New topic in the docs "Permissions for queries" (ClickHouse#3616)

* Update of english version of descriprion of the table function `file`.

* New syntax for ReplacingMergeTree.
Some improvements in text.

* Significantly change article about SummingMergeTree.
Article is restructured, text is changed in many places of the document. New syntax for table creation is described.

* Descriptions of AggregateFunction and AggregatingMergeTree are updated. Russian version.

* New syntax for new syntax of CREATE TABLE

* Added english docs on Aggregating, Replacing and SummingMergeTree.

* CollapsingMergeTree docs. English version.

* 1. Update of CollapsingMergeTree. 2. Minor changes in markup

* Update aggregatefunction.md

* Update aggregatefunction.md

* Update aggregatefunction.md

* Update aggregatingmergetree.md

* GraphiteMergeTree docs update.
New syntax for creation of Replicated* tables.
Minor changes in *MergeTree tables creation syntax.

* Markup fix

* Markup and language fixes

* Clarification in the CollapsingMergeTree article

* DOCAPI-4821. Sync between ru and en versions of docs.

* Fixed the ambiguity in geo functions description.

* Example of JOIN in ru docs

* Deleted misinforming example.

* New topic 'Permissions for queries'

* Fixes for docs consistency.

* Self-targeting link.

docs/en/interfaces/http_interface.md

@@ -1,3 +1,5 @@
+<a name="http_interface"></a>
+
 # HTTP Interface
 
 The HTTP interface lets you use ClickHouse on any platform from any programming language. We use it for working from Java and Perl, as well as shell scripts. In other departments, the HTTP interface is used from Perl, Python, and Go. The HTTP interface is more limited than the native interface, but it has better compatibility.

docs/en/operations/settings/permissions_for_queries.md

@@ -0,0 +1,53 @@
+<a name="permissions_for_queries"></a>
+
+# Permissions for queries
+
+Queries in ClickHouse can be divided into several groups:
+
+1. Read data queries: `SELECT`, `SHOW`, `DESCRIBE`, `EXISTS`.
+1. Write data queries: `INSERT`, `OPTIMIZE`.
+1. Change settings queries: `SET`, `USE`.
+1. [DDL](https://en.wikipedia.org/wiki/Data_definition_language) queries: `CREATE`, `ALTER`, `RENAME`, `ATTACH`, `DETACH`, `DROP` `TRUNCATE`.
+1. Particular queries: `KILL QUERY`.
+
+The following settings regulate user permissions for the groups of queries:
+
+- [readonly](#settings_readonly) — Restricts permissions for all groups of queries excepting DDL.
+- [allow_ddl](#settings_allow_ddl) — Restricts permissions for DDL queries.
+
+`KILL QUERY` performs with any settings.
+
+<a name="settings_readonly"></a>
+
+## readonly
+
+Restricts permissions for read data, write data and change settings queries.
+
+See [above](#permissions_for_queries) for the division of queries into groups.
+
+**Possible values**
+
+- 0 — All queries are allowed. Default value.
+- 1 — Read data queries only are allowed.
+- 2 — Read data and change settings queries are allowed.
+
+After setting `readonly = 1`, a user can't change `readonly` and `allow_ddl` settings in the current session.
+
+When using the `GET` method in the [HTTP interface](../../interfaces/http_interface.md#http_interface), `readonly = 1` is set automatically. To modify data use the `POST` method.
+
+<a name="settings_allow_ddl"></a>
+
+## allow_ddl
+
+Allows/denies [DDL](https://en.wikipedia.org/wiki/Data_definition_language) queries.
+
+See [above](#permissions_for_queries) for the division of queries into groups.
+
+**Possible values**
+
+- 0 — DDL queries are not allowed.
+- 1 — DDL queries are allowed. Default value.
+
+You can not execute `SET allow_ddl = 1` if `allow_ddl = 0` for current session.
+
+[Original article](https://clickhouse.yandex/docs/en/operations/settings/permissions_for_queries/) <!--hide-->

docs/en/operations/settings/query_complexity.md

@@ -16,18 +16,6 @@ It can take one of two values: `throw` or `break`. Restrictions on aggregation (
 
 `any (only for group_by_overflow_mode)` – Continuing aggregation for the keys that got into the set, but don't add new keys to the set.
 
