MDEV-26080: SHOW GRANTS does not quote role names properly for DEFAULT ROLE

- Used single quotes, back quotes are used with commit
fafb35ee51 in 10.3 and will be changed.

Reviewed by: serg@mariadb.org

mysql-test/r/grant5.result

@@ -8,7 +8,7 @@ connect  conn_1, localhost, test,,;
 set role foo;
 show grants for test;
 Grants for test@%
-GRANT foo TO 'test'@'%'
+GRANT 'foo' TO 'test'@'%'
 GRANT USAGE ON *.* TO 'test'@'%'
 show grants for foo;
 Grants for foo
@@ -45,29 +45,60 @@ GRANT test_role TO test_user;
 SET DEFAULT ROLE test_role FOR test_user;
 SHOW GRANTS FOR test_user;
 Grants for test_user@%
-GRANT test_role TO 'test_user'@'%'
+GRANT 'test_role' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
-SET DEFAULT ROLE test_role FOR 'test_user'@'%'
+SET DEFAULT ROLE 'test_role' FOR 'test_user'@'%'
 SET DEFAULT ROLE NONE for test_user;
 SHOW GRANTS FOR test_user;
 Grants for test_user@%
-GRANT test_role TO 'test_user'@'%'
+GRANT 'test_role' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
 SET ROLE test_role;
 SET DEFAULT ROLE test_role;
 SHOW GRANTS;
 Grants for root@localhost
-GRANT test_role TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'test_role' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'test_role'
-SET DEFAULT ROLE test_role FOR 'root'@'localhost'
+SET DEFAULT ROLE 'test_role' FOR 'root'@'localhost'
 SET DEFAULT ROLE NONE;
 SHOW GRANTS;
 Grants for root@localhost
-GRANT test_role TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'test_role' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'test_role'
 DROP USER test_user;
 DROP ROLE test_role;
+CREATE ROLE 'test-role';
+CREATE USER 'test-user';
+GRANT 'test-role' TO 'test-user';
+SET DEFAULT ROLE 'test-role' FOR 'test-user';
+SHOW GRANTS FOR 'test-user';
+Grants for test-user@%
+GRANT 'test-role' TO 'test-user'@'%'
+GRANT USAGE ON *.* TO 'test-user'@'%'
+SET DEFAULT ROLE 'test-role' FOR 'test-user'@'%'
+DROP ROLE 'test-role';
+SHOW GRANTS FOR 'test-user';
+Grants for test-user@%
+GRANT USAGE ON *.* TO 'test-user'@'%'
+SET DEFAULT ROLE 'test-role' FOR 'test-user'@'%'
+SET DEFAULT ROLE NONE FOR 'test-user';
+SHOW GRANTS FOR 'test-user';
+Grants for test-user@%
+GRANT USAGE ON *.* TO 'test-user'@'%'
+CREATE ROLE `r``o'l"e`;
+select user from mysql.user where is_role='Y';
+user
+r`o'l"e
+GRANT `r``o'l"e` TO 'test-user';
+SET DEFAULT ROLE `r``o'l"e` FOR 'test-user';
+SHOW GRANTS FOR 'test-user';
+Grants for test-user@%
+GRANT 'r`o'l"e' TO 'test-user'@'%'
+GRANT USAGE ON *.* TO 'test-user'@'%'
+SET DEFAULT ROLE 'r`o'l"e' FOR 'test-user'@'%'
+DROP ROLE `r``o'l"e`;
+DROP USER 'test-user';

mysql-test/r/mysql_upgrade.result

@@ -840,15 +840,15 @@ CREATE ROLE `aRole`;
 SET DEFAULT ROLE aRole;
 SHOW GRANTS;
 Grants for root@localhost
-GRANT aRole TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'aRole' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'aRole'
-SET DEFAULT ROLE aRole FOR 'root'@'localhost'
+SET DEFAULT ROLE 'aRole' FOR 'root'@'localhost'
 SET DEFAULT ROLE NONE;
 SHOW GRANTS;
 Grants for root@localhost
-GRANT aRole TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'aRole' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'aRole'

mysql-test/r/mysqldump-system.result

@@ -61,17 +61,17 @@ SET ROLE mariadb_dump_import_role;
 /*!80001 CREATE ROLE 'role_2' */;
 /*M!100005 CREATE ROLE 'role_2' WITH ADMIN mariadb_dump_import_role */;
 /*M!100005 GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION */;
-GRANT role_1 TO 'root'@'localhost' WITH ADMIN OPTION;
+GRANT 'role_1' TO 'root'@'localhost' WITH ADMIN OPTION;
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION;
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION;
 /*M!100005 SET DEFAULT ROLE NONE FOR 'root'@'localhost' */;
 /*!80001 ALTER USER 'root'@'localhost' DEFAULT ROLE NONE */;
-GRANT role_1 TO 'USER'@'%';
-GRANT role_2 TO 'USER'@'%';
+GRANT 'role_1' TO 'USER'@'%';
+GRANT 'role_2' TO 'USER'@'%';
 GRANT USAGE ON *.* TO 'USER'@'%' IDENTIFIED VIA unix_socket;
 /*M!100005 SET DEFAULT ROLE 'role_2' FOR 'USER'@'%' */;
 /*!80001 ALTER USER 'USER'@'%' DEFAULT ROLE 'role_2' */;
-GRANT role_2 TO 'role_1' WITH ADMIN OPTION;
+GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION;
 GRANT SHOW DATABASES ON *.* TO 'role_1';
 GRANT USAGE ON *.* TO 'role_2';
 GRANT USAGE ON *.* TO 'role_2';
@@ -196,17 +196,17 @@ SET ROLE mariadb_dump_import_role;
 /*!80001 CREATE ROLE 'role_2' */;
 /*M!100103 CREATE OR REPLACE ROLE 'role_2' WITH ADMIN mariadb_dump_import_role */;
 /*M!100005 GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION */;
-GRANT role_1 TO 'root'@'localhost' WITH ADMIN OPTION;
+GRANT 'role_1' TO 'root'@'localhost' WITH ADMIN OPTION;
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION;
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION;
 /*M!100005 SET DEFAULT ROLE NONE FOR 'root'@'localhost' */;
 /*!80001 ALTER USER 'root'@'localhost' DEFAULT ROLE NONE */;
-GRANT role_1 TO 'USER'@'%';
-GRANT role_2 TO 'USER'@'%';
+GRANT 'role_1' TO 'USER'@'%';
+GRANT 'role_2' TO 'USER'@'%';
 GRANT USAGE ON *.* TO 'USER'@'%' IDENTIFIED VIA unix_socket;
 /*M!100005 SET DEFAULT ROLE 'role_2' FOR 'USER'@'%' */;
 /*!80001 ALTER USER 'USER'@'%' DEFAULT ROLE 'role_2' */;
-GRANT role_2 TO 'role_1' WITH ADMIN OPTION;
+GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION;
 GRANT SHOW DATABASES ON *.* TO 'role_1';
 GRANT USAGE ON *.* TO 'role_2';
 GRANT USAGE ON *.* TO 'role_2';
@@ -317,17 +317,17 @@ SET ROLE mariadb_dump_import_role;
 /*!80001 CREATE ROLE IF NOT EXISTS 'role_2' */;
 /*M!100005 CREATE ROLE IF NOT EXISTS 'role_2' WITH ADMIN mariadb_dump_import_role */;
 /*M!100005 GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION */;
-GRANT role_1 TO 'root'@'localhost' WITH ADMIN OPTION;
+GRANT 'role_1' TO 'root'@'localhost' WITH ADMIN OPTION;
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION;
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION;
 /*M!100005 SET DEFAULT ROLE NONE FOR 'root'@'localhost' */;
 /*!80001 ALTER USER 'root'@'localhost' DEFAULT ROLE NONE */;
-GRANT role_1 TO 'USER'@'%';
-GRANT role_2 TO 'USER'@'%';
+GRANT 'role_1' TO 'USER'@'%';
+GRANT 'role_2' TO 'USER'@'%';
 GRANT USAGE ON *.* TO 'USER'@'%' IDENTIFIED VIA unix_socket;
 /*M!100005 SET DEFAULT ROLE 'role_2' FOR 'USER'@'%' */;
 /*!80001 ALTER USER 'USER'@'%' DEFAULT ROLE 'role_2' */;
-GRANT role_2 TO 'role_1' WITH ADMIN OPTION;
+GRANT 'role_2' TO 'role_1' WITH ADMIN OPTION;
 GRANT SHOW DATABASES ON *.* TO 'role_1';
 GRANT USAGE ON *.* TO 'role_2';
 GRANT USAGE ON *.* TO 'role_2';

