Add support for ALTER MATERIALIZED VIEW .. SET AUTHORIZATION

This commit adds support for `SET AUTHORIZATION` on a materialized view.
Previously, this was only available on views.

Author: codyzwief

core/trino-grammar/src/main/antlr4/io/trino/grammar/sql/SqlBase.g4

@@ -953,7 +953,7 @@ grantObject
     ;
 
 ownedEntityKind
-    : TABLE | SCHEMA | VIEW | identifier
+    : TABLE | SCHEMA | VIEW | MATERIALIZED VIEW | identifier
     ;
 
 qualifiedName

core/trino-main/src/main/java/io/trino/execution/SetAuthorizationTask.java

@@ -104,6 +104,13 @@ private void setEntityAuthorization(Session session, SetAuthorizationStatement s
                     throw semanticException(TABLE_NOT_FOUND, statement, "View '%s' does not exist", viewName);
                 }
             }
+            case "MATERIALIZED VIEW" -> {
+                QualifiedObjectName viewName = new QualifiedObjectName(name.get(0), name.get(1), name.get(2));
+                getRequiredCatalogHandle(metadata, session, statement, viewName.catalogName());
+                if (!metadata.isMaterializedView(session, viewName)) {
+                    throw semanticException(TABLE_NOT_FOUND, statement, "Materialized view '%s' does not exist", viewName);
+                }
+            }
         }
 
         TrinoPrincipal principal = createPrincipal(statement.getPrincipal());

core/trino-main/src/main/java/io/trino/metadata/MetadataManager.java

@@ -180,7 +180,7 @@
 public final class MetadataManager
         implements Metadata
 {
-    private static final Set<String> ENTITY_KINDS_WITH_CATALOG = ImmutableSet.of("SCHEMA", "TABLE", "VIEW");
+    private static final Set<String> ENTITY_KINDS_WITH_CATALOG = ImmutableSet.of("SCHEMA", "TABLE", "VIEW", "MATERIALIZED VIEW");
     private static final Logger log = Logger.get(MetadataManager.class);
 
     @VisibleForTesting
@@ -2861,6 +2861,7 @@ public void setEntityAuthorization(Session session, EntityKindAndName entityKind
                 switch (ownedKind) {
                     case "TABLE" -> metadata.setTableAuthorization(session.toConnectorSession(catalogHandle), new SchemaTableName(name.get(1), name.get(2)), principal);
                     case "VIEW" -> metadata.setViewAuthorization(session.toConnectorSession(catalogHandle), new SchemaTableName(name.get(1), name.get(2)), principal);
+                    case "MATERIALIZED VIEW" -> metadata.setMaterializedViewAuthorization(session.toConnectorSession(catalogHandle), new SchemaTableName(name.get(1), name.get(2)), principal);
                     case "SCHEMA" -> metadata.setSchemaAuthorization(session.toConnectorSession(catalogHandle), name.get(1), principal);
                     default -> throw new IllegalArgumentException("Unsupported owned kind: " + ownedKind);
                 }

core/trino-main/src/main/java/io/trino/metadata/MetadataUtil.java

@@ -133,7 +133,7 @@ public static List<String> fillInNameParts(Session session, Node node, String en
                         throw new TrinoException(GENERIC_USER_ERROR, "Invalid entity %s for entity kind %s".formatted(joinName(name), entityKind));
                 }
                 break;
-            case "TABLE", "VIEW":
+            case "TABLE", "VIEW", "MATERIALIZED VIEW":
                 switch (name.size()) {
                     case 1:
                         if (session.getCatalog().isPresent() && session.getSchema().isPresent()) {

core/trino-main/src/main/java/io/trino/security/AccessControlManager.java

@@ -1416,6 +1416,9 @@ public void checkCanSetEntityAuthorization(SecurityContext securityContext, Enti
                 case "VIEW":
                     control.checkCanSetViewAuthorization(context, new SchemaTableName(name.get(1), name.get(2)), principal);
                     break;
+                case "MATERIALIZED VIEW":
+                    control.checkCanSetMaterializedViewAuthorization(context, new SchemaTableName(name.get(1), name.get(2)), principal);
+                    break;
                 default:
                     denySetEntityAuthorization(new EntityKindAndName(ownedKind, name), principal);
             }

core/trino-main/src/main/java/io/trino/security/InjectedConnectorAccessControl.java

@@ -321,6 +321,13 @@ public void checkCanRenameMaterializedView(ConnectorSecurityContext context, Sch
         accessControl.checkCanRenameMaterializedView(securityContext, getQualifiedObjectName(viewName), getQualifiedObjectName(newViewName));
     }
 
+    @Override
+    public void checkCanSetMaterializedViewAuthorization(ConnectorSecurityContext context, SchemaTableName viewName, TrinoPrincipal principal)
+    {
+        checkArgument(context == null, "context must be null");
+        accessControl.checkCanSetEntityAuthorization(securityContext, new EntityKindAndName("MATERIALIZED VIEW", getQualifiedObjectNameParts(viewName)), principal);
+    }
+
     @Override
     public void checkCanSetMaterializedViewProperties(ConnectorSecurityContext context, SchemaTableName materializedViewName, Map<String, Optional<Object>> properties)
     {

core/trino-main/src/main/java/io/trino/tracing/TracingConnectorMetadata.java

@@ -1332,6 +1332,15 @@ public void renameMaterializedView(ConnectorSession session, SchemaTableName sou
         }
     }
 
