Add comprehensive SERVER AUDIT statement support

- Add DropServerAuditStatement type and parsing
- Add MaxSizeAuditTargetOption, MaxRolloverFilesAuditTargetOption,
  OnOffAuditTargetOption types for proper target option representation
- Add MODIFY NAME support for ALTER SERVER AUDIT
- Update parseAuditTargetOption to return correct option types
- Update marshal.go with JSON conversion for new types

Author: claude

ast/server_audit_statement.go

@@ -14,6 +14,7 @@ func (s *CreateServerAuditStatement) node()      {}
 // AlterServerAuditStatement represents an ALTER SERVER AUDIT statement
 type AlterServerAuditStatement struct {
 	AuditName           *Identifier
+	NewName             *Identifier
 	AuditTarget         *AuditTarget
 	Options             []AuditOption
 	PredicateExpression BooleanExpression
@@ -23,6 +24,15 @@ type AlterServerAuditStatement struct {
 func (s *AlterServerAuditStatement) statement() {}
 func (s *AlterServerAuditStatement) node()      {}
 
+// DropServerAuditStatement represents a DROP SERVER AUDIT statement
+type DropServerAuditStatement struct {
+	Name       *Identifier
+	IsIfExists bool
+}
+
+func (s *DropServerAuditStatement) statement() {}
+func (s *DropServerAuditStatement) node()      {}
+
 // AuditTarget represents the target of a server audit
 type AuditTarget struct {
 	TargetKind    string // File, ApplicationLog, SecurityLog
@@ -42,6 +52,33 @@ type LiteralAuditTargetOption struct {
 
 func (o *LiteralAuditTargetOption) auditTargetOption() {}
 
+// MaxSizeAuditTargetOption represents the MAXSIZE option
+type MaxSizeAuditTargetOption struct {
+	OptionKind  string
+	Size        ScalarExpression
+	Unit        string // MB, GB, TB, Unspecified
+	IsUnlimited bool
+}
+
+func (o *MaxSizeAuditTargetOption) auditTargetOption() {}
+
+// MaxRolloverFilesAuditTargetOption represents the MAX_ROLLOVER_FILES option
+type MaxRolloverFilesAuditTargetOption struct {
+	OptionKind  string
+	Value       ScalarExpression
+	IsUnlimited bool
+}
+
+func (o *MaxRolloverFilesAuditTargetOption) auditTargetOption() {}
+
+// OnOffAuditTargetOption represents an ON/OFF target option
+type OnOffAuditTargetOption struct {
+	OptionKind string
+	Value      string // On, Off
+}
+
+func (o *OnOffAuditTargetOption) auditTargetOption() {}
+
 // AuditOption is an interface for audit options
 type AuditOption interface {
 	auditOption()

parser/marshal.go

@@ -176,6 +176,8 @@ func statementToJSON(stmt ast.Statement) jsonNode {
 		return dropSearchPropertyListStatementToJSON(s)
 	case *ast.DropServerRoleStatement:
 		return dropServerRoleStatementToJSON(s)
+	case *ast.DropServerAuditStatement:
+		return dropServerAuditStatementToJSON(s)
 	case *ast.DropAvailabilityGroupStatement:
 		return dropAvailabilityGroupStatementToJSON(s)
 	case *ast.DropFederationStatement:
@@ -6761,6 +6763,9 @@ func alterServerAuditStatementToJSON(s *ast.AlterServerAuditStatement) jsonNode
 		"$type":       "AlterServerAuditStatement",
 		"RemoveWhere": s.RemoveWhere,
 	}
+	if s.NewName != nil {
+		node["NewName"] = identifierToJSON(s.NewName)
+	}
 	if s.AuditName != nil {
 		node["AuditName"] = identifierToJSON(s.AuditName)
 	}
@@ -6780,6 +6785,17 @@ func alterServerAuditStatementToJSON(s *ast.AlterServerAuditStatement) jsonNode
 	return node
 }
 
