From fc8aa5efe76a02688cc09c33808eeb5898d0d061 Mon Sep 17 00:00:00 2001
From: Vitaly Baranov <vitbar@yandex-team.ru>
Date: Thu, 20 Feb 2020 00:48:59 +0300
Subject: [PATCH] Separate access-controlling access types.

---
 dbms/src/Access/AccessFlags.h | 13 +++++++++++--
 dbms/src/Access/AccessType.h  |  2 +-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/dbms/src/Access/AccessFlags.h b/dbms/src/Access/AccessFlags.h
index e191818ae06..1b1934a3f01 100644
--- a/dbms/src/Access/AccessFlags.h
+++ b/dbms/src/Access/AccessFlags.h
@@ -335,8 +335,17 @@ private:
         ext::push_back(all, std::move(kill));
 
         auto create_user = std::make_unique<Node>("CREATE USER", next_flag++, GLOBAL_LEVEL);
-        ext::push_back(create_user->aliases, "ALTER USER", "DROP USER", "CREATE ROLE", "DROP ROLE", "CREATE POLICY", "ALTER POLICY", "DROP POLICY", "CREATE QUOTA", "ALTER QUOTA", "DROP QUOTA");
-        ext::push_back(all, std::move(create_user));
+        auto alter_user = std::make_unique<Node>("ALTER USER", next_flag++, GLOBAL_LEVEL);
+        auto drop_user = std::make_unique<Node>("DROP USER", next_flag++, GLOBAL_LEVEL);
+        auto create_role = std::make_unique<Node>("CREATE ROLE", next_flag++, GLOBAL_LEVEL);
+        auto drop_role = std::make_unique<Node>("DROP ROLE", next_flag++, GLOBAL_LEVEL);
+        auto create_policy = std::make_unique<Node>("CREATE POLICY", next_flag++, GLOBAL_LEVEL);
+        auto alter_policy = std::make_unique<Node>("ALTER POLICY", next_flag++, GLOBAL_LEVEL);
+        auto drop_policy = std::make_unique<Node>("DROP POLICY", next_flag++, GLOBAL_LEVEL);
+        auto create_quota = std::make_unique<Node>("CREATE QUOTA", next_flag++, GLOBAL_LEVEL);
+        auto alter_quota = std::make_unique<Node>("ALTER QUOTA", next_flag++, GLOBAL_LEVEL);
+        auto drop_quota = std::make_unique<Node>("DROP QUOTA", next_flag++, GLOBAL_LEVEL);
+        ext::push_back(all, std::move(create_user), std::move(alter_user), std::move(drop_user), std::move(create_role), std::move(drop_role), std::move(create_policy), std::move(alter_policy), std::move(drop_policy), std::move(create_quota), std::move(alter_quota), std::move(drop_quota));
 
         auto shutdown = std::make_unique<Node>("SHUTDOWN", next_flag++, GLOBAL_LEVEL);
         ext::push_back(shutdown->aliases, "SYSTEM SHUTDOWN", "SYSTEM KILL");
diff --git a/dbms/src/Access/AccessType.h b/dbms/src/Access/AccessType.h
index 3d60415774d..1c829f57f63 100644
--- a/dbms/src/Access/AccessType.h
+++ b/dbms/src/Access/AccessType.h
@@ -82,7 +82,7 @@ enum class AccessType
     KILL_MUTATION,      /// allows to kill a mutation
     KILL,               /// allows to execute KILL {MUTATION|QUERY}
 
-    CREATE_USER,        /// allows to create, alter and drop users, roles, quotas, row policies.
+    CREATE_USER,
     ALTER_USER,
     DROP_USER,
     CREATE_ROLE,