*: add INFORMATION_SCHEMA.USER_PRIVILEGES table

executor/aggregate_test.go

@@ -270,7 +270,7 @@ func (s *testSuite) TestAggregation(c *C) {
 
 	result = tk.MustQuery("select count(*) from information_schema.columns")
 	// When adding new memory table in information_schema, please update this variable.
-	columnCountOfAllInformationSchemaTables := "576"
+	columnCountOfAllInformationSchemaTables := "580"
 	result.Check(testkit.Rows(columnCountOfAllInformationSchemaTables))
 
 	tk.MustExec("drop table if exists t1")

infoschema/infoschema_test.go

@@ -255,6 +255,7 @@ func (*testSuite) TestInfoTables(c *C) {
 		"PLUGINS",
 		"TABLE_CONSTRAINTS",
 		"TRIGGERS",
+		"USER_PRIVILEGES",
 	}
 	for _, t := range info_tables {
 		tb, err1 := is.TableByName(model.NewCIStr(infoschema.Name), model.NewCIStr(t))

infoschema/tables.go

@@ -23,6 +23,7 @@ import (
 	"github.com/pingcap/tidb/meta/autoid"
 	"github.com/pingcap/tidb/model"
 	"github.com/pingcap/tidb/mysql"
+	"github.com/pingcap/tidb/privilege"
 	"github.com/pingcap/tidb/sessionctx/variable"
 	"github.com/pingcap/tidb/sessionctx/varsutil"
 	"github.com/pingcap/tidb/table"
@@ -31,22 +32,23 @@ import (
 )
 
 const (
-	tableSchemata      = "SCHEMATA"
-	tableTables        = "TABLES"
-	tableColumns       = "COLUMNS"
-	tableStatistics    = "STATISTICS"
-	tableCharacterSets = "CHARACTER_SETS"
-	tableCollations    = "COLLATIONS"
-	tableFiles         = "FILES"
-	catalogVal         = "def"
-	tableProfiling     = "PROFILING"
-	tablePartitions    = "PARTITIONS"
-	tableKeyColumm     = "KEY_COLUMN_USAGE"
-	tableReferConst    = "REFERENTIAL_CONSTRAINTS"
-	tableSessionVar    = "SESSION_VARIABLES"
-	tablePlugins       = "PLUGINS"
-	tableConstraints   = "TABLE_CONSTRAINTS"
-	tableTriggers      = "TRIGGERS"
+	tableSchemata       = "SCHEMATA"
+	tableTables         = "TABLES"
+	tableColumns        = "COLUMNS"
+	tableStatistics     = "STATISTICS"
+	tableCharacterSets  = "CHARACTER_SETS"
+	tableCollations     = "COLLATIONS"
+	tableFiles          = "FILES"
+	catalogVal          = "def"
+	tableProfiling      = "PROFILING"
+	tablePartitions     = "PARTITIONS"
+	tableKeyColumm      = "KEY_COLUMN_USAGE"
+	tableReferConst     = "REFERENTIAL_CONSTRAINTS"
+	tableSessionVar     = "SESSION_VARIABLES"
+	tablePlugins        = "PLUGINS"
+	tableConstraints    = "TABLE_CONSTRAINTS"
+	tableTriggers       = "TRIGGERS"
+	tableUserPrivileges = "USER_PRIVILEGES"
 )
 
 type columnInfo struct {
@@ -322,6 +324,13 @@ var tableTriggersCols = []columnInfo{
 	{"DATABASE_COLLATION", mysql.TypeVarchar, 32, 0, nil, nil},
 }
 
+var tableUserPrivilegesCols = []columnInfo{
+	{"GRANTEE", mysql.TypeVarchar, 81, 0, nil, nil},
+	{"TABLE_CATALOG", mysql.TypeVarchar, 512, 0, nil, nil},
+	{"PRIVILEGE_TYPE", mysql.TypeVarchar, 64, 0, nil, nil},
+	{"IS_GRANTABLE", mysql.TypeVarchar, 3, 0, nil, nil},
+}
+
 func dataForCharacterSets() (records [][]types.Datum) {
 	records = append(records,
 		types.MakeDatums("ascii", "ascii_general_ci", "US ASCII", 1),
@@ -358,6 +367,11 @@ func dataForSessionVar(ctx context.Context) (records [][]types.Datum, err error)
 	return
 }
 
+func dataForUserPrivileges(ctx context.Context) [][]types.Datum {
+	checker := privilege.GetPrivilegeChecker(ctx)
+	return checker.UserPrivilegesTable()
+}
+
 var filesCols = []columnInfo{
 	{"FILE_ID", mysql.TypeLonglong, 4, 0, nil, nil},
 	{"FILE_NAME", mysql.TypeVarchar, 64, 0, nil, nil},
@@ -630,21 +644,22 @@ func dataForTableConstraints(schemas []*model.DBInfo) [][]types.Datum {
 }
 
