# Grant All Privileges and External Use Schema

This notebook grants ALL PRIVILEGES and external use permissions at the catalog, schema, and table level to the user executing the notebook.

In [0]:
# Set widgets for catalog, schema, and principal (current user)
dbutils.widgets.text("catalog_name", "")
dbutils.widgets.text("schema_name", "")

# Get current user as principal
def get_current_user():
    import os
    try:
        return spark.sql("SELECT current_user()").collect()[0][0]
    except Exception:
        return os.environ.get("USER", "")

catalog = dbutils.widgets.get("catalog_name")
schema = dbutils.widgets.get("schema_name")
principal = get_current_user()
print(f"Granting permissions to principal: {principal}")

In [0]:
# Grant all privileges and external use at catalog and schema level

# catalog privileges
spark.sql(f"GRANT ALL PRIVILEGES ON CATALOG `{catalog}` TO `{principal}`")
spark.sql(f"GRANT USAGE ON CATALOG `{catalog}` TO `{principal}`")
spark.sql(f"GRANT EXTERNAL USE SCHEMA ON CATALOG `{catalog}` TO `{principal}`")

# schema privileges
spark.sql(f"GRANT ALL PRIVILEGES ON SCHEMA `{catalog}`.`{schema}` TO `{principal}`")
spark.sql(f"GRANT USAGE ON SCHEMA `{catalog}`.`{schema}` TO `{principal}`")
spark.sql(f"GRANT EXTERNAL USE SCHEMA ON SCHEMA `{catalog}`.`{schema}` TO `{principal}`")

print(f"Granted catalog and schema permissions to {principal}")

In [0]:
# Grant all privileges on all tables in the schema to the principal
tables = [row.tableName for row in spark.sql(f"SHOW TABLES IN `{catalog}`.`{schema}`").collect()]
for table in tables:
    spark.sql(f"GRANT ALL PRIVILEGES ON TABLE `{catalog}`.`{schema}`.`{table}` TO `{principal}`")
    print(f"Granted all privileges on table {catalog}.{schema}.{table} to {principal}")