From b0ef5147c9cf441f2fe7d0aee5d43ffcffdeb40b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Canna=C3=B2?= <rene.cannao@gmail.com>
Date: Thu, 13 Jul 2023 02:41:53 +0000
Subject: [PATCH] Reduce privileges on create_mysql_user() for TAP

---
 test/tap/tap/utils.cpp | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/test/tap/tap/utils.cpp b/test/tap/tap/utils.cpp
index 9a9afedb6..7fc8ff5bb 100644
--- a/test/tap/tap/utils.cpp
+++ b/test/tap/tap/utils.cpp
@@ -638,13 +638,17 @@ int create_mysql_user(
 	string create_user_query {};
 	string_format(t_create_user_query, create_user_query, user.c_str(), pass.c_str());
 
-	const string t_grant_all_query { "GRANT ALL ON *.* TO %s@'%%'" };
-	string grant_all_query { };
-	string_format(t_grant_all_query, grant_all_query, user.c_str());
+	const string t_grant_all_query1 { "GRANT ALL ON test.* TO %s@'%%'" };
+	const string t_grant_all_query2 { "GRANT SESSION_VARIABLES_ADMIN ON *.* TO %s@'%%'" };
+	string grant_all_query1 { };
+	string grant_all_query2 { };
+	string_format(t_grant_all_query1, grant_all_query1, user.c_str());
+	string_format(t_grant_all_query2, grant_all_query2, user.c_str());
 
 	MYSQL_QUERY(mysql_server, drop_user_query.c_str());
 	MYSQL_QUERY(mysql_server, create_user_query.c_str());
-	MYSQL_QUERY(mysql_server, grant_all_query.c_str());
+	MYSQL_QUERY(mysql_server, grant_all_query1.c_str());
+	MYSQL_QUERY(mysql_server, grant_all_query2.c_str());
 
 	return EXIT_SUCCESS;
 }