# LogicTest: local

statement ok
CREATE SEQUENCE a START 1 INCREMENT BY 2

statement ok
CREATE USER readwrite

statement ok
SET ROLE readwrite

statement error pq: user readwrite does not have SELECT privilege on relation a
SELECT * FROM a;

statement error pq: nextval\(\): user readwrite does not have UPDATE or USAGE privilege on relation a
SELECT nextval('a')

statement ok
SET ROLE root

statement ok
GRANT USAGE ON SEQUENCE a TO readwrite

statement ok
SET ROLE readwrite

query I
SELECT nextval('a')
----
1

query I
SELECT currval('a')
----
1

statement ok
SET ROLE root

statement ok
GRANT ALL ON SEQUENCE a TO readwrite WITH GRANT OPTION

query TTTTTB colnames,rowsort
SHOW GRANTS ON SEQUENCE a
----
database_name  schema_name  table_name  grantee    privilege_type  is_grantable
test           public       a           admin      ALL             true
test           public       a           readwrite  ALL             true
test           public       a           root       ALL             true

statement ok
REVOKE UPDATE ON SEQUENCE a FROM readwrite

query TTTTTB colnames,rowsort
SHOW GRANTS ON SEQUENCE a
----
database_name  schema_name  table_name  grantee    privilege_type  is_grantable
test           public       a           admin      ALL             true
test           public       a           readwrite  CHANGEFEED      true
test           public       a           readwrite  CREATE          true
test           public       a           readwrite  DELETE          true
test           public       a           readwrite  DROP            true
test           public       a           readwrite  INSERT          true
test           public       a           readwrite  SELECT          true
test           public       a           readwrite  USAGE           true
test           public       a           readwrite  ZONECONFIG      true
test           public       a           root       ALL             true

statement ok
GRANT UPDATE ON SEQUENCE a TO readwrite

statement ok
SET ROLE readwrite

query IIB
SELECT * FROM a;
----
1  0  true

query I
SELECT nextval('a')
----
3

query I
SELECT nextval('a')
----
5

statement ok
SET ROLE root

query T noticetrace
GRANT CREATE, DROP, USAGE, UPDATE ON SEQUENCE a TO readwrite WITH GRANT OPTION
----
NOTICE: some privileges have no effect on sequences: [CREATE]

query TTTTTTTT rowsort
SELECT * FROM information_schema.table_privileges WHERE grantee = 'readwrite';
----
NULL  readwrite  test  public  a  CHANGEFEED  YES  NO
NULL  readwrite  test  public  a  CREATE      YES  NO
NULL  readwrite  test  public  a  DELETE      YES  NO
NULL  readwrite  test  public  a  DROP        YES  NO
NULL  readwrite  test  public  a  INSERT      YES  NO
NULL  readwrite  test  public  a  SELECT      YES  YES
NULL  readwrite  test  public  a  UPDATE      YES  NO
NULL  readwrite  test  public  a  USAGE       YES  NO
NULL  readwrite  test  public  a  ZONECONFIG  YES  NO

statement ok
REVOKE SELECT,DROP,CREATE ON SEQUENCE a FROM readwrite

query TTTTTTTT rowsort
SELECT * FROM information_schema.table_privileges WHERE grantee = 'readwrite';
----
NULL  readwrite  test  public  a  CHANGEFEED  YES  NO
NULL  readwrite  test  public  a  DELETE      YES  NO
NULL  readwrite  test  public  a  INSERT      YES  NO
NULL  readwrite  test  public  a  UPDATE      YES  NO
NULL  readwrite  test  public  a  USAGE       YES  NO
NULL  readwrite  test  public  a  ZONECONFIG  YES  NO

statement ok
CREATE SEQUENCE b START 1 INCREMENT BY 2

statement ok
GRANT ALL ON ALL SEQUENCES IN SCHEMA test.public TO readwrite WITH GRANT OPTION;

query TTTTTTTT rowsort
SELECT * FROM information_schema.table_privileges WHERE grantee = 'readwrite';
----
NULL  readwrite  test  public  a  ALL  YES  NO
NULL  readwrite  test  public  b  ALL  YES  NO

statement ok
REVOKE SELECT ON ALL SEQUENCES IN SCHEMA test.public FROM readwrite;

