mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-09-20 08:40:50 +00:00
Merge pull request #63258 from ClickHouse/fix-grant-links
Fix links in docs
This commit is contained in:
commit
5a11d91053
@ -2860,7 +2860,7 @@ table functions, and dictionaries.
|
||||
User wishing to see secrets must also have
|
||||
[`format_display_secrets_in_show_and_select` format setting](../settings/formats#format_display_secrets_in_show_and_select)
|
||||
turned on and a
|
||||
[`displaySecretsInShowAndSelect`](../../sql-reference/statements/grant#grant-display-secrets) privilege.
|
||||
[`displaySecretsInShowAndSelect`](../../sql-reference/statements/grant#display-secrets) privilege.
|
||||
|
||||
Possible values:
|
||||
|
||||
|
@ -15,7 +15,7 @@ table functions, and dictionaries.
|
||||
User wishing to see secrets must also have
|
||||
[`display_secrets_in_show_and_select` server setting](../server-configuration-parameters/settings#display_secrets_in_show_and_select)
|
||||
turned on and a
|
||||
[`displaySecretsInShowAndSelect`](../../sql-reference/statements/grant#grant-display-secrets) privilege.
|
||||
[`displaySecretsInShowAndSelect`](../../sql-reference/statements/grant#display-secrets) privilege.
|
||||
|
||||
Possible values:
|
||||
|
||||
|
@ -22,4 +22,4 @@ Columns:
|
||||
- `0` — The row describes a partial revoke.
|
||||
- `1` — The row describes a grant.
|
||||
|
||||
- `grant_option` ([UInt8](../../sql-reference/data-types/int-uint.md#uint-ranges)) — Permission is granted `WITH GRANT OPTION`, see [GRANT](../../sql-reference/statements/grant.md#grant-privigele-syntax).
|
||||
- `grant_option` ([UInt8](../../sql-reference/data-types/int-uint.md#uint-ranges)) — Permission is granted `WITH GRANT OPTION`, see [GRANT](../../sql-reference/statements/grant.md#granting-privilege-syntax).
|
||||
|
@ -2444,7 +2444,7 @@ Type: [Array](../../sql-reference/data-types/array.md)([String](../../sql-refere
|
||||
|
||||
## defaultRoles
|
||||
|
||||
Returns the roles which are enabled by default for the current user when he logs in. Initially these are all roles granted to the current user (see [GRANT](../../sql-reference/statements/grant.md#grant-select)), but that can be changed with the [SET DEFAULT ROLE](../../sql-reference/statements/set-role.md#set-default-role-statement) statement.
|
||||
Returns the roles which are enabled by default for the current user when he logs in. Initially these are all roles granted to the current user (see [GRANT](../../sql-reference/statements/grant.md#select)), but that can be changed with the [SET DEFAULT ROLE](../../sql-reference/statements/set-role.md#set-default-role-statement) statement.
|
||||
|
||||
**Syntax**
|
||||
|
||||
|
@ -20,11 +20,11 @@ ALTER USER [IF EXISTS] name1 [ON CLUSTER cluster_name1] [RENAME TO new_name1]
|
||||
[SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [READONLY | WRITABLE] | PROFILE 'profile_name'] [,...]
|
||||
```
|
||||
|
||||
To use `ALTER USER` you must have the [ALTER USER](../../../sql-reference/statements/grant.md#grant-access-management) privilege.
|
||||
To use `ALTER USER` you must have the [ALTER USER](../../../sql-reference/statements/grant.md#access-management) privilege.
|
||||
|
||||
## GRANTEES Clause
|
||||
|
||||
Specifies users or roles which are allowed to receive [privileges](../../../sql-reference/statements/grant.md#grant-privileges) from this user on the condition this user has also all required access granted with [GRANT OPTION](../../../sql-reference/statements/grant.md#grant-privigele-syntax). Options of the `GRANTEES` clause:
|
||||
Specifies users or roles which are allowed to receive [privileges](../../../sql-reference/statements/grant.md#privileges) from this user on the condition this user has also all required access granted with [GRANT OPTION](../../../sql-reference/statements/grant.md#granting-privilege-syntax). Options of the `GRANTEES` clause:
|
||||
|
||||
- `user` — Specifies a user this user can grant privileges to.
|
||||
- `role` — Specifies a role this user can grant privileges to.
|
||||
|
@ -177,7 +177,7 @@ Examples:
|
||||
|
||||
## GRANTEES Clause
|
||||
|
||||
Specifies users or roles which are allowed to receive [privileges](../../../sql-reference/statements/grant.md#grant-privileges) from this user on the condition this user has also all required access granted with [GRANT OPTION](../../../sql-reference/statements/grant.md#grant-privigele-syntax). Options of the `GRANTEES` clause:
|
||||
Specifies users or roles which are allowed to receive [privileges](../../../sql-reference/statements/grant.md#privileges) from this user on the condition this user has also all required access granted with [GRANT OPTION](../../../sql-reference/statements/grant.md#granting-privilege-syntax). Options of the `GRANTEES` clause:
|
||||
|
||||
- `user` — Specifies a user this user can grant privileges to.