mysql-test/suite/roles/admin.result

@@ -27,19 +27,19 @@ grant select on *.* to foo@localhost with admin option;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'admin option' at line 1
 show grants for foo@localhost;
 Grants for foo@localhost
+GRANT 'role1' TO 'foo'@'localhost' WITH ADMIN OPTION
+GRANT 'role2' TO 'foo'@'localhost'
+GRANT 'role5' TO 'foo'@'localhost' WITH ADMIN OPTION
 GRANT CREATE USER ON *.* TO 'foo'@'localhost'
-GRANT role1 TO 'foo'@'localhost' WITH ADMIN OPTION
-GRANT role2 TO 'foo'@'localhost'
-GRANT role5 TO 'foo'@'localhost' WITH ADMIN OPTION
 show grants for role1;
 Grants for role1
+GRANT 'role2' TO 'role1'
+GRANT 'role3' TO 'role1' WITH ADMIN OPTION
+GRANT 'role4' TO 'role3' WITH ADMIN OPTION
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
 GRANT USAGE ON *.* TO 'role3'
 GRANT USAGE ON *.* TO 'role4'
-GRANT role2 TO 'role1'
-GRANT role3 TO 'role1' WITH ADMIN OPTION
-GRANT role4 TO 'role3' WITH ADMIN OPTION
 show grants for role4;
 Grants for role4
 GRANT USAGE ON *.* TO 'role4'
@@ -58,19 +58,19 @@ localhost	root	role4	Y
 flush privileges;
 show grants for foo@localhost;
 Grants for foo@localhost
+GRANT 'role1' TO 'foo'@'localhost' WITH ADMIN OPTION
+GRANT 'role2' TO 'foo'@'localhost'
+GRANT 'role5' TO 'foo'@'localhost' WITH ADMIN OPTION
 GRANT CREATE USER ON *.* TO 'foo'@'localhost'
-GRANT role1 TO 'foo'@'localhost' WITH ADMIN OPTION
-GRANT role2 TO 'foo'@'localhost'
-GRANT role5 TO 'foo'@'localhost' WITH ADMIN OPTION
 show grants for role1;
 Grants for role1
+GRANT 'role2' TO 'role1'
+GRANT 'role3' TO 'role1' WITH ADMIN OPTION
+GRANT 'role4' TO 'role3' WITH ADMIN OPTION
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
 GRANT USAGE ON *.* TO 'role3'
 GRANT USAGE ON *.* TO 'role4'
-GRANT role2 TO 'role1'
-GRANT role3 TO 'role1' WITH ADMIN OPTION
-GRANT role4 TO 'role3' WITH ADMIN OPTION
 show grants for role4;
 Grants for role4
 GRANT USAGE ON *.* TO 'role4'
@@ -89,18 +89,18 @@ revoke admin option for role2 from foo@localhost;
 revoke admin option for role1 from root@localhost;
 show grants for foo@localhost;
 Grants for foo@localhost
+GRANT 'role2' TO 'foo'@'localhost'
+GRANT 'role5' TO 'foo'@'localhost' WITH ADMIN OPTION
 GRANT CREATE USER ON *.* TO 'foo'@'localhost'
-GRANT role2 TO 'foo'@'localhost'
-GRANT role5 TO 'foo'@'localhost' WITH ADMIN OPTION
 show grants for role1;
 Grants for role1
+GRANT 'role2' TO 'role1' WITH ADMIN OPTION
+GRANT 'role3' TO 'role1' WITH ADMIN OPTION
+GRANT 'role4' TO 'role3'
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
 GRANT USAGE ON *.* TO 'role3'
 GRANT USAGE ON *.* TO 'role4'
-GRANT role2 TO 'role1' WITH ADMIN OPTION
-GRANT role3 TO 'role1' WITH ADMIN OPTION
-GRANT role4 TO 'role3'
 show grants for role4;
 Grants for role4
 GRANT USAGE ON *.* TO 'role4'
@@ -118,18 +118,18 @@ localhost	root	role4	Y
 flush privileges;
 show grants for foo@localhost;
 Grants for foo@localhost
+GRANT 'role2' TO 'foo'@'localhost'
+GRANT 'role5' TO 'foo'@'localhost' WITH ADMIN OPTION
 GRANT CREATE USER ON *.* TO 'foo'@'localhost'
-GRANT role2 TO 'foo'@'localhost'
-GRANT role5 TO 'foo'@'localhost' WITH ADMIN OPTION
 show grants for role1;
 Grants for role1
+GRANT 'role2' TO 'role1' WITH ADMIN OPTION
+GRANT 'role3' TO 'role1' WITH ADMIN OPTION
+GRANT 'role4' TO 'role3'
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
 GRANT USAGE ON *.* TO 'role3'
 GRANT USAGE ON *.* TO 'role4'
-GRANT role2 TO 'role1' WITH ADMIN OPTION
-GRANT role3 TO 'role1' WITH ADMIN OPTION
-GRANT role4 TO 'role3'
 show grants for role4;
 Grants for role4
 GRANT USAGE ON *.* TO 'role4'

