thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-09-29 05:00:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
da82898c1c
ClickHouse/docs/en/sql-reference/statements/alter/user.md
Dmitriy da82898c1c Delete the original article 
Удалил ссылки на оригинальную статью.
2021-05-08 00:13:14 +03:00

2.3 KiB
Raw Blame History

toc_priority toc_title
45 USER

ALTER USER

Changes ClickHouse user accounts.

Syntax:

ALTER USER [IF EXISTS] name1 [ON CLUSTER cluster_name1] [RENAME TO new_name1] 
        [, name2 [ON CLUSTER cluster_name2] [RENAME TO new_name2] ...]
    [NOT IDENTIFIED | IDENTIFIED {[WITH {no_password | plaintext_password | sha256_password | sha256_hash | double_sha1_password | double_sha1_hash}] BY {'password' | 'hash'}} | {WITH ldap SERVER 'server_name'} | {WITH kerberos [REALM 'realm']}]
    [[ADD | DROP] HOST {LOCAL | NAME 'name' | REGEXP 'name_regexp' | IP 'address' | LIKE 'pattern'} [,...] | ANY | NONE]
    [DEFAULT ROLE role [,...] | ALL | ALL EXCEPT role [,...] ]
	GRANTEES {user | role | ANY | NONE} [,...] [EXCEPT {user | role} [,...]]
    [SETTINGS variable [= value] [MIN [=] min_value] [MAX [=] max_value] [READONLY | WRITABLE] | PROFILE 'profile_name'] [,...]

To use ALTER USER you must have the ALTER USER privilege.

GRANTEES Clause

Specifies users or roles which are allowed to receive grants from this user on the condition this user has also all required access granted with grant option. Values of the GRANTEES clause:

  • user — Specifies user which is allowed to receive grants from this user.
  • role — Specifies role which is allowed to receive grants from this user.
  • ANY — User with grant option can grant to anyone, used by default.
  • NONE — User with grant option provides to nobody.

You can exclude any user or role by using the EXCEPT expression. For example, ALTER USER user1 GRANTEES ANY EXCEPT user2.

Examples

Set assigned roles as default:

ALTER USER user DEFAULT ROLE role1, role2

If roles arent previously assigned to a user, ClickHouse throws an exception.

Set all the assigned roles to default:

ALTER USER user DEFAULT ROLE ALL

If a role is assigned to a user in the future, it will become default automatically.

Set all the assigned roles to default, excepting role1 and role2:

ALTER USER user DEFAULT ROLE ALL EXCEPT role1, role2

Assigns grants from a user with a john account to a user with a jack account:

ALTER USER john GRANTEES jack;