From e30f30d43b0fcb955bd34f773d0cd87cf470d1ca Mon Sep 17 00:00:00 2001
From: Sergei Golubchik <serg@mariadb.org>
Date: Thu, 22 Sep 2022 00:06:30 +0200
Subject: [PATCH] read_only failures

---
 .../suite/sys_vars/r/read_only_func.result    |  2 +-
 .../suite/sys_vars/r/read_only_grant.result   | 19 +++----------------
 .../sys_vars/r/sysvars_server_embedded.result |  2 +-
 .../r/sysvars_server_notembedded.result       |  2 +-
 .../suite/sys_vars/t/read_only_grant.test     | 19 ++-----------------
 5 files changed, 8 insertions(+), 36 deletions(-)

diff --git a/mysql-test/suite/sys_vars/r/read_only_func.result b/mysql-test/suite/sys_vars/r/read_only_func.result
index e93f280dbb5..88a7b334204 100644
--- a/mysql-test/suite/sys_vars/r/read_only_func.result
+++ b/mysql-test/suite/sys_vars/r/read_only_func.result
@@ -20,7 +20,7 @@ id	name
 CREATE user sameea;
 CONNECT  connn,localhost,sameea,,;
 SET Global read_ONLY=ON;
-ERROR 42000: Access denied; you need (at least one of) the SUPER, READ_ONLY ADMIN privilege(s) for this operation
+ERROR 42000: Access denied; you need (at least one of) the READ_ONLY ADMIN privilege(s) for this operation
 CREATE TABLE t2
 (
 id INT NOT NULL auto_increment,
diff --git a/mysql-test/suite/sys_vars/r/read_only_grant.result b/mysql-test/suite/sys_vars/r/read_only_grant.result
index 8884546e92d..81554183c13 100644
--- a/mysql-test/suite/sys_vars/r/read_only_grant.result
+++ b/mysql-test/suite/sys_vars/r/read_only_grant.result
@@ -1,14 +1,14 @@
 #
 # MDEV-21960 Bind READ_ONLY ADMIN to @@read_only
 #
-# Test that "SET read_only" is not allowed without READ_ONLY ADMIN or SUPER
+# Test that "SET read_only" is not allowed without READ_ONLY ADMIN
 CREATE USER user1@localhost;
 GRANT ALL PRIVILEGES ON *.* TO user1@localhost;
-REVOKE READ_ONLY ADMIN, SUPER ON *.* FROM user1@localhost;
+REVOKE READ_ONLY ADMIN ON *.* FROM user1@localhost;
 connect user1,localhost,user1,,;
 connection user1;
 SET GLOBAL read_only=0;
-ERROR 42000: Access denied; you need (at least one of) the SUPER, READ_ONLY ADMIN privilege(s) for this operation
+ERROR 42000: Access denied; you need (at least one of) the READ_ONLY ADMIN privilege(s) for this operation
 SET read_only=0;
 ERROR HY000: Variable 'read_only' is a GLOBAL variable and should be set with SET GLOBAL
 SET SESSION read_only=0;
@@ -29,16 +29,3 @@ ERROR HY000: Variable 'read_only' is a GLOBAL variable and should be set with SE
 disconnect user1;
 connection default;
 DROP USER user1@localhost;
-# Test that "SET read_only" is allowed with SUPER
-CREATE USER user1@localhost;
-GRANT SUPER ON *.* TO user1@localhost;
-connect user1,localhost,user1,,;
-connection user1;
-SET GLOBAL read_only=0;
-SET read_only=0;
-ERROR HY000: Variable 'read_only' is a GLOBAL variable and should be set with SET GLOBAL
-SET SESSION read_only=0;
-ERROR HY000: Variable 'read_only' is a GLOBAL variable and should be set with SET GLOBAL
-disconnect user1;
-connection default;
-DROP USER user1@localhost;
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result b/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
index 6d0d147a9db..157c50a78c7 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
@@ -3015,7 +3015,7 @@ COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	READ_ONLY
 VARIABLE_SCOPE	GLOBAL
 VARIABLE_TYPE	BOOLEAN
-VARIABLE_COMMENT	Make all non-temporary tables read-only, with the exception for replication (slave) threads and users with the SUPER privilege
+VARIABLE_COMMENT	Make all non-temporary tables read-only, with the exception for replication (slave) threads and users with the 'READ ONLY ADMIN' privilege
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
index 1b4e49f55be..fc006a0013e 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
@@ -3195,7 +3195,7 @@ COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	READ_ONLY
 VARIABLE_SCOPE	GLOBAL
 VARIABLE_TYPE	BOOLEAN
-VARIABLE_COMMENT	Make all non-temporary tables read-only, with the exception for replication (slave) threads and users with the SUPER privilege
+VARIABLE_COMMENT	Make all non-temporary tables read-only, with the exception for replication (slave) threads and users with the 'READ ONLY ADMIN' privilege
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
diff --git a/mysql-test/suite/sys_vars/t/read_only_grant.test b/mysql-test/suite/sys_vars/t/read_only_grant.test
index d6abef93aed..ccdd0f46362 100644
--- a/mysql-test/suite/sys_vars/t/read_only_grant.test
+++ b/mysql-test/suite/sys_vars/t/read_only_grant.test
@@ -4,11 +4,11 @@
 --echo # MDEV-21960 Bind READ_ONLY ADMIN to @@read_only
 --echo #
 
---echo # Test that "SET read_only" is not allowed without READ_ONLY ADMIN or SUPER
+--echo # Test that "SET read_only" is not allowed without READ_ONLY ADMIN
 
 CREATE USER user1@localhost;
 GRANT ALL PRIVILEGES ON *.* TO user1@localhost;
-REVOKE READ_ONLY ADMIN, SUPER ON *.* FROM user1@localhost;
+REVOKE READ_ONLY ADMIN ON *.* FROM user1@localhost;
 --connect(user1,localhost,user1,,)
 --connection user1
 --error ER_SPECIFIC_ACCESS_DENIED_ERROR
@@ -35,18 +35,3 @@ SET SESSION read_only=0;
 --disconnect user1
 --connection default
 DROP USER user1@localhost;
-
---echo # Test that "SET read_only" is allowed with SUPER
-
-CREATE USER user1@localhost;
-GRANT SUPER ON *.* TO user1@localhost;
---connect(user1,localhost,user1,,)
---connection user1
-SET GLOBAL read_only=0;
---error ER_GLOBAL_VARIABLE
-SET read_only=0;
---error ER_GLOBAL_VARIABLE
-SET SESSION read_only=0;
---disconnect user1
---connection default
-DROP USER user1@localhost;