GRANT

Function

GRANT is used to grant permissions to one or more roles.

Precautions

This section describes only the new syntax of Dolphin. The original syntax of openGauss is not deleted or modified. The ALTER ROUTINE, CRAETE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE TABLESPACE and INDEX permissions are added.

Syntax

  • The ALTER ROUTINE permission is added.

The ALTER permission is basically the same as that of the function and procedure.

The syntax after modification is described as follows:

GRANT { { EXECUTE | ALTER ROUTINE | ALTER | DROP | COMMENT } [, ...] | ALL [ PRIVILEGES ] }
ON {FUNCTION {function_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} | PROCEDURE {proc_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} [, ...] | ALL FUNCTIONS IN SCHEMA schema_name [, ...] | ALL PROCEDURE IN SCHEMA schema_name [, ...] | schema_name.*}
TO { [ GROUP ] role_name | PUBLIC } [, ...]
[ WITH GRANT OPTION ];
  • The CREATE ROUTINE permission is added.

The permission is basically the same as that of CREATE ANY FUNCTION.

The syntax after modification is described as follows:

GRANT { CREATE ANY TABLE | ALTER ANY TABLE | DROP ANY TABLE | SELECT ANY TABLE | INSERT ANY TABLE | UPDATE ANY TABLE |
  DELETE ANY TABLE | CREATE ANY SEQUENCE | CREATE ANY INDEX | CREATE ANY FUNCTION | CREATE ROUTINE | EXECUTE ANY FUNCTION |
  CREATE ANY PACKAGE | EXECUTE ANY PACKAGE | CREATE ANY TYPE } [, ...]
  [ON *.*]
  TO [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];
  • The CREATE TEMPORARY TABLES permission is added.

The permission is basically the same as that of TEMPORARY.

The syntax after modification is described as follows:

GRANT { { CREATE | CONNECT | CREATE TEMPORARY TABLES | TEMPORARY | TEMP | ALTER | DROP | COMMENT } [, ...]
    | ALL [ PRIVILEGES ] }
    ON { DATABASE database_name [, ...] | database_name.* }
    TO { [ GROUP ] role_name | PUBLIC } [, ...]
    [ WITH GRANT OPTION ];
  • The CREATE USER permission is added.

It controls users' permission to create new users, which is basically the same as the CREATEROLE and NOCREATEROLE permissions of users.

The new syntax is described as follows:

GRANT CREATE USER ON *.* TO ROLE_NAME;
  • The CREATE TABLESPACE permission is added.

It controls users' permission to create tablespaces.

The new syntax is described as follows:

GRANT CREATE TABLESPACE ON *.* TO ROLE_NAME;
  • The INDEX permission is added.

The permission is basically the same as that of CREATE ANY INDEX.

The syntax after modification is described as follows:

GRANT INDEX 
  ON *.* 
  TO [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];

Parameter Description

N/A

Examples

GRANT ALTER ROUTINE ON FUNCTION TEST TO USER_TESTER;
GRANT CREATE ANY FUNCTION TO USER_TESTER;
GRANT CREATE TEMPORARY TABLES ON DATABASE DATABASE_TEST TO USER_TESTER; 
GRANT CREATE USER ON *.* TO USER_TESTER;
GRANT CREATE TABLESPACE ON *.* TO USER_TESTER;
GRANT INDEX TO TEST_USER;

Helpful Links

GRANT

Feedback
编组 3备份
    openGauss 2024-11-22 00:52:56
    cancel