Log down the checked privileges to the system.query_log

[nikitamikhaylov]

Use case

For testing purposes we would love to know the set of GRANTs required for the query to be finished successfully (successfully == not receiving ACCESS_DENIED error).

Describe the solution you'd like

Add an additional field named checked_privileges of type Array(String) to the system.query_log. It will contain information like ['SELECT ON database.table', 'demangle ON *.*', ...].

P.S. Maybe it is worth to add a field required_privilege which will be non-empty in case when the query finished with an error ACCESS_DENIED. This is needed mostly not to parse the exception message rather than just executing a simple query.

[alexey-milovidov]

Keep in mind that the list of columns can be very long, so the data amount for queries over wide tables will increase significantly.