Revert "[MDEV-7978] add show create user"

Appoligies, had a dirty branch before pushing: This reverts commit 053653a2. This reverts commit 0ff89780. This reverts commit 85b08597. This reverts commit f3f45e46. This reverts commit a470b357. This reverts commit f8b8d202. This reverts commit 6b6f066f. This reverts commit a701e9e6. This reverts commit c1698386.

Revert "[MDEV-7978] add show create user"
Appoligies, had a dirty branch before pushing: This reverts commit 053653a2. This reverts commit 0ff89780. This reverts commit 85b08597. This reverts commit f3f45e46. This reverts commit a470b357. This reverts commit f8b8d202. This reverts commit 6b6f066f. This reverts commit a701e9e6. This reverts commit c1698386.
1be8ac39 · Daniel Black · 3d28d1f3 · 3d28d1f3 · 3d28d1f3 · 1be8ac39
Commit 1be8ac39 authored Sep 24, 2020 by Daniel Black
16 changed files
--- a/mysql-test/r/alter_user.result
+++ b/mysql-test/r/alter_user.result
--- a/mysql-test/r/create_user.result
+++ b/mysql-test/r/create_user.result
--- a/mysql-test/r/mysqld--help.result
+++ b/mysql-test/r/mysqld--help.result
@@ -1360,7 +1360,7 @@ performance-schema-max-rwlock-instances -1
 performance-schema-max-socket-classes 10
 performance-schema-max-socket-instances -1
 performance-schema-max-stage-classes 150
-performance-schema-max-statement-classes 180
+performance-schema-max-statement-classes 178
 performance-schema-max-table-handles -1
 performance-schema-max-table-instances -1
 performance-schema-max-thread-classes 50

--- a/mysql-test/r/show_create_user.result
+++ b/mysql-test/r/show_create_user.result
-create user foo;
-show create user foo;
-CREATE USER for foo@%
-CREATE USER 'foo'@'%'
-create user foo@test;
-show create user foo@test;
-CREATE USER for foo@test
-CREATE USER 'foo'@'test'
-create user foo2@test identified by 'password';
-show create user foo2@test;
-CREATE USER for foo2@test
-CREATE USER 'foo2'@'test' IDENTIFIED BY PASSWORD '*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19'
-alter user foo2@test identified with 'someplugin' as 'somepassword';
-show create user foo2@test;
-CREATE USER for foo2@test
-CREATE USER 'foo2'@'test' IDENTIFIED VIA someplugin USING 'somepassword'
-create user foo3@test require SSL;
-show create user foo3@test;
-CREATE USER for foo3@test
-CREATE USER 'foo3'@'test' REQUIRE SSL
-create user foo4@test require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
-show create user foo4@test;
-CREATE USER for foo4@test
-CREATE USER 'foo4'@'test' REQUIRE ISSUER 'foo_issuer' SUBJECT 'foo_subject' CIPHER 'text'
-create user foo5@test require SSL
-with MAX_QUERIES_PER_HOUR 10
-MAX_UPDATES_PER_HOUR 20
-MAX_CONNECTIONS_PER_HOUR 30
-MAX_USER_CONNECTIONS 40
-MAX_STATEMENT_TIME 0.5;
-show create user foo5@test;
-CREATE USER for foo5@test
-CREATE USER 'foo5'@'test' REQUIRE SSL WITH MAX_QUERIES_PER_HOUR 10 MAX_UPDATES_PER_HOUR 20 MAX_CONNECTIONS_PER_HOUR 30 MAX_USER_CONNECTIONS 40 MAX_STATEMENT_TIME 0.500000
-drop user foo5@test;
-drop user foo4@test;
-drop user foo3@test;
-drop user foo2@test;
-drop user foo@test;
-drop user foo;
--- a/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
@@ -2825,9 +2825,9 @@ READ_ONLY	YES
 COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_CLASSES
 SESSION_VALUE	NULL
-GLOBAL_VALUE	180
+GLOBAL_VALUE	178
 GLOBAL_VALUE_ORIGIN	COMPILE-TIME
-DEFAULT_VALUE	180
+DEFAULT_VALUE	178
 VARIABLE_SCOPE	GLOBAL
 VARIABLE_TYPE	BIGINT UNSIGNED
 VARIABLE_COMMENT	Maximum number of statement instruments.

