在过程中授予权限

Question

I'm trying to create a secure remote API for working with a database. 我正在尝试创建一个用于数据库的安全远程API。 Without having to create my own server daemon, I figured the best way would be using stored procedures. 无需创建自己的服务器守护程序，我发现最好的方法是使用存储过程。

My only problem is permissions. 我唯一的问题是权限。 I want these procedures to be able to do things like make new users with passwords. 我希望这些过程能够做一些事情，例如用密码让新用户使用。 I'm able to grant permission, but INDENTIFIED BY always wants a TEXT_STRING to come after it, so variables aren't allowed. 我可以授予权限，但是INDENTIFIED BY总是希望TEXT_STRING是TEXT_STRING ，因此不允许使用变量。

How can I allow my procedures to set passwords when granting permissions? 授予权限时，如何允许我的过程设置密码？ I'd like to avoid creating a server daemon or modifying mysql.user manually. 我想避免创建服务器守护程序或手动修改mysql.user 。

Answer 1

I was able to do this with a prepared statement. 我能够通过准备好的语句来做到这一点。

DELIMITER //

CREATE PROCEDURE myProc(param VARCHAR(20))
BEGIN
    SET @cmd = CONCAT('GRANT ... ON ... TO ... IDENTIFIED BY ''', param, ''';');
    PREPARE stmt FROM @cmd;
    EXECUTE stmt;
    DEALLOCATE PREPARE stmt;
    FLUSH PRIVILEGES;
END//

DELIMITER ;

在过程中授予权限

问题描述

1 个解决方案

解决方案1
0 2015-03-15 02:01:45

在过程中授予权限

问题描述

1 个解决方案

解决方案1 0 2015-03-15 02:01:45

解决方案1
0 2015-03-15 02:01:45