github.com/matrixorigin/matrixone@v1.2.0/test/distributed/cases/zz_accesscontrol/account_restricted.result (about) 1 set global enable_privilege_cache = off; 2 drop account if exists acc1; 3 create account if not exists acc1 ADMIN_NAME 'admin' IDENTIFIED BY '123'; 4 alter account acc1 restricted; 5 show databases; 6 Database 7 information_schema 8 mo_catalog 9 mysql 10 system 11 system_metrics 12 create table r_test(c1 int); 13 internal error: do not have privilege to execute the statement 14 insert into r_test values(3); 15 internal error: do not have privilege to execute the statement 16 update r_test set c1=5; 17 internal error: do not have privilege to execute the statement 18 truncate table r_test; 19 internal error: do not have privilege to execute the statement 20 drop table r_test; 21 internal error: do not have privilege to execute the statement 22 drop account if exists acc1; 23 create account if not exists acc1 ADMIN_NAME 'admin' IDENTIFIED BY '123efg' comment 'account comment'; 24 create database res_test; 25 use res_test; 26 create table r_test(c1 int,c2 varchar(20), unique index ui(c1)); 27 insert into r_test values(3,'a'),(4,'b'),(7,'h'); 28 update r_test set c1=2 where c2='a'; 29 alter account acc1 restricted; 30 create database rdb; 31 internal error: do not have privilege to execute the statement 32 drop database rdb; 33 internal error: do not have privilege to execute the statement 34 create table r1(c1 int,c2 varchar(20)); 35 internal error: do not have privilege to execute the statement 36 insert into r_test values(8,'c'); 37 internal error: do not have privilege to execute the statement 38 load data infile '$resources/load_data/integer_numbers_1.csv' into table r_test fields terminated by ','; 39 internal error: do not have privilege to execute the statement 40 update r_test set c1=5 where c2='h'; 41 internal error: do not have privilege to execute the statement 42 delete from r_test where c1=4; 43 select * from r_test; 44 c1 c2 45 7 h 46 2 a 47 truncate table r_test; 48 internal error: do not have privilege to execute the statement 49 create view r_view as select * from r_test; 50 internal error: do not have privilege to execute the statement 51 drop view r_view; 52 internal error: do not have privilege to execute the statement 53 create table ti2(a INT primary key AUTO_INCREMENT, b INT, c INT); 54 internal error: do not have privilege to execute the statement 55 create table tm2(a INT primary key AUTO_INCREMENT, b INT, c INT); 56 internal error: do not have privilege to execute the statement 57 insert into ti1 values (1,1,1), (2,2,2); 58 internal error: do not have privilege to execute the statement 59 insert into ti2 values (1,1,1), (2,2,2); 60 internal error: do not have privilege to execute the statement 61 alter table ti1 add constraint fi1 foreign key (b) references ti2(a); 62 internal error: do not have privilege to execute the statement 63 show databases; 64 Database 65 information_schema 66 mo_catalog 67 mysql 68 res_test 69 system 70 system_metrics 71 use res_test; 72 desc r_test; 73 Field Type Null Key Default Extra Comment 74 c1 INT(32) YES UNI null 75 c2 VARCHAR(20) YES null 76 show tables; 77 Tables_in_res_test 78 r_test 79 show create table r_test; 80 Table Create Table 81 r_test CREATE TABLE `r_test` (\n`c1` INT DEFAULT NULL,\n`c2` VARCHAR(20) DEFAULT NULL,\nUNIQUE KEY `ui` (`c1`)\n) 82 show columns from r_test; 83 Field Type Null Key Default Extra Comment 84 c1 INT(32) YES UNI null 85 c2 VARCHAR(20) YES null 86 show full columns from r_test; 87 Field Type Collation Null Key Default Extra Privileges Comment 88 c1 INT(32) null YES UNI null select,insert,update,references 89 c2 VARCHAR(20) null YES null select,insert,update,references 90 show variables where value = 'MatrixOne'; 91 Variable_name Value 92 version_comment MatrixOne 93 show grants; 94 Grants for admin@localhost 95 GRANT create user ON account `admin`@`localhost` 96 GRANT drop user ON account `admin`@`localhost` 97 GRANT alter user ON account `admin`@`localhost` 98 GRANT create role ON account `admin`@`localhost` 99 GRANT drop role ON account `admin`@`localhost` 100 GRANT create database ON account `admin`@`localhost` 101 GRANT drop database ON account `admin`@`localhost` 102 GRANT show databases ON account `admin`@`localhost` 103 GRANT connect ON account `admin`@`localhost` 104 GRANT manage grants ON account `admin`@`localhost` 105 GRANT account all ON account `admin`@`localhost` 106 GRANT show tables ON database * `admin`@`localhost` 107 GRANT create table ON database * `admin`@`localhost` 108 GRANT drop table ON database * `admin`@`localhost` 109 GRANT alter table ON database * `admin`@`localhost` 110 GRANT create view ON database * `admin`@`localhost` 111 GRANT drop view ON database * `admin`@`localhost` 112 GRANT alter view ON database * `admin`@`localhost` 113 GRANT database all ON database * `admin`@`localhost` 114 GRANT database ownership ON database * `admin`@`localhost` 115 GRANT select ON table *.* `admin`@`localhost` 116 GRANT insert ON table *.* `admin`@`localhost` 117 GRANT update ON table *.* `admin`@`localhost` 118 GRANT truncate ON table *.* `admin`@`localhost` 119 GRANT delete ON table *.* `admin`@`localhost` 120 GRANT reference ON table *.* `admin`@`localhost` 121 GRANT index ON table *.* `admin`@`localhost` 122 GRANT table all ON table *.* `admin`@`localhost` 123 GRANT table ownership ON table *.* `admin`@`localhost` 124 GRANT values ON table *.* `admin`@`localhost` 125 GRANT connect ON account `admin`@`localhost` 126 show grants for 'admin'@'localhost'; 127 Grants for admin@localhost 128 GRANT create user ON account `admin`@`localhost` 129 GRANT drop user ON account `admin`@`localhost` 130 GRANT alter user ON account `admin`@`localhost` 131 GRANT create role ON account `admin`@`localhost` 132 GRANT drop role ON account `admin`@`localhost` 133 GRANT create database ON account `admin`@`localhost` 134 GRANT drop database ON account `admin`@`localhost` 135 GRANT show databases ON account `admin`@`localhost` 136 GRANT connect ON account `admin`@`localhost` 137 GRANT manage grants ON account `admin`@`localhost` 138 GRANT account all ON account `admin`@`localhost` 139 GRANT show tables ON database * `admin`@`localhost` 140 GRANT create table ON database * `admin`@`localhost` 141 GRANT drop table ON database * `admin`@`localhost` 142 GRANT alter table ON database * `admin`@`localhost` 143 GRANT create view ON database * `admin`@`localhost` 144 GRANT drop view ON database * `admin`@`localhost` 145 GRANT alter view ON database * `admin`@`localhost` 146 GRANT database all ON database * `admin`@`localhost` 147 GRANT database ownership ON database * `admin`@`localhost` 148 GRANT select ON table *.* `admin`@`localhost` 149 GRANT insert ON table *.* `admin`@`localhost` 150 GRANT update ON table *.* `admin`@`localhost` 151 GRANT truncate ON table *.* `admin`@`localhost` 152 GRANT delete ON table *.* `admin`@`localhost` 153 GRANT reference ON table *.* `admin`@`localhost` 154 GRANT index ON table *.* `admin`@`localhost` 155 GRANT table all ON table *.* `admin`@`localhost` 156 GRANT table ownership ON table *.* `admin`@`localhost` 157 GRANT values ON table *.* `admin`@`localhost` 158 GRANT connect ON account `admin`@`localhost` 159 SHOW CREATE TABLE information_schema.columns; 160 View Create View character_set_client collation_connection 161 columns CREATE VIEW information_schema.COLUMNS AS select 'def' as TABLE_CATALOG,att_database as TABLE_SCHEMA,att_relname AS TABLE_NAME,attname AS COLUMN_NAME,attnum AS ORDINAL_POSITION,mo_show_visible_bin(att_default,1) as COLUMN_DEFAULT,(case when attnotnull != 0 then 'NO' else 'YES' end) as IS_NULLABLE,mo_show_visible_bin(atttyp,2) as DATA_TYPE,internal_char_length(atttyp) AS CHARACTER_MAXIMUM_LENGTH,internal_char_size(atttyp) AS CHARACTER_OCTET_LENGTH,internal_numeric_precision(atttyp) AS NUMERIC_PRECISION,internal_numeric_scale(atttyp) AS NUMERIC_SCALE,internal_datetime_scale(atttyp) AS DATETIME_PRECISION,(case internal_column_character_set(atttyp) WHEN 0 then 'utf8' WHEN 1 then 'utf8' else NULL end) AS CHARACTER_SET_NAME,(case internal_column_character_set(atttyp) WHEN 0 then 'utf8_bin' WHEN 1 then 'utf8_bin' else NULL end) AS COLLATION_NAME,mo_show_visible_bin(atttyp,3) as COLUMN_TYPE,case when att_constraint_type = 'p' then 'PRI' else '' end as COLUMN_KEY,case when att_is_auto_increment = 1 then 'auto_increment' else '' end as EXTRA,'select,insert,update,references' as `PRIVILEGES`,att_comment as COLUMN_COMMENT,cast('' as varchar(500)) as GENERATION_EXPRESSION,if(true, NULL, 0) as SRS_ID from mo_catalog.mo_columns where account_id = current_account_id() and att_relname!