github.com/matrixorigin/matrixone@v0.7.0/test/distributed/cases/zz_accesscontrol/grant_privs_role.result (about) 1 drop user if exists user1,user2,user3,user4,user5,user11,user12,testuser,user_grant_1,user_grant_3,user_grant_4,user_grant_5,user_grant_6,user_grant_7,user_grant_8,user_grant_9,user_grant_10,user_prepare_01; 2 drop role if exists u_role,test_role,grant_role_1,role_sys_priv,role_account_priv_2,role_account_priv_3,role_account_priv_4,role_account_priv_5,role_account_priv_6,role_account_priv_7,role_account_priv_8,role_account_priv_9,role_account_priv_10,role_prepare_1; 3 drop database if exists grant_db; 4 drop database if exists testdb; 5 drop database if exists testdb4; 6 drop database if exists testdb5; 7 drop database if exists grant_db4; 8 drop database if exists grant_db5; 9 drop account if exists grant_account01; 10 drop table if exists table_4; 11 drop table if exists grant_table_10; 12 drop table if exists grant_table_30; 13 create account grant_account01 admin_name='admin' identified by '123456'; 14 create database grant_db; 15 create role test_role; 16 create database testdb; 17 create user testuser IDENTIFIED BY '123456'; 18 grant select,insert,update on table testdb.* to test_role with grant option; 19 select privilege_name,obj_type,privilege_level,with_grant_option from mo_catalog.mo_role_privs where role_name='test_role'; 20 privilege_name obj_type privilege_level with_grant_option 21 select table d.* true 22 insert table d.* true 23 update table d.* true 24 grant all on account * to test_role; 25 select privilege_name,obj_type,privilege_level,with_grant_option from mo_catalog.mo_role_privs where role_name='test_role'; 26 privilege_name obj_type privilege_level with_grant_option 27 select table d.* true 28 insert table d.* true 29 update table d.* true 30 account all account * false 31 grant OWNERSHIP on database *.* to test_role; 32 grant OWNERSHIP on table *.* to test_role; 33 select privilege_name,obj_type,privilege_level,with_grant_option from mo_catalog.mo_role_privs where role_name='test_role'; 34 privilege_name obj_type privilege_level with_grant_option 35 select table d.* true 36 insert table d.* true 37 update table d.* true 38 account all account * false 39 database ownership database *.* false 40 table ownership table *.* false 41 grant select,insert,update on testdb.* to test_role; 42 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 36 near " testdb.* to test_role;"; 43 grant select,insert,update on account * to 'test_role'; 44 internal error: the privilege "select" can only be granted to the object type "table" 45 grant show tables,create,drop,alter on testdb.* to 'test_role'; 46 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 30 near ",alter on testdb.* to 'test_role';"; 47 grant show tables,create,drop,alter on table testdb.* to 'test_role'; 48 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 30 near ",alter on table testdb.* to 'test_role';"; 49 grant select,insert,create database on table testdb.* to test_role; 50 internal error: the privilege "create database" can only be granted to the object type "account" 51 grant select,insert,update on table to 'test_role'; 52 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 38 near " to 'test_role';"; 53 grant select,insert,update on table testdb.* to 'trole'; 54 internal error: there is no role trole 55 grant select,insert,create database on account * to test_role; 56 internal error: the privilege "select" can only be granted to the object type "table" 57 grant select,insert,create database on account *.