Skip to content

Commit 34c76bc

Browse files
whites11whites11
authored
Improve validation of grant_privilege privilege_name. (#263)
1 parent b5d43f0 commit 34c76bc

File tree

2 files changed

+311
-148
lines changed

2 files changed

+311
-148
lines changed

pkg/resource/data/grants.tsv

+201
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,201 @@
1+
SHOW DATABASES [] DATABASE SHOW
2+
SHOW TABLES [] TABLE SHOW
3+
SHOW COLUMNS [] COLUMN SHOW
4+
SHOW DICTIONARIES [] DICTIONARY SHOW
5+
SHOW [] \N ALL
6+
SHOW FILESYSTEM CACHES [] \N ALL
7+
SELECT [] COLUMN ALL
8+
INSERT [] COLUMN ALL
9+
ALTER UPDATE ['UPDATE'] COLUMN ALTER TABLE
10+
ALTER DELETE ['DELETE'] COLUMN ALTER TABLE
11+
ALTER ADD COLUMN ['ADD COLUMN'] COLUMN ALTER COLUMN
12+
ALTER MODIFY COLUMN ['MODIFY COLUMN'] COLUMN ALTER COLUMN
13+
ALTER DROP COLUMN ['DROP COLUMN'] COLUMN ALTER COLUMN
14+
ALTER COMMENT COLUMN ['COMMENT COLUMN'] COLUMN ALTER COLUMN
15+
ALTER CLEAR COLUMN ['CLEAR COLUMN'] COLUMN ALTER COLUMN
16+
ALTER RENAME COLUMN ['RENAME COLUMN'] COLUMN ALTER COLUMN
17+
ALTER MATERIALIZE COLUMN ['MATERIALIZE COLUMN'] COLUMN ALTER COLUMN
18+
ALTER COLUMN [] \N ALTER TABLE
19+
ALTER MODIFY COMMENT ['MODIFY COMMENT'] TABLE ALTER TABLE
20+
ALTER ORDER BY ['ALTER MODIFY ORDER BY','MODIFY ORDER BY'] TABLE ALTER INDEX
21+
ALTER SAMPLE BY ['ALTER MODIFY SAMPLE BY','MODIFY SAMPLE BY'] TABLE ALTER INDEX
22+
ALTER ADD INDEX ['ADD INDEX'] TABLE ALTER INDEX
23+
ALTER DROP INDEX ['DROP INDEX'] TABLE ALTER INDEX
24+
ALTER MATERIALIZE INDEX ['MATERIALIZE INDEX'] TABLE ALTER INDEX
25+
ALTER CLEAR INDEX ['CLEAR INDEX'] TABLE ALTER INDEX
26+
ALTER INDEX ['INDEX'] \N ALTER TABLE
27+
ALTER ADD STATISTICS ['ALTER ADD STATISTIC'] TABLE ALTER STATISTICS
28+
ALTER DROP STATISTICS ['ALTER DROP STATISTIC'] TABLE ALTER STATISTICS
29+
ALTER MODIFY STATISTICS ['ALTER MODIFY STATISTIC'] TABLE ALTER STATISTICS
30+
ALTER MATERIALIZE STATISTICS ['ALTER MATERIALIZE STATISTIC'] TABLE ALTER STATISTICS
31+
ALTER STATISTICS ['STATISTIC'] \N ALTER TABLE
32+
ALTER ADD PROJECTION ['ADD PROJECTION'] TABLE ALTER PROJECTION
33+
ALTER DROP PROJECTION ['DROP PROJECTION'] TABLE ALTER PROJECTION
34+
ALTER MATERIALIZE PROJECTION ['MATERIALIZE PROJECTION'] TABLE ALTER PROJECTION
35+
ALTER CLEAR PROJECTION ['CLEAR PROJECTION'] TABLE ALTER PROJECTION
36+
