incompatible Changes
 
@@ -163,7 +170,7 @@ Various changes were made to allow better generation of integration sql files:
 * Added missing space for hour notation within the `format_time` function
 * Fixed views affected by MySQL 5.7 ONLY_FULL_GROUP_BY and functional dependency changes
 
-## 1.1.0 (04/09/2014)
+## 1.1.0 (2014-09-04)
 
 ### Improvements
 
@@ -195,7 +202,7 @@ Various changes were made to allow better generation of integration sql files:
 * Fixed the RETURN datatype `extract_schema_from_file_name` and `extract_table_from_file_name` to return a VARCHAR(64) (**Contributed by Jesper Wisborg Krogh**)
 * Added events_transactions_current to the default enabled consumers in 5.7 (#25)
 
-## 1.0.1 (23/05/2014)
+## 1.0.1 (2014-05-23)
 
 ### Improvements
 
@@ -215,4 +222,4 @@ Various changes were made to allow better generation of integration sql files:
 * Some views did not work with the ERROR_FOR_DIVISION_BY_ZERO SQL mode. (#6) (**Contributed by Joe Grasse**)
 * On Windows the `ps_thread_stack()` stored function failed to escape file path backslashes correctly within the JSON output.
 
-## 1.0.0 (11/04/2014)
+## 1.0.0 (2014-04-11)

