Added Grant, Revoke and System query_kind for system.query_log

Also some tests to ensure that all queries are logged

src/Interpreters/InterpreterGrantQuery.cpp

@@ -1,4 +1,5 @@
 #include <Interpreters/InterpreterGrantQuery.h>
+#include <Interpreters/QueryLog.h>
 #include <Parsers/ASTGrantQuery.h>
 #include <Parsers/ASTRolesOrUsersSet.h>
 #include <Interpreters/Context.h>
@@ -209,4 +210,13 @@ void InterpreterGrantQuery::updateRoleFromQuery(Role & role, const ASTGrantQuery
     updateFromQueryImpl(role, query, roles_to_grant_or_revoke);
 }
 
+void InterpreterGrantQuery::extendQueryLogElemImpl(QueryLogElement & elem, const ASTPtr & /*ast*/, const Context &) const
+{
+    auto & query = query_ptr->as<ASTGrantQuery &>();
+    if (query.kind == Kind::GRANT)
+        elem.query_kind = "Grant";
+    else if (query.kind == Kind::REVOKE)
+        elem.query_kind = "Revoke";
+}
+
 }

src/Interpreters/InterpreterGrantQuery.h

@@ -21,6 +21,7 @@ public:
 
     static void updateUserFromQuery(User & user, const ASTGrantQuery & query);
     static void updateRoleFromQuery(Role & role, const ASTGrantQuery & query);
+    void extendQueryLogElemImpl(QueryLogElement &, const ASTPtr &, const Context &) const override;
 
 private:
     ASTPtr query_ptr;

src/Interpreters/InterpreterSystemQuery.cpp

@@ -754,4 +754,9 @@ AccessRightsElements InterpreterSystemQuery::getRequiredAccessForDDLOnCluster()
     return required_access;
 }
 
+void InterpreterSystemQuery::extendQueryLogElemImpl(QueryLogElement & elem, const ASTPtr & /*ast*/, const Context &) const
+{
+    elem.query_kind = "System";
+}
+
 }

src/Interpreters/InterpreterSystemQuery.h

@@ -56,6 +56,8 @@ private:
 
     AccessRightsElements getRequiredAccessForDDLOnCluster() const;
     void startStopAction(StorageActionBlockType action_type, bool start);
+
+    void extendQueryLogElemImpl(QueryLogElement &, const ASTPtr &, const Context &) const override;
 };
 
 