|
||||
- `role` — Specifies a role this user can grant privileges to.
|
||||
|
@ -6,7 +6,7 @@ sidebar_label: GRANT
|
||||
|
||||
# GRANT Statement
|
||||
|
||||
- Grants [privileges](#grant-privileges) to ClickHouse user accounts or roles.
|
||||
- Grants [privileges](#privileges) to ClickHouse user accounts or roles.
|
||||
- Assigns roles to user accounts or to the other roles.
|
||||
|
||||
To revoke privileges, use the [REVOKE](../../sql-reference/statements/revoke.md) statement. Also you can list granted privileges with the [SHOW GRANTS](../../sql-reference/statements/show.md#show-grants) statement.
|
||||
@ -82,9 +82,9 @@ Privileges have a hierarchical structure. A set of permitted queries depends on
|
||||
|
||||
Hierarchy of privileges:
|
||||
|
||||
- [SELECT](#grant-select)
|
||||
- [INSERT](#grant-insert)
|
||||
- [ALTER](#grant-alter)
|
||||
- [SELECT](#select)
|
||||
- [INSERT](#insert)
|
||||
- [ALTER](#alter)
|
||||
- `ALTER TABLE`
|
||||
- `ALTER UPDATE`
|
||||
- `ALTER DELETE`
|
||||
@ -115,7 +115,7 @@ Hierarchy of privileges:
|
||||
- `ALTER VIEW REFRESH`
|
||||
- `ALTER VIEW MODIFY QUERY`
|
||||
- `ALTER VIEW MODIFY SQL SECURITY`
|
||||
- [CREATE](#grant-create)
|
||||
- [CREATE](#create)
|
||||
- `CREATE DATABASE`
|
||||
- `CREATE TABLE`
|
||||
- `CREATE ARBITRARY TEMPORARY TABLE`
|
||||
@ -123,21 +123,21 @@ Hierarchy of privileges:
|
||||
- `CREATE VIEW`
|
||||
- `CREATE DICTIONARY`
|
||||
- `CREATE FUNCTION`
|
||||
- [DROP](#grant-drop)
|
||||
- [DROP](#drop)
|
||||
- `DROP DATABASE`
|
||||
- `DROP TABLE`
|
||||
- `DROP VIEW`
|
||||
- `DROP DICTIONARY`
|
||||
- `DROP FUNCTION`
|
||||
- [TRUNCATE](#grant-truncate)
|
||||
- [OPTIMIZE](#grant-optimize)
|
||||
- [SHOW](#grant-show)
|
||||
- [TRUNCATE](#truncate)
|
||||
- [OPTIMIZE](#optimize)
|
||||
- [SHOW](#show)
|
||||
- `SHOW DATABASES`
|
||||
- `SHOW TABLES`
|
||||
- `SHOW COLUMNS`
|
||||
- `SHOW DICTIONARIES`
|
||||
- [KILL QUERY](#grant-kill-query)
|
||||
- [ACCESS MANAGEMENT](#grant-access-management)
|
||||
- [KILL QUERY](#kill-query)
|
||||
- [ACCESS MANAGEMENT](#access-management)
|
||||
- `CREATE USER`
|
||||
- `ALTER USER`
|
||||
- `DROP USER`
|
||||
@ -160,7 +160,7 @@ Hierarchy of privileges:
|
||||
- `SHOW_QUOTAS`
|
||||
- `SHOW_SETTINGS_PROFILES`
|
||||
- `ROLE ADMIN`
|
||||
- [SYSTEM](#grant-system)
|
||||
- [SYSTEM](#system)
|
||||
- `SYSTEM SHUTDOWN`
|
||||
- `SYSTEM DROP CACHE`
|
||||
- `SYSTEM DROP DNS CACHE`
|
||||
@ -186,12 +186,12 @@ Hierarchy of privileges:
|
||||
- `SYSTEM FLUSH DISTRIBUTED`
|
||||
- `SYSTEM FLUSH LOGS`
|
||||
- `CLUSTER` (see also `access_control_improvements.on_cluster_queries_require_cluster_grant` configuration directive)
|
||||
- [INTROSPECTION](#grant-introspection)
|
||||
- [INTROSPECTION](#introspection)
|
||||
- `addressToLine`
|
||||
- `addressToLineWithInlines`
|
||||
- `addressToSymbol`
|
||||
- `demangle`
|
||||
- [SOURCES](#grant-sources)
|
||||
- [SOURCES](#sources)
|
||||
- `FILE`
|
||||
- `URL`
|
||||
- `REMOTE`
|
||||
@ -200,16 +200,16 @@ Hierarchy of privileges:
|
||||
- `JDBC`
|
||||
- `HDFS`
|
||||
- `S3`
|
||||
- [dictGet](#grant-dictget)
|
||||
- [displaySecretsInShowAndSelect](#grant-display-secrets)
|
||||
- [NAMED COLLECTION ADMIN](#grant-named-collection-admin)
|
||||
- [dictGet](#dictget)
|
||||
- [displaySecretsInShowAndSelect](#display-secrets)
|
||||
- [NAMED COLLECTION ADMIN](#named-collection-admin)
|
||||
- `CREATE NAMED COLLECTION`
|
||||
- `DROP NAMED COLLECTION`
|
||||
- `ALTER NAMED COLLECTION`
|
||||
- `SHOW NAMED COLLECTIONS`
|
||||
- `SHOW NAMED COLLECTIONS SECRETS`
|
||||
- `NAMED COLLECTION`
|
||||
- [TABLE ENGINE](#grant-table-engine)
|
||||
- [TABLE ENGINE](#table-engine)
|
||||
|
||||
Examples of how this hierarchy is treated:
|
||||
|
||||
@ -238,11 +238,11 @@ Examples of disallowed syntax:
|
||||
- `GRANT CREATE USER(x) ON db.table TO user`
|
||||
- `GRANT CREATE USER ON db.* TO user`
|
||||
|
||||
The special privilege [ALL](#grant-all) grants all the privileges to a user account or a role.