* to testuser; 58 internal error: there is no role testuser 59 grant role_not_exists to dump; 60 internal error: there is no role role_not_exists 61 grant moadmin to user_not_exists; 62 internal error: there is no role or user user_not_exists 63 create role grant_role_1; 64 grant create account, drop account, alter account on * to 'grant_role_1' with grant option; 65 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 55 near " * to 'grant_role_1' with grant option;"; 66 grant grant_role_1 to grant_role_1; 67 cannot grant role grant_role_1 to grant_role_1 68 grant show tables,create table,drop table on database * to moadmin; 69 internal error: the privilege can not be granted to the role moadmin 70 create user 'user_grant_1' identified by '123456'; 71 create role 'role_sys_priv'; 72 grant create account, drop account, alter account on account * to role_sys_priv; 73 internal error: the privilege create account can not be granted 74 grant role_sys_priv to user_grant_1; 75 create account account01 admin_name='admin' identified by '123456'; 76 internal error: do not have privilege to execute the statement 77 drop account account01 ; 78 internal error: do not have privilege to execute the statement 79 create user if not exists user_grant_2 identified by '123456'; 80 create role if not exists 'role_account_priv_1'; 81 grant create user, drop user, alter user, create role, drop role, create database,drop database,show databases,connect,manage grants on account * to role_account_priv_1 with grant option; 82 grant select on table *.* to role_account_priv_1; 83 grant role_account_priv_1 to user_grant_2; 84 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_1'; 85 user_name role_name obj_type privilege_name privilege_level 86 user_grant_2 role_account_priv_1 account create user * 87 user_grant_2 role_account_priv_1 account drop user * 88 user_grant_2 role_account_priv_1 account alter user * 89 user_grant_2 role_account_priv_1 account create role * 90 user_grant_2 role_account_priv_1 account drop role * 91 user_grant_2 role_account_priv_1 account create database * 92 user_grant_2 role_account_priv_1 account drop database * 93 user_grant_2 role_account_priv_1 account show databases * 94 user_grant_2 role_account_priv_1 account connect * 95 user_grant_2 role_account_priv_1 account manage grants * 96 user_grant_2 role_account_priv_1 table select *.* 97 create user user_test_2 identified by '123456'; 98 select user_name,authentication_string from mo_catalog.mo_user where user_name='user_test_2'; 99 user_name authentication_string 100 user_test_2 123456 101 create role if not exists role_test_01; 102 select role_name from mo_catalog.mo_role where role_name='role_test_01'; 103 role_name 104 role_test_01 105 grant create user, drop user on account * to role_test_01; 106 grant insert,select on table *.* to role_test_01; 107 internal error: do not have privilege to execute the statement 108 grant role_test_01 to user_test_2; 109 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_test_01'; 110 user_name role_name obj_type privilege_name privilege_level 111 user_test_2 role_test_01 account create user * 112 user_test_2 role_test_01 account drop user * 113 drop role role_test_01; 114 select role_name from mo_catalog.mo_role where role_name='role_test_01'; 115 role_name 116 drop user user_test_2; 117 select user_name,authentication_string from mo_catalog.mo_user where user_name='user_test_2'; 118 user_name authentication_string 119 create database db_test_01; 120 use db_test_01; 121 drop database db_test_01; 122 create user 'user_grant_3' identified by '123456'; 123 create role 'role_account_priv_2'; 124 grant all on account * to 'role_account_priv_2'; 125 grant role_account_priv_2 to user_grant_3; 126 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_2' with grant option ; 127 SQL parser error: You have an error in your SQL syntax; check the manual that corresponds to your MatrixOne server version for the right syntax to use. syntax error at line 1 column 273 near " with grant option ;"; 128 create user 'user_test_3' identified by '123456'; 129 create role if not exists role_test_02; 130 grant all on account * to role_test_02; 131 internal error: do not have privilege to execute the statement 132 grant role_test_02 to user_test_3; 133 drop role role_test_02; 134 create database db_test_01; 135 use db_test_01; 136 drop database db_test_01; 137 drop user user_test_3; 138 create user 'user_grant_4' identified by '123456'; 