tests/queries/0_stateless/01702_system_query_log.reference

@@ -0,0 +1,92 @@
+DROP queries and also a cleanup before the test
+CREATE queries
+SET queries
+ALTER TABLE queries
+SYSTEM queries
+SHOW queries
+GRANT queries
+REVOKE queries
+Misc queries
+ACTUAL LOG CONTENT:
+Select	-- SET ROLE sqllt_role; -- tests are executed by user `default` which is defined in XML and is impossble to update.\n\nSELECT \'ALTER TABLE queries\';
+Select	-- SYSTEM RELOAD DICTIONARY sqllt.dictionary; -- temporary out of order: Code: 210, Connection refused (localhost:9001) (version 21.3.1.1)\n-- DROP REPLICA\n-- haha, no\n-- SYSTEM KILL;\n-- SYSTEM SHUTDOWN;\n\n-- Since we don\'t really care about the actual output, suppress it with `FORMAT Null`.\nSELECT \'SHOW queries\';
+Select	-- not done, seems to hard, so I\'ve skipped queries of ALTER-X, where X is:\n-- PARTITION\n-- ORDER BY\n-- SAMPLE BY\n-- INDEX\n-- CONSTRAINT\n-- TTL\n-- USER\n-- QUOTA\n-- ROLE\n-- ROW POLICY\n-- SETTINGS PROFILE\n\nSELECT \'SYSTEM queries\';
+Alter	ALTER TABLE table ADD COLUMN new_col UInt32 DEFAULT 1;
+Alter	ALTER TABLE table CLEAR COLUMN new_col;
+Alter	ALTER TABLE table COMMENT COLUMN new_col \'dummy column with a comment\';
+Alter	ALTER TABLE table DELETE WHERE i > 65535;
+Alter	ALTER TABLE table DROP COLUMN the_new_col;
+Alter	ALTER TABLE table MODIFY COLUMN new_col FixedString(12) DEFAULT \'Hello world!\';
+Alter	ALTER TABLE table MODIFY COLUMN new_col REMOVE COMMENT;
+Alter	ALTER TABLE table RENAME COLUMN new_col TO the_new_col;
+Alter	ALTER TABLE table UPDATE i = i + 1 WHERE 1;
+Create	ATTACH TABLE sqllt.table;
+	CHECK TABLE sqllt.table FORMAT Null;
+Create	CREATE DATABASE sqllt;
+Create	CREATE DICTIONARY sqllt.dictionary (key UInt64, value UInt64) PRIMARY KEY key SOURCE(CLICKHOUSE(DB \'sqllt\' TABLE \'table\' HOST \'localhost\' PORT 9001)) LIFETIME(0) LAYOUT(FLAT());
+	CREATE POLICY sqllt_policy ON sqllt.table, sqllt.view, sqllt.dictionary AS PERMISSIVE TO ALL;
+	CREATE POLICY sqllt_row_policy ON sqllt.table, sqllt.view, sqllt.dictionary AS PERMISSIVE TO ALL;
+	CREATE QUOTA sqllt_quota KEYED BY user_name TO sqllt_role;
+	CREATE ROLE sqllt_role;
+	CREATE SETTINGS PROFILE sqllt_settings_profile SETTINGS interactive_delay = 200000;
+Create	CREATE TABLE sqllt.table\n(\n    i UInt8, s String\n)\nENGINE = MergeTree PARTITION BY tuple() ORDER BY tuple();
+	CREATE USER sqllt_user IDENTIFIED WITH PLAINTEXT_PASSWORD BY \'password\';
+Create	CREATE VIEW sqllt.view AS SELECT i, s FROM sqllt.table;
+	DESCRIBE TABLE sqllt.table FORMAT Null;
+Drop	DETACH TABLE sqllt.table;
+Drop	DROP DATABASE IF EXISTS sqllt;
+	DROP POLICY IF EXISTS sqllt_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+	DROP QUOTA IF EXISTS sqllt_quota;
+	DROP ROLE IF EXISTS sqllt_role;
+	DROP ROW POLICY IF EXISTS sqllt_row_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+	DROP SETTINGS PROFILE IF EXISTS sqllt_settings_profile;
+	DROP USER IF EXISTS sqllt_user;
+Grant	GRANT DROP ON sqllt.view TO sqllt_user;
+Grant	GRANT SELECT ON sqllt.table TO sqllt_user;
+Grant	GRANT sqllt_role TO sqllt_user;
+Rename	RENAME TABLE sqllt.table TO sqllt.table_new;
+Rename	RENAME TABLE sqllt.table_new TO sqllt.table;
+Revoke	REVOKE DROP ON sqllt.view FROM sqllt_user;
+Revoke	REVOKE SELECT ON sqllt.table FROM sqllt_user;
+Select	SELECT \'CREATE queries\';
+Select	SELECT \'DROP queries and also a cleanup before the test\';
+Select	SELECT \'GRANT queries\';
+Select	SELECT \'Misc queries\';
+Select	SELECT \'REVOKE queries\';
+Select	SELECT \'SET queries\';
+	SET DEFAULT ROLE sqllt_role TO sqllt_user;
+	SET log_profile_events=false;
+	SHOW CREATE DICTIONARY sqllt.dictionary FORMAT Null;
+	SHOW CREATE POLICY sqllt_policy FORMAT Null;
+	SHOW CREATE QUOTA sqllt_quota FORMAT Null;
+	SHOW CREATE ROLE sqllt_role FORMAT Null;
+	SHOW CREATE ROW POLICY sqllt_row_policy FORMAT Null;
+	SHOW CREATE SETTINGS PROFILE sqllt_settings_profile FORMAT Null;
+	SHOW CREATE TABLE sqllt.table FORMAT Null;
+	SHOW CREATE USER sqllt_user FORMAT Null;
+	SHOW DATABASES LIKE \'sqllt\' FORMAT Null;
+	SHOW DICTIONARIES FROM sqllt FORMAT Null;
+	SHOW GRANTS FOR sqllt_user FORMAT Null;
+	SHOW GRANTS FORMAT Null;
+	SHOW TABLES FROM sqllt FORMAT Null;
+System	SYSTEM DROP COMPILED EXPRESSION CACHE;
+System	SYSTEM DROP DNS CACHE;
+System	SYSTEM DROP MARK CACHE;
+System	SYSTEM DROP UNCOMPRESSED CACHE;
+System	SYSTEM FLUSH LOGS;
+System	SYSTEM RELOAD CONFIG;
+System	SYSTEM RELOAD DICTIONARIES;
+System	SYSTEM RELOAD EMBEDDED DICTIONARIES;
+System	SYSTEM START FETCHES;
+System	SYSTEM START MERGES;
+System	SYSTEM START MOVES;
+System	SYSTEM START REPLICATED SENDS;
+System	SYSTEM START TTL MERGES;
+System	SYSTEM STOP FETCHES;
+System	SYSTEM STOP MERGES;
+System	SYSTEM STOP MOVES;
+System	SYSTEM STOP REPLICATED SENDS;
+System	SYSTEM STOP TTL MERGES;
+Drop	TRUNCATE TABLE sqllt.table;
+	USE sqllt
+DROP queries and also a cleanup after the test