='mo_increment_columns' and att_relname not like '__mo_cpkey_%' and attname != '__mo_rowid' and att_relname not like '\%!\%%\%!\%%' utf8mb4 utf8mb4_general_ci 162 show index from r_test; 163 Table Non_unique Key_name Seq_in_index Column_name Collation Cardinality Sub_part Packed Null Index_type Comment Index_comment Visible Expression 164 r_test 0 ui 1 c1 A 0 NULL NULL YES YES NULL 165 show node list; 166 1 167 show locks; 168 1 169 show table_values from r_test; 170 max(c1) min(c1) max(c2) min(c2) 171 7 2 h a 172 show column_number from r_test; 173 Number of columns in r_test 174 2 175 show TRIGGERS; 176 Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation 177 show TRIGGERS like '*%'; 178 Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation 179 show collation like 'utf8mb4_general_ci%'; 180 Collation Charset Id Default Compiled Sortlen Pad_attribute 181 utf8mb4_general_ci utf8mb4 45 Yes 1 PAD SPACE 182 show full tables; 183 Tables_in_res_test Table_type 184 r_test BASE TABLE 185 show full tables from res_test;; 186 Tables_in_res_test Table_type 187 r_test BASE TABLE 188 select version(); 189 version() 190 8.0.30-MatrixOne-v1.0.0 191 alter database test set mysql_compatibility_mode = '8.0.30-MatrixOne-v0.7.0'; 192 internal error: do not have privilege to execute the statement 193 select privilege_name, obj_type, privilege_level from mo_catalog.mo_role_privs where privilege_name = 'values'; 194 privilege_name obj_type privilege_level 195 values table *.* 196 select user_name from mo_catalog.mo_user; 197 user_name 198 admin 199 create account abc ADMIN_NAME 'admin' IDENTIFIED BY '123456'; 200 internal error: do not have privilege to execute the statement 201 alter table r_test drop index ui; 202 internal error: do not have privilege to execute the statement 203 create role role1; 204 internal error: do not have privilege to execute the statement 205 grant all on table *.* to role1; 206 internal error: do not have privilege to execute the statement 207 grant create table, drop table on database *.* to role1; 208 internal error: do not have privilege to execute the statement 209 create user user1 identified by 'pass1'; 210 internal error: do not have privilege to execute the statement 211 grant role1 to user1; 212 internal error: do not have privilege to execute the statement 213 drop user user1; 214 internal error: do not have privilege to execute the statement 215 drop role role1; 216 internal error: do not have privilege to execute the statement 217 drop database account_res; 218 internal error: do not have privilege to execute the statement 219 alter account acc1 suspend; 220 select account_name,status,comments from mo_catalog.mo_account where account_name='acc1'; 221 account_name status comments 222 acc1 suspend account comment 223 alter account acc1 open; 224 select account_name,status,comments from mo_catalog.mo_account where account_name='acc1'; 225 account_name status comments 226 acc1 open account comment 227 create database rdb; 228 use rdb; 229 create table r1(c1 int,c2 varchar(20)); 230 insert into res_test.r_test values(8,'c'); 231 update res_test.r_test set c1=5 where c2='h'; 232 delete from res_test.r_test where c1=4; 233 delete from system.statement_info; 234 internal error: do not have privilege to execute the statement 235 select * from res_test.r_test; 236 c1 c2 237 2 a 238 8 c 239 5 h 240 truncate table res_test.r_test; 241 create view r_view as select * from res_test.r_test; 242 drop view r_view; 243 show databases; 244 