--- a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
@@ -3021,9 +3021,9 @@ READ_ONLY	YES
 COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_CLASSES
 SESSION_VALUE	NULL
-GLOBAL_VALUE	180
+GLOBAL_VALUE	178
 GLOBAL_VALUE_ORIGIN	COMPILE-TIME
-DEFAULT_VALUE	180
+DEFAULT_VALUE	178
 VARIABLE_SCOPE	GLOBAL
 VARIABLE_TYPE	BIGINT UNSIGNED
 VARIABLE_COMMENT	Maximum number of statement instruments.

--- a/mysql-test/t/alter_user.test
+++ b/mysql-test/t/alter_user.test
--source include/not_embedded.inc
--enable_connect_log
-
-
-select * from mysql.user where user = 'root' and host = 'localhost';
--echo # Test syntax
--echo #
--echo # These 2 selects should have no changes from the first one.
-alter user CURRENT_USER;
-select * from mysql.user where user = 'root' and host = 'localhost';
-alter user CURRENT_USER();
-select * from mysql.user where user = 'root' and host = 'localhost';
-
-create user foo;
-select * from mysql.user where user = 'foo';
-alter user foo;
-select * from mysql.user where user = 'foo';
-
--echo # Test super privilege works correctly with a read only database.
-SET @start_read_only = @@global.read_only;
-SET GLOBAL read_only=1;
-grant create user on *.* to foo;
-
--echo # Currently no super privileges.
-connect (a, localhost, foo);
-select @@global.read_only;
-
--error ER_OPTION_PREVENTS_STATEMENT
-alter user foo;
-
--echo # Grant super privilege to the user.
-connection default;
-grant super on *.* to foo;
-
--echo # We now have super privilege. We should be able to run alter user.
-connect (b, localhost, foo);
-alter user foo;
-
-connection default;
-SET GLOBAL read_only = @start_read_only;
-
--echo # Test inexistant user.
--error ER_CANNOT_USER
-alter user boo;
--echo #--warning ER_CANNOT_USER
-alter if exists user boo;
-
--echo # Test password related altering.
-alter user foo identified by 'something';
-select * from mysql.user where user = 'foo';
-
-alter user foo identified by 'something2';
-select * from mysql.user where user = 'foo';
-
-alter user foo identified by password '*88C89BE093D4ECF72D039F62EBB7477EA1FD4D63';
-select * from mysql.user where user = 'foo';
-
-alter user foo identified with 'somecoolplugin';
-select * from mysql.user where user = 'foo';
-
-alter user foo identified with 'somecoolplugin' using 'somecoolpassphrase';
-select * from mysql.user where user = 'foo';
-
--echo # Test ssl related altering.
-alter user foo identified by 'something' require SSL;
-select * from mysql.user where user = 'foo';
-
-alter user foo identified by 'something' require X509;
-select * from mysql.user where user = 'foo';
-
-alter user foo identified by 'something'
-require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
-select * from mysql.user where user = 'foo';
-
--echo # Test resource limits altering.
-alter user foo with MAX_QUERIES_PER_HOUR 10
-                    MAX_UPDATES_PER_HOUR 20
-                    MAX_CONNECTIONS_PER_HOUR 30
-                    MAX_USER_CONNECTIONS 40;
-select * from mysql.user where user = 'foo';
-drop user foo;
--disable_connect_log
--- a/mysql-test/t/create_user.test
+++ b/mysql-test/t/create_user.test
--source include/not_embedded.inc
-
-create user foo;
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require SSL;
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require X509;
