blob: 85ab188145eac326a62122f337fff56c3f63b03f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
create user foo;
create database some_db;
create table some_db.t1 (a int, b int, secret int);
create role r_select_column;
create role r_active_column;
grant r_select_column to r_active_column;
grant r_active_column to foo;
grant select(a) on some_db.t1 to r_select_column;
select * from mysql.tables_priv order by user;
Host Db User Table_name Grantor Timestamp Table_priv Column_priv
localhost mysql mariadb.sys global_priv root@localhost 0000-00-00 00:00:00 Select,Delete
some_db r_select_column t1 root@localhost 0000-00-00 00:00:00 Select
grant insert(a) on some_db.t1 to r_active_column;
select * from mysql.tables_priv order by user;
Host Db User Table_name Grantor Timestamp Table_priv Column_priv
localhost mysql mariadb.sys global_priv root@localhost 0000-00-00 00:00:00 Select,Delete
some_db r_active_column t1 root@localhost 0000-00-00 00:00:00 Insert
some_db r_select_column t1 root@localhost 0000-00-00 00:00:00 Select
connect con1, localhost, foo,,;
insert into some_db.t1(a) values (1);
ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `some_db`.`t1`
set role r_active_column;
insert into some_db.t1(a) values (1);
disconnect con1;
connection default;
revoke insert(a) on some_db.t1 from r_active_column;
connect con1, localhost, foo,,;
insert into some_db.t1(a) values (1);
ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `some_db`.`t1`
set role r_active_column;
insert into some_db.t1(a) values (1);
ERROR 42000: INSERT command denied to user 'foo'@'localhost' for table `some_db`.`t1`
disconnect con1;
connection default;
drop role r_select_column;
drop role r_active_column;
drop user foo;
drop database some_db;
|