mysql-test/suite/roles/create_and_drop_role.result

@@ -66,7 +66,7 @@ localhost	r1	r2	N
 localhost	root	r2	Y
 SHOW GRANTS FOR r1@localhost;
 Grants for r1@localhost
-GRANT r2 TO 'r1'@'localhost'
+GRANT 'r2' TO 'r1'@'localhost'
 GRANT USAGE ON *.* TO 'r1'@'localhost'
 DROP USER u1;
 DROP ROLE r2;

mysql-test/suite/roles/create_and_grant_role.result

@@ -13,10 +13,10 @@ Host	User	Role	Admin_option
 localhost	root	r1	Y
 show grants;
 Grants for root@localhost
+GRANT 'r1' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'r1'
-GRANT r1 TO 'root'@'localhost' WITH ADMIN OPTION
 drop role r1;
 select * from mysql.roles_mapping;
 Host	User	Role	Admin_option

mysql-test/suite/roles/definer.result

@@ -38,7 +38,7 @@ connect  c1, localhost, foo,,mysqltest1;
 connection c1;
 show grants;
 Grants for foo@localhost
-GRANT role4 TO 'foo'@'localhost'
+GRANT 'role4' TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT CREATE VIEW ON `mysqltest1`.* TO 'foo'@'localhost'
 select * from test.v1;

mysql-test/suite/roles/drop_routines.result

@@ -7,15 +7,15 @@ grant r3 to r2;
 grant r1 to u1;
 show grants for u1;
 Grants for u1@%
+GRANT 'r1' TO 'u1'@'%'
 GRANT USAGE ON *.* TO 'u1'@'%'
-GRANT r1 TO 'u1'@'%'
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
 GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
 grant SELECT on *.* to u1;
 grant INSERT on mysql.* to r1;
 grant DELETE on mysql.roles_mapping to r2;
@@ -33,6 +33,8 @@ revoke execute on procedure mysql.test_proc from r2;
 ERROR 42000: There is no such grant defined for user 'r2' on host '' on routine 'test_proc'
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -41,17 +43,15 @@ GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
 show grants for r2;
 Grants for r2
+GRANT 'r3' TO 'r2'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
 GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
-GRANT r3 TO 'r2'
 show grants for r3;
 Grants for r3
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -64,11 +64,11 @@ returns CHAR(50) DETERMINISTIC
 return concat('Test string: ',s);
 show grants for r2;
 Grants for r2
+GRANT 'r3' TO 'r2'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
-GRANT r3 TO 'r2'
 connect  u1,localhost,u1,,;
 select mysql.test_func("none");
 ERROR 42000: execute command denied to user 'u1'@'%' for routine 'mysql.test_func'

mysql-test/suite/roles/flush_roles-17898.result

@@ -24,11 +24,11 @@ grant select on m_.* to r2;
 grant r2 to r1;
 show grants for u1@localhost;
 Grants for u1@localhost
-GRANT r1 TO 'u1'@'localhost'
+GRANT 'r1' TO 'u1'@'localhost'
 GRANT USAGE ON *.* TO 'u1'@'localhost'
 show grants for r1;
 Grants for r1
-GRANT r2 TO 'r1'
+GRANT 'r2' TO 'r1'
 GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT SELECT ON `test`.* TO 'r2'

mysql-test/suite/roles/grant-5771.result

@@ -21,9 +21,9 @@ show tables in mysqltest2;
 Tables_in_mysqltest2
 show grants;
 Grants for foo@localhost
-GRANT r2 TO 'foo'@'localhost'
+GRANT 'r2' TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
-GRANT r1 TO 'r2'
+GRANT 'r1' TO 'r2'
 GRANT USAGE ON *.* TO 'r2'
 GRANT ALL PRIVILEGES ON `mysqltest2`.* TO 'r2'
 GRANT USAGE ON *.* TO 'r1'

mysql-test/suite/roles/grant_empty.result

@@ -9,7 +9,7 @@ current_user
 @localhost
 show grants;
 Grants for @localhost
-GRANT r1 TO ''@'localhost'
+GRANT 'r1' TO ''@'localhost'
 GRANT USAGE ON *.* TO ''@'localhost'
 connection default;
 drop role r1;

mysql-test/suite/roles/grant_revoke_current.result

@@ -27,14 +27,14 @@ GRANT USAGE ON *.* TO 'r1'
 set password=password('foobar');
 show grants;
 Grants for root@localhost
-GRANT r1 TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'r1' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*9B500343BC52E2911172EB52AE5CF4847604C6E5' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'r1'
 grant r1 to current_user() identified by 'barfoo';
 show grants;
 Grants for root@localhost
-GRANT r1 TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'r1' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*343915A8181B5728EADBDC73E1F7E6B0C3998483' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'r1'

mysql-test/suite/roles/ip-6401.result

@@ -4,7 +4,7 @@ grant r1 to foo@'127.0.0.1';
 connect  con1,127.0.0.1,foo,,;
 show grants;
 Grants for foo@127.0.0.1
-GRANT r1 TO 'foo'@'127.0.0.1'
+GRANT 'r1' TO 'foo'@'127.0.0.1'
 GRANT USAGE ON *.* TO 'foo'@'127.0.0.1'
 set role r1;
 select * from information_schema.enabled_roles;

mysql-test/suite/roles/prepare_stmt_with_role.result

@@ -17,7 +17,7 @@ user	host	is_role
 developers		Y
 SHOW GRANTS;
 Grants for root@localhost
-GRANT developers TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'developers' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 # Test reexecution.
@@ -40,7 +40,7 @@ Host	User	Role	Admin_option
 localhost	root	developers	Y
 SHOW GRANTS FOR test_user;
 Grants for test_user@%
-GRANT developers TO 'test_user'@'%'
+GRANT 'developers' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
 #
 # Test revoking a role.
@@ -56,7 +56,7 @@ GRANT USAGE ON *.* TO 'test_user'@'%'
 EXECUTE stmtGrantRole;
 SHOW GRANTS FOR test_user;
 Grants for test_user@%
-GRANT developers TO 'test_user'@'%'
+GRANT 'developers' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
 EXECUTE stmtRevokeRole;
 SHOW GRANTS FOR test_user;
@@ -96,7 +96,7 @@ Host	User	Role	Admin_option
 localhost	root	developers	Y
 SHOW GRANTS;
 Grants for root@localhost
-GRANT developers TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'developers' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 SHOW GRANTS FOR test_user;

