Métriques du dépôt
- Stars
- (3 633 stars)
- Métriques de merge PR
- (Merge moyen 13j 2h) (82 PRs mergées en 30 j)
Description
GRANT/REVOKE access right on given table to given user.
This might be impacted by #945.
Not 1.8.0 feature.
What we want to say in SQL is GRANT privilege ON object_name TO user_name; GRANT privilege ON object_name TO role_name; REVOKE privilege ON object_name FROM user_name; (There is no WITH GRANT OPTION.) which correspond fairly closely to box.schema.user.grant(user_name,...) box.schema.user.revoke(user_name,...) The privileges aren't the usual set. They must match what box.schema.user.grant has. GRANT read[,write] ON TABLE table_name TO user_name; GRANT read[,write] ON TABLE table_name TO user_name; GRANT execute ON ROUTINE function_name TO user_name; GRANT read[,write[,execute]] ON universe TO user_name; REVOKE read[,write] ON TABLE table_name TO user_name; REVOKE read[,write] ON TABLE table_name FROM user_name; REVOKE execute ON FUNCTION function_name FROM user_name; REVOKE read[,write[,execute]] ON universe FROM user_name; The assumption is that it is possible for SQL to access a function name, as described elsewhere. So some straightforward mapping is possible. Given the weakness of Tarantool access control, this can be low priority.