139 create role 'role_account_priv_3'; 140 grant show tables,create table ,drop table,alter table on database grant_db to role_account_priv_3; 141 grant connect on account * to role_account_priv_3; 142 grant role_account_priv_3 to user_grant_4; 143 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_3'; 144 user_name role_name obj_type privilege_name privilege_level 145 user_grant_4 role_account_priv_3 database show tables d 146 user_grant_4 role_account_priv_3 database create table d 147 user_grant_4 role_account_priv_3 database drop table d 148 user_grant_4 role_account_priv_3 database alter table d 149 user_grant_4 role_account_priv_3 account connect * 150 use grant_db; 151 show tables; 152 tables_in_grant_db 153 create table grant_table_03 (id int,name varchar(50),num double)PARTITION BY KEY(id) PARTITIONS 4; 154 show create table grant_table_03; 155 Table Create Table 156 grant_table_03 CREATE TABLE `grant_table_03` (\n`id` INT DEFAULT NULL,\n`name` VARCHAR(50) DEFAULT NULL,\n`num` DOUBLE DEFAULT NULL\n) partition by key algorithm = 2 (id) partitions 4 157 create view grant_v_1 as select * from grant_table_03; 158 internal error: do not have privilege to execute the statement 159 drop table grant_table_03; 160 drop view grant_v_1; 161 internal error: do not have privilege to execute the statement 162 create user 'user_grant_5' identified by '123456'; 163 create role 'role_account_priv_4'; 164 create database grant_db4; 165 create database grant_db5; 166 grant all on database grant_db4 to role_account_priv_4; 167 grant connect on account * to role_account_priv_4; 168 grant role_account_priv_4 to user_grant_5; 169 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_4'; 170 user_name role_name obj_type privilege_name privilege_level 171 user_grant_5 role_account_priv_4 database database all d 172 user_grant_5 role_account_priv_4 account connect * 173 use grant_db4; 174 show tables; 175 tables_in_grant_db4 176 create table grant_table_04 (id int,name varchar(50),num double)PARTITION BY KEY(id) PARTITIONS 4; 177 show create table grant_table_04; 178 Table Create Table 179 grant_table_04 CREATE TABLE `grant_table_04` (\n`id` INT DEFAULT NULL,\n`name` VARCHAR(50) DEFAULT NULL,\n`num` DOUBLE DEFAULT NULL\n) partition by key algorithm = 2 (id) partitions 4 180 create view grant_v_2 as select * from grant_table_04; 181 drop table grant_table_04; 182 drop view grant_v_2; 183 use grant_db5; 184 show tables; 185 internal error: do not have privilege to execute the statement 186 create table grant_table_04 (id int,name varchar(50),num double)PARTITION BY KEY(id) PARTITIONS 4; 187 internal error: do not have privilege to execute the statement 188 create user 'user_grant_6' identified by '123456'; 189 create role 'role_account_priv_5',role_account_priv_6; 190 grant ownership on database * to role_account_priv_5; 191 grant create role,connect on account * to role_account_priv_5; 192 grant role_account_priv_5 to user_grant_6; 193 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_5'; 194 user_name role_name obj_type privilege_name privilege_level 195 user_grant_6 role_account_priv_5 database database ownership * 196 user_grant_6 role_account_priv_5 account create role * 197 user_grant_6 role_account_priv_5 account connect * 198 use grant_db; 199 show tables; 200 tables_in_grant_db 201 create table grant_table_05 (id int,name varchar(50),num double)PARTITION BY KEY(id) PARTITIONS 4; 202 create role 'role_account_priv_10'; 203 grant create table,drop table on database * to role_account_priv_10; 204 internal error: do not have privilege to execute the statement 205 drop role role_account_priv_6; 206 create database testdb4; 207 create database testdb5; 208 create table testdb4.table_1(id int,name varchar(50),num double); 209 insert into testdb4.table_1 values (1,'banana',83.98),(2,'apple',0.003); 210 create table testdb5.table_2(id int,name varchar(50),num double); 211 insert into testdb5.table_2 values (3,'pear',3.8),(4,'orange',5.03); 212 create table testdb5.table_3(id int,name varchar(50),num double); 213 insert into testdb5.table_3 values (5,'aaa',3.8),(6,'bbb',5.03); 214 create table table_4(id int,name varchar(50),num double); 215 insert into table_4 values (7,'ccc',1.8),(8,'ddd',5.3); 216 create user 'user_grant_7' identified by '123456'; 217 create role 'role_account_priv_6'; 218 grant select ,insert ,update on table *.