ALTER PROJECTION ['PROJECTION'] \N ALTER TABLE
37+
ALTER ADD CONSTRAINT ['ADD CONSTRAINT'] TABLE ALTER CONSTRAINT
38+
ALTER DROP CONSTRAINT ['DROP CONSTRAINT'] TABLE ALTER CONSTRAINT
39+
ALTER CONSTRAINT ['CONSTRAINT'] \N ALTER TABLE
40+
ALTER TTL ['ALTER MODIFY TTL','MODIFY TTL'] TABLE ALTER TABLE
41+
ALTER MATERIALIZE TTL ['MATERIALIZE TTL'] TABLE ALTER TABLE
42+
ALTER SETTINGS ['ALTER SETTING','ALTER MODIFY SETTING','MODIFY SETTING','RESET SETTING'] TABLE ALTER TABLE
43+
ALTER MOVE PARTITION ['ALTER MOVE PART','MOVE PARTITION','MOVE PART'] TABLE ALTER TABLE
44+
ALTER FETCH PARTITION ['ALTER FETCH PART','FETCH PARTITION'] TABLE ALTER TABLE
45+
ALTER FREEZE PARTITION ['FREEZE PARTITION','UNFREEZE'] TABLE ALTER TABLE
46+
ALTER DATABASE SETTINGS ['ALTER DATABASE SETTING','ALTER MODIFY DATABASE SETTING','MODIFY DATABASE SETTING'] DATABASE ALTER DATABASE
47+
ALTER NAMED COLLECTION [] NAMED_COLLECTION NAMED COLLECTION ADMIN
48+
ALTER TABLE [] \N ALTER
49+
ALTER DATABASE [] \N ALTER
50+
ALTER VIEW MODIFY QUERY ['ALTER TABLE MODIFY QUERY'] VIEW ALTER VIEW
51+
ALTER VIEW MODIFY REFRESH ['ALTER TABLE MODIFY QUERY'] VIEW ALTER VIEW
52+
ALTER VIEW MODIFY SQL SECURITY ['ALTER TABLE MODIFY SQL SECURITY'] VIEW ALTER VIEW
53+
ALTER VIEW [] \N ALTER
54+
ALTER [] \N ALL
55+
CREATE DATABASE [] DATABASE CREATE
56+
CREATE TABLE [] TABLE CREATE
57+
CREATE VIEW [] VIEW CREATE
58+
CREATE DICTIONARY [] DICTIONARY CREATE
59+
CREATE TEMPORARY TABLE [] GLOBAL CREATE ARBITRARY TEMPORARY TABLE
60+
CREATE ARBITRARY TEMPORARY TABLE [] GLOBAL CREATE
61+
CREATE FUNCTION [] GLOBAL CREATE
62+
CREATE WORKLOAD [] GLOBAL CREATE
63+
CREATE RESOURCE [] GLOBAL CREATE
64+
CREATE NAMED COLLECTION [] NAMED_COLLECTION NAMED COLLECTION ADMIN
65+
CREATE [] \N ALL
66+
DROP DATABASE [] DATABASE DROP
67+
DROP TABLE [] TABLE DROP
68+
DROP VIEW [] VIEW DROP
69+
DROP DICTIONARY [] DICTIONARY DROP
70+
DROP FUNCTION [] GLOBAL DROP
71+
DROP WORKLOAD [] GLOBAL DROP
72+
DROP RESOURCE [] GLOBAL DROP
73+
DROP NAMED COLLECTION [] NAMED_COLLECTION NAMED COLLECTION ADMIN
74+
DROP [] \N ALL
75+
UNDROP TABLE [] TABLE ALL
76+
TRUNCATE ['TRUNCATE TABLE'] TABLE ALL
77+
OPTIMIZE ['OPTIMIZE TABLE'] TABLE ALL
78+
BACKUP [] TABLE ALL
79+
KILL QUERY [] GLOBAL ALL
80+
KILL TRANSACTION [] GLOBAL ALL
81+
MOVE PARTITION BETWEEN SHARDS [] GLOBAL ALL