mysql-test/suite/roles/rebuild_role_grants.result

@@ -3,13 +3,13 @@ create user u1;
 grant r1 to u1;
 show grants for u1;
 Grants for u1@%
+GRANT 'r1' TO 'u1'@'%'
 GRANT USAGE ON *.* TO 'u1'@'%'
-GRANT r1 TO 'u1'@'%'
 create user u2;
 show grants for u1;
 Grants for u1@%
+GRANT 'r1' TO 'u1'@'%'
 GRANT USAGE ON *.* TO 'u1'@'%'
-GRANT r1 TO 'u1'@'%'
 show grants for u2;
 Grants for u2@%
 GRANT USAGE ON *.* TO 'u2'@'%'
@@ -30,8 +30,8 @@ grant r1 to u1;
 grant r1 to u1;
 show grants for u1;
 Grants for u1@%
+GRANT 'r1' TO 'u1'@'%'
 GRANT USAGE ON *.* TO 'u1'@'%'
-GRANT r1 TO 'u1'@'%'
 select * from mysql.roles_mapping;
 Host	User	Role	Admin_option
 %	u1	r1	N

mysql-test/suite/roles/recursive.result

@@ -26,8 +26,8 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2'
 connect  foo, localhost, foo;
 show grants;
 Grants for foo@localhost
+GRANT 'role10' TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
-GRANT role10 TO 'foo'@'localhost'
 select * from information_schema.applicable_roles;
 GRANTEE	ROLE_NAME	IS_GRANTABLE	IS_DEFAULT
 foo@localhost	role10	NO	NO
@@ -56,6 +56,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role10'
@@ -66,17 +77,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 select * from information_schema.enabled_roles;
 ROLE_NAME
 role1
@@ -114,6 +114,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON `mysql`.* TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -125,17 +136,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select on mysql.* from role1;
 show status like 'debug%';
@@ -157,6 +157,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -168,17 +179,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select on mysql.roles_mapping from role1;
 show status like 'debug%';
@@ -202,6 +202,17 @@ count(concat(User))
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT (User) ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -213,17 +224,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 grant select(Host) on mysql.roles_mapping to role3;
 show status like 'debug%';
@@ -236,6 +236,17 @@ count(concat(User,Host))
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO 'role3'
 GRANT SELECT (User) ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
@@ -248,17 +259,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select(User) on mysql.roles_mapping from role1;
 show status like 'debug%';

mysql-test/suite/roles/recursive_dbug.result

@@ -30,8 +30,8 @@ ERROR HY000: Cannot grant role 'role10' to: 'role2'
 connect  foo, localhost, foo;
 show grants;
 Grants for foo@localhost
+GRANT 'role10' TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
-GRANT role10 TO 'foo'@'localhost'
 select * from information_schema.applicable_roles;
 GRANTEE	ROLE_NAME	IS_GRANTABLE	IS_DEFAULT
 foo@localhost	role10	NO	NO
@@ -70,6 +70,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role10'
@@ -80,17 +91,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 select * from information_schema.enabled_roles;
 ROLE_NAME
 role1
@@ -138,6 +138,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON `mysql`.* TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -149,17 +160,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select on mysql.* from role1;
 show status like 'debug%';
@@ -191,6 +191,17 @@ count(*)
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -202,17 +213,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select on mysql.roles_mapping from role1;
 show status like 'debug%';
@@ -246,6 +246,17 @@ count(concat(User))
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT (User) ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
@@ -257,17 +268,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 grant select(Host) on mysql.roles_mapping to role3;
 show status like 'debug%';
@@ -285,6 +285,17 @@ count(concat(User,Host))
 22
 show grants;
 Grants for foo@localhost
+GRANT 'role1' TO 'role2'
+GRANT 'role10' TO 'foo'@'localhost'
+GRANT 'role2' TO 'role4'
+GRANT 'role2' TO 'role5'
+GRANT 'role3' TO 'role5'
+GRANT 'role4' TO 'role6'
+GRANT 'role5' TO 'role6'
+GRANT 'role5' TO 'role7'
+GRANT 'role6' TO 'role9'
+GRANT 'role7' TO 'role9'
+GRANT 'role9' TO 'role10'
 GRANT SELECT (Host) ON `mysql`.`roles_mapping` TO 'role3'
 GRANT SELECT (User) ON `mysql`.`roles_mapping` TO 'role1'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
@@ -297,17 +308,6 @@ GRANT USAGE ON *.* TO 'role5'
 GRANT USAGE ON *.* TO 'role6'
 GRANT USAGE ON *.* TO 'role7'
 GRANT USAGE ON *.* TO 'role9'
-GRANT role1 TO 'role2'
-GRANT role10 TO 'foo'@'localhost'
-GRANT role2 TO 'role4'
-GRANT role2 TO 'role5'
-GRANT role3 TO 'role5'
-GRANT role4 TO 'role6'
-GRANT role5 TO 'role6'
-GRANT role5 TO 'role7'
-GRANT role6 TO 'role9'
-GRANT role7 TO 'role9'
-GRANT role9 TO 'role10'
 connection default;
 revoke select(User) on mysql.roles_mapping from role1;
 show status like 'debug%';

