sql: fix SHOW ALL ZONE CONFIGURATION displaying unprivileged entries

[otan]

Fully resolves #40917.

• Made crdb_internal.zones not display entries which the executing
  user does not have access to.
• Add a delegate for ShowZoneConfig, which triggers on SHOW ALL
  ZONE CONFIGURATIONS, to use crdb_internal.zones table and run it as
  the executing user so rows are hidden if the user does not have
  permission.

Release note (bug fix): Previously, SHOW ALL ZONE CONFIGURATION ZONES and crdb_internal.zones shows results for resources the user does not have access to. This will instead filter out those entries from displaying.

[cockroach-teamcity]

This change is 

[solongordon]

Nice, pending a couple comment fixes.

Reviewed 1 of 5 files at r1.
Reviewable status: complete! 1 of 0 LGTMs obtained (waiting on @otan and @solongordon)

---

pkg/sql/crdb_internal.go, line 2183 at r1 (raw file):

					continue
				}
			}

Kind of too bad this logic is mostly duplicated with previous PR, but I guess we're looking up descriptors by ID in one case and by name in the other, so it would be awkward to dedup.

---

pkg/sql/delegate/show_zone_config.go, line 1 at r1 (raw file):

// Copyright 2017 The Cockroach Authors.

I don't think it really matters, but... 2019.

---

pkg/sql/delegate/show_zone_config.go, line 15 at r1 (raw file):

import "github.com/cockroachdb/cockroach/pkg/sql/sem/tree"

// ShowZoneConfig only delegates if it selecting ALL users.

All configurations, not users.

[otan]

Reviewable status: complete! 1 of 0 LGTMs obtained (waiting on @solongordon)

---

pkg/sql/delegate/show_zone_config.go, line 1 at r1 (raw file):

Previously, solongordon (Solon) wrote…

I don't think it really matters, but... 2019.

haha, is there a way of auto-generating these? i've been copy pasting.
Done.

---

pkg/sql/delegate/show_zone_config.go, line 15 at r1 (raw file):

Previously, solongordon (Solon) wrote…

All configurations, not users.

Done.

[otan]

bors r+

[craig]

Build succeeded

• GitHub CI (Cockroach)