I need that my MySQL database makes a sum of some values in a specific coloumn. To do that I used trigger statement but MySQL gave me an error:
MySQL Error: #1142 - TRIGGER comand denied to user 'XXXXXX' for table wp_wpdatatable_8
the Trigger is below:
CREATE TRIGGER SumPliche AFTER INSERT ON wp_wpdatatable_8 FOR EACH ROW UPDATE wp_wpdatatable_8 SET sommapliche = tricipite + addome + soprailiaca + sottoscapolare + ascellare + pettorale + coscia
How can I do that?
thanks
It seems the issue here is with the permissions your user has on the database from which wp_wpdatatable_8.
To grant trigger permissions for a specific user and database, you may use the following command:
mysql> GRANT TRIGGER ON <DATABASE>.* TO <USER>#'<DATABASE HOST>';
Where
<DATABASE> refers to the database that contains the wp_wpdatatable_8 table.
<USER> the username that is trying to issue the CREATE TRIGGER command.
<DATABASE HOST> database host from where your user accesses the database. If you are running it locally, you can use localhost.
After flushing the privileges, creating the trigger should work normally.
For more information, check out the GRANT syntax on the MySQL.documentation
You lack the TRIGGER privilege on the database you are using.
I got this error when I did a test. Create a test user:
mysql> create user 'bill'#'localhost';
mysql> grant all privileges on test2.* to 'bill'#'localhost';
mysql> revoke trigger on test2.* from 'bill'#'localhost';
mysql> show grants for 'bill'#'localhost';
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for bill#localhost |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'bill'#'localhost' IDENTIFIED BY PASSWORD '*29A1BB43D3B9EB42028B4566E4836353285B9395' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT ON `test2`.* TO 'bill'#'localhost' |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Now try creating a trigger as this user:
~ mysql -ubill -p
mysql> use test2
mysql> create table t ( i int);
mysql> create trigger tt before insert on t for each row set new.i = 42;
ERROR 1142 (42000): TRIGGER command denied to user 'bill'#'localhost' for table 't'
I also think your trigger might not do what you think it does, so it's just as well that you didn't create it.
CREATE TRIGGER SumPliche AFTER INSERT ON wp_wpdatatable_8
FOR EACH ROW
UPDATE wp_wpdatatable_8
SET sommapliche = tricipite + addome + soprailiaca + sottoscapolare + ascellare + pettorale + coscia
If I create this trigger in my test database (as a different user with TRIGGER privilege), and then try to insert a row:
mysql> insert into wp_wpdatatable_8 values (1, 1, 1, 1, 1, 1, 1, 1);
ERROR 1442 (HY000): Can't update table 'wp_wpdatatable_8' in
stored function/trigger because it is already used by statement which invoked
this stored function/trigger.
You probably want to set values only in the row you insert. If so, you would reference the current row being inserted with the NEW.* syntax:
CREATE TRIGGER SumPliche BEFORE INSERT ON wp_wpdatatable_8
FOR EACH ROW
SET NEW.sommapliche = NEW.tricipite + NEW.addome + NEW.soprailiaca
+ NEW.sottoscapolare + NEW.ascellare + NEW.pettorale + NEW.coscia;
Also you must use BEFORE INSERT if you want to change a value in the row before you insert it. If you use AFTER INSERT, it's too late.