mysql-test/suite/roles/revoke_all.result

@@ -10,18 +10,18 @@ grant r1 to u1;
 grant r4 to r1;
 show grants for u1;
 Grants for u1@%
+GRANT 'r1' TO 'u1'@'%'
 GRANT USAGE ON *.* TO 'u1'@'%'
-GRANT r1 TO 'u1'@'%'
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r1'
+GRANT 'r4' TO 'r3'
 GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r1'
-GRANT r4 TO 'r3'
 grant SELECT on *.* to u1;
 grant INSERT on mysql.* to r1;
 grant DELETE on mysql.roles_mapping to r2;
@@ -38,6 +38,10 @@ grant execute on procedure mysql.test_proc to r3;
 grant execute on mysql.* to r4;
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r1'
+GRANT 'r4' TO 'r3'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -48,12 +52,10 @@ GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r1'
-GRANT r4 TO 'r3'
 show grants for r2;
 Grants for r2
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r3'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -62,16 +64,14 @@ GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r3'
 show grants for r3;
 Grants for r3
+GRANT 'r4' TO 'r3'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
 GRANT EXECUTE ON `mysql`.* TO 'r4'
 GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r4 TO 'r3'
 show grants for r4;
 Grants for r4
 GRANT EXECUTE ON `mysql`.* TO 'r4'
@@ -79,6 +79,10 @@ GRANT USAGE ON *.* TO 'r4'
 revoke all privileges, grant option from r4;
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r1'
+GRANT 'r4' TO 'r3'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -88,12 +92,10 @@ GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r1'
-GRANT r4 TO 'r3'
 show grants for r2;
 Grants for r2
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r3'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
@@ -101,21 +103,22 @@ GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r3'
 show grants for r3;
 Grants for r3
+GRANT 'r4' TO 'r3'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'r3'
 GRANT UPDATE ON `mysql`.`user` TO 'r3'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r4 TO 'r3'
 show grants for r4;
 Grants for r4
 GRANT USAGE ON *.* TO 'r4'
 revoke all privileges, grant option from r3;
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r3' TO 'r2'
+GRANT 'r4' TO 'r1'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT INSERT ON `mysql`.* TO 'r1'
@@ -123,16 +126,13 @@ GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r2 TO 'r1'
-GRANT r3 TO 'r2'
-GRANT r4 TO 'r1'
 show grants for r2;
 Grants for r2
+GRANT 'r3' TO 'r2'
 GRANT DELETE ON `mysql`.`roles_mapping` TO 'r2'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'r2'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r3'
-GRANT r3 TO 'r2'
 show grants for r3;
 Grants for r3
 GRANT USAGE ON *.* TO 'r3'
@@ -142,12 +142,12 @@ GRANT USAGE ON *.* TO 'r4'
 revoke all privileges, grant option from r2;
 show grants for r1;
 Grants for r1
+GRANT 'r2' TO 'r1'
+GRANT 'r4' TO 'r1'
 GRANT INSERT ON `mysql`.* TO 'r1'
 GRANT USAGE ON *.* TO 'r1'
 GRANT USAGE ON *.* TO 'r2'
 GRANT USAGE ON *.* TO 'r4'
-GRANT r2 TO 'r1'
-GRANT r4 TO 'r1'
 show grants for r2;
 Grants for r2
 GRANT USAGE ON *.* TO 'r2'

mysql-test/suite/roles/role_case_sensitive-10744.result

@@ -21,7 +21,7 @@ grant select on secret_db.* to test_role;
 grant test_role to test_user;
 show grants for test_user;
 Grants for test_user@%
-GRANT test_role TO 'test_user'@'%'
+GRANT 'test_role' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
 #
 # Now test the UPPER case role.
@@ -30,8 +30,8 @@ grant test_ROLE to test_user;
 grant insert on secret_db.t1 to test_ROLE;
 show grants for test_user;
 Grants for test_user@%
-GRANT test_role TO 'test_user'@'%'
-GRANT test_ROLE TO 'test_user'@'%'
+GRANT 'test_role' TO 'test_user'@'%'
+GRANT 'test_ROLE' TO 'test_user'@'%'
 GRANT USAGE ON *.* TO 'test_user'@'%'
 connect  test_user,localhost,test_user;
 #

mysql-test/suite/roles/rpl_definer.result

@@ -7,14 +7,14 @@ grant role2 to role1;
 set role role1;
 show grants;
 Grants for root@localhost
+GRANT 'role1' TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'role2' TO 'role1'
+GRANT 'role2' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT EXECUTE ON `test`.* TO 'role2'
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
-GRANT role1 TO 'root'@'localhost' WITH ADMIN OPTION
-GRANT role2 TO 'role1'
-GRANT role2 TO 'root'@'localhost' WITH ADMIN OPTION
 create definer=current_user procedure pcu() select current_user;
 create definer=root@localhost procedure pu() select "root@localhost";
 create definer=current_role procedure pcr() select current_role;
@@ -39,14 +39,14 @@ connection slave;
 set role role1;
 show grants;
 Grants for root@localhost
+GRANT 'role1' TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'role2' TO 'role1'
+GRANT 'role2' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT EXECUTE ON `test`.* TO 'role2'
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'role1'
 GRANT USAGE ON *.* TO 'role2'
-GRANT role1 TO 'root'@'localhost' WITH ADMIN OPTION
-GRANT role2 TO 'role1'
-GRANT role2 TO 'root'@'localhost' WITH ADMIN OPTION
 show create procedure pcu;
 Procedure	sql_mode	Create Procedure	character_set_client	collation_connection	Database Collation
 pcu	STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION	CREATE DEFINER=`root`@`localhost` PROCEDURE `pcu`()

mysql-test/suite/roles/set_and_drop.result

@@ -56,7 +56,7 @@ drop role role2;
 connection foo;
 show grants;
 Grants for foo@localhost
-GRANT role1 TO 'foo'@'localhost'
+GRANT 'role1' TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'foo'@'localhost'
 GRANT USAGE ON *.* TO 'role1'
 select * from information_schema.enabled_roles;

mysql-test/suite/roles/set_default_role_clear.result

@@ -4,7 +4,7 @@ grant select on *.* to test_role;
 grant test_role to test_user@localhost;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 set default role test_role;
 select user, host, default_role from mysql.user;
@@ -14,10 +14,10 @@ user	host	default_role
 test_user	localhost	test_role
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'test_role'
-SET DEFAULT ROLE test_role FOR 'test_user'@'localhost'
+SET DEFAULT ROLE 'test_role' FOR 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user='test_user';
 user	host	default_role
 test_user	localhost	test_role

