问题
Imagine there is a student table
student(id,name,city)
I want to create a user A and grant permission only to update record where id=10.
CREATE USER A ; GRANT UPDATE ON student TO A WHERE student.id=10;
I tried this and it does not work.
回答1:
No not a single row but a view that contains a single row which will, in turn, will update the actual real table.
This can be done via specific table view per student (yes it will be a messy DB structure). Grant access to the view for this user only alow select/updates only and the primary key will be non-updateable. The main table will update itself when the view is updated.
CREATE SCHEMA `example` ;
CREATE TABLE `example`.`student` (
`id` INT NOT NULL,
`name` VARCHAR(45) NULL,
`email` VARCHAR(45) NULL,
PRIMARY KEY (`id`));
INSERT INTO `example`.`student` (`id`, `name`, `email`) VALUES ('1', 'bob', 'bob@bob.com');
USE `example`;
CREATE
OR REPLACE SQL SECURITY DEFINER
VIEW `student_1` AS
SELECT
`student`.`id` AS `id`,
`student`.`name` AS `name`,
`student`.`email` AS `email`
FROM
`student`
WHERE
(`student`.`id` = '1');
CREATE USER 'student_1_user'@'localhost' IDENTIFIED BY 'user_password';
GRANT SELECT,UPDATE ON example.student_1 TO student_1_user@localhost IDENTIFIED BY 'user_password';
UPDATE example.student_1 SET email='newemail@bob.com'; // note no primary key needed or allowed
来源:https://stackoverflow.com/questions/60025159/how-to-grant-mysql-privileges-only-to-a-specific-row