TRIGGER Privilege

This page is part of MariaDB's Documentation.

The parent of this page is: Privileges for MariaDB Xpand

Topics on this page:

Overview

Grants ability to execute CREATE TRIGGER, DROP TRIGGER, SHOW TRIGGERS, and execute triggers on tables you update.

USAGE

DETAILS

Scope: Global, Database, Table
Privilege name for GRANT: TRIGGER
Privilege name for REVOKE: TRIGGER
Privilege shown by SHOW GRANTS: TRIGGER

SYNONYMS

SCHEMA

PARAMETERS

SKYSQL

PRIVILEGES

EXAMPLES

GRANT

The following examples demonstrate grant of a single privilege. A single GRANT statement can grant multiple privileges at the same scope by providing a comma-separated list of the privileges.

To grant the TRIGGER privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

GRANT TRIGGER
  ON *.*
  TO 'USERNAME'@'HOSTNAME';

To grant the TRIGGER privilege at database scope, replace the user specification ('USERNAME'@'HOSTNAME') and database name (DATABASE_NAME) in the following query to align to your requirements:

GRANT TRIGGER
  ON DATABASE_NAME.*
  TO 'USERNAME'@'HOSTNAME';

To grant the TRIGGER privilege at table scope, replace the user specification ('USERNAME'@'HOSTNAME'), database name (DATABASE_NAME), and table name (TABLE_NAME) in the following query to align to your requirements:

GRANT TRIGGER
  ON DATABASE_NAME.TABLE_NAME
  TO 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

REVOKE

The following examples demonstrate revoke of a single previously-granted privilege. A single REVOKE statement can revoke multiple privileges at the same scope by providing a comma-separated list of the privileges.

To revoke the TRIGGER privilege at global scope, replace the user specification ('USERNAME'@'HOSTNAME') in the following query to align to your requirements:

REVOKE TRIGGER
  ON *.*
  FROM 'USERNAME'@'HOSTNAME';

To revoke the TRIGGER privilege at database scope, replace the user specification ('USERNAME'@'HOSTNAME') and database name (DATABASE_NAME) in the following query to align to your requirements:

REVOKE TRIGGER
  ON DATABASE_NAME.*
  FROM 'USERNAME'@'HOSTNAME';

To revoke the TRIGGER privilege at table scope, replace the user specification ('USERNAME'@'HOSTNAME'), database name (DATABASE_NAME), and table name (TABLE_NAME) in the following query to align to your requirements:

REVOKE TRIGGER
  ON DATABASE_NAME.TABLE_NAME
  FROM 'USERNAME'@'HOSTNAME';

For general guidance on privileges, see "Privileges".

SHOW Output

A user's privileges can be displayed using the SHOW GRANTS statement.

If the TRIGGER privilege is present, it will be shown as TRIGGER in the output. For example:

SHOW GRANTS FOR 'app_user'@'192.0.2.%';

+-------------------------------------------------------+
| Grants for app_user@192.0.2.%                         |
+-------------------------------------------------------+
| GRANT TRIGGER ON `app_db`.* TO 'app_user'@'192.0.2.%' |
+-------------------------------------------------------+

Privilege Failure

An error message is raised if an operation fails due to insufficient privileges. For example:

CREATE TRIGGER customer_pay
  BEFORE INSERT ON hq_sales.customer_payment
  FOR EACH ROW
  INSERT INTO hq_sales.customer (customer_id, customer_name,customer_email)
    VALUES (234, "person", "person@test.com");

ERROR 1045 (HY000): [11281] Permission denied: User 'USERNAME'@'HOSTNAME' is missing TRIGGER on `hq_sales`.`customer_payment`; transaction aborted

ERROR HANDLING

FEATURE INTERACTION

RESPONSES

DIAGNOSIS

ISO 9075:2016

CHANGE HISTORY

Release Series	History
23.09	Present starting in MariaDB Xpand 23.09.1.
6.1	Present starting in MariaDB Xpand 6.1.0.
6.0	Present starting in MariaDB Xpand 6.0.3.
5.3	Present starting in MariaDB Xpand 5.3.13.

Release Series	History
6.0	Present starting in MariaDB Xpand 6.0.3.
5.3	Present starting in MariaDB Xpand 5.3.13.

Release Series	History
6.1	Present starting in MariaDB Xpand 6.1.0.