mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
84 lines
2.7 KiB
Text
84 lines
2.7 KiB
Text
create user test_user@localhost;
|
|
create role test_role1;
|
|
create role test_role2;
|
|
grant test_role1 to test_user@localhost;
|
|
grant test_role2 to test_user@localhost;
|
|
grant test_role2 to test_role1;
|
|
select user, host from mysql.user where user not like 'root';
|
|
User Host
|
|
mariadb.sys localhost
|
|
test_role1
|
|
test_role2
|
|
test_user localhost
|
|
select * from mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
test_role1 test_role2 N
|
|
localhost root test_role1 Y
|
|
localhost root test_role2 Y
|
|
localhost test_user test_role1 N
|
|
localhost test_user test_role2 N
|
|
select user, host from mysql.db;
|
|
user host
|
|
%
|
|
%
|
|
grant select on mysql.* to test_role2;
|
|
flush privileges;
|
|
select * from mysql.roles_mapping;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `mysql`.`roles_mapping`
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost NULL
|
|
set role test_role1;
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost test_role1
|
|
select * from mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
test_role1 test_role2 N
|
|
localhost root test_role1 Y
|
|
localhost root test_role2 Y
|
|
localhost test_user test_role1 N
|
|
localhost test_user test_role2 N
|
|
set role none;
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost NULL
|
|
select * from mysql.roles_mapping;
|
|
ERROR 42000: SELECT command denied to user 'test_user'@'localhost' for table `mysql`.`roles_mapping`
|
|
set role test_role2;
|
|
select current_user(), current_role();
|
|
current_user() current_role()
|
|
test_user@localhost test_role2
|
|
select * from mysql.roles_mapping;
|
|
Host User Role Admin_option
|
|
test_role1 test_role2 N
|
|
localhost root test_role1 Y
|
|
localhost root test_role2 Y
|
|
localhost test_user test_role1 N
|
|
localhost test_user test_role2 N
|
|
create role test_role3;
|
|
grant test_role3 to test_role2;
|
|
create role test_role4;
|
|
grant test_role4 to test_role3;
|
|
set role test_role1;
|
|
delete from mysql.user where user='no such user';
|
|
ERROR 42000: DELETE command denied to user 'test_user'@'localhost' for table `mysql`.`user`
|
|
grant delete on mysql.* to test_role4;
|
|
set role test_role1;
|
|
delete from mysql.user where user='no such user';
|
|
show grants;
|
|
Grants for test_user@localhost
|
|
GRANT DELETE ON `mysql`.* TO `test_role4`
|
|
GRANT SELECT ON `mysql`.* TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_role1`
|
|
GRANT USAGE ON *.* TO `test_role2`
|
|
GRANT USAGE ON *.* TO `test_role3`
|
|
GRANT USAGE ON *.* TO `test_role4`
|
|
GRANT USAGE ON *.* TO `test_user`@`localhost`
|
|
GRANT `test_role1` TO `test_user`@`localhost`
|
|
GRANT `test_role2` TO `test_role1`
|
|
GRANT `test_role2` TO `test_user`@`localhost`
|
|
GRANT `test_role3` TO `test_role2`
|
|
GRANT `test_role4` TO `test_role3`
|
|
drop user test_user@localhost;
|
|
drop role test_role1, test_role2, test_role3, test_role4;
|