scripts/sys_schema/README.md

@@ -1635,6 +1635,59 @@ mysql> select * from schema_object_overview;
 10 rows in set (1.58 sec)
 ```
 
+#### table_privileges
+
+##### Description
+
+-- Shows privileges on existing tables and views granted at all possible levels:
+-- - user_privileges
+-- - schema_privileges
+-- - table_privileges
+
+##### Structure
+
+```SQL
+MariaDB [test]> desc sys.table_privileges;
++--------------+--------------+------+-----+---------+-------+
+| Field        | Type         | Null | Key | Default | Extra |
++--------------+--------------+------+-----+---------+-------+
+| TABLE_SCHEMA | varchar(64)  | NO   |     | NULL    |       |
+| TABLE_NAME   | varchar(64)  | NO   |     | NULL    |       |
+| GRANTEE      | varchar(385) | NO   |     |         |       |
+| PRIVILEGE    | varchar(64)  | NO   |     |         |       |
+| LEVEL        | varchar(6)   | NO   |     |         |       |
++--------------+--------------+------+-----+---------+-------+
+5 rows in set (0.002 sec)
+```
+
+##### Example
+
+```SQL
+mysql> select * from sys.table_privileges;
++--------------+------------+--------------------+----------------+--------+
+| TABLE_SCHEMA | TABLE_NAME | GRANTEE            | PRIVILEGE_TYPE | LEVEL  |
++--------------+------------+--------------------+----------------+--------+
+| test         | v1         | 'oleg'@'localhost' | SELECT         | GLOBAL |
+| test         | t1         | 'oleg'@'localhost' | SELECT         | GLOBAL |
+| test         | v1         | 'oleg'@'localhost' | INSERT         | GLOBAL |
+| test         | t1         | 'oleg'@'localhost' | INSERT         | GLOBAL |
+| test         | v1         | 'oleg'@'localhost' | UPDATE         | GLOBAL |
+| test         | v1         | 'PUBLIC'@''        | SELECT         | SCHEMA |
+| test         | t1         | 'PUBLIC'@''        | SELECT         | SCHEMA |
+| test         | v1         | 'PUBLIC'@''        | INSERT         | SCHEMA |
+| test         | t1         | 'PUBLIC'@''        | INSERT         | SCHEMA |
+| test         | v1         | 'PUBLIC'@''        | UPDATE         | SCHEMA |
+| test         | t1         | 'PUBLIC'@''        | UPDATE         | SCHEMA |
+| test         | v1         | 'PUBLIC'@''        | DELETE HISTORY | SCHEMA |
+| test         | t1         | 'PUBLIC'@''        | DELETE HISTORY | SCHEMA |
+| test         | t1         | 'oleg'@'%'         | SELECT         | TABLE  |
+| test         | t1         | 'oleg'@'%'         | UPDATE         | TABLE  |
+| test         | v1         | 'oleg'@'%'         | SELECT         | TABLE  |
++--------------+------------+--------------------+----------------+--------+
+16 rows in set (1.58 sec)
+```
+
+
 #### schema_table_statistics / x$schema_table_statistics
 
 ##### Description

scripts/sys_schema/sys_56.sql

@@ -55,6 +55,7 @@ SOURCE ./views/i_s/schema_object_overview.sql
 SOURCE ./views/i_s/schema_auto_increment_columns.sql
 SOURCE ./views/i_s/x_schema_flattened_keys.sql
 SOURCE ./views/i_s/schema_redundant_indexes.sql
+SOURCE ./views/i_s/table_privileges.sql
 
 SOURCE ./views/p_s/ps_check_lost_instrumentation.sql
 SOURCE ./views/p_s/processlist.sql

scripts/sys_schema/sys_57.sql

@@ -56,6 +56,7 @@ SOURCE ./views/i_s/schema_object_overview.sql
 SOURCE ./views/i_s/schema_auto_increment_columns.sql
 SOURCE ./views/i_s/x_schema_flattened_keys.sql
 SOURCE ./views/i_s/schema_redundant_indexes.sql
+SOURCE ./views/i_s/table_privileges.sql
 
 SOURCE ./views/p_s/ps_check_lost_instrumentation_57.sql
 

scripts/sys_schema/views/i_s/table_privileges.sql

+--
+-- View: table_privileges
+--
+-- Shows privileges on existing tables and views granted at all possible levels:
+-- - user_privileges
+-- - schema_privileges
+-- - table_privileges
+--
+-- mysql> select * from sys.table_privileges;
+-- +--------------+------------+--------------------+----------------+--------+
+-- | TABLE_SCHEMA | TABLE_NAME | GRANTEE            | PRIVILEGE_TYPE | LEVEL  |
+-- +--------------+------------+--------------------+----------------+--------+
+-- | test         | v1         | 'oleg'@'localhost' | SELECT         | GLOBAL |
+-- | test         | t1         | 'oleg'@'localhost' | SELECT         | GLOBAL |
+-- | test         | v1         | 'oleg'@'localhost' | INSERT         | GLOBAL |
+-- | test         | t1         | 'oleg'@'localhost' | INSERT         | GLOBAL |
+-- | test         | v1         | 'oleg'@'localhost' | UPDATE         | GLOBAL |
+-- | test         | v1         | 'PUBLIC'@''        | SELECT         | SCHEMA |
+-- | test         | t1         | 'PUBLIC'@''        | SELECT         | SCHEMA |
+-- | test         | v1         | 'PUBLIC'@''        | INSERT         | SCHEMA |
+-- | test         | t1         | 'PUBLIC'@''        | INSERT         | SCHEMA |
+-- | test         | v1         | 'PUBLIC'@''        | UPDATE         | SCHEMA |
+-- | test         | t1         | 'PUBLIC'@''        | UPDATE         | SCHEMA |
+-- | test         | v1         | 'PUBLIC'@''        | DELETE HISTORY | SCHEMA |
+-- | test         | t1         | 'PUBLIC'@''        | DELETE HISTORY | SCHEMA |
+-- | test         | t1         | 'oleg'@'%'         | SELECT         | TABLE  |
+-- | test         | t1         | 'oleg'@'%'         | UPDATE         | TABLE  |
+-- | test         | v1         | 'oleg'@'%'         | SELECT         | TABLE  |
+-- +--------------+------------+--------------------+----------------+--------+
+
+CREATE OR REPLACE
+  ALGORITHM = TEMPTABLE
+  DEFINER = 'mariadb.sys'@'localhost'
+  SQL SECURITY INVOKER
+VIEW table_privileges (
+  TABLE_SCHEMA,
+  TABLE_NAME,
+  GRANTEE,
+  PRIVILEGE,
+  LEVEL
+) AS
+SELECT t.TABLE_SCHEMA,
+       t.TABLE_NAME,
+       privs.GRANTEE,
+       privs.PRIVILEGE_TYPE,
+       privs.LEVEL
+FROM INFORMATION_SCHEMA.TABLES AS t
+JOIN ( SELECT NULL AS TABLE_SCHEMA,
+              NULL AS TABLE_NAME,
+              GRANTEE,
+              PRIVILEGE_TYPE,
+             'GLOBAL' LEVEL
+           FROM INFORMATION_SCHEMA.USER_PRIVILEGES
+         UNION
+       SELECT TABLE_SCHEMA,
+              NULL AS TABLE_NAME,
+              GRANTEE,
+              PRIVILEGE_TYPE,
+              'SCHEMA' LEVEL
+           FROM INFORMATION_SCHEMA.SCHEMA_PRIVILEGES
+         UNION
+       SELECT TABLE_SCHEMA,
+              TABLE_NAME,
+              GRANTEE,
+              PRIVILEGE_TYPE,
+              'TABLE' LEVEL
+           FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES
+       ) privs
+    ON (t.TABLE_SCHEMA = privs.TABLE_SCHEMA OR privs.TABLE_SCHEMA IS NULL)
+   AND (t.TABLE_NAME = privs.TABLE_NAME OR privs.TABLE_NAME IS NULL)
+   AND privs.PRIVILEGE_TYPE IN ('SELECT', 'INSERT', 'UPDATE', 'DELETE',
+                                'CREATE', 'ALTER', 'DROP', 'INDEX',
+                                'REFERENCES', 'TRIGGER', 'GRANT OPTION',
+                                'SHOW VIEW', 'DELETE HISTORY')
+WHERE t.TABLE_SCHEMA NOT IN ('sys', 'mysql','information_schema',
+                             'performance_schema');

scripts/sys_schema/views/version.sql

@@ -33,5 +33,5 @@ VIEW version (
   sys_version,
   mysql_version
 ) AS 
-SELECT '1.5.1' AS sys_version, 
-        version() AS mysql_version;
\ No newline at end of file
+SELECT '1.5.2' AS sys_version, 
+        version() AS mysql_version;

sql/privilege.h

@@ -269,6 +269,11 @@ constexpr privilege_t PROC_DDL_ACLS=
 constexpr privilege_t SHOW_PROC_WITHOUT_DEFINITION_ACLS=
   PROC_DDL_ACLS | EXECUTE_ACL;
 
+/*
+  When changing this, don't forget to update tables_priv
+  at scripts/mariadb_system_tables.sql, scripts/mariadb_system_tables_fix.sql
+  and scripts/sys_schema/i_s/table_privileges.sql
+*/
 constexpr privilege_t TABLE_ACLS=
   COL_DML_ACLS | ALL_TABLE_DDL_ACLS | VIEW_ACLS |
   GRANT_ACL | REFERENCES_ACL |