mysql-test/suite/roles/set_default_role_for.result

@@ -18,10 +18,10 @@ ERROR OP000: User `root`@`localhost` has not been granted role `role_b`
 set default role role_b for user_b@localhost;
 show grants;
 Grants for user_a@localhost
-GRANT role_a TO 'user_a'@'localhost'
+GRANT 'role_a' TO 'user_a'@'localhost'
 GRANT USAGE ON *.* TO 'user_a'@'localhost'
 GRANT SELECT ON *.* TO 'role_a'
-SET DEFAULT ROLE role_a FOR 'user_a'@'localhost'
+SET DEFAULT ROLE 'role_a' FOR 'user_a'@'localhost'
 select user, host, default_role from mysql.user where user like 'user_%';
 user	host	default_role
 user_a	localhost	role_a
@@ -40,10 +40,10 @@ set default role role_b for current_user;
 ERROR OP000: User `user_a`@`localhost` has not been granted role `role_b`
 show grants;
 Grants for user_b@localhost
-GRANT role_b TO 'user_b'@'localhost'
+GRANT 'role_b' TO 'user_b'@'localhost'
 GRANT USAGE ON *.* TO 'user_b'@'localhost'
 GRANT INSERT, UPDATE ON *.* TO 'role_b'
-SET DEFAULT ROLE role_b FOR 'user_b'@'localhost'
+SET DEFAULT ROLE 'role_b' FOR 'user_b'@'localhost'
 select user, host, default_role from mysql.user where user like 'user_%';
 ERROR 42000: SELECT command denied to user 'user_b'@'localhost' for table 'user'
 insert ignore into mysql.user (user, host) values ('someuser', 'somehost');
@@ -55,7 +55,7 @@ Warning	1364	Field 'authentication_string' doesn't have a default value
 set default role NONE for user_a@localhost;
 show grants;
 Grants for user_a@localhost
-GRANT role_a TO 'user_a'@'localhost'
+GRANT 'role_a' TO 'user_a'@'localhost'
 GRANT USAGE ON *.* TO 'user_a'@'localhost'
 GRANT INSERT, UPDATE ON *.* TO 'role_b'
 select user, host, default_role from mysql.user where user like 'user_%';

mysql-test/suite/roles/set_default_role_invalid.result

@@ -5,7 +5,7 @@ grant select on *.* to test_role;
 grant test_role to test_user@localhost;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 select user, host, default_role from mysql.user;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
@@ -21,10 +21,10 @@ user	host	default_role
 test_user	localhost	test_role
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'test_role'
-SET DEFAULT ROLE test_role FOR 'test_user'@'localhost'
+SET DEFAULT ROLE 'test_role' FOR 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user='test_user';
 user	host	default_role
 test_user	localhost	test_role
@@ -68,11 +68,11 @@ GRANT SELECT ON mysql.* TO b;
 # Change user b (session 1: select_priv)
 SHOW GRANTS FOR b;
 Grants for b@%
-GRANT r1 TO 'b'@'%'
-GRANT r2 TO 'b'@'%'
+GRANT 'r1' TO 'b'@'%'
+GRANT 'r2' TO 'b'@'%'
 GRANT USAGE ON *.* TO 'b'@'%'
 GRANT SELECT ON `mysql`.* TO 'b'@'%'
-SET DEFAULT ROLE r2 FOR 'b'@'%'
+SET DEFAULT ROLE 'r2' FOR 'b'@'%'
 SET DEFAULT ROLE r1 FOR a;
 ERROR 42000: Access denied for user 'b'@'%' to database 'mysql'
 SELECT CURRENT_ROLE;
@@ -94,11 +94,11 @@ GRANT UPDATE ON mysql.* TO b;
 # Change user b
 SHOW GRANTS FOR b;
 Grants for b@%
-GRANT r1 TO 'b'@'%'
-GRANT r2 TO 'b'@'%'
+GRANT 'r1' TO 'b'@'%'
+GRANT 'r2' TO 'b'@'%'
 GRANT USAGE ON *.* TO 'b'@'%'
 GRANT SELECT, UPDATE ON `mysql`.* TO 'b'@'%'
-SET DEFAULT ROLE r2 FOR 'b'@'%'
+SET DEFAULT ROLE 'r2' FOR 'b'@'%'
 SET DEFAULT ROLE r1 FOR a;
 ERROR OP000: User `b`@`%` has not been granted role `r1`
 SET DEFAULT ROLE invalid_role;

mysql-test/suite/roles/set_default_role_new_connection.result

@@ -5,7 +5,7 @@ grant test_role to test_user@localhost;
 connect  c1, localhost, test_user,,;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user = 'test_user';
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
@@ -20,10 +20,10 @@ test_user	localhost	test_role
 connect  c1, localhost, test_user,,;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'test_role'
-SET DEFAULT ROLE test_role FOR 'test_user'@'localhost'
+SET DEFAULT ROLE 'test_role' FOR 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user = 'test_user';
 user	host	default_role
 test_user	localhost	test_role
@@ -36,7 +36,7 @@ test_user	localhost
 connect  c1, localhost, test_user,,;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user = 'test_user';
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'user'
@@ -49,10 +49,10 @@ set default role test_role for test_user@localhost;
 connect  c1, localhost, test_user,,;
 show grants;
 Grants for test_user@localhost
-GRANT test_role TO 'test_user'@'localhost'
+GRANT 'test_role' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'test_role'
-SET DEFAULT ROLE test_role FOR 'test_user'@'localhost'
+SET DEFAULT ROLE 'test_role' FOR 'test_user'@'localhost'
 select user, host, default_role from mysql.user where user = 'test_user';
 user	host	default_role
 test_user	localhost	test_role

mysql-test/suite/roles/set_role-13655.result

@@ -18,7 +18,7 @@ create role admin;
 grant simple to admin;
 show grants for admin;
 Grants for admin
-GRANT simple TO 'admin'
+GRANT 'simple' TO 'admin'
 GRANT USAGE ON *.* TO 'admin'
 GRANT USAGE ON *.* TO 'simple'
 GRANT SELECT, INSERT, UPDATE, DELETE, LOCK TABLES, EXECUTE ON `t`.* TO 'simple'
@@ -37,9 +37,9 @@ ERROR 42000: Access denied for user 'foo'@'%' to database 't'
 set role admin;
 show grants;
 Grants for foo@%
-GRANT admin TO 'foo'@'%'
+GRANT 'admin' TO 'foo'@'%'
 GRANT USAGE ON *.* TO 'foo'@'%'
-GRANT simple TO 'admin'
+GRANT 'simple' TO 'admin'
 GRANT USAGE ON *.* TO 'admin'
 GRANT ALL PRIVILEGES ON `t`.* TO 'admin'
 GRANT USAGE ON *.* TO 'simple'

mysql-test/suite/roles/set_role-9614.result

@@ -35,11 +35,11 @@ GRANT `client` TO `usertestjohn`@`%`;
 #
 SHOW GRANTS FOR `john`@`%`;
 Grants for john@%
-GRANT client TO 'john'@'%'
+GRANT 'client' TO 'john'@'%'
 GRANT USAGE ON *.* TO 'john'@'%'
 SHOW GRANTS FOR `usertestjohn`@`%`;
 Grants for usertestjohn@%
-GRANT client TO 'usertestjohn'@'%'
+GRANT 'client' TO 'usertestjohn'@'%'
 GRANT USAGE ON *.* TO 'usertestjohn'@'%'
 SHOW GRANTS FOR `client`;
 Grants for client
@@ -84,7 +84,7 @@ information_schema
 test
 show grants;
 Grants for usertestjohn@%
-GRANT client TO 'usertestjohn'@'%'
+GRANT 'client' TO 'usertestjohn'@'%'
 GRANT USAGE ON *.* TO 'usertestjohn'@'%'
 GRANT USAGE ON *.* TO 'client'
 GRANT SELECT ON `bug_db`.`t0` TO 'client'

