create user test_user@localhost;
create role test_role1;
create role test_role2;
grant test_role1 to test_user@localhost;
grant test_role2 to test_user@localhost;
grant test_role2 to test_role1;
select user, host from mysql.user where user not like 'root';
User	Host
mariadb.sys	localhost
test_role1	
test_role2	
test_user	localhost
select * from mysql.roles_mapping;
Host	User	Role	Admin_option
	test_role1	test_role2	N
localhost	root	test_role1	Y
localhost	root	test_role2	Y
localhost	test_user	test_role1	N
localhost	test_user	test_role2	N
select user, host from mysql.db;
user	host
	%
	%
grant select on mysql.* to test_role2;
flush privileges;
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	NULL
set role test_role1;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	test_role1
select * from mysql.roles_mapping;
Host	User	Role	Admin_option
	test_role1	test_role2	N
localhost	root	test_role1	Y
localhost	root	test_role2	Y
localhost	test_user	test_role1	N
localhost	test_user	test_role2	N
set role none;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	NULL
select * from mysql.roles_mapping;
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table 'roles_mapping'
set role test_role2;
select current_user(), current_role();
current_user()	current_role()
test_user@localhost	test_role2
select * from mysql.roles_mapping;
Host	User	Role	Admin_option
	test_role1	test_role2	N
localhost	root	test_role1	Y
localhost	root	test_role2	Y
localhost	test_user	test_role1	N
localhost	test_user	test_role2	N
create role test_role3;
grant test_role3 to test_role2;
create role test_role4;
grant test_role4 to test_role3;
set role test_role1;
delete from mysql.user where user='no such user';
ERROR 42000: DELETE command denied to user 'test_user'@'localhost' for table 'user'
grant delete on mysql.* to test_role4;
set role test_role1;
delete from mysql.user where user='no such user';
show grants;
Grants for test_user@localhost
GRANT DELETE ON `mysql`.* TO `test_role4`
GRANT SELECT ON `mysql`.* TO `test_role2`
GRANT USAGE ON *.* TO `test_role1`
GRANT USAGE ON *.* TO `test_role2`
GRANT USAGE ON *.* TO `test_role3`
GRANT USAGE ON *.* TO `test_role4`
GRANT USAGE ON *.* TO `test_user`@`localhost`
GRANT `test_role1` TO `test_user`@`localhost`
GRANT `test_role2` TO `test_role1`
GRANT `test_role2` TO `test_user`@`localhost`
GRANT `test_role3` TO `test_role2`
GRANT `test_role4` TO `test_role3`
drop user test_user@localhost;
drop role test_role1, test_role2, test_role3, test_role4;