-
Notifications
You must be signed in to change notification settings - Fork 551
/
Copy pathAccess_Roles_and_User_Creation.sql
42 lines (29 loc) · 1.28 KB
/
Access_Roles_and_User_Creation.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
-- creation of new Access Roles
CREATE ROLE 'app_dev', 'app_read', 'app_write';
/* ---------------------------------------------------------- */
-- granting specific access to the roles
GRANT ALL ON movies.* TO 'app_dev';
GRANT SELECT on movies.* TO 'app_read';
GRANT INSERT, UPDATE, DELETE ON movies.* TO 'app_write';
FLUSH PRIVILEGES;
/* ---------------------------------------------------------- */
-- creation of user
CREATE USER 'read1'@'localhost' IDENTIFIED BY 'password123';
-- grand access role to testuser
GRANT 'app_read' TO 'read1'@'localhost';
-- set default role
SET DEFAULT ROLE 'app_read' TO 'read1'@'localhost';
/* ---------------------------------------------------------- */
/* If we don't want to write the "SET DEFAULT ROLE" statement everytime we create new user,
we can do like below.
1) go to Admistration tab
2) Under "Management" > "Status and System Variables"
3) System Variables > search wit "activate"
4) activate_all_roles_on_log_in = ON
5) if we want this setting to be Persist, we can check the checkbox. This means everytime server is restarted, server will remember the setting.
*/
/* ---------------------------------------------------------- */
-- deletion of user
DROP USER 'read1'@'localhost';
-- deletion of roles
DROP ROLE 'app_dev', 'app_read', 'app_write';