mysql-test/suite/roles/set_role-database-recursive.result

@@ -67,6 +67,11 @@ set role test_role1;
 delete from mysql.user where user='no such user';
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
+GRANT 'test_role2' TO 'test_user'@'localhost'
+GRANT 'test_role3' TO 'test_role2'
+GRANT 'test_role4' TO 'test_role3'
 GRANT DELETE ON `mysql`.* TO 'test_role4'
 GRANT SELECT ON `mysql`.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
@@ -74,10 +79,5 @@ GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role3'
 GRANT USAGE ON *.* TO 'test_role4'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
-GRANT test_role2 TO 'test_user'@'localhost'
-GRANT test_role3 TO 'test_role2'
-GRANT test_role4 TO 'test_role3'
 drop user test_user@localhost;
 drop role test_role1, test_role2, test_role3, test_role4;

mysql-test/suite/roles/set_role-multiple-role.result

@@ -25,14 +25,14 @@ select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'r_crt' TO 'test_user'@'localhost'
+GRANT 'r_del' TO 'test_user'@'localhost'
+GRANT 'r_drp' TO 'test_user'@'localhost'
+GRANT 'r_ins' TO 'test_user'@'localhost'
+GRANT 'r_rld' TO 'test_user'@'localhost'
+GRANT 'r_sel' TO 'test_user'@'localhost'
+GRANT 'r_upd' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT r_crt TO 'test_user'@'localhost'
-GRANT r_del TO 'test_user'@'localhost'
-GRANT r_drp TO 'test_user'@'localhost'
-GRANT r_ins TO 'test_user'@'localhost'
-GRANT r_rld TO 'test_user'@'localhost'
-GRANT r_sel TO 'test_user'@'localhost'
-GRANT r_upd TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -42,15 +42,15 @@ current_user()	current_role()
 test_user@localhost	r_sel
 show grants;
 Grants for test_user@localhost
+GRANT 'r_crt' TO 'test_user'@'localhost'
+GRANT 'r_del' TO 'test_user'@'localhost'
+GRANT 'r_drp' TO 'test_user'@'localhost'
+GRANT 'r_ins' TO 'test_user'@'localhost'
+GRANT 'r_rld' TO 'test_user'@'localhost'
+GRANT 'r_sel' TO 'test_user'@'localhost'
+GRANT 'r_upd' TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'r_sel'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT r_crt TO 'test_user'@'localhost'
-GRANT r_del TO 'test_user'@'localhost'
-GRANT r_drp TO 'test_user'@'localhost'
-GRANT r_ins TO 'test_user'@'localhost'
-GRANT r_rld TO 'test_user'@'localhost'
-GRANT r_sel TO 'test_user'@'localhost'
-GRANT r_upd TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 Host	User	Role	Admin_option
 localhost	root	r_crt	Y
@@ -73,15 +73,15 @@ current_user()	current_role()
 test_user@localhost	r_ins
 show grants;
 Grants for test_user@localhost
+GRANT 'r_crt' TO 'test_user'@'localhost'
+GRANT 'r_del' TO 'test_user'@'localhost'
+GRANT 'r_drp' TO 'test_user'@'localhost'
+GRANT 'r_ins' TO 'test_user'@'localhost'
+GRANT 'r_rld' TO 'test_user'@'localhost'
+GRANT 'r_sel' TO 'test_user'@'localhost'
+GRANT 'r_upd' TO 'test_user'@'localhost'
 GRANT INSERT ON *.* TO 'r_ins'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT r_crt TO 'test_user'@'localhost'
-GRANT r_del TO 'test_user'@'localhost'
-GRANT r_drp TO 'test_user'@'localhost'
-GRANT r_ins TO 'test_user'@'localhost'
-GRANT r_rld TO 'test_user'@'localhost'
-GRANT r_sel TO 'test_user'@'localhost'
-GRANT r_upd TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 insert into mysql.roles_mapping values ('', 'r_sel', 'r_rld', 'N');

mysql-test/suite/roles/set_role-recursive.result

@@ -25,8 +25,8 @@ select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -36,35 +36,35 @@ current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 select * from mysql.roles_mapping where Host='';
 Host	User	Role	Admin_option
 	test_role1	test_role2	N
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 set role none;
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 set role test_role2;
 ERROR OP000: User `test_user`@`localhost` has not been granted role `test_role2`
 select current_user(), current_role();
@@ -72,43 +72,43 @@ current_user()	current_role()
 test_user@localhost	NULL
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 set role test_role1;
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 select * from mysql.roles_mapping where Host='';
 Host	User	Role	Admin_option
 	test_role1	test_role2	N
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 set role none;
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 delete from mysql.user where user='test_role1';

mysql-test/suite/roles/set_role-routine-simple.result

@@ -31,9 +31,9 @@ grant execute on procedure mysql.test_proc to test_role2;
 grant execute on mysql.* to test_role3;
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role3' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role3 TO 'test_user'@'localhost'
 use mysql;
 ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
 select current_user(), current_role();
@@ -53,23 +53,23 @@ test_func('AABBCCDD')
 Test string: AABBCCDD
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
+GRANT 'test_role3' TO 'test_user'@'localhost'
 GRANT EXECUTE ON FUNCTION `mysql`.`test_func` TO 'test_role2'
 GRANT EXECUTE ON PROCEDURE `mysql`.`test_proc` TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
-GRANT test_role3 TO 'test_user'@'localhost'
 set role none;
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role3' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role3 TO 'test_user'@'localhost'
 call test_proc(@a);
 ERROR 42000: execute command denied to user 'test_user'@'localhost' for routine 'mysql.test_proc'
 SELECT test_func('AABBCCDD');
@@ -80,11 +80,11 @@ current_user()	current_role()
 test_user@localhost	test_role3
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role3' TO 'test_user'@'localhost'
 GRANT EXECUTE ON `mysql`.* TO 'test_role3'
 GRANT USAGE ON *.* TO 'test_role3'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role3 TO 'test_user'@'localhost'
 call test_proc(@a);
 SELECT @a;
 @a

mysql-test/suite/roles/set_role-simple.result

@@ -17,8 +17,8 @@ select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -28,9 +28,9 @@ current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT SELECT ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select * from mysql.roles_mapping;
 Host	User	Role	Admin_option
 localhost	root	test_role1	Y