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require CIPHER 'cipher';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require ISSUER 'issuer';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require SUBJECT 'subject';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require CIPHER 'cipher'
-                                                   SUBJECT 'subject';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo identified by 'password' require CIPHER 'cipher' 
-                                                   AND SUBJECT 'subject'
-                                                   AND ISSUER 'issuer';
-select * from mysql.user where user = 'foo';
-drop user foo;
-
-create user foo, foo2 identified by 'password' require CIPHER 'cipher' 
-                                                   AND SUBJECT 'subject'
-                                                   AND ISSUER 'issuer';
-select * from mysql.user where user like 'foo';
-
--echo #--warning ER_USER_CREATE_EXISTS
-create user if not exists foo, foo2 identified by 'password2'
-    require CIPHER 'cipher2' AND SUBJECT 'subject2' AND ISSUER 'issuer2';
-select * from mysql.user where user like 'foo';
-drop user foo, foo2;
-
-create user foo with MAX_QUERIES_PER_HOUR 10
-                     MAX_UPDATES_PER_HOUR 20
-                     MAX_CONNECTIONS_PER_HOUR 30
-                     MAX_USER_CONNECTIONS 40;
-select * from mysql.user where user like 'foo';
-drop user foo;
--- a/mysql-test/t/show_create_user.test
+++ b/mysql-test/t/show_create_user.test
--source include/not_embedded.inc
-
-create user foo;
-show create user foo;
-
-create user foo@test;
-show create user foo@test;
-
-create user foo2@test identified by 'password';
-show create user foo2@test;
-
-alter user foo2@test identified with 'someplugin' as 'somepassword';
-show create user foo2@test;
-
-create user foo3@test require SSL;
-show create user foo3@test;
-
-create user foo4@test require cipher 'text' issuer 'foo_issuer' subject 'foo_subject';
-show create user foo4@test;
-
-create user foo5@test require SSL
-                      with MAX_QUERIES_PER_HOUR 10
-                           MAX_UPDATES_PER_HOUR 20
-                           MAX_CONNECTIONS_PER_HOUR 30
-                           MAX_USER_CONNECTIONS 40
-                           MAX_STATEMENT_TIME 0.5;
-show create user foo5@test;
-
-drop user foo5@test;
-drop user foo4@test;
-drop user foo3@test;
-drop user foo2@test;
-drop user foo@test;
-drop user foo;
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -3676,7 +3676,6 @@ SHOW_VAR com_status_vars[]= {
  {"alter_server",         STMT_STATUS(SQLCOM_ALTER_SERVER)},
  {"alter_table",          STMT_STATUS(SQLCOM_ALTER_TABLE)},
  {"alter_tablespace",     STMT_STATUS(SQLCOM_ALTER_TABLESPACE)},
-  {"alter_user",           STMT_STATUS(SQLCOM_ALTER_USER)},
  {"analyze",              STMT_STATUS(SQLCOM_ANALYZE)},
  {"assign_to_keycache",   STMT_STATUS(SQLCOM_ASSIGN_TO_KEYCACHE)},
  {"begin",                STMT_STATUS(SQLCOM_BEGIN)},
@@ -3766,7 +3765,6 @@ SHOW_VAR com_status_vars[]= {
  {"show_create_proc",     STMT_STATUS(SQLCOM_SHOW_CREATE_PROC)},
  {"show_create_table",    STMT_STATUS(SQLCOM_SHOW_CREATE)},
  {"show_create_trigger",  STMT_STATUS(SQLCOM_SHOW_CREATE_TRIGGER)},
-  {"show_create_user",     STMT_STATUS(SQLCOM_SHOW_CREATE_USER)},
  {"show_databases",       STMT_STATUS(SQLCOM_SHOW_DATABASES)},
  {"show_engine_logs",     STMT_STATUS(SQLCOM_SHOW_ENGINE_LOGS)},
  {"show_engine_mutex",    STMT_STATUS(SQLCOM_SHOW_ENGINE_MUTEX)},

