[英]Grant permissions in procedure
I'm trying to create a secure remote API for working with a database. 我正在尝试创建一个用于数据库的安全远程API。 Without having to create my own server daemon, I figured the best way would be using stored procedures.
无需创建自己的服务器守护程序,我发现最好的方法是使用存储过程。
My only problem is permissions. 我唯一的问题是权限。 I want these procedures to be able to do things like make new users with passwords.
我希望这些过程能够做一些事情,例如用密码让新用户使用。 I'm able to grant permission, but
INDENTIFIED BY
always wants a TEXT_STRING
to come after it, so variables aren't allowed. 我可以授予权限,但是
INDENTIFIED BY
总是希望TEXT_STRING
是TEXT_STRING
,因此不允许使用变量。
How can I allow my procedures to set passwords when granting permissions? 授予权限时,如何允许我的过程设置密码? I'd like to avoid creating a server daemon or modifying
mysql.user
manually. 我想避免创建服务器守护程序或手动修改
mysql.user
。
I was able to do this with a prepared statement. 我能够通过准备好的语句来做到这一点。
DELIMITER //
CREATE PROCEDURE myProc(param VARCHAR(20))
BEGIN
SET @cmd = CONCAT('GRANT ... ON ... TO ... IDENTIFIED BY ''', param, ''';');
PREPARE stmt FROM @cmd;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
FLUSH PRIVILEGES;
END//
DELIMITER ;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.