82+
CREATE USER [] GLOBAL ACCESS MANAGEMENT
83+
ALTER USER [] GLOBAL ACCESS MANAGEMENT
84+
DROP USER [] GLOBAL ACCESS MANAGEMENT
85+
CREATE ROLE [] GLOBAL ACCESS MANAGEMENT
86+
ALTER ROLE [] GLOBAL ACCESS MANAGEMENT
87+
DROP ROLE [] GLOBAL ACCESS MANAGEMENT
88+
ROLE ADMIN [] GLOBAL ACCESS MANAGEMENT
89+
CREATE ROW POLICY ['CREATE POLICY'] TABLE ACCESS MANAGEMENT
90+
ALTER ROW POLICY ['ALTER POLICY'] TABLE ACCESS MANAGEMENT
91+
DROP ROW POLICY ['DROP POLICY'] TABLE ACCESS MANAGEMENT
92+
CREATE QUOTA [] GLOBAL ACCESS MANAGEMENT
93+
ALTER QUOTA [] GLOBAL ACCESS MANAGEMENT
94+
DROP QUOTA [] GLOBAL ACCESS MANAGEMENT
95+
CREATE SETTINGS PROFILE ['CREATE PROFILE'] GLOBAL ACCESS MANAGEMENT
96+
ALTER SETTINGS PROFILE ['ALTER PROFILE'] GLOBAL ACCESS MANAGEMENT
97+
DROP SETTINGS PROFILE ['DROP PROFILE'] GLOBAL ACCESS MANAGEMENT
98+
ALLOW SQL SECURITY NONE ['CREATE SQL SECURITY NONE','ALLOW SQL SECURITY NONE','SQL SECURITY NONE','SECURITY NONE'] GLOBAL ACCESS MANAGEMENT
99+
SHOW USERS ['SHOW CREATE USER'] GLOBAL SHOW ACCESS
100+
SHOW ROLES ['SHOW CREATE ROLE'] GLOBAL SHOW ACCESS
101+
SHOW ROW POLICIES ['SHOW POLICIES','SHOW CREATE ROW POLICY','SHOW CREATE POLICY'] TABLE SHOW ACCESS
102+
SHOW QUOTAS ['SHOW CREATE QUOTA'] GLOBAL SHOW ACCESS
103+
SHOW SETTINGS PROFILES ['SHOW PROFILES','SHOW CREATE SETTINGS PROFILE','SHOW CREATE PROFILE'] GLOBAL SHOW ACCESS
104+
SHOW ACCESS [] \N ACCESS MANAGEMENT
105+
ACCESS MANAGEMENT [] \N ALL
106+
SHOW NAMED COLLECTIONS ['SHOW NAMED COLLECTIONS'] NAMED_COLLECTION NAMED COLLECTION ADMIN
107+
SHOW NAMED COLLECTIONS SECRETS ['SHOW NAMED COLLECTIONS SECRETS'] NAMED_COLLECTION NAMED COLLECTION ADMIN
108+
NAMED COLLECTION ['NAMED COLLECTION USAGE','USE NAMED COLLECTION'] NAMED_COLLECTION NAMED COLLECTION ADMIN
109+
NAMED COLLECTION ADMIN ['NAMED COLLECTION CONTROL'] NAMED_COLLECTION ALL
110+
SET DEFINER [] USER_NAME ALL
111+
TABLE ENGINE ['TABLE ENGINE'] TABLE_ENGINE ALL
112+
SYSTEM SHUTDOWN ['SYSTEM KILL','SHUTDOWN'] GLOBAL SYSTEM
113+
SYSTEM DROP DNS CACHE ['SYSTEM DROP DNS','DROP DNS CACHE','DROP DNS'] GLOBAL SYSTEM DROP CACHE
114+
SYSTEM DROP CONNECTIONS CACHE ['SYSTEM DROP CONNECTIONS CACHE','DROP CONNECTIONS CACHE'] GLOBAL SYSTEM DROP CACHE
115+
SYSTEM PREWARM MARK CACHE ['SYSTEM PREWARM MARK','PREWARM MARK CACHE','PREWARM MARKS'] GLOBAL SYSTEM DROP CACHE