+func dropServerAuditStatementToJSON(s *ast.DropServerAuditStatement) jsonNode {
+	node := jsonNode{
+		"$type":      "DropServerAuditStatement",
+		"IsIfExists": s.IsIfExists,
+	}
+	if s.Name != nil {
+		node["Name"] = identifierToJSON(s.Name)
+	}
+	return node
+}
+
 func auditTargetToJSON(t *ast.AuditTarget) jsonNode {
 	node := jsonNode{
 		"$type":      "AuditTarget",
@@ -6806,6 +6822,33 @@ func auditTargetOptionToJSON(o ast.AuditTargetOption) jsonNode {
 			node["Value"] = scalarExpressionToJSON(opt.Value)
 		}
 		return node
+	case *ast.MaxSizeAuditTargetOption:
+		node := jsonNode{
+			"$type":       "MaxSizeAuditTargetOption",
+			"IsUnlimited": opt.IsUnlimited,
+			"Unit":        opt.Unit,
+			"OptionKind":  opt.OptionKind,
+		}
+		if opt.Size != nil {
+			node["Size"] = scalarExpressionToJSON(opt.Size)
+		}
+		return node
+	case *ast.MaxRolloverFilesAuditTargetOption:
+		node := jsonNode{
+			"$type":       "MaxRolloverFilesAuditTargetOption",
+			"IsUnlimited": opt.IsUnlimited,
+			"OptionKind":  opt.OptionKind,
+		}
+		if opt.Value != nil {
+			node["Value"] = scalarExpressionToJSON(opt.Value)
+		}
+		return node
+	case *ast.OnOffAuditTargetOption:
+		return jsonNode{
+			"$type":      "OnOffAuditTargetOption",
+			"Value":      opt.Value,
+			"OptionKind": opt.OptionKind,
+		}
 	default:
 		return jsonNode{"$type": "UnknownAuditTargetOption"}
 	}

parser/parse_ddl.go

@@ -892,25 +892,33 @@ func (p *Parser) parseDropSearchPropertyListStatement() (*ast.DropSearchProperty
 	return stmt, nil
 }
 
-func (p *Parser) parseDropServerRoleStatement() (*ast.DropServerRoleStatement, error) {
+func (p *Parser) parseDropServerRoleStatement() (ast.Statement, error) {
 	// Consume SERVER
 	p.nextToken()
 
-	// Expect ROLE
-	if strings.ToUpper(p.curTok.Literal) != "ROLE" {
-		return nil, fmt.Errorf("expected ROLE after SERVER, got %s", p.curTok.Literal)
-	}
-	p.nextToken()
-
-	stmt := &ast.DropServerRoleStatement{}
-	stmt.Name = p.parseIdentifier()
-
-	// Skip optional semicolon
-	if p.curTok.Type == TokenSemicolon {
+	// Check if it's ROLE or AUDIT
+	switch strings.ToUpper(p.curTok.Literal) {
+	case "ROLE":
 		p.nextToken()
+		stmt := &ast.DropServerRoleStatement{}
+		stmt.Name = p.parseIdentifier()
+		// Skip optional semicolon
+		if p.curTok.Type == TokenSemicolon {
+			p.nextToken()
+		}
+		return stmt, nil
+	case "AUDIT":
+		p.nextToken()
+		stmt := &ast.DropServerAuditStatement{}
+		stmt.Name = p.parseIdentifier()
+		// Skip optional semicolon
+		if p.curTok.Type == TokenSemicolon {
+			p.nextToken()
+		}
+		return stmt, nil
+	default:
+		return nil, fmt.Errorf("expected ROLE or AUDIT after SERVER, got %s", p.curTok.Literal)
 	}
-
-	return stmt, nil
 }
 
 func (p *Parser) parseDropAvailabilityGroupStatement() (*ast.DropAvailabilityGroupStatement, error) {
@@ -4064,6 +4072,24 @@ func (p *Parser) parseAlterServerAuditStatement() (*ast.AlterServerAuditStatemen
 	// Parse audit name
 	stmt.AuditName = p.parseIdentifier()
 
+	// Check for MODIFY NAME
+	if strings.ToUpper(p.curTok.Literal) == "MODIFY" {
+		p.nextToken() // consume MODIFY
+		if strings.ToUpper(p.curTok.Literal) == "NAME" {
+			p.nextToken() // consume NAME
+			if p.curTok.Type == TokenEquals {
+				p.nextToken() // consume =
+			}
+			stmt.NewName = p.parseIdentifier()
+			// Skip optional semicolon
+			if p.curTok.Type == TokenSemicolon {
+				p.nextToken()
+			}
+			return stmt, nil
+		}
+		return nil, fmt.Errorf("expected NAME after MODIFY, got %s", p.curTok.Literal)
+	}
+
 	// Check for REMOVE WHERE
 	if strings.ToUpper(p.curTok.Literal) == "REMOVE" {
 		p.nextToken() // consume REMOVE

parser/parse_statements.go

@@ -2605,32 +2605,89 @@ func (p *Parser) parseAuditTargetOption() (ast.AuditTargetOption, error) {
 	}
 	p.nextToken()
 
