In other RDBMS, you can view a stored procedure (PROCEDURE) defined permissions to a user, for example, in SQL Server, you can view ProcedureName separately defined permissions granted UserA
GRANT VIEW DEFINITION ON ProcedureName TO UserA; - is replaced with a specific name and account number stored procedure
So in MySQL can achieve this function? Find a lot of information, do not see a function in this regard, there is no official document relates to the authority, there is a method online: This feature can be achieved indirectly by granting permissions to user queries such mysql.proc
grant select on mysql.proc to usrname@'xxx.xxx.xxx.xxx';
Individual simple test it, after this authorization and found there are some other problems.
mysql> show create procedure prc_insert; --没有授权前报这个错误。
ERROR 1305 (42000): PROCEDURE prc_insert does not exist
mysql> show create procedure prc_insert\G; --授权后
*************************** 1. row ***************************
Procedure: prc_insert
sql_mode: STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION
Create Procedure: CREATE DEFINER=`root`@`localhost` PROCEDURE `prc_insert`(in cnt int)
begin
declare i int;
set i=1;
while i < cnt do
insert into test(id, name) select i, CONCAT('name',i) from dual;
set i = i+1;
end while;
end
character_set_client: utf8
collation_connection: utf8_general_ci
Database Collation: latin1_swedish_ci
1 row in set (0.00 sec)
ERROR:
No query specified
Question 1: After such authorization, you can see all the definition database stored procedures (not just one of a stored procedure, or custom stored procedures in a database), here it involves a permission to enlarge the problem. For example, I was going to grant users only the privileges A look at the definition of a stored procedure PRC_A, but after that authorization, be able to view the definition A lot of stored procedures, and even view some privileges do not have access permissions to the database of stored procedures. Strictly speaking, this authorization is unreasonable, but there is a problem.
Question 2: MySQL 8.0 began to abandon the mysql.proc, and start from MySQL 8.0, if you use the SHOW CREATE PROCEDURE or SHOW CREATE FUNCION, then what need power? .
MySQL 8.0 beginning in mysql.routines and mysql.parameters system tables, but these tables are not directly access the stored procedures memory can be accessed only INFORMATION_SCHEMA.ROUTINES. MySQL does not work like that authorization before 8.0,
Where are stored procedures stored?
Stored procedures are stored in the mysql.routines and mysql.parameters tables, which are part of the data dictionary. You cannot access these tables directly. Instead, query the INFORMATION_SCHEMA ROUTINES and PARAMETERS tables. See Section 25.29, “The INFORMATION_SCHEMA ROUTINES Table”, and Section 25.19, “The INFORMATION_SCHEMA PARAMETERS Table”.
You can also use SHOW CREATE FUNCTION to obtain information about stored functions, and SHOW CREATE PROCEDURE to obtain information about stored procedures. See Section 13.7.7.9, “SHOW CREATE PROCEDURE Statement”.
Individual tests found that after the grant alter routine, you can view the definition of a stored procedure, but also poses a problem this authorization, the user can grant permission only to view the stored procedure definition, and you can delete the stored procedure (this is also a problem). This, of course, it is unclear whether there are other authorization to achieve.
mysql> grant alter routine on procedure MyDB.prc_2 TO test@'192.168%';
Query OK, 0 rows affected (0.08 sec)
mysql>
to sum up:
Authority on or before MySQL5.7 version, you can view the stored procedure indirectly by granting a user-defined queries mysql.proc in MySQL 8.0 can be achieved indirectly view the stored procedure definition with permission by granting permission to ALTER ROUTINE, both there is a problem that will enlarge the authority, this belongs to the MySQL functional defects, there has been a short time estimate!