--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -241,7 +241,6 @@ sp_get_flags_for_command(LEX *lex)
  case SQLCOM_SHOW_CREATE_PROC:
  case SQLCOM_SHOW_CREATE_EVENT:
  case SQLCOM_SHOW_CREATE_TRIGGER:
-  case SQLCOM_SHOW_CREATE_USER:
  case SQLCOM_SHOW_DATABASES:
  case SQLCOM_SHOW_ERRORS:
  case SQLCOM_SHOW_EXPLAIN:
@@ -310,7 +309,6 @@ sp_get_flags_for_command(LEX *lex)
  case SQLCOM_CREATE_USER:
  case SQLCOM_CREATE_ROLE:
  case SQLCOM_ALTER_TABLE:
-  case SQLCOM_ALTER_USER:
  case SQLCOM_GRANT:
  case SQLCOM_GRANT_ROLE:
  case SQLCOM_REVOKE:

--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
--- a/sql/sql_acl.h
+++ b/sql/sql_acl.h
@@ -246,7 +246,6 @@ bool get_show_user(THD *thd, LEX_USER *lex_user, const char **username,
 void mysql_show_grants_get_fields(THD *thd, List<Item> *fields,
                                  const char *name);
 bool mysql_show_grants(THD *thd, LEX_USER *user);
-bool mysql_show_create_user(THD *thd, LEX_USER *user);
 int fill_schema_enabled_roles(THD *thd, TABLE_LIST *tables, COND *cond);
 int fill_schema_applicable_roles(THD *thd, TABLE_LIST *tables, COND *cond);
 void get_privilege_desc(char *to, uint max_length, ulong access);
@@ -254,7 +253,6 @@ void get_mqh(const char *user, const char *host, USER_CONN *uc);
 bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool handle_as_role);
 bool mysql_drop_user(THD *thd, List <LEX_USER> &list, bool handle_as_role);
 bool mysql_rename_user(THD *thd, List <LEX_USER> &list);
-int mysql_alter_user(THD *thd, List <LEX_USER> &list);
 bool mysql_revoke_all(THD *thd, List <LEX_USER> &list);
 void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant,
                                     const char *db, const char *table);

--- a/sql/sql_cmd.h
+++ b/sql/sql_cmd.h
@@ -93,8 +93,6 @@ enum enum_sql_command {
  SQLCOM_CREATE_ROLE, SQLCOM_DROP_ROLE, SQLCOM_GRANT_ROLE, SQLCOM_REVOKE_ROLE,
  SQLCOM_COMPOUND,
  SQLCOM_SHOW_GENERIC,
-  SQLCOM_ALTER_USER,
-  SQLCOM_SHOW_CREATE_USER,

  /*
    When a command is added here, be sure it's also added in mysqld.cc

--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -422,7 +422,6 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_SHOW_EXPLAIN]= CF_STATUS_COMMAND;
  sql_command_flags[SQLCOM_SHOW_PROCESSLIST]= CF_STATUS_COMMAND;
  sql_command_flags[SQLCOM_SHOW_GRANTS]=      CF_STATUS_COMMAND;
-  sql_command_flags[SQLCOM_SHOW_CREATE_USER]= CF_STATUS_COMMAND;
  sql_command_flags[SQLCOM_SHOW_CREATE_DB]=   CF_STATUS_COMMAND;
  sql_command_flags[SQLCOM_SHOW_CREATE]=  CF_STATUS_COMMAND;
  sql_command_flags[SQLCOM_SHOW_MASTER_STAT]= CF_STATUS_COMMAND;
@@ -444,7 +443,6 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_CREATE_USER]=       CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_RENAME_USER]=       CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_DROP_USER]=         CF_CHANGES_DATA;
-  sql_command_flags[SQLCOM_ALTER_USER]=        CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_CREATE_ROLE]=       CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_GRANT]=             CF_CHANGES_DATA;
  sql_command_flags[SQLCOM_GRANT_ROLE]=        CF_CHANGES_DATA;
@@ -508,7 +506,6 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_CHECKSUM]=  CF_REPORT_PROGRESS;

