Data Permissions List
Table 1 describes the SQL statement permission matrix in DLI in terms of permissions on databases, tables, and roles.
Category |
SQL statement |
Permission |
Description |
---|---|---|---|
Database |
DROP DATABASE db1 |
The DROP_DATABASE permission of database.db1 |
- |
CREATE TABLE tb1(...) |
The CREATE_TABLE permission of database.db1 |
- |
|
CREATE VIEW v1 |
The CREATE_VIEW permission of database.db1 |
- |
|
EXPLAIN query |
The EXPLAIN permission of database.db1 |
Depending on the permissions required by query statements. |
|
Table |
SHOW CREATE TABLE tb1 |
The SHOW_CREATE_TABLE permission of database.db1.tables.tb1 |
- |
DESCRIBE [EXTENDED|FORMATTED] tb1 |
The DESCRIBE_TABLE permission of databases.db1.tables.tb1 |
- |
|
DROP TABLE [IF EXISTS] tb1 |
The DROP_TABLE permission of database.db1.tables.tb1 |
- |
|
SELECT * FROM tb1 |
The SELECT permission of database.db1.tables.tb1 |
- |
|
SELECT count(*) FROM tb1 |
The SELECT permission of database.db1.tables.tb1 |
- |
|
SELECT * FROM view1 |
The SELECT permission of database.db1.tables.view1 |
- |
|
SELECT count(*) FROM view1 |
The SELECT permission of database.db1.tables.view1 |
- |
|
LOAD DLI TABLE |
The INSERT_INTO_TABLE permission of database.db1.tables.tb1 |
- |
|
INSERT INTO TABLE |
The INSERT_INTO_TABLE permission of database.db1.tables.tb1 |
- |
|
INSERT OVERWRITE TABLE |
The INSERT_OVERWRITE_TABLE permission of database.db1.tables.tb1 |
- |
|
ALTER TABLE ADD COLUMNS |
The ALTER_TABLE_ADD_COLUMNS permission of database.db1.tables.tb1 |
- |
|
ALTER TABLE RENAME |
The ALTER_TABLE_RENAME permission of database.db1.tables.tb1 |
- |
|
ROLE&PRIVILEGE |
CREATE ROLE |
The CREATE_ROLE permission of db |
- |
DROP ROLE |
The DROP_ROLE permission of db |
- |
|
SHOW ROLES |
The SHOW_ROLES permission of db |
- |
|
GRANT ROLES |
The GRANT_ROLE permission of db |
- |
|
REVOKE ROLES |
The REVOKE_ROLE permission of db |
- |
|
GRANT PRIVILEGE |
The GRANT_PRIVILEGE permission of db or table |
- |
|
REVOKE PRIVILEGE |
The REVOKE_PRIVILEGE permission of db or table |
- |
|
SHOW GRANT |
The SHOW_GRANT permission of db or table |
- |
For privilege granting or revocation on databases and tables, DLI supports the following permissions:
- Permissions that can be assigned or revoked on databases are as follows:
- DROP_DATABASE (Deleting a database)
- CREATE_TABLE (Creating a table)
- CREATE_VIEW (Creating a view)
- EXPLAIN (Explaining a SQL statement as an execution plan)
- CREATE_ROLE (Creating a role)
- DROP_ROLE (Deleting a role)
- SHOW_ROLES (Displaying a role)
- GRANT_ROLE (Bounding a role)
- REVOKE_ROLE (Unbinding a role)
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a database)
- REVOKE_PRIVILEGE (Revoking permissions from a database)
- SHOW_PRIVILEGES (Checking the database permissions of other users)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
- Permissions that can be assigned or revoked on tables are as follows:
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a table)
- REVOKE_PRIVILEGE (Revoking permissions from a table)
- SHOW_PRIVILEGES (Checking the table permissions of other users)
- ALTER_TABLE_ADD_COLUMNS (Adding a column)
- ALTER_TABLE_RENAME (Renaming a table)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.