|
||||
The special privilege [ALL](#all) grants all the privileges to a user account or a role.
|
||||
|
||||
By default, a user account or a role has no privileges.
|
||||
|
||||
If a user or a role has no privileges, it is displayed as [NONE](#grant-none) privilege.
|
||||
If a user or a role has no privileges, it is displayed as [NONE](#none) privilege.
|
||||
|
||||
Some queries by their implementation require a set of privileges. For example, to execute the [RENAME](../../sql-reference/statements/optimize.md) query you need the following privileges: `SELECT`, `CREATE TABLE`, `INSERT` and `DROP TABLE`.
|
||||
|
||||
@ -326,8 +326,8 @@ Examples of how this hierarchy is treated:
|
||||
**Notes**
|
||||
|
||||
- The `MODIFY SETTING` privilege allows modifying table engine settings. It does not affect settings or server configuration parameters.
|
||||
- The `ATTACH` operation needs the [CREATE](#grant-create) privilege.
|
||||
- The `DETACH` operation needs the [DROP](#grant-drop) privilege.
|
||||
- The `ATTACH` operation needs the [CREATE](#create) privilege.
|
||||
- The `DETACH` operation needs the [DROP](#drop) privilege.
|
||||
- To stop mutation by the [KILL MUTATION](../../sql-reference/statements/kill.md#kill-mutation) query, you need to have a privilege to start this mutation. For example, if you want to stop the `ALTER UPDATE` query, you need the `ALTER UPDATE`, `ALTER TABLE`, or `ALTER` privilege.
|
||||
|
||||
### CREATE
|
||||
@ -344,7 +344,7 @@ Allows executing [CREATE](../../sql-reference/statements/create/index.md) and [A
|
||||
|
||||
**Notes**
|
||||
|
||||
- To delete the created table, a user needs [DROP](#grant-drop).
|
||||
- To delete the created table, a user needs [DROP](#drop).
|
||||
|
||||
### DROP
|
||||
|
||||
@ -498,7 +498,7 @@ Privilege level: `DICTIONARY`.
|
||||
- `GRANT dictGet ON mydictionary TO john`
|
||||
|
||||
|
||||
### displaySecretsInShowAndSelect {#grant-display-secrets}
|
||||
### displaySecretsInShowAndSelect {#display-secrets}
|
||||
|
||||
Allows a user to view secrets in `SHOW` and `SELECT` queries if both
|
||||
[`display_secrets_in_show_and_select` server setting](../../operations/server-configuration-parameters/settings#display_secrets_in_show_and_select)
|
||||
|
@ -11,7 +11,7 @@ N.B. `SHOW CREATE (TABLE|DATABASE|USER)` hides secrets unless
|
||||
is turned on,
|
||||
[`format_display_secrets_in_show_and_select` format setting](../../operations/settings/formats#format_display_secrets_in_show_and_select)
|
||||
is turned on and user has
|
||||
[`displaySecretsInShowAndSelect`](grant.md#grant-display-secrets) privilege.
|
||||
[`displaySecretsInShowAndSelect`](grant.md#display-secrets) privilege.
|
||||
|
||||
## SHOW CREATE TABLE | DICTIONARY | VIEW | DATABASE
|
||||
|
||||
@ -466,7 +466,7 @@ SHOW [CURRENT] QUOTA
|
||||
```
|
||||
## SHOW ACCESS
|
||||
|
||||
Shows all [users](../../guides/sre/user-management/index.md#user-account-management), [roles](../../guides/sre/user-management/index.md#role-management), [profiles](../../guides/sre/user-management/index.md#settings-profiles-management), etc. and all their [grants](../../sql-reference/statements/grant.md#grant-privileges).
|
||||
Shows all [users](../../guides/sre/user-management/index.md#user-account-management), [roles](../../guides/sre/user-management/index.md#role-management), [profiles](../../guides/sre/user-management/index.md#settings-profiles-management), etc. and all their [grants](../../sql-reference/statements/grant.md#privileges).
|
||||
|
||||
**Syntax**
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user