Skip to main content

MySQL 8 role based privlileges

MySQL 8 implement role based privileges:

If you are wondering about how to implement new features of MySQL 8 about role based privileges. Then here is my 2 cents.
It doesn't work like Oracle in which we create role, grant privileges to role, grant role to the user, and you are all set.

There are two options available:

    01. Activate role at session level, using set role
    02. Activate all roles on login globally

Role at session level:

    SET ROLE is used to modify user's effective privileges in the current session.    

    SET ROLE DEFAULT;
    SET ROLE 'role1', 'role2';
    SET ROLE ALL;
    SET ROLE ALL EXCEPT 'role1', 'role2';
   
Activate role globally:
 
By default activate_all_roles_on_login is OFF, check it by using SELECT VARIABLES LIKE '%activate%';
 
Execute statement SET GLOBAL activate_all_roles_on_login = ON;
    
If you are logged in then log out and log in back and user will have the privileges.
   
In MySQL 8, you have to activate_all_roles_on_login and re-login in to the session if you are already login.

Ref.: https://dev.mysql.com/doc/refman/8.0/en/set-role.html
Labels:

Comments

Post a Comment

Popular posts from this blog

MySQL InnoDB cluster troubleshooting | commands

Cluster Validation: select * from performance_schema.replication_group_members; All members should be online. select instance_name, mysql_server_uuid, addresses from  mysql_innodb_cluster_metadata.instances; All instances should return same value for mysql_server_uuid SELECT @@GTID_EXECUTED; All nodes should return same value Frequently use commands: mysql> SET SQL_LOG_BIN = 0;  mysql> stop group_replication; mysql> set global super_read_only=0; mysql> drop database mysql_innodb_cluster_metadata; mysql> RESET MASTER; mysql> RESET SLAVE ALL; JS > var cluster = dba.getCluster() JS > var cluster = dba.getCluster("<Cluster_name>") JS > var cluster = dba.createCluster('name') JS > cluster.removeInstance('root@<IP_Address>:<Port_No>',{force: true}) JS > cluster.addInstance('root@<IP add>,:<port>') JS > cluster.addInstance('root@ <IP add>,:<port> ') JS > dba.getC...
Post a Comment
Read more

Oracle E-Business Suite Online Patch Phases executing adop

Following description about Oracle E-Business Suite is high level and from documentation https://docs.oracle.com/cd/E26401_01/doc.122/e22954/T202991T531062.htm#5281339 for in depth and detail description refer it. The online patching cycle phases: Prepare Apply Finalize Cutover Cleanup Prepare phase: Start a new online patching cycle, Prepares the environment for patching. $ adop phase=prepare Apply phase: Applies the specified patches to the environment. Apply one or more patches to the patch edition. $ adop phase=apply patches=123456,789101 workers=8 Finalize phase: Performs any final steps required to make the system ready for cutover. Perform the final patching operations that can be executed while the application is still online. $ adop phase=finalize Cutover phase: Shuts down application tier services, makes the patch edition the new run edition, and then restarts application tier services. This is the only phase that involves a brief ...
Post a Comment
Read more

Create MySQL database with hyphen

Create MySQL database with hyphen: If you are trying to create MySQL database with hyphen " - " in the name such as test-db and get error  " your MySQL server version for the right syntax to use near '-db' at line" then you might be wondering how to get it done as your business require MySQL database name with hyphen " - "  Here is the fix, use escape character " ` " before and after database name such as `test-db` and you will be able to create database with hyphen. CREATE DATABASE `test-db`; 
Post a Comment
Read more