Data Permissions List
Table 1 describes the SQL statement permission matrix in DLI in terms of permissions on databases, tables, and roles.
| Category | SQL statement | Permission | Description |
|---|---|---|---|
| Database | DROP DATABASE db1 | The DROP_DATABASE permission of database.db1 | - |
| CREATE TABLE tb1(...) | The CREATE_TABLE permission of database.db1 | - | |
| CREATE VIEW v1 | The CREATE_VIEW permission of database.db1 | - | |
| EXPLAIN query | The EXPLAIN permission of database.db1 | Depending on the permissions required by query statements. | |
| Table | SHOW CREATE TABLE tb1 | The SHOW_CREATE_TABLE permission of database.db1.tables.tb1 | - |
| DESCRIBE [EXTENDED|FORMATTED] tb1 | The DESCRIBE_TABLE permission of databases.db1.tables.tb1 | - | |
| DROP TABLE [IF EXISTS] tb1 | The DROP_TABLE permission of database.db1.tables.tb1 | - | |
| SELECT * FROM tb1 | The SELECT permission of database.db1.tables.tb1 | - | |
| SELECT count(*) FROM tb1 | The SELECT permission of database.db1.tables.tb1 | - | |
| SELECT * FROM view1 | The SELECT permission of database.db1.tables.view1 | - | |
| SELECT count(*) FROM view1 | The SELECT permission of database.db1.tables.view1 | - | |
| LOAD DLI TABLE | The INSERT_INTO_TABLE permission of database.db1.tables.tb1 | - | |
| INSERT INTO TABLE | The INSERT_INTO_TABLE permission of database.db1.tables.tb1 | - | |
| INSERT OVERWRITE TABLE | The INSERT_OVERWRITE_TABLE permission of database.db1.tables.tb1 | - | |
| ALTER TABLE ADD COLUMNS | The ALTER_TABLE_ADD_COLUMNS permission of database.db1.tables.tb1 | - | |
| ALTER TABLE RENAME | The ALTER_TABLE_RENAME permission of database.db1.tables.tb1 | - | |
| ROLE&PRIVILEGE | CREATE ROLE | The CREATE_ROLE permission of db | - |
| DROP ROLE | The DROP_ROLE permission of db | - | |
| SHOW ROLES | The SHOW_ROLES permission of db | - | |
| GRANT ROLES | The GRANT_ROLE permission of db | - | |
| REVOKE ROLES | The REVOKE_ROLE permission of db | - | |
| GRANT PRIVILEGE | The GRANT_PRIVILEGE permission of db or table | - | |
| REVOKE PRIVILEGE | The REVOKE_PRIVILEGE permission of db or table | - | |
| SHOW GRANT | The SHOW_GRANT permission of db or table | - |
For privilege granting or revocation on databases and tables, DLI supports the following permissions:
- Permissions that can be assigned or revoked on databases are as follows:
- DROP_DATABASE (Deleting a database)
- CREATE_TABLE (Creating a table)
- CREATE_VIEW (Creating a view)
- EXPLAIN (Explaining a SQL statement as an execution plan)
- CREATE_ROLE (Creating a role)
- DROP_ROLE (Deleting a role)
- SHOW_ROLES (Displaying a role)
- GRANT_ROLE (Bounding a role)
- REVOKE_ROLE (Unbinding a role)
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a database)
- REVOKE_PRIVILEGE (Revoking permissions from a database)
- SHOW_PRIVILEGES (Checking the database permissions of other users)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
- Permissions that can be assigned or revoked on tables are as follows:
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a table)
- REVOKE_PRIVILEGE (Revoking permissions from a table)
- SHOW_PRIVILEGES (Checking the table permissions of other users)
- ALTER_TABLE_ADD_COLUMNS (Adding a column)
- ALTER_TABLE_RENAME (Renaming a table)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
