EXECUTE Privilege

Overview

Grants ability to execute stored routines.

USAGE

DETAILS

  • Scope: Global, Database, Routine

  • Privilege name for GRANT: EXECUTE

  • Privilege name for REVOKE: EXECUTE

  • Privilege shown by SHOW GRANTS: EXECUTE

SYNONYMS

SCHEMA

PARAMETERS

SKYSQL

PRIVILEGES

EXAMPLES

GRANT

The following examples demonstrate grant of a single privilege. A single GRANT statement can grant multiple privileges at the same scope by providing a comma-separated list of the privileges.

To grant the EXECUTE privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

GRANT EXECUTE
  ON *.*
  TO 'USERNAME'@'HOSTNAME';

To grant the EXECUTE privilege at database scope, replace the user specification ('USERNAME'@'HOSTNAME') and database name (DATABASE_NAME) in the following query to align to your requirements:

GRANT EXECUTE
  ON DATABASE_NAME.*
  TO 'USERNAME'@'HOSTNAME';

To grant the EXECUTE privilege at routine scope, replace the user specification ('USERNAME'@'HOSTNAME'), database name (DATABASE_NAME), and routine name (ROUTINE_NAME) in the following query to align to your requirements:

GRANT EXECUTE
  ON DATABASE_NAME.ROUTINE_NAME
  TO 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

REVOKE

The following examples demonstrate revoke of a single previously-granted privilege. A single REVOKE statement can revoke multiple privileges at the same scope by providing a comma-separated list of the privileges.

To revoke the EXECUTE privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

REVOKE EXECUTE
  ON *.*
  FROM 'USERNAME'@'HOSTNAME';

To revoke the EXECUTE privilege at database scope, replace the user specification ('USERNAME'@'HOSTNAME') and database name (DATABASE_NAME) in the following query to align to your requirements:

REVOKE EXECUTE
  ON DATABASE_NAME.*
  FROM 'USERNAME'@'HOSTNAME';

To revoke the EXECUTE privilege at routine scope, replace the user specification ('USERNAME'@'HOSTNAME'), database name (DATABASE_NAME), and routine name (ROUTINE_NAME) in the following query to align to your requirements:

REVOKE EXECUTE
  ON DATABASE_NAME.ROUTINE_NAME
  FROM 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

SHOW Output

A user's privileges can be displayed using the SHOW GRANTS statement.

If the EXECUTE privilege is present, it will be shown as EXECUTE in the output. For example:

SHOW GRANTS FOR 'app_user'@'192.0.2.%';
+-------------------------------------------------------+
| Grants for app_user@192.0.2.%                         |
+-------------------------------------------------------+
| GRANT EXECUTE ON `app_db`.* TO 'app_user'@'192.0.2.%' |
+-------------------------------------------------------+

Privilege Failure

An error message is raised if an operation fails due to insufficient privileges. For example:

CALL db1.test_proc();
ERROR 1045 (HY000): [11281] Permission denied: User 'USERNAME'@'HOSTNAME' is missing EXECUTE on `db1`.`test_proc`; transaction aborted

ERROR HANDLING

FEATURE INTERACTION

RESPONSES

DIAGNOSIS

ISO 9075:2016

CHANGE HISTORY

Release Series

History

23.09

  • Present starting in MariaDB Xpand 23.09.1.

6.1

  • Present starting in MariaDB Xpand 6.1.0.

6.0

  • Present starting in MariaDB Xpand 6.0.3.

5.3

  • Present starting in MariaDB Xpand 5.3.13.

Release Series

History

6.0

  • Present starting in MariaDB Xpand 6.0.3.

5.3

  • Present starting in MariaDB Xpand 5.3.13.

Release Series

History

6.1

  • Present starting in MariaDB Xpand 6.1.0.

EXTERNAL REFERENCES