  sql_command_flags[SQLCOM_CREATE_USER]|=       CF_AUTO_COMMIT_TRANS;
-  sql_command_flags[SQLCOM_ALTER_USER]|=        CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_DROP_USER]|=         CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_RENAME_USER]|=       CF_AUTO_COMMIT_TRANS;
  sql_command_flags[SQLCOM_CREATE_ROLE]|=       CF_AUTO_COMMIT_TRANS;
@@ -604,7 +601,6 @@ void init_update_queries(void)
  sql_command_flags[SQLCOM_ALTER_EVENT]|=      CF_DISALLOW_IN_RO_TRANS;
  sql_command_flags[SQLCOM_DROP_EVENT]|=       CF_DISALLOW_IN_RO_TRANS;
  sql_command_flags[SQLCOM_CREATE_USER]|=      CF_DISALLOW_IN_RO_TRANS;
-  sql_command_flags[SQLCOM_ALTER_USER]|=       CF_DISALLOW_IN_RO_TRANS;
  sql_command_flags[SQLCOM_RENAME_USER]|=      CF_DISALLOW_IN_RO_TRANS;
  sql_command_flags[SQLCOM_DROP_USER]|=        CF_DISALLOW_IN_RO_TRANS;
  sql_command_flags[SQLCOM_CREATE_SERVER]|=    CF_DISALLOW_IN_RO_TRANS;
@@ -4407,7 +4403,6 @@ mysql_execute_command(THD *thd)
      my_ok(thd);
    break;
  }
-  case SQLCOM_ALTER_USER:
  case SQLCOM_RENAME_USER:
  {
    if (check_access(thd, UPDATE_ACL, "mysql", NULL, NULL, 1, 1) &&
@@ -4415,11 +4410,7 @@ mysql_execute_command(THD *thd)
      break;
    /* Conditionally writes to binlog */
    WSREP_TO_ISOLATION_BEGIN(WSREP_MYSQL_DB, NULL, NULL)
-    if (lex->sql_command == SQLCOM_ALTER_USER)
-      res= mysql_alter_user(thd, lex->users_list);
-    else
-      res= mysql_rename_user(thd, lex->users_list);
-    if (!res)
+    if (!(res= mysql_rename_user(thd, lex->users_list)))
      my_ok(thd);
    break;
  }
@@ -4716,7 +4707,6 @@ mysql_execute_command(THD *thd)
    break;

 #ifndef NO_EMBEDDED_ACCESS_CHECKS
-  case SQLCOM_SHOW_CREATE_USER:
  case SQLCOM_SHOW_GRANTS:
  {
    LEX_USER *grant_user= lex->grant_user;
@@ -4724,20 +4714,7 @@ mysql_execute_command(THD *thd)
      goto error;

    WSREP_SYNC_WAIT(thd, WSREP_SYNC_WAIT_BEFORE_SHOW);
-    if (grant_user->user.str && !strcmp(sctx->priv_user, grant_user->user.str) &&
-        grant_user->host.str && !strcmp(sctx->priv_host, grant_user->host.str))
-      grant_user->user= current_user;
-
-    if (grant_user->user.str == current_user.str ||
-        grant_user->user.str == current_role.str ||
-        grant_user->user.str == current_user_and_current_role.str ||
-        !check_access(thd, SELECT_ACL, "mysql", NULL, NULL, 1, 0))
-    {
-      if (lex->sql_command == SQLCOM_SHOW_GRANTS)
-        res = mysql_show_grants(thd, grant_user);
-      else
-        res = mysql_show_create_user(thd, grant_user);
-    }
+    res = mysql_show_grants(thd, grant_user);
    break;
  }
 #endif