-<a name="query_complexity_readonly"></a>
-
-## readonly
-
-With a value of 0, you can execute any queries.
-With a value of 1, you can only execute read requests (such as SELECT and SHOW). Requests for writing and changing settings (INSERT, SET) are prohibited.
-With a value of 2, you can process read queries (SELECT, SHOW) and change settings (SET).
-
-After enabling readonly mode, you can't disable it in the current session.
-
-When using the GET method in the HTTP interface, 'readonly = 1' is set automatically. In other words, for queries that modify data, you can only use the POST method. You can send the query itself either in the POST body, or in the URL parameter.
-
 <a name="settings_max_memory_usage"></a>
 
 ## max_memory_usage

docs/en/query_language/functions/array_functions.md

@@ -55,7 +55,7 @@ arrayConcat(arrays)
 
 **Parameters**
 
-- `arrays` – arbitrary number of arguments of type Array.
+- `arrays` – Arbitrary number of arguments of [Array][../../data_types/array.md#data_type-array] type.
 
 **Example**
 

docs/fa/operations/settings/permissions_for_queries.md

@@ -0,0 +1 @@
+../../../en/operations/settings/permissions_for_queries.md

docs/ru/operations/settings/permissions_for_queries.md

@@ -0,0 +1 @@
+../../../en/operations/settings/permissions_for_queries.md

docs/ru/query_language/functions/array_functions.md

@@ -55,7 +55,7 @@ arrayConcat(arrays)
 
 **Параметры**
 
-- `arrays` - Перечисленные через запятую массивы `[values]`.
+- `arrays` – произвольное количество элементов типа [Array][../../data_types/array.md#data_type-array].
 
 **Пример**
 

docs/toc_en.yml

@@ -157,10 +157,10 @@ nav:
     - 'Server settings': 'operations/server_settings/settings.md'
   - 'Settings':
     - 'Introduction': 'operations/settings/index.md'
+    - 'Permissions for queries': 'operations/settings/permissions_for_queries.md'
     - 'Restrictions on query complexity': 'operations/settings/query_complexity.md'
     - 'Settings': 'operations/settings/settings.md'
     - 'Settings profiles': 'operations/settings/settings_profiles.md'
-
   - 'Utilities':
     - 'Overview': 'operations/utils/index.md'
     - 'clickhouse-copier': 'operations/utils/clickhouse-copier.md'

docs/toc_fa.yml

@@ -154,6 +154,7 @@ nav:
     - 'Server settings': 'operations/server_settings/settings.md'
   - 'Settings':
     - 'Introduction': 'operations/settings/index.md'
+    - 'Permissions for queries': 'operations/settings/permissions_for_queries.md'
     - 'Restrictions on query complexity': 'operations/settings/query_complexity.md'
     - 'Settings': 'operations/settings/settings.md'
     - 'Settings profiles': 'operations/settings/settings_profiles.md'

docs/toc_ru.yml

@@ -158,6 +158,7 @@ nav:
     - 'Серверные настройки': 'operations/server_settings/settings.md'
   - 'Настройки':
     - 'Введение': 'operations/settings/index.md'
+    - 'Разрешения на выполнение запросов': 'operations/settings/permissions_for_queries.md'
     - 'Ограничения на сложность запроса': 'operations/settings/query_complexity.md'
     - 'Настройки': 'operations/settings/settings.md'
     - 'Профили настроек': 'operations/settings/settings_profiles.md'

docs/toc_zh.yml

@@ -157,6 +157,7 @@ nav:
     - 'Server settings': 'operations/server_settings/settings.md'
   - 'Settings':
     - 'Introduction': 'operations/settings/index.md'
+    - 'Permissions for queries': 'operations/settings/permissions_for_queries.md'
     - 'Restrictions on query complexity': 'operations/settings/query_complexity.md'
     - 'Settings': 'operations/settings/settings.md'
     - 'Settings profiles': 'operations/settings/settings_profiles.md'

docs/zh/operations/settings/permissions_for_queries.md

@@ -0,0 +1 @@
+../../../en/operations/settings/permissions_for_queries.md