Preface
I encountered an error today. I thought it was quite interesting, so I recorded it here.
SELECT command denied to user ‘xxx’@‘xxx’ for table ‘xxx’
1. Reason for error reporting
Here, the R&D team proposed a SQL statement for modifying the view and reported permission issues. At that time, they thought that the DEFINER definer must be different from the account used to modify the view, and did not have super permissions.
Let him find the view definition account and execute it manually.
ALTER VIEW
At this time, R&D said that he didn't know who created the view, so I helped him check it out and found that the creator of the view had the same user name as the user name of the audit platform, which means that the audit platform has the authority to execute this SQL. Then I checked the error message:
ERROR:SELECT command denied to user 'xxx'@'xxx' for table 'xxx'
There is no permission for this table. The audit platform has all permissions for the entire library. It is strange, so I checked the SQL of the view and found that the db_name.table_name view contained information about other libraries. And this library name does not exist in the database. Then this error report was a bit abstract, so I tested it.
Create a read-only user:
root@mysql 10:53: [(none)]>grant select on op_service_db.* to test1@'%' identified by '123';
use an existing library, but the user does not have permission:
test1@mysql 10:53: [(none)]>use op_bak;
ERROR 1044 (42000): Access denied for user 'test1'@'%' to database 'op_bak'
use a library that doesn't exist:
test1@mysql 10:53: [(none)]>use owqdwqd;
ERROR 1044 (42000): Access denied for user 'test1'@'%' to database 'owqdwqd'
No matter whether the database exists or not, it is reported that there is no permission, which is quite abstract. The SQL was copied directly from the test environment by the research and development team, and the database information was not modified.
postscript
If you encounter such an error, it is best to check the SQL statement based on the error content. In most cases, the answer lies in the SQL. Another thing to pay attention to is the MySQL permissions. Even if the library does not exist, in this kind of scenario, it will report insufficient permissions, unless your account has super permissions.