+    @Override
+    public void setMaterializedViewAuthorization(ConnectorSession session, SchemaTableName viewName, TrinoPrincipal principal)
+    {
+        Span span = startSpan("setMaterializedViewAuthorization", viewName);
+        try (var _ = scopedSpan(span)) {
+            delegate.setMaterializedViewAuthorization(session, viewName, principal);
+        }
+    }
+
     @Override
     public void setMaterializedViewProperties(ConnectorSession session, SchemaTableName viewName, Map<String, Optional<Object>> properties)
     {

core/trino-main/src/test/java/io/trino/connector/MockConnector.java

@@ -689,6 +689,9 @@ public void renameView(ConnectorSession session, SchemaTableName source, SchemaT
         @Override
         public void setViewAuthorization(ConnectorSession session, SchemaTableName viewName, TrinoPrincipal principal) {}
 
+        @Override
+        public void setMaterializedViewAuthorization(ConnectorSession session, SchemaTableName viewName, TrinoPrincipal principal) {}
+
         @Override
         public void dropView(ConnectorSession session, SchemaTableName viewName) {}
 

core/trino-parser/src/main/java/io/trino/sql/parser/AstBuilder.java

@@ -22,6 +22,7 @@
 import io.trino.grammar.sql.SqlBaseParser.CorrespondingContext;
 import io.trino.grammar.sql.SqlBaseParser.CreateCatalogContext;
 import io.trino.grammar.sql.SqlBaseParser.DropCatalogContext;
+import io.trino.grammar.sql.SqlBaseParser.OwnedEntityKindContext;
 import io.trino.sql.tree.AddColumn;
 import io.trino.sql.tree.AliasedRelation;
 import io.trino.sql.tree.AllColumns;
@@ -321,6 +322,7 @@
 import java.util.Optional;
 import java.util.Set;
 import java.util.function.Function;
+import java.util.stream.IntStream;
 import java.util.stream.Stream;
 
 import static com.google.common.base.Preconditions.checkArgument;
@@ -511,9 +513,13 @@ public Node visitRenameSchema(SqlBaseParser.RenameSchemaContext context)
     @Override
     public Node visitSetAuthorization(SqlBaseParser.SetAuthorizationContext context)
     {
+        OwnedEntityKindContext ownedEntityKindContext = context.ownedEntityKind();
+        String ownedEntityKind = IntStream.range(0, ownedEntityKindContext.getChildCount())
+                .mapToObj(i -> ownedEntityKindContext.getChild(i).getText())
+                .reduce("", (a, b) -> String.format("%s %s", a, b).trim());
         return new SetAuthorizationStatement(
                 getLocation(context),
-                context.ownedEntityKind().getText().toUpperCase(ENGLISH),
+                ownedEntityKind.toUpperCase(ENGLISH),
                 getQualifiedName(context.qualifiedName()),
                 getPrincipalSpecification(context.principal()));
     }

core/trino-parser/src/test/java/io/trino/sql/parser/TestSqlParser.java

@@ -3556,6 +3556,29 @@ public void testAlterViewSetAuthorization()
                         new PrincipalSpecification(PrincipalSpecification.Type.ROLE, new Identifier(location(1, 47), "qux", false))));
     }
 
+    @Test
+    public void testAlterMaterializedViewSetAuthorization()
+    {
+        assertThat(statement("ALTER MATERIALIZED VIEW foo.bar.baz SET AUTHORIZATION qux")).isEqualTo(
+                new SetAuthorizationStatement(
+                        location(1, 1),
+                        "MATERIALIZED VIEW",
+                        QualifiedName.of(ImmutableList.of(new Identifier(location(1, 25), "foo", false), new Identifier(location(1, 29), "bar", false), new Identifier(location(1, 33), "baz", false))),
+                        new PrincipalSpecification(PrincipalSpecification.Type.UNSPECIFIED, new Identifier(location(1, 55), "qux", false))));
+        assertThat(statement("ALTER MATERIALIZED VIEW foo.bar.baz SET AUTHORIZATION USER qux")).isEqualTo(
+                new SetAuthorizationStatement(
+                        location(1, 1),
+                        "MATERIALIZED VIEW",
+                        QualifiedName.of(ImmutableList.of(new Identifier(location(1, 25), "foo", false), new Identifier(location(1, 29), "bar", false), new Identifier(location(1, 33), "baz", false))),
+                        new PrincipalSpecification(PrincipalSpecification.Type.USER, new Identifier(location(1, 60), "qux", false))));
+        assertThat(statement("ALTER MATERIALIZED VIEW foo.bar.baz SET AUTHORIZATION ROLE qux")).isEqualTo(
+                new SetAuthorizationStatement(
+                        location(1, 1),
+                        "MATERIALIZED VIEW",
+                        QualifiedName.of(ImmutableList.of(new Identifier(location(1, 25), "foo", false), new Identifier(location(1, 29), "bar", false), new Identifier(location(1, 33), "baz", false))),
+                        new PrincipalSpecification(PrincipalSpecification.Type.ROLE, new Identifier(location(1, 60), "qux", false))));
+    }
+
     @Test
     public void testTableExecute()
     {