From 8fd3965b8a0b9e138d068aedc7bdc587ade7f9dc Mon Sep 17 00:00:00 2001 From: imtbkcat Date: Wed, 27 May 2020 11:48:35 +0800 Subject: [PATCH 1/4] add set role document --- sql-statements/sql-statement-add-set-role.md | 113 +++++++++++++++++++ 1 file changed, 113 insertions(+) create mode 100644 sql-statements/sql-statement-add-set-role.md diff --git a/sql-statements/sql-statement-add-set-role.md b/sql-statements/sql-statement-add-set-role.md new file mode 100644 index 000000000000..a13e34b36e92 --- /dev/null +++ b/sql-statements/sql-statement-add-set-role.md @@ -0,0 +1,113 @@ +--- +title: SHOW PLUGINS +summary: TiDB 数据库中 SET ROLE 的使用概况。 +category: reference +--- + +# SET ROLE + +`SET ROLE` 用于在当前用户会话中启用角色。使用 `SET ROLE` 启用角色后,用户可以使用这些角色的权限。 + +## 语法图 + +**SetRoleStmt:** + +![SetRoleStmt](/media/sqlgram/SetRoleStmt.png) + +**SetRoleOpt:** + +![SetRoleOpt](/media/sqlgram/SetRoleOpt.png) + +**SetDefaultRoleOpt:** + +![SetDefaultRoleOpt](/media/sqlgram/SetDefaultRoleOpt.png) + +## 示例 + +创建一个用户 `'u1'@'%'`, 创建三个角色 `'r1'@'%'`, `'r2'@'%'`, `'r3'@'%'` 并将这些角色授予给 `'u1'@'%'`。 +将 `'u1'@'%'` 的默认启用角色设置为 `'r1'@'%'`。 + +{{< copyable "sql" >}} + +```sql +CREATE USER 'u1'@'%'; +CREATE ROLE 'r1', 'r2', 'r3'; +GRANT 'r1', 'r2', 'r3' TO 'u1'@'%'; +SET DEFAULT ROLE 'r1' TO 'u1'@'%'; +``` + +使用 `'u1'@'%'` 登陆,执行 `SET ROLE` 将启用角色设置为 `ALL`。 + +{{< copyable "sql" >}} + +```sql +SET ROLE ALL; +SELECT CURRENT_ROLE(); +``` + +``` ++----------------------------+ +| CURRENT_ROLE() | ++----------------------------+ +| `r1`@`%`,`r2`@`%`,`r3`@`%` | ++----------------------------+ +1 row in set (0.000 sec) +``` + +执行 `SET ROLE` 将启用角色设置为 `'r2'` 和 `'r3'`。 + +{{< copyable "sql" >}} + +```sql +SET ROLE 'r2', 'r3'; +SELECT CURRENT_ROLE(); +``` + +``` ++-------------------+ +| CURRENT_ROLE() | ++-------------------+ +| `r2`@`%`,`r3`@`%` | ++-------------------+ +1 row in set (0.000 sec) +``` + +执行 `SET ROLE` 将启用角色设置为 `DEFALUT`。 + +{{< copyable "sql" >}} + +```sql +SET ROLE DEFAULT; +SELECT CURRENT_ROLE(); +``` + +``` ++----------------+ +| CURRENT_ROLE() | ++----------------+ +| `r1`@`%` | ++----------------+ +1 row in set (0.000 sec) +``` + +执行 `SET ROLE` 将启用角色设置为 `NONE`。 + +{{< copyable "sql" >}} + +```sql +SET ROLE NONE; +SELECT CURRENT_ROLE(); +``` + +``` ++----------------+ +| CURRENT_ROLE() | ++----------------+ +| | ++----------------+ +1 row in set (0.000 sec) +``` + +## 另请参阅 + +* [基于角色的访问控制](/role-based-access-control.md) \ No newline at end of file From 848d072d2916290abf5fe61d3d1d98428425ae16 Mon Sep 17 00:00:00 2001 From: Keke Yi <40977455+yikeke@users.noreply.github.com> Date: Wed, 27 May 2020 11:58:56 +0800 Subject: [PATCH 2/4] Update sql-statements/sql-statement-add-set-role.md --- sql-statements/sql-statement-add-set-role.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sql-statements/sql-statement-add-set-role.md b/sql-statements/sql-statement-add-set-role.md index a13e34b36e92..4d3889f7e1e9 100644 --- a/sql-statements/sql-statement-add-set-role.md +++ b/sql-statements/sql-statement-add-set-role.md @@ -1,5 +1,5 @@ --- -title: SHOW PLUGINS +title: SET ROLE summary: TiDB 数据库中 SET ROLE 的使用概况。 category: reference --- @@ -110,4 +110,4 @@ SELECT CURRENT_ROLE(); ## 另请参阅 -* [基于角色的访问控制](/role-based-access-control.md) \ No newline at end of file +* [基于角色的访问控制](/role-based-access-control.md) From 1d454c9cfcf80ad17e0c20916302402a2ec89c3e Mon Sep 17 00:00:00 2001 From: yikeke Date: Wed, 27 May 2020 12:00:00 +0800 Subject: [PATCH 3/4] rename --- .../{sql-statement-add-set-role.md => sql-statement-set-role.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename sql-statements/{sql-statement-add-set-role.md => sql-statement-set-role.md} (100%) diff --git a/sql-statements/sql-statement-add-set-role.md b/sql-statements/sql-statement-set-role.md similarity index 100% rename from sql-statements/sql-statement-add-set-role.md rename to sql-statements/sql-statement-set-role.md From d761eafadcaacc751215dbe131283a0ebe3049d4 Mon Sep 17 00:00:00 2001 From: Keke Yi <40977455+yikeke@users.noreply.github.com> Date: Wed, 27 May 2020 12:25:48 +0800 Subject: [PATCH 4/4] Update sql-statements/sql-statement-set-role.md Co-authored-by: djshow832 <873581766@qq.com> --- sql-statements/sql-statement-set-role.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql-statements/sql-statement-set-role.md b/sql-statements/sql-statement-set-role.md index 4d3889f7e1e9..860d0c55d79b 100644 --- a/sql-statements/sql-statement-set-role.md +++ b/sql-statements/sql-statement-set-role.md @@ -36,7 +36,7 @@ GRANT 'r1', 'r2', 'r3' TO 'u1'@'%'; SET DEFAULT ROLE 'r1' TO 'u1'@'%'; ``` -使用 `'u1'@'%'` 登陆,执行 `SET ROLE` 将启用角色设置为 `ALL`。 +使用 `'u1'@'%'` 登录,执行 `SET ROLE` 将启用角色设置为 `ALL`。 {{< copyable "sql" >}}