SET USER Privilege

Overview

In 23.09, 6.1:

Grants ability to execute CREATE DEFINER=[<user_name>] TRIGGER and CREATE DEFINER=[<user_name>] PROCEDURE.

In 6.1:

Grants ability to execute CREATE DEFINER=[<user_name>] TRIGGER and CREATE DEFINER=[<user_name>] PROCEDURE.

In 6.0, 5.3:

Not present

USAGE

DETAILS

  • Scope: Global

  • Privilege name for GRANT: SET USER

  • Privilege name for REVOKE: SET USER

  • Privilege shown by SHOW GRANTS: SET USER

The SET USER privilege is supported starting with Xpand 6.1. It grants permission for the following operations:

The SUPER privilege is a superset of the SET USER privilege.

SYNONYMS

SCHEMA

PARAMETERS

SKYSQL

PRIVILEGES

EXAMPLES

GRANT

The following examples demonstrate grant of a single privilege. A single GRANT statement can grant multiple privileges at the same scope by providing a comma-separated list of the privileges.

To grant the SET USER privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

GRANT SET USER
  ON *.*
  TO 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

REVOKE

The following examples demonstrate revoke of a single previously-granted privilege. A single REVOKE statement can revoke multiple privileges at the same scope by providing a comma-separated list of the privileges.

To revoke the SET USER privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

REVOKE SET USER
  ON *.*
  FROM 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

SHOW Output

A user's privileges can be displayed using the SHOW GRANTS statement.

If the SET USER privilege is present, it will be shown as SET USER in the output. For example:

SHOW GRANTS FOR 'app_user'@'192.0.2.%';
+-------------------------------------------------+
| Grants for app_user@192.0.2.%                   |
+-------------------------------------------------+
| GRANT SET USER ON *.* TO 'app_user'@'192.0.2.%' |
+-------------------------------------------------+

Privilege Failure

An error message is raised if an operation fails due to insufficient privileges. For example:

DELIMITER //
CREATE
   DEFINER='root'
PROCEDURE exampleSP()
BEGIN
   SELECT 1;
END //
DELIMITER ;
ERROR 1045 (HY000): [11281] Permission denied: User "'USERNAME'@'HOSTNAME'" is missing SET USER on *.*; transaction aborted

ERROR HANDLING

FEATURE INTERACTION

RESPONSES

DIAGNOSIS

ISO 9075:2016

CHANGE HISTORY

Release Series

History

23.09

  • Present starting in MariaDB Xpand 23.09.1.

6.1

  • Added in MariaDB Xpand 6.1.0.

6.0

  • Not present.

5.3

  • Not present.

Release Series

History

6.0

  • Not present.

5.3

  • Not present.

Release Series

History

6.1

  • Added in MariaDB Xpand 6.1.0.

EXTERNAL REFERENCES