I have a weird behavior while I'm trying to query my MySQL database from a nodeJS API. I define a connection pool to mysql on node using the following code
const mysql = require('mysql2')
const pool = mysql.createPool({
host: process.env.DB_HOST,
user: 'mydb.user',
database: process.env.DB_DB,
password: process.env.DB_PWD,
waitForConnections: true,
connectionLimit: 10,
queueLimit: 0,
multipleStatements: true
}).promise()
Before that, I was using another user named mydb.owner
defined in a .env
file.
When I execute a query, I have the following error
Access denied for user 'mydb.owner'@'localhost' to database 'mydb'
That's not the user I've configured, that's the old one.
If I have a look on the Mysql connections, I can see that the user of the pool is correct:
show processlist;
Returns
Id User Host db
6 root localhost:37752 mydb
9 mydb.user localhost:38102 mydb
It seems I haven't any environment variable defined from elsewhere:
echo $DB_USER
Returns nothing.
The user seems to have the necessary rights:
SHOW GRANTS FOR 'mydb.user'@'localhost';
GRANT USAGE ON *.* TO 'mydb.user'@'localhost'
GRANT SELECT, INSERT, UPDATE, DELETE, EXECUTE ON `mydb`.* TO 'mydb.user'@'localhost' WITH GRANT OPTION
I don't understand why mysql2 returns me an error about my old user mydb.owner
.
The query was a stored procedure and was created by default with the tag
CREATE definer = 'mydb.owner'@'localhost' PROCEDURE ...
No matter which user execute the stored procedure, it was impersonated with the mydb.owner
account.
To specify that the procedure must be executed under the current account, I added the following instructions:
CREATE definer = 'mydb.owner'@'localhost' PROCEDURE ...()
SQL SECURITY INVOKER
BEGIN ...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.