github.com/matrixorigin/matrixone@v0.7.0/test/distributed/cases/tenant/privilege/role5_inherit.sql

github.com/matrixorigin/matrixone@v0.7.0/test/distributed/cases/tenant/privilege/role5_inherit.sql (about)

     1  drop user if exists anne,bill;
     2  create user anne identified by '111' , bill identified by '111';
     3  drop role if exists intern,lead,newrole,rolex,dev,test,rx;
     4  create role intern,lead,newrole,rolex,dev,test,rx;
     5  
     6  -- basci privilege
     7  grant connect on account * to intern,lead,newrole,rolex;
     8  
     9  grant intern to anne;
    10  grant dev to intern;
    11  grant test to dev;
    12  grant create table on database * to intern with grant option;
    13  grant create database on account * to dev;
    14  grant drop database on account * to dev with grant option;
    15  grant drop table on database * to test with grant option;
    16  
    17  grant lead to anne with grant option;
    18  grant dev to lead with grant option;
    19  grant create table on database * to lead with grant option;
    20  
    21  grant newrole to anne;
    22  grant create table on database * to newrole with grant option;
    23  grant dev to newrole with grant option;
    24  grant newrole to lead with grant option;
    25  grant newrole to anne;
    26  grant newrole to rolex with grant option;
    27  grant rolex to anne;
    28  
    29  -- @session:id=2&user=sys:anne:intern&password=111
    30  drop database if exists t;
    31  create database t;
    32  use t;
    33  create table A(a int);
    34  drop table A;
    35  
    36  -- intern
    37  grant create table on database * to rx;
    38  grant create database on account * to rx;
    39  grant drop database on account * to rx;
    40  grant drop table on database * to rx;
    41  
    42  grant test to rx,bill;
    43  grant dev to rx,bill;
    44  grant intern to rx,bill;
    45  grant lead to rx,bill;
    46  grant newrole to rx,bill;
    47  grant rolex to rx,bill;
    48  
    49  -- intern with secondary all
    50  set secondary role all;
    51  grant test to rx,bill;
    52  grant dev to rx,bill;
    53  grant intern to rx,bill;
    54  grant lead to rx,bill;
    55  grant newrole to rx,bill;
    56  grant rolex to rx,bill;
    57  
    58  set role lead;
    59  
    60  drop database if exists t;
    61  create database t;
    62  use t;
    63  create table A(a int);
    64  drop table A;
    65  
    66  -- lead
    67  grant create table on database * to rx;
    68  grant create database on account * to rx;
    69  grant drop database on account * to rx;
    70  grant drop table on database * to rx;
    71  
    72  grant test to rx,bill;
    73  grant dev to rx,bill;
    74  grant intern to rx,bill;
    75  grant lead to rx,bill;
    76  grant newrole to rx,bill;
    77  grant rolex to rx,bill;
    78  
    79  -- lead with secondary all
    80  set secondary role all;
    81  grant test to rx,bill;
    82  grant dev to rx,bill;
    83  grant intern to rx,bill;
    84  grant lead to rx,bill;
    85  grant newrole to rx,bill;
    86  grant rolex to rx,bill;
    87  
    88  set role newrole;
    89  
    90  drop database if exists t;
    91  create database t;
    92  use t;
    93  create table A(a int);
    94  drop table A;
    95  
    96  -- newrole
    97  grant create table on database * to rx;
    98  grant create database on account * to rx;
    99  grant drop database on account * to rx;
   100  grant drop table on database * to rx;
   101  
   102  grant test to rx,bill;
   103  grant dev to rx,bill;
   104  grant intern to rx,bill;
   105  grant lead to rx,bill;
   106  grant newrole to rx,bill;
   107  grant rolex to rx,bill;
   108  
   109  -- newrole with secondary all
   110  set secondary role all;
   111  grant test to rx,bill;
   112  grant dev to rx,bill;
   113  grant intern to rx,bill;
   114  grant lead to rx,bill;
   115  grant newrole to rx,bill;
   116  grant rolex to rx,bill;
   117  
   118  set role rolex;
   119  
   120  drop database if exists t;
   121  create database t;
   122  use t;
   123  create table A(a int);
   124  drop table A;
   125  
   126  -- rolex
   127  grant create table on database * to rx;
   128  grant create database on account * to rx;
   129  grant drop database on account * to rx;
   130  grant drop table on database * to rx;
   131  
   132  grant test to rx,bill;
   133  grant dev to rx,bill;
   134  grant intern to rx,bill;
   135  grant lead to rx,bill;
   136  grant newrole to rx,bill;
   137  grant rolex to rx,bill;
   138  
   139  -- rolex with secondary all
   140  set secondary role all;
   141  grant test to rx,bill;
   142  grant dev to rx,bill;
   143  grant intern to rx,bill;
   144  grant lead to rx,bill;
   145  grant newrole to rx,bill;
   146  grant rolex to rx,bill;
   147  
   148  drop database t;
   149  -- @session
   150  
   151  drop user anne,bill;
   152  drop role intern,lead,newrole,rolex,dev,test,rx;