* to role_account_priv_6; 219 grant role_account_priv_6 to user_grant_7; 220 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_6'; 221 user_name role_name obj_type privilege_name privilege_level 222 user_grant_7 role_account_priv_6 table select *.* 223 user_grant_7 role_account_priv_6 table insert *.* 224 user_grant_7 role_account_priv_6 table update *.* 225 select * from testdb5.table_2; 226 id name num 227 3 pear 3.8 228 4 orange 5.03 229 insert into testdb5.table_2 values (9,'',8.00); 230 select * from testdb5.table_2; 231 id name num 232 3 pear 3.8 233 4 orange 5.03 234 9 8.0 235 update testdb4.table_1 set name='uuu' where id=2; 236 select * from testdb4.table_1; 237 id name num 238 1 banana 83.98 239 2 uuu 0.003 240 delete from testdb4.table_1; 241 internal error: do not have privilege to execute the statement 242 create user 'user_grant_8' identified by '123456'; 243 create role 'role_account_priv_7'; 244 grant truncate ,delete ,reference ,index on table testdb4.* to role_account_priv_7; 245 grant role_account_priv_7 to user_grant_8; 246 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_7'; 247 user_name role_name obj_type privilege_name privilege_level 248 user_grant_8 role_account_priv_7 table truncate d.* 249 user_grant_8 role_account_priv_7 table delete d.* 250 user_grant_8 role_account_priv_7 table reference d.* 251 user_grant_8 role_account_priv_7 table index d.* 252 delete from testdb4.table_1; 253 select * from testdb4.table_1; 254 internal error: do not have privilege to execute the statement 255 truncate table testdb5.table_2; 256 internal error: do not have privilege to execute the statement 257 create user 'user_grant_9' identified by '123456'; 258 create role 'role_account_priv_8'; 259 grant ownership on table testdb5.table_2 to role_account_priv_8; 260 grant role_account_priv_8 to user_grant_9; 261 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_8'; 262 user_name role_name obj_type privilege_name privilege_level 263 user_grant_9 role_account_priv_8 table table ownership d.t 264 select * from testdb4.table_1; 265 internal error: do not have privilege to execute the statement 266 delete from testdb4.table_1; 267 insert into testdb5.table_2 values(20,'yeah',10.20); 268 internal error: do not have privilege to execute the statement 269 update testdb5.table_2 set name='bread' where id=20; 270 internal error: do not have privilege to execute the statement 271 select * from testdb5.table_2; 272 internal error: do not have privilege to execute the statement 273 create user 'user_grant_10' identified by '123456'; 274 create role 'role_account_priv_9'; 275 create table grant_table_10(a int); 276 grant all on table testdb4.* to role_account_priv_9; 277 grant role_account_priv_9 to user_grant_10; 278 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name='role_account_priv_9'; 279 user_name role_name obj_type privilege_name privilege_level 280 user_grant_10 role_account_priv_9 table table all d.* 281 insert into testdb4.table_1 values (10,'ccc',1.8),(11,'ddd',5.3); 282 internal error: do not have privilege to execute the statement 283 select * from testdb4.table_1; 284 internal error: do not have privilege to execute the statement 285 update testdb4.table_1 set name='oppo' where id=10; 286 internal error: do not have privilege to execute the statement 287 delete from testdb4.table_1; 288 select * from testdb4.table_1; 289 internal error: do not have privilege to execute the statement 290 delete from testdb5.table_2; 291 internal error: do not have privilege to execute the statement 292 show tables; 293 internal error: do not have privilege to execute the statement 294 create database ttt; 295 internal error: do not have privilege to execute the statement 296 create account `test@123456` ADMIN_NAME 'admin' IDENTIFIED BY '123456'; 297 internal error: do not have privilege to execute the statement 298 drop table testdb4.table_1; 299 internal error: do not have privilege to execute the statement 300 drop role if exists r1,r2,r3,r4,r5,r6,r7,r8,r9,r10; 301 create role r1,r2,r3,r4,r5,r6,r7,r8,r9,r10; 302 grant select,insert ,update on table *.