-	// Parse value
-	val, err := p.parseScalarExpression()
-	if err != nil {
-		return nil, err
-	}
-
-	optKind := ""
 	switch optName {
-	case "FILEPATH":
-		optKind = "FilePath"
-	case "MAX_FILES":
-		optKind = "MaxFiles"
-	case "MAX_ROLLOVER_FILES":
-		optKind = "MaxRolloverFiles"
 	case "MAXSIZE":
-		optKind = "MaxSize"
+		// Check for UNLIMITED
+		if strings.ToUpper(p.curTok.Literal) == "UNLIMITED" {
+			p.nextToken()
+			return &ast.MaxSizeAuditTargetOption{
+				OptionKind:  "MaxSize",
+				IsUnlimited: true,
+				Unit:        "Unspecified",
+			}, nil
+		}
+		// Parse size value
+		size, err := p.parseScalarExpression()
+		if err != nil {
+			return nil, err
+		}
+		// Parse unit (MB, GB, TB)
+		unit := "Unspecified"
+		unitUpper := strings.ToUpper(p.curTok.Literal)
+		if unitUpper == "MB" || unitUpper == "GB" || unitUpper == "TB" {
+			unit = unitUpper
+			p.nextToken()
+		}
+		return &ast.MaxSizeAuditTargetOption{
+			OptionKind:  "MaxSize",
+			Size:        size,
+			Unit:        unit,
+			IsUnlimited: false,
+		}, nil
+
+	case "MAX_ROLLOVER_FILES":
+		// Check for UNLIMITED
+		if strings.ToUpper(p.curTok.Literal) == "UNLIMITED" {
+			p.nextToken()
+			return &ast.MaxRolloverFilesAuditTargetOption{
+				OptionKind:  "MaxRolloverFiles",
+				IsUnlimited: true,
+			}, nil
+		}
+		// Parse value
+		val, err := p.parseScalarExpression()
+		if err != nil {
+			return nil, err
+		}
+		return &ast.MaxRolloverFilesAuditTargetOption{
+			OptionKind:  "MaxRolloverFiles",
+			Value:       val,
+			IsUnlimited: false,
+		}, nil
+
 	case "RESERVE_DISK_SPACE":
-		optKind = "ReserveDiskSpace"
+		// Parse ON/OFF
+		value := "Off"
+		valUpper := strings.ToUpper(p.curTok.Literal)
+		if valUpper == "ON" || p.curTok.Type == TokenOn {
+			value = "On"
+		}
+		p.nextToken()
+		return &ast.OnOffAuditTargetOption{
+			OptionKind: "ReserveDiskSpace",
+			Value:      value,
+		}, nil
+
 	default:
-		optKind = capitalizeFirst(strings.ToLower(optName))
+		// Parse literal value (FILEPATH, etc.)
+		val, err := p.parseScalarExpression()
+		if err != nil {
+			return nil, err
+		}
+		optKind := ""
+		switch optName {
+		case "FILEPATH":
+			optKind = "FilePath"
+		case "MAX_FILES":
+			optKind = "MaxFiles"
+		default:
+			optKind = capitalizeFirst(strings.ToLower(optName))
+		}
+		return &ast.LiteralAuditTargetOption{
+			OptionKind: optKind,
+			Value:      val,
+		}, nil
 	}
-
-	return &ast.LiteralAuditTargetOption{
-		OptionKind: optKind,
-		Value:      val,
-	}, nil
 }
 
 func (p *Parser) parseAuditOption() (ast.AuditOption, error) {

parser/testdata/Baselines100_ServerAuditStatementTests/metadata.json

@@ -1 +1 @@
-{"todo": true}
+{}

parser/testdata/ServerAuditStatementTests/metadata.json

@@ -1 +1 @@
-{"todo": true}
+{}