tests/queries/0_stateless/01702_system_query_log.sql

@@ -0,0 +1,148 @@
+-- fire all kinds of queries and then check if those are present in the system.query_log
+SET log_comment='system.query_log logging test';
+
+SELECT 'DROP queries and also a cleanup before the test';
+DROP DATABASE IF EXISTS sqllt;
+DROP USER IF EXISTS sqllt_user;
+DROP ROLE IF EXISTS sqllt_role;
+DROP POLICY IF EXISTS sqllt_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+DROP ROW POLICY IF EXISTS sqllt_row_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+DROP QUOTA IF EXISTS sqllt_quota;
+DROP SETTINGS PROFILE IF EXISTS sqllt_settings_profile;
+
+SELECT 'CREATE queries';
+CREATE DATABASE sqllt;
+USE sqllt;
+
+CREATE TABLE sqllt.table
+(
+    i UInt8, s String
+)
+ENGINE = MergeTree PARTITION BY tuple() ORDER BY tuple();
+
+CREATE VIEW sqllt.view AS SELECT i, s FROM sqllt.table;
+CREATE DICTIONARY sqllt.dictionary (key UInt64, value UInt64) PRIMARY KEY key SOURCE(CLICKHOUSE(DB 'sqllt' TABLE 'table' HOST 'localhost' PORT 9001)) LIFETIME(0) LAYOUT(FLAT());
+
+CREATE USER sqllt_user IDENTIFIED WITH PLAINTEXT_PASSWORD BY 'password';
+CREATE ROLE sqllt_role;
+
+CREATE POLICY sqllt_policy ON sqllt.table, sqllt.view, sqllt.dictionary AS PERMISSIVE TO ALL;
+CREATE POLICY sqllt_row_policy ON sqllt.table, sqllt.view, sqllt.dictionary AS PERMISSIVE TO ALL;
+
+CREATE QUOTA sqllt_quota KEYED BY user_name TO sqllt_role;
+CREATE SETTINGS PROFILE sqllt_settings_profile SETTINGS interactive_delay = 200000;
+
+GRANT sqllt_role TO sqllt_user;
+
+
+SELECT 'SET queries';
+SET log_profile_events=false;
+SET DEFAULT ROLE sqllt_role TO sqllt_user;
+-- SET ROLE sqllt_role; -- tests are executed by user `default` which is defined in XML and is impossble to update.
+
+SELECT 'ALTER TABLE queries';
+ALTER TABLE table ADD COLUMN new_col UInt32 DEFAULT 1;
+ALTER TABLE table COMMENT COLUMN new_col 'dummy column with a comment';
+ALTER TABLE table CLEAR COLUMN new_col;
+ALTER TABLE table MODIFY COLUMN new_col FixedString(12) DEFAULT 'Hello world!';
+ALTER TABLE table MODIFY COLUMN new_col REMOVE COMMENT;
+ALTER TABLE table RENAME COLUMN new_col TO the_new_col;
+ALTER TABLE table DROP COLUMN the_new_col;
+ALTER TABLE table UPDATE i = i + 1 WHERE 1;
+ALTER TABLE table DELETE WHERE i > 65535;
+
+-- not done, seems to hard, so I've skipped queries of ALTER-X, where X is:
+-- PARTITION
+-- ORDER BY
+-- SAMPLE BY
+-- INDEX
+-- CONSTRAINT
+-- TTL
+-- USER
+-- QUOTA
+-- ROLE
+-- ROW POLICY
+-- SETTINGS PROFILE
+
+SELECT 'SYSTEM queries';
+SYSTEM RELOAD EMBEDDED DICTIONARIES;
+SYSTEM RELOAD DICTIONARIES;
+SYSTEM DROP DNS CACHE;
+SYSTEM DROP MARK CACHE;
+SYSTEM DROP UNCOMPRESSED CACHE;
+SYSTEM DROP COMPILED EXPRESSION CACHE;