Now it works:
mysql> insert into wp_wpdatatable_8 values (1, 1, 1, 1, 1, 1, 1, 1);
Query OK, 1 row affected (0.02 sec)
mysql> select * from wp_wpdatatable_8;
+-------------+-----------+--------+-------------+----------------+-----------+-----------+--------+
| sommapliche | tricipite | addome | soprailiaca | sottoscapolare | ascellare | pettorale | coscia |
+-------------+-----------+--------+-------------+----------------+-----------+-----------+--------+
| 7 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
+-------------+-----------+--------+-------------+----------------+-----------+-----------+--------+
if I use
GRANT TRIGGER ON wordpress-5478r34b.* TO '_sso_67c5vh1'#'10.3.157.568'
1064 - Syntax Error in SQL query near to '-5478r34b.* TO '_sso_67c5vh1'#'10.3.157.568'' linea 1
or
GRANT TRIGGER ON 'wordpress-3236c57b'.* TO '_sso_35fd3dc2'#'10.3.156.140'
1064 - Syntax Error in SQL query near to ''wordpress-5478r34b'.* TO '_sso_67c5vh1'#'10.3.157.568'' linea 1
or
GRANT TRIGGER ON 'wordpress'-'3236c57b'.* TO '_sso_35fd3dc2'#'10.3.156.140'
1064 - Syntax Error in SQL query near to ''wordpress'-'5478r34b'.* TO '_sso_67c5vh1'#'10.3.157.568'' linea 1
whatever I do, it gives me a syntax error.
In general, what I want to do is an automatic sum when I add new datas on my database. Is there something more simple way?
Related
how do I grant a new user the privilege to create a new database in MySQL
Specifically:
the database does not exist yet
I have successfuly created a new DB user account (that is not admin)
I want that non-admin user to create a new database
I do NOT want the 'admin' user to create the database and then grant privs to the database to the new user
as 'admin', I want to grant the new user the privilege to create a new database
I do not want to grant the new user any additional privileges on existing databases
This is not covered anywhere in the documentation that I can find.
Monday 2022-04-04
Update:
I created user 'scott' and then logged in as MySQL user 'admin' When I run this command
Note: The 'test' database does not yet exist
mysql>GRANT CREATE ON test.* to 'scott'#'localhost';
I get an error
==> ERROR 1410 (42000): You are not allowed to create a user with GRANT
Why do I get this error? I am not attempting to create a user, but rather grant a user access to a non-existent database (as is the approach with MySQL to grant a user privileges to create a database).
If up update the SQL statement to:
mysql>GRANT CREATE ON test.* to scott;
It runs OK
Query OK, 0 rows affected (0.07 sec)
And so now I login as user 'scott and run this statement:
mysql>create database rum;
==> ERROR 1049 (42000): Unknown database 'test'
Why do I get this error?
At this point, I am still not able to create a database as a non-admin user.
Example: grant "scott" the privilege to create the test3 database, which does not exist yet:
mysql> select user();
+----------------+
| user() |
+----------------+
| root#localhost |
+----------------+
mysql> grant create on test3.* to 'scott'#'localhost';
Query OK, 0 rows affected (0.01 sec)
Now try as scott to create the database:
mysql> select user();
+-----------------+
| user() |
+-----------------+
| scott#localhost |
+-----------------+
mysql> show grants;
+---------------------------------------------------------+
| Grants for scott#localhost |
+---------------------------------------------------------+
| GRANT USAGE ON *.* TO `scott`#`localhost` |
| GRANT ALL PRIVILEGES ON `test`.* TO `scott`#`localhost` |
| GRANT CREATE ON `test3`.* TO `scott`#`localhost` |
+---------------------------------------------------------+
mysql> create database test3;
Query OK, 1 row affected (0.00 sec)
mysql> use test3;
Database changed
MySQL has one privilege called CREATE which is for creating both databases and tables. See https://dev.mysql.com/doc/refman/8.0/en/privileges-provided.html#priv_create
You can either grant the user privilege to create a database of a specific name, or else grant them the privilege to create a database of any name, but that means they can also create other tables, either in the new database or in other existing databases. Sorry, there may not be a solution for you to allow them to create any new database without specifying the name when you grant the privilege, but then only have privilege in that database.
You are not allowed to create a user with GRANT
You did not create the user scott. Older versions of MySQL allows GRANT to implicitly create a user if one does not exist, but that has been disabled on more recent versions because folks realized it is a security weakness.