 var tableNameToColumns = map[string]([]columnInfo){
-	tableSchemata:      schemataCols,
-	tableTables:        tablesCols,
-	tableColumns:       columnsCols,
-	tableStatistics:    statisticsCols,
-	tableCharacterSets: charsetCols,
-	tableCollations:    collationsCols,
-	tableFiles:         filesCols,
-	tableProfiling:     profilingCols,
-	tablePartitions:    partitionsCols,
-	tableKeyColumm:     keyColumnUsageCols,
-	tableReferConst:    referConstCols,
-	tableSessionVar:    sessionVarCols,
-	tablePlugins:       pluginsCols,
-	tableConstraints:   tableConstraintsCols,
-	tableTriggers:      tableTriggersCols,
+	tableSchemata:       schemataCols,
+	tableTables:         tablesCols,
+	tableColumns:        columnsCols,
+	tableStatistics:     statisticsCols,
+	tableCharacterSets:  charsetCols,
+	tableCollations:     collationsCols,
+	tableFiles:          filesCols,
+	tableProfiling:      profilingCols,
+	tablePartitions:     partitionsCols,
+	tableKeyColumm:      keyColumnUsageCols,
+	tableReferConst:     referConstCols,
+	tableSessionVar:     sessionVarCols,
+	tablePlugins:        pluginsCols,
+	tableConstraints:    tableConstraintsCols,
+	tableTriggers:       tableTriggersCols,
+	tableUserPrivileges: tableUserPrivilegesCols,
 }
 
 func createInfoSchemaTable(handle *Handle, meta *model.TableInfo) *infoschemaTable {
@@ -708,6 +723,8 @@ func (it *infoschemaTable) getRows(ctx context.Context, cols []*table.Column) (f
 	case tableKeyColumm:
 	case tableReferConst:
 	case tablePlugins, tableTriggers:
+	case tableUserPrivileges:
+		fullRows = dataForUserPrivileges(ctx)
 	}
 	if err != nil {
 		return nil, errors.Trace(err)

privilege/privilege.go

@@ -17,6 +17,7 @@ import (
 	"github.com/pingcap/tidb/context"
 	"github.com/pingcap/tidb/model"
 	"github.com/pingcap/tidb/mysql"
+	"github.com/pingcap/tidb/util/types"
 )
 
 type keyType int
@@ -41,6 +42,9 @@ type Checker interface {
 
 	// DBIsVisible returns true is the database is visible to current user.
 	DBIsVisible(db string) bool
+
+	// UserPrivilegesTable provide data for INFORMATION_SCHEMA.USERS_PRIVILEGE table.
+	UserPrivilegesTable() [][]types.Datum
 }
 
 const key keyType = 0

privilege/privileges/cache.go

@@ -14,6 +14,7 @@
 package privileges
 
 import (
+	"fmt"
 	"strings"
 	"sync/atomic"
 	"time"
@@ -455,6 +456,41 @@ func (p *MySQLPrivilege) DBIsVisible(user, host, db string) bool {
 	return false
 }
 
+// UserPrivilegesTable provide data for INFORMATION_SCHEMA.USERS_PRIVILEGE table.
+func (p *MySQLPrivilege) UserPrivilegesTable() [][]types.Datum {
+	var rows [][]types.Datum
+	for _, user := range p.User {
+		rows = appendUserPrivilegesTableRow(rows, user)
+	}
+	return rows
+}
+
+func appendUserPrivilegesTableRow(rows [][]types.Datum, user userRecord) [][]types.Datum {
+	var isGrantable string
+	if user.Privileges&mysql.GrantPriv > 0 {
+		isGrantable = "YES"
+	} else {
+		isGrantable = "NO"
+	}
+	gurantee := fmt.Sprintf("'%s'@'%s'", user.User, user.Host)
+
+	for _, priv := range mysql.AllGlobalPrivs {
+		if priv == mysql.GrantPriv {
+			continue
+		}
+		if user.Privileges&priv > 0 {
+			privilegeType := mysql.Priv2Str[priv]
+			// +---------------------------+---------------+-------------------------+--------------+
+			// | GRANTEE                   | TABLE_CATALOG | PRIVILEGE_TYPE          | IS_GRANTABLE |
+			// +---------------------------+---------------+-------------------------+--------------+
+			// | 'root'@'localhost'        | def           | SELECT                  | YES          |
+			record := types.MakeDatums(gurantee, "def", privilegeType, isGrantable)
+			rows = append(rows, record)
+		}
+	}
+	return rows
+}
+
 // Handle wraps MySQLPrivilege providing thread safe access.
 type Handle struct {
 	ctx  context.Context

privilege/privileges/privileges.go

@@ -271,6 +271,12 @@ func (p *UserPrivileges) DBIsVisible(db string) bool {
 	return mysqlPriv.DBIsVisible(user, host, db)
 }
 
+// UserPrivilegesTable implements the Checker interface.
+func (p *UserPrivileges) UserPrivilegesTable() [][]types.Datum {
+	mysqlPriv := p.Handle.Get()
+	return mysqlPriv.UserPrivilegesTable()
+}
+
 // Check implements Checker.Check interface.
 func (p *UserPrivileges) Check(ctx context.Context, db *model.DBInfo, tbl *model.TableInfo, privilege mysql.PrivilegeType) (bool, error) {
 	if p.privs == nil {