--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -2531,8 +2531,7 @@ create:
            Lex->create_view_suid= TRUE;
          }
          view_or_trigger_or_sp_or_event { }
-        | create_or_replace USER opt_if_not_exists clear_privileges grant_list
-          opt_require_clause opt_resource_options
+        | create_or_replace USER_SYM opt_if_not_exists clear_privileges grant_list
          {
            if (Lex->set_command_with_check(SQLCOM_CREATE_USER, $1 | $3))
              MYSQL_YYABORT;
@@ -7107,13 +7106,6 @@ alter:
            lex->sql_command= SQLCOM_ALTER_SERVER;
            lex->server_options.reset($3);
          } OPTIONS_SYM '(' server_options_list ')' { }
-          /* ALTER USER foo is allowed for MySQL compatibility. */
-        | ALTER opt_if_exists USER clear_privileges grant_list
-          opt_require_clause opt_resource_options
-          {
-            Lex->create_info.set($2);
-            Lex->sql_command= SQLCOM_ALTER_USER;
-          }
        ;

 ev_alter_on_schedule_completion:
@@ -12494,18 +12486,6 @@ show_param:
            lex->sql_command= SQLCOM_SHOW_CREATE_TRIGGER;
            lex->spname= $3;
          }
-        | CREATE USER
-          {
-            Lex->sql_command= SQLCOM_SHOW_CREATE_USER;
-            if (!(Lex->grant_user= (LEX_USER*)thd->alloc(sizeof(LEX_USER))))
-              MYSQL_YYABORT;
-            Lex->grant_user->user= current_user;
-          }
-        | CREATE USER user
-          {
-             Lex->sql_command= SQLCOM_SHOW_CREATE_USER;
-             Lex->grant_user= $3;
-          }
        | PROCEDURE_SYM STATUS_SYM wild_and_where
          {
            LEX *lex= Lex;
@@ -15056,14 +15036,14 @@ grant:

 grant_command:
          grant_privileges ON opt_table grant_ident TO_SYM grant_list
-          opt_require_clause opt_grant_options
+          require_clause grant_options
          {
            LEX *lex= Lex;
            lex->sql_command= SQLCOM_GRANT;
            lex->type= 0;
          }
        | grant_privileges ON FUNCTION_SYM grant_ident TO_SYM grant_list
-          opt_require_clause opt_grant_options
+          require_clause grant_options
          {
            LEX *lex= Lex;
            if (lex->columns.elements)
@@ -15075,7 +15055,7 @@ grant_command:
            lex->type= TYPE_ENUM_FUNCTION;
          }
        | grant_privileges ON PROCEDURE_SYM grant_ident TO_SYM grant_list
-          opt_require_clause opt_grant_options
+          require_clause grant_options
          {
            LEX *lex= Lex;
            if (lex->columns.elements)
@@ -15412,7 +15392,7 @@ column_list_id:
          }
        ;

-opt_require_clause:
+require_clause:
          /* empty */
        | REQUIRE_SYM require_list
          {
@@ -15432,8 +15412,24 @@ opt_require_clause:
          }
        ;

-resource_option:
-        MAX_QUERIES_PER_HOUR ulong_num
+grant_options:
+          /* empty */ {}
+        | WITH grant_option_list
+        ;
+
+opt_grant_option:
+          /* empty */ {}
+        | WITH GRANT OPTION { Lex->grant |= GRANT_ACL;}
+        ;
+
+grant_option_list:
+          grant_option_list grant_option {}
+        | grant_option {}
+        ;
+
+grant_option:
+          GRANT OPTION { Lex->grant |= GRANT_ACL;}
+        | MAX_QUERIES_PER_HOUR ulong_num
          {
            LEX *lex=Lex;
            lex->mqh.questions=$2;
@@ -15465,37 +15461,6 @@ resource_option:
          }
        ;

-resource_option_list:
-	  resource_option_list resource_option {}
-	| resource_option {}
-        ;
-
-opt_resource_options:
-	  /* empty */ {}
-	| WITH resource_option_list
-        ;
-
-
-opt_grant_options:
-          /* empty */ {}
-        | WITH grant_option_list {}
-        ;
-
-opt_grant_option:
-          /* empty */ {}
-        | WITH GRANT OPTION { Lex->grant |= GRANT_ACL;}
-        ;
-
-grant_option_list:
-          grant_option_list grant_option {}
-        | grant_option {}
-        ;
-
-grant_option:
-          GRANT OPTION { Lex->grant |= GRANT_ACL;}
-	| resource_option {}
-        ;
-
 begin:
          BEGIN_SYM
          {