As (or close to) defined in the SQL:2003 standard.
According to the standard, role and user names live in the same namespace. But in MariaDB a user name has a mandatorypart (even if it's ). And we probably wouldn't want it for roles. So, practically, we will have users and roles in different name spaces, with a little ambiguity, when a user name is specified without a part, where allowed. Alternatively, we can specify that a role name cannot match the first part of any user name. May be it'll be less confusing this way.
Only one role can be set to a user at any specific point in any given session. In other words,(see below) can never return a list.
One needsprivilege to create or drop a role. Or an appropriate (insert or delete) privilege on the database.
One needs a role to be granted to himselfto be able to grant or revoke it further. A creator of a role gets it automatically granted to himself . Alternatively, one can use or (with privilege) .
If there is no current role, the function returns, not .
there are more tables in thethat are relevant for roles. They are not part of this task.
Everywhere where one can write, we should allow to be a role name. And additionally we'll support .
The role name ofis reserved. There can be no role with this name. But this name can be used in and statements as a grantee.Privileges granted to are always available to everyone. Implementing it is not part of this task.
The role name ofis reserved too.
Syntax variants (which ones we'll do?):
When a default role is set, the server implicitly runsfor every new connection (or after a for a user .