mysql-test/suite/roles/set_role-table-column-priv.result

@@ -19,8 +19,8 @@ select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -30,12 +30,12 @@ current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT (Role) ON `mysql`.`roles_mapping` TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for column 'Host' in table 'roles_mapping'
 select Role from mysql.roles_mapping;
@@ -46,12 +46,12 @@ test_role2
 test_role2
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT (Role) ON `mysql`.`roles_mapping` TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 use mysql;
 set role none;
 select current_user(), current_role();

mysql-test/suite/roles/set_role-table-simple.result

@@ -19,8 +19,8 @@ select * from mysql.roles_mapping;
 ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -30,12 +30,12 @@ current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON `mysql`.`roles_mapping` TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 select * from mysql.roles_mapping;
 Host	User	Role	Admin_option
 	test_role1	test_role2	N
@@ -44,12 +44,12 @@ localhost	root	test_role2	Y
 localhost	test_user	test_role1	N
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON `mysql`.`roles_mapping` TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
 use mysql;
 set role none;
 select current_user(), current_role();

mysql-test/suite/roles/show_grants.result

@@ -34,9 +34,9 @@ test_user@localhost	test_role1	NO	NO
 test_user@localhost	test_role2	NO	NO
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 select current_user(), current_role();
 current_user()	current_role()
 test_user@localhost	NULL
@@ -50,13 +50,13 @@ current_user()	current_role()
 test_user@localhost	test_role1
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_role1'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT SELECT ON `mysql`.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_role1'
-GRANT test_role2 TO 'test_user'@'localhost'
 set role none;
 select * from information_schema.enabled_roles;
 ROLE_NAME
@@ -66,28 +66,28 @@ current_user()	current_role()
 test_user@localhost	NULL
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for test_user@localhost;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for test_role1;
 ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
 show grants for test_role2;
 ERROR 42000: Access denied for user 'test_user'@'localhost' to database 'mysql'
 show grants for CURRENT_USER;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for CURRENT_USER();
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for CURRENT_ROLE;
 ERROR 42000: There is no such grant defined for user 'test_user' on host 'localhost'
 show grants for CURRENT_ROLE();
@@ -101,36 +101,36 @@ current_user()	current_role()
 test_user@localhost	test_role2
 show grants;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT SELECT ON `mysql`.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for test_user@localhost;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for test_role1;
 Grants for test_role1
+GRANT 'test_role2' TO 'test_role1'
 GRANT SELECT ON `mysql`.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role1'
 GRANT USAGE ON *.* TO 'test_role2'
-GRANT test_role2 TO 'test_role1'
 show grants for test_role2;
 Grants for test_role2
 GRANT SELECT ON `mysql`.* TO 'test_role2'
 GRANT USAGE ON *.* TO 'test_role2'
 show grants for CURRENT_USER;
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for CURRENT_USER();
 Grants for test_user@localhost
+GRANT 'test_role1' TO 'test_user'@'localhost'
+GRANT 'test_role2' TO 'test_user'@'localhost'
 GRANT USAGE ON *.* TO 'test_user'@'localhost'
-GRANT test_role1 TO 'test_user'@'localhost'
-GRANT test_role2 TO 'test_user'@'localhost'
 show grants for CURRENT_ROLE;
 Grants for test_role2
 GRANT SELECT ON `mysql`.* TO 'test_role2'

mysql-test/suite/roles/show_grants_replicated.result

@@ -44,7 +44,7 @@ GRANT USAGE ON *.* TO 'r1'
 set role r1;
 show grants;
 Grants for root@localhost
-GRANT r1 TO 'root'@'localhost' WITH ADMIN OPTION
+GRANT 'r1' TO 'root'@'localhost' WITH ADMIN OPTION
 GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 GRANT USAGE ON *.* TO 'r1'

mysql-test/t/grant5.test

@@ -70,6 +70,29 @@ SHOW GRANTS;
 DROP USER test_user;
 DROP ROLE test_role;
 
+#
+# MDEV-26080 SHOW GRANTS does not quote role names properly for DEFAULT ROLE
+#
+
+CREATE ROLE 'test-role';
+CREATE USER 'test-user';
+GRANT 'test-role' TO 'test-user';
+SET DEFAULT ROLE 'test-role' FOR 'test-user';
+SHOW GRANTS FOR 'test-user';
+DROP ROLE 'test-role';
+SHOW GRANTS FOR 'test-user';
+SET DEFAULT ROLE NONE FOR 'test-user';
+SHOW GRANTS FOR 'test-user';
+CREATE ROLE `r``o'l"e`;
+select user from mysql.user where is_role='Y';
+GRANT `r``o'l"e` TO 'test-user';
+SET DEFAULT ROLE `r``o'l"e` FOR 'test-user';
+# it is expected that quotes won't be shown correctly
+SHOW GRANTS FOR 'test-user';
+DROP ROLE `r``o'l"e`;
+DROP USER 'test-user';
+
+
 #
 # End of 10.1 tests
 #

sql/sql_acl.cc

@@ -8847,9 +8847,9 @@ static bool show_default_role(THD *thd, ACL_USER *acl_entry,
   {
     String def_str(buff, buffsize, system_charset_info);
     def_str.length(0);
-    def_str.append(STRING_WITH_LEN("SET DEFAULT ROLE "));
+    def_str.append(STRING_WITH_LEN("SET DEFAULT ROLE '"));
     def_str.append(&def_rolename);
-    def_str.append(" FOR '");
+    def_str.append("' FOR '");
     def_str.append(&acl_entry->user);
     DBUG_ASSERT(!(acl_entry->flags & IS_ROLE));
     def_str.append(STRING_WITH_LEN("'@'"));
@@ -8878,12 +8878,12 @@ static bool show_role_grants(THD *thd, const char *hostname,
   for (counter= 0; counter < acl_entry->role_grants.elements; counter++)
   {
     grant.length(0);
-    grant.append(STRING_WITH_LEN("GRANT "));
+    grant.append(STRING_WITH_LEN("GRANT '"));
     ACL_ROLE *acl_role= *(dynamic_element(&acl_entry->role_grants, counter,
                                           ACL_ROLE**));
     grant.append(acl_role->user.str, acl_role->user.length,
                   system_charset_info);
-    grant.append(STRING_WITH_LEN(" TO '"));
+    grant.append(STRING_WITH_LEN("' TO '"));
     grant.append(acl_entry->user.str, acl_entry->user.length,
                   system_charset_info);
     if (!(acl_entry->flags & IS_ROLE))