* to r1,r2,r3,r4,r5; 303 select role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_role_privs where role_name in ('r1','r2','r3','r4','r5'); 304 role_name obj_type privilege_name privilege_level 305 r1 table select *.* 306 r2 table select *.* 307 r3 table select *.* 308 r4 table select *.* 309 r5 table select *.* 310 r1 table insert *.* 311 r2 table insert *.* 312 r3 table insert *.* 313 r4 table insert *.* 314 r5 table insert *.* 315 r1 table update *.* 316 r2 table update *.* 317 r3 table update *.* 318 r4 table update *.* 319 r5 table update *.* 320 grant create table on database *.* to r1,r2,r3,r4,r5; 321 select role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_role_privs where role_name in ('r1','r2','r3','r4','r5') and obj_type="database"; 322 role_name obj_type privilege_name privilege_level 323 r1 database create table *.* 324 r2 database create table *.* 325 r3 database create table *.* 326 r4 database create table *.* 327 r5 database create table *.* 328 grant create table on database *.* to r1,r2,r15,r4,r5; 329 internal error: there is no role r15 330 grant select on database *.* to r1,r2,r3,r4,r5; 331 internal error: the privilege "select" can only be granted to the object type "table" 332 create user user1 identified by '12345678',user2 identified by '12345678',user3 identified by '12345678',user4 identified by '12345678',user5 identified by '12345678'; 333 grant r1,r2,r3,r4,r5 to user1,user2,user3,user4,user5; 334 select count(*) from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name in ('r1','r2','r3','r4','r5'); 335 count(*) 336 99 337 create table grant_table_10(a int); 338 internal error: do not have privilege to execute the statement 339 grant create role on account * to r5; 340 grant r5 to user1,user2,user3,user4,user5; 341 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and role_name in ('r5'); 342 user_name role_name obj_type privilege_name privilege_level 343 user1 r5 table select *.* 344 user1 r5 table insert *.* 345 user1 r5 table update *.* 346 user1 r5 database create table *.* 347 user1 r5 account create role * 348 user2 r5 table select *.* 349 user2 r5 table insert *.* 350 user2 r5 table update *.* 351 user2 r5 database create table *.* 352 user2 r5 account create role * 353 user3 r5 table select *.* 354 user3 r5 table insert *.* 355 user3 r5 table update *.* 356 user3 r5 database create table *.* 357 user3 r5 account create role * 358 user4 r5 table select *.* 359 user4 r5 table insert *.* 360 user4 r5 table update *.* 361 user4 r5 database create table *.* 362 user4 r5 account create role * 363 user5 r5 table select *.* 364 user5 r5 table insert *.* 365 user5 r5 table update *.* 366 user5 r5 database create table *.* 367 user5 r5 account create role * 368 create role test_role; 369 internal error: do not have privilege to execute the statement 370 select count(*) from mo_catalog.mo_role where role_name='test_role'; 371 internal error: do not have privilege to execute the statement 372 create user user11 identified by '12345678'; 373 grant select ,insert ,update on table *.* to r1,r2 with grant option; 374 grant r1,r2 to r6,r7; 375 select mr.role_name,mp.role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_role_grant mg,mo_catalog.mo_role mr ,mo_catalog.mo_role_privs mp where mg.grantee_id=mr.role_id and mg.granted_id = mp.role_id and mr.role_name in ('r6','r7'); 376 role_name role_name obj_type privilege_name privilege_level 377 r6 r1 database create table *.* 378 r7 r1 database create table *.* 379 r6 r2 database create table *.