以root用户的身份在数据库上运行:
MariaDB [(none)]> SHOW GRANTS FOR jake@localhost;
+-------------------------------------------------------------------------------------------------------------+
| Grants for jake@localhost |
+-------------------------------------------------------------------------------------------------------------+
| GRANT developer TO 'jake'@'localhost' |
| GRANT USAGE ON *.* TO 'jake'@'localhost' IDENTIFIED BY PASSWORD '*intentionallyomitted' |
+-------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)
MariaDB [(none)]> SHOW GRANTS FOR developer;
+-------------------------------------------------+
| Grants for developer |
+-------------------------------------------------+
| GRANT USAGE ON *.* TO 'developer' |
| GRANT ALL PRIVILEGES ON `test`.* TO 'developer' |
+-------------------------------------------------+
2 rows in set (0.000 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.002 sec)
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.001 sec)
MariaDB [(none)]> USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> SELECT Host, User, is_role, default_role FROM user WHERE User = 'jake' OR User = 'developer';
+-----------+-----------+---------+--------------+
| Host | User | is_role | default_role |
+-----------+-----------+---------+--------------+
| | developer | Y | |
| localhost | jake | N | |
+-----------+-----------+---------+--------------+
2 rows in set (0.001 sec)
MariaDB [mysql]> SELECT * FROM roles_mapping WHERE User = 'jake';
+-----------+------+-----------+--------------+
| Host | User | Role | Admin_option |
+-----------+------+-----------+--------------+
| localhost | jake | developer | N |
+-----------+------+-----------+--------------+
1 rows in set (0.001 sec)
然后,在运行sudo systemctl restart mysql后:
$ mysql -u jake -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.3.13-MariaDB-1:10.3.13+maria~bionic mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> SELECT CURRENT_USER;
+----------------+
| CURRENT_USER |
+----------------+
| jake@localhost |
+----------------+
1 row in set (0.000 sec)
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.001 sec)
似乎我通过授予jake@localhost角色权限,然后将该用户添加到该角色中,显然为developer用户赋予了测试数据库特权。但是,用户看不到数据库(或其中的表)。
这只是我代码中某处的愚蠢错字吗?什么原因可能导致此类问题?我曾经以为这是一个与IDENTIFED BY PASSWORD子句有关的问题,因为它仅出现在GRANT USAGE上,而没有其他地方出现,但是我很难想象这会导致这样的错误。有a related thread,但是由于用户jake@localhost到处都是(一致),因此该线程中的任何解决方案似乎都不是问题。那有什么呢?
版本:
$ mysql --version
mysql Ver 15.1 Distrib 10.3.13-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
答案 0 :(得分:0)
经过一些烦躁不安之后,我意识到我没有将角色设置为默认角色,也没有在正在使用的会话中设置该角色。运行SET ROLE developer;解决了该问题。