mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-10 09:32:06 +00:00
01e1c5345a
In case you have different roles for the same user on multiple clusters,
ON CLUSTER query can help to overcome some limitations.
Consider the following example:
- cluster_with_data, dev_user (readonly=2)
- stage_cluster, dev_user (readonly=0)
So when you will execute the following query from stage_cluster, it will
be successfully executed, since ON CLUSTER queries has different system
profile:
DROP DATABASE default ON CLUSTER cluster_with_data
This is not 100% safe, but at least something.
Note, that right now only ON CLUSTER query it self is supported, but
separate clusters are not (i.e. GRANT CLUSTER some_cluster_name TO
default), since right now grants sticked to database+.
v2: on_cluster_queries_require_cluster_grant
v3: fix test and process flags as bit mask
Signed-off-by: Azat Khuzhin <a.khuzhin@semrush.com>
|
||
|---|---|---|
| .. | ||
| clusters.xml | ||
| CORS.xml | ||
| custom_settings_prefixes.xml | ||
| database_atomic.xml | ||
| database_replicated.xml | ||
| disks.xml | ||
| enable_access_control_improvements.xml | ||
| encryption.xml | ||
| filesystem_cache_log.xml | ||
| graphite.xml | ||
| keeper_port.xml | ||
| listen.xml | ||
| logger.xml | ||
| logging_no_rotate.xml | ||
| macros.xml | ||
| max_concurrent_queries.xml | ||
| merge_tree_settings.xml | ||
| merge_tree.xml | ||
| metadata_cache.xml | ||
| named_collection.xml | ||
| polymorphic_parts.xml | ||
| query_masking_rules.xml | ||
| s3_storage_policy_by_default.xml | ||
| secure_ports.xml | ||
| ssl_certs.xml | ||
| storage_conf.xml | ||
| tcp_with_proxy.xml | ||
| test_cluster_with_incorrect_pw.xml | ||
| text_log.xml | ||
| top_level_domains_lists.xml | ||
| top_level_domains_path.xml | ||
| transactions.xml | ||
| zookeeper_log.xml | ||
| zookeeper.xml | ||