#
# MDEV-21971 Bind BINLOG ADMIN to binlog_annotate_row_events and binlog_row_image global and session variables
#
SET @global=@@global.binlog_row_image;
# Test that "SET binlog_row_image" is not allowed without BINLOG ADMIN or SUPER
CREATE USER user1@localhost;
GRANT ALL PRIVILEGES ON *.* TO user1@localhost;
REVOKE BINLOG ADMIN, SUPER ON *.* FROM user1@localhost;
connect user1,localhost,user1,,;
connection user1;
SET GLOBAL binlog_row_image=1;
ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation
SET binlog_row_image=1;
ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation
SET SESSION binlog_row_image=1;
ERROR 42000: Access denied; you need (at least one of) the SUPER, BINLOG ADMIN privilege(s) for this operation
disconnect user1;
connection default;
DROP USER user1@localhost;
# Test that "SET binlog_row_image" is allowed with BINLOG ADMIN
CREATE USER user1@localhost;
GRANT BINLOG ADMIN ON *.* TO user1@localhost;
connect user1,localhost,user1,,;
connection user1;
SET GLOBAL binlog_row_image=1;
SET binlog_row_image=1;
SET SESSION binlog_row_image=1;
disconnect user1;
connection default;
DROP USER user1@localhost;
# Test that "SET binlog_row_image" is allowed with SUPER
CREATE USER user1@localhost;
GRANT SUPER ON *.* TO user1@localhost;
connect user1,localhost,user1,,;
connection user1;
SET GLOBAL binlog_row_image=1;
SET binlog_row_image=1;
SET SESSION binlog_row_image=1;
disconnect user1;
connection default;
DROP USER user1@localhost;
SET @@global.binlog_row_image=@global;