Data Permissions List
Table 1 describes the SQL statement permission matrix in DLI in terms of permissions on databases, tables, and roles.
|
Category |
SQL statement |
Permission |
Description |
|---|---|---|---|
|
Database |
DROP DATABASE db1 |
The DROP_DATABASE permission of database.db1 |
- |
|
CREATE TABLE tb1(...) |
The CREATE_TABLE permission of database.db1 |
- |
|
|
CREATE VIEW v1 |
The CREATE_VIEW permission of database.db1 |
- |
|
|
EXPLAIN query |
The EXPLAIN permission of database.db1 |
Depending on the permissions required by query statements. |
|
|
Table |
SHOW CREATE TABLE tb1 |
The SHOW_CREATE_TABLE permission of database.db1.tables.tb1 |
- |
|
DESCRIBE [EXTENDED|FORMATTED] tb1 |
The DESCRIBE_TABLE permission of databases.db1.tables.tb1 |
- |
|
|
DROP TABLE [IF EXISTS] tb1 |
The DROP_TABLE permission of database.db1.tables.tb1 |
- |
|
|
SELECT * FROM tb1 |
The SELECT permission of database.db1.tables.tb1 |
- |
|
|
SELECT count(*) FROM tb1 |
The SELECT permission of database.db1.tables.tb1 |
- |
|
|
SELECT * FROM view1 |
The SELECT permission of database.db1.tables.view1 |
- |
|
|
SELECT count(*) FROM view1 |
The SELECT permission of database.db1.tables.view1 |
- |
|
|
LOAD DLI TABLE |
The INSERT_INTO_TABLE permission of database.db1.tables.tb1 |
- |
|
|
INSERT INTO TABLE |
The INSERT_INTO_TABLE permission of database.db1.tables.tb1 |
- |
|
|
INSERT OVERWRITE TABLE |
The INSERT_OVERWRITE_TABLE permission of database.db1.tables.tb1 |
- |
|
|
ALTER TABLE ADD COLUMNS |
The ALTER_TABLE_ADD_COLUMNS permission of database.db1.tables.tb1 |
- |
|
|
ALTER TABLE RENAME |
The ALTER_TABLE_RENAME permission of database.db1.tables.tb1 |
- |
|
|
ROLE&PRIVILEGE |
CREATE ROLE |
The CREATE_ROLE permission of db |
- |
|
DROP ROLE |
The DROP_ROLE permission of db |
- |
|
|
SHOW ROLES |
The SHOW_ROLES permission of db |
- |
|
|
GRANT ROLES |
The GRANT_ROLE permission of db |
- |
|
|
REVOKE ROLES |
The REVOKE_ROLE permission of db |
- |
|
|
GRANT PRIVILEGE |
The GRANT_PRIVILEGE permission of db or table |
- |
|
|
REVOKE PRIVILEGE |
The REVOKE_PRIVILEGE permission of db or table |
- |
|
|
SHOW GRANT |
The SHOW_GRANT permission of db or table |
- |
For privilege granting or revocation on databases and tables, DLI supports the following permissions:
- Permissions that can be assigned or revoked on databases are as follows:
- DROP_DATABASE (Deleting a database)
- CREATE_TABLE (Creating a table)
- CREATE_VIEW (Creating a view)
- EXPLAIN (Explaining a SQL statement as an execution plan)
- CREATE_ROLE (Creating a role)
- DROP_ROLE (Deleting a role)
- SHOW_ROLES (Displaying a role)
- GRANT_ROLE (Bounding a role)
- REVOKE_ROLE (Unbinding a role)
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a database)
- REVOKE_PRIVILEGE (Revoking permissions from a database)
- SHOW_PRIVILEGES (Checking the database permissions of other users)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
- Permissions that can be assigned or revoked on tables are as follows:
- DESCRIBE_TABLE (Describing a table)
- DROP_TABLE (Deleting a table)
- Select (Querying a table)
- INSERT_INTO_TABLE (Inserting)
- INSERT_OVERWRITE_TABLE (Overwriting)
- GRANT_PRIVILEGE (Granting permissions to a table)
- REVOKE_PRIVILEGE (Revoking permissions from a table)
- SHOW_PRIVILEGES (Checking the table permissions of other users)
- ALTER_TABLE_ADD_COLUMNS (Adding a column)
- ALTER_TABLE_RENAME (Renaming a table)
- ALTER_TABLE_ADD_PARTITION (Adding partitions to a partitioned table)
- ALTER_TABLE_DROP_PARTITION (Deleting partitions from a partitioned table)
- ALTER_TABLE_RENAME_PARTITION (Renaming table partitions)
- ALTER_TABLE_RECOVER_PARTITION (Restoring table partitions)
- ALTER_TABLE_SET_LOCATION (Setting the path of a partition)
- SHOW_PARTITIONS (Displaying all partitions)
- SHOW_CREATE_TABLE (Checking table creation statements)
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