116+
SYSTEM DROP MARK CACHE ['SYSTEM DROP MARK','DROP MARK CACHE','DROP MARKS'] GLOBAL SYSTEM DROP CACHE
117+
SYSTEM PREWARM PRIMARY INDEX CACHE ['SYSTEM PREWARM PRIMARY INDEX','PREWARM PRIMARY INDEX CACHE','PREWARM PRIMARY INDEX'] GLOBAL SYSTEM DROP CACHE
118+
SYSTEM DROP PRIMARY INDEX CACHE ['SYSTEM DROP PRIMARY INDEX','DROP PRIMARY INDEX CACHE','DROP PRIMARY INDEX'] GLOBAL SYSTEM DROP CACHE
119+
SYSTEM DROP UNCOMPRESSED CACHE ['SYSTEM DROP UNCOMPRESSED','DROP UNCOMPRESSED CACHE','DROP UNCOMPRESSED'] GLOBAL SYSTEM DROP CACHE
120+
SYSTEM DROP MMAP CACHE ['SYSTEM DROP MMAP','DROP MMAP CACHE','DROP MMAP'] GLOBAL SYSTEM DROP CACHE
121+
SYSTEM DROP QUERY CACHE ['SYSTEM DROP QUERY','DROP QUERY CACHE','DROP QUERY'] GLOBAL SYSTEM DROP CACHE
122+
SYSTEM DROP COMPILED EXPRESSION CACHE ['SYSTEM DROP COMPILED EXPRESSION','DROP COMPILED EXPRESSION CACHE','DROP COMPILED EXPRESSIONS'] GLOBAL SYSTEM DROP CACHE
123+
SYSTEM DROP FILESYSTEM CACHE ['SYSTEM DROP FILESYSTEM CACHE','DROP FILESYSTEM CACHE'] GLOBAL SYSTEM DROP CACHE
124+
SYSTEM DROP DISTRIBUTED CACHE ['SYSTEM DROP DISTRIBUTED CACHE','DROP DISTRIBUTED CACHE'] GLOBAL SYSTEM DROP CACHE
125+
SYSTEM SYNC FILESYSTEM CACHE ['SYSTEM REPAIR FILESYSTEM CACHE','REPAIR FILESYSTEM CACHE','SYNC FILESYSTEM CACHE'] GLOBAL SYSTEM
126+
SYSTEM DROP PAGE CACHE ['SYSTEM DROP PAGE CACHE','DROP PAGE CACHE'] GLOBAL SYSTEM DROP CACHE
127+
SYSTEM DROP SCHEMA CACHE ['SYSTEM DROP SCHEMA CACHE','DROP SCHEMA CACHE'] GLOBAL SYSTEM DROP CACHE
128+
SYSTEM DROP FORMAT SCHEMA CACHE ['SYSTEM DROP FORMAT SCHEMA CACHE','DROP FORMAT SCHEMA CACHE'] GLOBAL SYSTEM DROP CACHE
129+
SYSTEM DROP S3 CLIENT CACHE ['SYSTEM DROP S3 CLIENT','DROP S3 CLIENT CACHE'] GLOBAL SYSTEM DROP CACHE
130+
SYSTEM DROP CACHE ['DROP CACHE'] \N SYSTEM
131+
SYSTEM RELOAD CONFIG ['RELOAD CONFIG'] GLOBAL SYSTEM RELOAD
132+
SYSTEM RELOAD USERS ['RELOAD USERS'] GLOBAL SYSTEM RELOAD
133+
SYSTEM RELOAD DICTIONARY ['SYSTEM RELOAD DICTIONARIES','RELOAD DICTIONARY','RELOAD DICTIONARIES'] GLOBAL SYSTEM RELOAD
134+
SYSTEM RELOAD MODEL ['SYSTEM RELOAD MODELS','RELOAD MODEL','RELOAD MODELS'] GLOBAL SYSTEM RELOAD
135+
SYSTEM RELOAD FUNCTION ['SYSTEM RELOAD FUNCTIONS','RELOAD FUNCTION','RELOAD FUNCTIONS'] GLOBAL SYSTEM RELOAD
136+
SYSTEM RELOAD EMBEDDED DICTIONARIES ['RELOAD EMBEDDED DICTIONARIES'] GLOBAL SYSTEM RELOAD
