github.com/matrixorigin/matrixone@v1.2.0/test/distributed/cases/tenant/privilege/role7_special_roles_accountadmin.sql

github.com/matrixorigin/matrixone@v1.2.0/test/distributed/cases/tenant/privilege/role7_special_roles_accountadmin.sql (about)

     1  set global enable_privilege_cache = off;
     2  -- cases for accountadmin
     3  drop account if exists accx;
     4  create account accx admin_name 'xcca' identified by '111';
     5  
     6  -- @session:id=3&user=accx:xcca&password=111
     7  drop role if exists rolex;
     8  create role rolex;
     9  drop user if exists userx,root,dump;
    10  create user userx identified by '111',root identified by '111',dump identified by '111';
    11  grant accountadmin to xcca;
    12  grant accountadmin to userx;
    13  grant accountadmin to root;
    14  grant accountadmin to dump;
    15  grant accountadmin to rolex;
    16  grant rolex to accountadmin;
    17  grant public to xcca;
    18  grant public to userx;
    19  grant public to rolex;
    20  grant rolex to public;
    21  
    22  revoke accountadmin from xcca;
    23  revoke accountadmin from userx;
    24  revoke accountadmin from root;
    25  revoke accountadmin from dump;
    26  revoke accountadmin from rolex;
    27  revoke rolex from accountadmin;
    28  revoke public from xcca;
    29  revoke public from userx;
    30  revoke public from root;
    31  revoke public from dump;
    32  revoke public from rolex;
    33  revoke rolex from public;
    34  
    35  grant show databases,create database on account * to accountadmin;
    36  revoke show databases,create database on account * from accountadmin;
    37  revoke connect on account * from public;
    38  revoke show databases on account * from public;
    39  
    40  -- create special role
    41  create role accountadmin;
    42  create role moadmin;
    43  
    44  drop role rolex;
    45  drop user userx,root,dump;
    46  -- @session
    47  drop account if exists accx;
    48  set global enable_privilege_cache = on;