sql: SHOW ZONE CONFIGURATION output includes unpermissioned resources

[solongordon]

This is perhaps more confusing than harmful, but SHOW ZONE CONFIGURATION commands do not consider whether the user has privileges on the resources in question. This means that a user might see references to tables and databases that aren't otherwise visible to them. For instance:

roach@:26257/defaultdb> SHOW DATABASES;
  database_name
+---------------+
(0 rows)

Time: 1.438ms

roach@:26257/defaultdb> SHOW ZONE CONFIGURATION FOR DATABASE tpch;
     target     |                config_sql
+---------------+------------------------------------------+
  DATABASE tpch | ALTER DATABASE tpch CONFIGURE ZONE USING
                |     range_min_bytes = 16777216,
                |     range_max_bytes = 67108864,
                |     gc.ttlseconds = 90000,
                |     num_replicas = 3,
                |     constraints = '[]',
                |     lease_preferences = '[]'
(1 row)

Probably the right thing is for crdb_internal.zones to do the same thing that crdb_internal.tables does and call CheckAnyPrivilege before adding each row.

[awoods187]

@solongordon are we going to fix this for 19.2?