+SYSTEM FLUSH LOGS;
+SYSTEM RELOAD CONFIG;
+SYSTEM STOP MERGES;
+SYSTEM START MERGES;
+SYSTEM STOP TTL MERGES;
+SYSTEM START TTL MERGES;
+SYSTEM STOP MOVES;
+SYSTEM START MOVES;
+SYSTEM STOP FETCHES;
+SYSTEM START FETCHES;
+SYSTEM STOP REPLICATED SENDS;
+SYSTEM START REPLICATED SENDS;
+
+-- SYSTEM RELOAD DICTIONARY sqllt.dictionary; -- temporary out of order: Code: 210, Connection refused (localhost:9001) (version 21.3.1.1)
+-- DROP REPLICA
+-- haha, no
+-- SYSTEM KILL;
+-- SYSTEM SHUTDOWN;
+
+-- Since we don't really care about the actual output, suppress it with `FORMAT Null`.
+SELECT 'SHOW queries';
+
+SHOW CREATE TABLE sqllt.table FORMAT Null;
+SHOW CREATE DICTIONARY sqllt.dictionary FORMAT Null;
+SHOW DATABASES LIKE 'sqllt' FORMAT Null;
+SHOW TABLES FROM sqllt FORMAT Null;
+SHOW DICTIONARIES FROM sqllt FORMAT Null;
+SHOW GRANTS FORMAT Null;
+SHOW GRANTS FOR sqllt_user FORMAT Null;
+SHOW CREATE USER sqllt_user FORMAT Null;
+SHOW CREATE ROLE sqllt_role FORMAT Null;
+SHOW CREATE POLICY sqllt_policy FORMAT Null;
+SHOW CREATE ROW POLICY sqllt_row_policy FORMAT Null;
+SHOW CREATE QUOTA sqllt_quota FORMAT Null;
+SHOW CREATE SETTINGS PROFILE sqllt_settings_profile FORMAT Null;
+
+SELECT 'GRANT queries';
+GRANT SELECT ON sqllt.table TO sqllt_user;
+GRANT DROP ON sqllt.view TO sqllt_user;
+
+SELECT 'REVOKE queries';
+REVOKE SELECT ON sqllt.table FROM sqllt_user;
+REVOKE DROP ON sqllt.view FROM sqllt_user;
+
+SELECT 'Misc queries';
+DESCRIBE TABLE sqllt.table FORMAT Null;
+
+CHECK TABLE sqllt.table FORMAT Null;
+DETACH TABLE sqllt.table;
+ATTACH TABLE sqllt.table;
+
+RENAME TABLE sqllt.table TO sqllt.table_new;
+RENAME TABLE sqllt.table_new TO sqllt.table;
+TRUNCATE TABLE sqllt.table;
+
+---------------------------------------------------------------------------------------------------
+-- Now get all logs related to this test
+---------------------------------------------------------------------------------------------------
+
+SYSTEM FLUSH LOGS;
+SELECT 'ACTUAL LOG CONTENT:';
+
+-- Try to filter out all possible previous junk events by excluding old log entries
+SELECT query_kind, query FROM system.query_log WHERE log_comment LIKE '%system.query_log%' AND type == 'QueryStart' AND query_start_time >= now() - 5 ORDER BY query;
+
+
+-- cleanup
+SELECT 'DROP queries and also a cleanup after the test';
+DROP DATABASE IF EXISTS sqllt;
+DROP USER IF EXISTS sqllt_user;
+DROP ROLE IF EXISTS sqllt_role;
+DROP POLICY IF EXISTS sqllt_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+DROP ROW POLICY IF EXISTS sqllt_row_policy ON sqllt.table, sqllt.view, sqllt.dictionary;
+DROP QUOTA IF EXISTS sqllt_quota;
+DROP SETTINGS PROFILE IF EXISTS sqllt_settings_profile;