137+
SYSTEM RELOAD ASYNCHRONOUS METRICS ['RELOAD ASYNCHRONOUS METRICS'] GLOBAL SYSTEM RELOAD
138+
SYSTEM RELOAD [] \N SYSTEM
139+
SYSTEM RESTART DISK ['SYSTEM RESTART DISK'] GLOBAL SYSTEM
140+
SYSTEM MERGES ['SYSTEM STOP MERGES','SYSTEM START MERGES','STOP MERGES','START MERGES'] TABLE SYSTEM
141+
SYSTEM TTL MERGES ['SYSTEM STOP TTL MERGES','SYSTEM START TTL MERGES','STOP TTL MERGES','START TTL MERGES'] TABLE SYSTEM
142+
SYSTEM FETCHES ['SYSTEM STOP FETCHES','SYSTEM START FETCHES','STOP FETCHES','START FETCHES'] TABLE SYSTEM
143+
SYSTEM MOVES ['SYSTEM STOP MOVES','SYSTEM START MOVES','STOP MOVES','START MOVES'] TABLE SYSTEM
144+
SYSTEM PULLING REPLICATION LOG ['SYSTEM STOP PULLING REPLICATION LOG','SYSTEM START PULLING REPLICATION LOG'] TABLE SYSTEM
145+
SYSTEM CLEANUP ['SYSTEM STOP CLEANUP','SYSTEM START CLEANUP'] TABLE SYSTEM
146+
SYSTEM VIEWS ['SYSTEM REFRESH VIEW','SYSTEM START VIEWS','SYSTEM STOP VIEWS','SYSTEM START VIEW','SYSTEM STOP VIEW','SYSTEM CANCEL VIEW','REFRESH VIEW','START VIEWS','STOP VIEWS','START VIEW','STOP VIEW','CANCEL VIEW'] VIEW SYSTEM
147+
SYSTEM DISTRIBUTED SENDS ['SYSTEM STOP DISTRIBUTED SENDS','SYSTEM START DISTRIBUTED SENDS','STOP DISTRIBUTED SENDS','START DISTRIBUTED SENDS'] TABLE SYSTEM SENDS
148+
SYSTEM REPLICATED SENDS ['SYSTEM STOP REPLICATED SENDS','SYSTEM START REPLICATED SENDS','STOP REPLICATED SENDS','START REPLICATED SENDS'] TABLE SYSTEM SENDS
149+
SYSTEM SENDS ['SYSTEM STOP SENDS','SYSTEM START SENDS','STOP SENDS','START SENDS'] \N SYSTEM
150+
SYSTEM REPLICATION QUEUES ['SYSTEM STOP REPLICATION QUEUES','SYSTEM START REPLICATION QUEUES','STOP REPLICATION QUEUES','START REPLICATION QUEUES'] TABLE SYSTEM
151+
SYSTEM VIRTUAL PARTS UPDATE ['SYSTEM STOP VIRTUAL PARTS UPDATE','SYSTEM START VIRTUAL PARTS UPDATE','STOP VIRTUAL PARTS UPDATE','START VIRTUAL PARTS UPDATE'] TABLE SYSTEM
152+
SYSTEM REDUCE BLOCKING PARTS ['SYSTEM STOP REDUCE BLOCKING PARTS','SYSTEM START REDUCE BLOCKING PARTS','STOP REDUCE BLOCKING PARTS','START REDUCE BLOCKING PARTS'] TABLE SYSTEM
153+
SYSTEM DROP REPLICA ['DROP REPLICA'] TABLE SYSTEM
154+
SYSTEM SYNC REPLICA ['SYNC REPLICA'] TABLE SYSTEM
155+
SYSTEM REPLICA READINESS ['SYSTEM REPLICA READY','SYSTEM REPLICA UNREADY'] GLOBAL SYSTEM
156+
SYSTEM RESTART REPLICA ['RESTART REPLICA'] TABLE SYSTEM