query TTTTTTTT rowsort
SELECT * FROM information_schema.table_privileges WHERE grantee = 'readwrite';
----
NULL  readwrite  test  public  a  CHANGEFEED  YES  NO
NULL  readwrite  test  public  a  CREATE      YES  NO
NULL  readwrite  test  public  a  DELETE      YES  NO
NULL  readwrite  test  public  a  DROP        YES  NO
NULL  readwrite  test  public  a  INSERT      YES  NO
NULL  readwrite  test  public  a  UPDATE      YES  NO
NULL  readwrite  test  public  a  USAGE       YES  NO
NULL  readwrite  test  public  a  ZONECONFIG  YES  NO
NULL  readwrite  test  public  b  CHANGEFEED  YES  NO
NULL  readwrite  test  public  b  CREATE      YES  NO
NULL  readwrite  test  public  b  DELETE      YES  NO
NULL  readwrite  test  public  b  DROP        YES  NO
NULL  readwrite  test  public  b  INSERT      YES  NO
NULL  readwrite  test  public  b  UPDATE      YES  NO
NULL  readwrite  test  public  b  USAGE       YES  NO
NULL  readwrite  test  public  b  ZONECONFIG  YES  NO

subtest grant_drop_on_sequences

statement ok
SET ROLE root

statement ok
CREATE SEQUENCE to_drop_seq

statement ok
CREATE ROLE user1

statement ok
SET ROLE user1

statement error user user1 does not have DROP privilege on relation to_drop_seq
DROP SEQUENCE to_drop_seq

statement ok
SET ROLE root

statement ok
GRANT DROP ON SEQUENCE to_drop_seq TO user1

statement ok
SET ROLE user1

statement ok
DROP SEQUENCE to_drop_seq


subtest grant_grant_on_sequences

statement ok
SET ROLE root

statement ok
CREATE SEQUENCE to_drop_seq

statement ok
GRANT DROP ON SEQUENCE to_drop_seq TO user1

statement ok
CREATE ROLE user2

statement ok
SET ROLE user1

statement error user user1 missing WITH GRANT OPTION privilege on DROP
GRANT DROP ON SEQUENCE to_drop_seq TO user2

statement ok
SET ROLE root

statement ok
GRANT DROP ON SEQUENCE to_drop_seq TO user1 WITH GRANT OPTION

statement ok
SET ROLE user1

statement ok
GRANT DROP ON SEQUENCE to_drop_seq TO user2

statement ok
SET ROLE user2

statement ok
DROP SEQUENCE to_drop_seq

statement ok
SET ROLE root

subtest grant_on_mix_table_and_sequence

statement ok
CREATE SEQUENCE mix_seq

statement ok
CREATE TABLE mix_tab (x int)

statement ok
CREATE ROLE mix_u

statement ok
GRANT USAGE ON mix_seq TO mix_u WITH GRANT OPTION

query TTTTTTTT
SELECT * FROM information_schema.table_privileges WHERE grantee = 'mix_u';
----
NULL  mix_u  test  public  mix_seq  USAGE  YES  NO

query B
SELECT has_sequence_privilege('mix_u', 'mix_seq', 'USAGE WITH GRANT OPTION')
----
true

statement ok
GRANT SELECT, UPDATE ON mix_seq, mix_tab TO mix_u WITH GRANT OPTION

statement error pq: invalid privilege type USAGE for table
GRANT USAGE ON mix_seq, mix_tab TO mix_u WITH GRANT OPTION

query TTTTTTTT rowsort
SELECT * FROM information_schema.table_privileges WHERE grantee = 'mix_u';
----
NULL  mix_u  test  public  mix_seq  SELECT  YES  YES
NULL  mix_u  test  public  mix_seq  UPDATE  YES  NO
NULL  mix_u  test  public  mix_seq  USAGE   YES  NO
NULL  mix_u  test  public  mix_tab  SELECT  YES  YES
NULL  mix_u  test  public  mix_tab  UPDATE  YES  NO

query BBB
SELECT has_sequence_privilege('mix_u', 'mix_seq', 'USAGE WITH GRANT OPTION'),
       has_sequence_privilege('mix_u', 'mix_seq', 'SELECT WITH GRANT OPTION'),
       has_sequence_privilege('mix_u', 'mix_seq', 'UPDATE WITH GRANT OPTION')
----
true  true  true