* 380 r7 r2 database create table *.* 381 r6 r1 table select *.* 382 r7 r1 table select *.* 383 r6 r2 table select *.* 384 r7 r2 table select *.* 385 r6 r1 table insert *.* 386 r7 r1 table insert *.* 387 r6 r2 table insert *.* 388 r7 r2 table insert *.* 389 r6 r1 table update *.* 390 r7 r1 table update *.* 391 r6 r2 table update *.* 392 r7 r2 table update *.* 393 create user user12 identified by '12345678'; 394 grant r2 to r8,r9,r10; 395 select mr.role_name,mp.role_name,obj_type,privilege_name,privilege_level from mo_role_grant mg,mo_role mr ,mo_role_privs mp where mg.grantee_id=mr.role_id and mg.granted_id = mp.role_id and mr.role_name in ('r8','r9','10'); 396 SQL parser error: table "mo_role_grant" does not exist 397 grant select ,insert ,update on table *.* to r1,r2 with grant option; 398 grant select ,insert ,update on table *.* to r1,r2 with grant option; 399 select role_name,obj_type,privilege_name,privilege_level,with_grant_option from mo_catalog.mo_role_privs where role_name in ('r1','r2'); 400 role_name obj_type privilege_name privilege_level with_grant_option 401 r1 database create table *.* false 402 r2 database create table *.* false 403 r1 table select *.* true 404 r2 table select *.* true 405 r1 table insert *.* true 406 r2 table insert *.* true 407 r1 table update *.* true 408 r2 table update *.* true 409 grant r1,r2 to user1,user2; 410 grant r1,r2 to user1,user2; 411 select user_name,role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_user_grant,mo_catalog.mo_user,mo_catalog.mo_role_privs where mo_user_grant.user_id=mo_user.user_id and mo_role_privs.role_id=mo_user_grant.role_id and user_name in ('user1','user2') and role_name in ('r1','r2'); 412 user_name role_name obj_type privilege_name privilege_level 413 user1 r1 database create table *.* 414 user1 r1 table select *.* 415 user1 r1 table insert *.* 416 user1 r1 table update *.* 417 user2 r1 database create table *.* 418 user2 r1 table select *.* 419 user2 r1 table insert *.* 420 user2 r1 table update *.* 421 user1 r2 database create table *.* 422 user1 r2 table select *.* 423 user1 r2 table insert *.* 424 user1 r2 table update *.* 425 user2 r2 database create table *.* 426 user2 r2 table select *.* 427 user2 r2 table insert *.* 428 user2 r2 table update *.* 429 grant r1,r2 to r6,r7; 430 grant r1,r2 to r6,r7; 431 select mr.role_name,mp.role_name,obj_type,privilege_name,privilege_level from mo_catalog.mo_role_grant mg,mo_catalog.mo_role mr ,mo_catalog.mo_role_privs mp where mg.grantee_id=mr.role_id and mg.granted_id = mp.role_id and mr.role_name in ('r6','r7'); 432 role_name role_name obj_type privilege_name privilege_level 433 r6 r1 database create table *.* 434 r7 r1 database create table *.* 435 r6 r2 database create table *.* 436 r7 r2 database create table *.* 437 r6 r1 table select *.* 438 r7 r1 table select *.* 439 r6 r2 table select *.* 440 r7 r2 table select *.* 441 r6 r1 table insert *.* 442 r7 r1 table insert *.* 443 r6 r2 table insert *.* 444 r7 r2 table insert *.* 445 r6 r1 table update *.* 446 r7 r1 table update *.* 447 r6 r2 table update *.* 448 r7 r2 table update *.* 449 drop user if exists user1,user2,user3,user4,user5,user11,user12,testuser,user_grant_1,user_grant_3,user_grant_4,user_grant_5,user_grant_6,user_grant_7,user_grant_8,user_grant_9,user_grant_10,user_prepare_01; 450 drop role if exists u_role,test_role,grant_role_1,role_sys_priv,role_account_priv_2,role_account_priv_3,role_account_priv_4,role_account_priv_5,role_account_priv_6,role_account_priv_7,role_account_priv_8,role_account_priv_9,role_account_priv_10,role_prepare_1; 451 drop database if exists grant_db; 452 drop database if exists testdb; 453 drop database if exists testdb4; 454 drop database if exists testdb5; 455 drop database if exists grant_db4; 456 drop database if exists grant_db5; 457 drop account if exists grant_account01; 458 drop table if exists table_4; 459 drop table if exists grant_table_10; 460 drop table if exists grant_table_30; 461 drop role if exists r1,r2,r3,r4,r5,r6,r7,r8,r9,r10;