157+
SYSTEM RESTORE REPLICA ['RESTORE REPLICA'] TABLE SYSTEM
158+
SYSTEM WAIT LOADING PARTS ['WAIT LOADING PARTS'] TABLE SYSTEM
159+
SYSTEM SYNC DATABASE REPLICA ['SYNC DATABASE REPLICA'] DATABASE SYSTEM
160+
SYSTEM SYNC TRANSACTION LOG ['SYNC TRANSACTION LOG'] GLOBAL SYSTEM
161+
SYSTEM SYNC FILE CACHE ['SYNC FILE CACHE'] GLOBAL SYSTEM
162+
SYSTEM FLUSH DISTRIBUTED ['FLUSH DISTRIBUTED'] TABLE SYSTEM FLUSH
163+
SYSTEM FLUSH LOGS ['FLUSH LOGS'] GLOBAL SYSTEM FLUSH
164+
SYSTEM FLUSH ASYNC INSERT QUEUE ['FLUSH ASYNC INSERT QUEUE'] GLOBAL SYSTEM FLUSH
165+
SYSTEM FLUSH [] \N SYSTEM
166+
SYSTEM THREAD FUZZER ['SYSTEM START THREAD FUZZER','SYSTEM STOP THREAD FUZZER','START THREAD FUZZER','STOP THREAD FUZZER'] GLOBAL SYSTEM
167+
SYSTEM UNFREEZE ['SYSTEM UNFREEZE'] GLOBAL SYSTEM
168+
SYSTEM FAILPOINT ['SYSTEM ENABLE FAILPOINT','SYSTEM DISABLE FAILPOINT','SYSTEM WAIT FAILPOINT'] GLOBAL SYSTEM
169+
SYSTEM LISTEN ['SYSTEM START LISTEN','SYSTEM STOP LISTEN'] GLOBAL SYSTEM
170+
SYSTEM JEMALLOC ['SYSTEM JEMALLOC PURGE','SYSTEM JEMALLOC ENABLE PROFILE','SYSTEM JEMALLOC DISABLE PROFILE','SYSTEM JEMALLOC FLUSH PROFILE'] GLOBAL SYSTEM
171+
SYSTEM LOAD PRIMARY KEY ['SYSTEM LOAD PRIMARY KEY'] TABLE SYSTEM
172+
SYSTEM UNLOAD PRIMARY KEY ['SYSTEM UNLOAD PRIMARY KEY'] TABLE SYSTEM
173+
SYSTEM [] \N ALL
174+
dictGet ['dictHas','dictGetHierarchy','dictIsIn'] DICTIONARY ALL
175+
displaySecretsInShowAndSelect [] GLOBAL ALL
176+
addressToLine [] GLOBAL INTROSPECTION
177+
addressToLineWithInlines [] GLOBAL INTROSPECTION
178+
addressToSymbol [] GLOBAL INTROSPECTION
179+
demangle [] GLOBAL INTROSPECTION
180+
INTROSPECTION ['INTROSPECTION FUNCTIONS'] \N ALL
181+
FILE [] GLOBAL SOURCES
182+
URL [] GLOBAL SOURCES
183+
REMOTE [] GLOBAL SOURCES
184+
MONGO [] GLOBAL SOURCES
185+
REDIS [] GLOBAL SOURCES
186+
MYSQL [] GLOBAL SOURCES
187+
POSTGRES [] GLOBAL SOURCES
188+
SQLITE [] GLOBAL SOURCES
189+
ODBC [] GLOBAL SOURCES
190+
JDBC [] GLOBAL SOURCES
191+
HDFS [] GLOBAL SOURCES
192+
S3 [] GLOBAL SOURCES
193+
HIVE [] GLOBAL SOURCES
194+
AZURE [] GLOBAL SOURCES
195+
KAFKA [] GLOBAL SOURCES
196+
NATS [] GLOBAL SOURCES
197+
RABBITMQ [] GLOBAL SOURCES
198+
SOURCES [] \N ALL
199+
CLUSTER [] GLOBAL ALL
200+
ALL ['ALL PRIVILEGES'] \N \N
201+
NONE ['USAGE','NO PRIVILEGES'] \N \N

0 commit comments

Comments
 (0)