Database 245 information_schema 246 mo_catalog 247 mysql 248 rdb 249 res_test 250 system 251 system_metrics 252 use res_test; 253 show tables; 254 Tables_in_res_test 255 r_test 256 show create table r_test; 257 Table Create Table 258 r_test CREATE TABLE `r_test` (\n`c1` INT DEFAULT NULL,\n`c2` VARCHAR(20) DEFAULT NULL,\nUNIQUE KEY `ui` (`c1`)\n) 259 show columns from r_test; 260 Field Type Null Key Default Extra Comment 261 c1 INT(32) YES UNI null 262 c2 VARCHAR(20) YES null 263 show full columns from r_test; 264 Field Type Collation Null Key Default Extra Privileges Comment 265 c1 INT(32) null YES UNI null select,insert,update,references 266 c2 VARCHAR(20) null YES null select,insert,update,references 267 show variables where value = 'MatrixOne'; 268 Variable_name Value 269 version_comment MatrixOne 270 show grants for 'hnadmin'@'localhost'; 271 Grants for hnadmin@localhost 272 SHOW CREATE TABLE information_schema.columns; 273 View Create View character_set_client collation_connection 274 columns CREATE VIEW information_schema.COLUMNS AS select 'def' as TABLE_CATALOG,att_database as TABLE_SCHEMA,att_relname AS TABLE_NAME,attname AS COLUMN_NAME,attnum AS ORDINAL_POSITION,mo_show_visible_bin(att_default,1) as COLUMN_DEFAULT,(case when attnotnull != 0 then 'NO' else 'YES' end) as IS_NULLABLE,mo_show_visible_bin(atttyp,2) as DATA_TYPE,internal_char_length(atttyp) AS CHARACTER_MAXIMUM_LENGTH,internal_char_size(atttyp) AS CHARACTER_OCTET_LENGTH,internal_numeric_precision(atttyp) AS NUMERIC_PRECISION,internal_numeric_scale(atttyp) AS NUMERIC_SCALE,internal_datetime_scale(atttyp) AS DATETIME_PRECISION,(case internal_column_character_set(atttyp) WHEN 0 then 'utf8' WHEN 1 then 'utf8' else NULL end) AS CHARACTER_SET_NAME,(case internal_column_character_set(atttyp) WHEN 0 then 'utf8_bin' WHEN 1 then 'utf8_bin' else NULL end) AS COLLATION_NAME,mo_show_visible_bin(atttyp,3) as COLUMN_TYPE,case when att_constraint_type = 'p' then 'PRI' else '' end as COLUMN_KEY,case when att_is_auto_increment = 1 then 'auto_increment' else '' end as EXTRA,'select,insert,update,references' as `PRIVILEGES`,att_comment as COLUMN_COMMENT,cast('' as varchar(500)) as GENERATION_EXPRESSION,if(true, NULL, 0) as SRS_ID from mo_catalog.mo_columns where account_id = current_account_id() and att_relname!='mo_increment_columns' and att_relname not like '__mo_cpkey_%' and attname != '__mo_rowid' and att_relname not like '\%!\%%\%!\%%' utf8mb4 utf8mb4_general_ci 275 show index from r_test; 276 Table Non_unique Key_name Seq_in_index Column_name Collation Cardinality Sub_part Packed Null Index_type Comment Index_comment Visible Expression 277 r_test 0 ui 1 c1 A 0 NULL NULL YES YES NULL 278 show node list; 279 1 280 show locks; 281 1 282 show table_values from r_test; 283 max(c1) min(c1) max(c2) min(c2) 284 null null null null 285 show column_number from r_test; 286 Number of columns in r_test 287 2 288 show TRIGGERS; 289 Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation 290 show TRIGGERS like '*%'; 291 Trigger Event Table Statement Timing Created sql_mode Definer character_set_client collation_connection Database Collation 292 show collation like 'utf8mb4_general_ci%'; 293 Collation Charset Id Default Compiled Sortlen Pad_attribute 294 utf8mb4_general_ci utf8mb4 45 Yes 1 PAD SPACE 295 show full tables; 296 Tables_in_res_test Table_type 297 r_test BASE TABLE 298 show full tables from account_res; 299 invalid database account_res 300 select privilege_name, obj_type, privilege_level from mo_catalog.mo_role_privs where privilege_name = 'values'; 301 privilege_name obj_type privilege_level 302 values table *.* 303 select user_name from mo_catalog.mo_user; 304 user_name 305 admin 306 create role role1; 307 grant all on table *.* to role1; 308 grant create table, drop table on database *.* to role1; 309 create user user1 identified by 'pass1'; 310 grant role1 to user1; 311 drop user user1; 312 drop role role1; 313 drop database rdb; 314 drop database res_test; 315 drop account if exists acc1; 316 set global enable_privilege_cache = on;