mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-27 10:02:01 +00:00
01e1c5345a
In case you have different roles for the same user on multiple clusters, ON CLUSTER query can help to overcome some limitations. Consider the following example: - cluster_with_data, dev_user (readonly=2) - stage_cluster, dev_user (readonly=0) So when you will execute the following query from stage_cluster, it will be successfully executed, since ON CLUSTER queries has different system profile: DROP DATABASE default ON CLUSTER cluster_with_data This is not 100% safe, but at least something. Note, that right now only ON CLUSTER query it self is supported, but separate clusters are not (i.e. GRANT CLUSTER some_cluster_name TO default), since right now grants sticked to database+. v2: on_cluster_queries_require_cluster_grant v3: fix test and process flags as bit mask Signed-off-by: Azat Khuzhin <a.khuzhin@semrush.com> |
||
---|---|---|
.. | ||
clusters.xml | ||
CORS.xml | ||
custom_settings_prefixes.xml | ||
database_atomic.xml | ||
database_replicated.xml | ||
disks.xml | ||
enable_access_control_improvements.xml | ||
encryption.xml | ||
filesystem_cache_log.xml | ||
graphite.xml | ||
keeper_port.xml | ||
listen.xml | ||
logger.xml | ||
logging_no_rotate.xml | ||
macros.xml | ||
max_concurrent_queries.xml | ||
merge_tree_settings.xml | ||
merge_tree.xml | ||
metadata_cache.xml | ||
named_collection.xml | ||
polymorphic_parts.xml | ||
query_masking_rules.xml | ||
s3_storage_policy_by_default.xml | ||
secure_ports.xml | ||
ssl_certs.xml | ||
storage_conf.xml | ||
tcp_with_proxy.xml | ||
test_cluster_with_incorrect_pw.xml | ||
text_log.xml | ||
top_level_domains_lists.xml | ||
top_level_domains_path.xml | ||
transactions.xml | ||
zookeeper_log.xml | ||
zookeeper.xml |