To be clear, the user "scott" is just an example I used. Don't literally use the name "scott" if that's not the user to whom you want to grant privileges.
The other errors you got seem to be that you granted the user privileges on a database named test.* but then you tried to create a database with a different name. The example I showed only grants the privilege to create the specific named database, not a database named rum or any other database.
I understand you want to grant privilege to create a database of any name. The syntax for that would be GRANT CREATE ON *.* TO... but that would grant the user privileges on all the other existing databases too.
There is no combination of syntax to grant privileges on any database name wildcard that means any database, provided that it is not yet created.
I followed the following tutorial to create a MySQL database and a user :
https://linuxize.com/post/how-to-install-drupal-on-ubuntu-18-04/
CREATE DATABASE drupal CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON drupal.* TO 'drupaluser'#'localhost' IDENTIFIED BY 'change-with-strong-password';
The creation of the database works.
But I receive a warning when creating the user :
Query OK, 0 rows affected, 1 warning (0.00 sec)
Here is the detail :
mysql> SHOW WARNINGS;
+---------+------+------------------------------------------------------------------------------------------------------------------------------------+
| Level | Code | Message |
+---------+------+------------------------------------------------------------------------------------------------------------------------------------+
| Warning | 1287 | Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement. |
+---------+------+------------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
What should I enter as a command to add a user to my Drupal 8 database ?
Using GRANT to create a user on the fly is deprecated and will be removed in the future.
So instead, create a user then grant privileges to it.
Creating a user:
CREATE USER 'drupaluser'#'localhost' IDENTIFIED BY 'change-with-strong-password';
Grant privileges:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES ON drupal.* TO 'drupaluser'#'localhost';
Ps: The 'dupal' database should be created before executing these commands.
I want to create multiple users on MySQL and allow them to create databases and access the databases which are only created by them. Is there a way to do this?
If so what permission I need to give?
Instead of giving "create database" permission to a user, from "root" you can just create the database and grant all privileges on the database to the specific users. That's what I am using in my world. I don't think "create database" privileges available in MySQL especially.
Using the below approach you have the control of database level because the user can do anything in the specific database where they had the permission, not at the instance level (mean they can't create junk databases).
Friday 28> mysql -uroot -p
mysql> create user test identified by 'test';
mysql> create database x1;
mysql> grant all privileges on x1.* to 'test'#'%';
Friday 28> mysql -utest -p
Enter password:
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| x1 |
+--------------------+
2 rows in set (0.00 sec)
mysql> use x1;
Database changed
mysql> create table test(c int);
seQuery OK, 0 rows affected (0.44 sec)
mysql> select * from test;
Empty set (0.00 sec)
I'd like to create a user who has all privileges with his own database in MySQL.
When I use this user to create a table, MySQL returns that the SQL server is running with read-only option.
However when I changed to an another existing user with all privileges on *.*, I can create table without error.
I'm wondering if the read-only option is global or what?
The following is my MySQL commands using MySQL root:
mysql> create user 'demo'#'localhost' identified by 'demo';
mysql> create database demo;
mysql> grant all privileges on demo.* to demo#localhost;
mysql> show grants for demo#localhost;
+-------------------------------------------------------------------------------------------------------------------+
| Grants for demo#localhost |
+-------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'demo'#'localhost' IDENTIFIED BY PASSWORD '*demo-hashed*' |
| GRANT ALL PRIVILEGES ON `demo`.* TO 'demo'#'localhost' |
+-------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
Then I switched to user "demo":
mysql> use demo;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> create table t(t1 int);
ERROR 1290 (HY000): The MySQL server is running with the --read-only option so it cannot execute this statement
So I checked the read-only option, and it seems to be on.
However then I tried using another user with privileges on *.* and I can create tables successfully.
The another user grant setting:
mysql> show grants for demo2#'%';
+-----------------------------------------------------------------------------------------------------------------+
| Grants for demo2#% |
+-----------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'demo2'#'%' IDENTIFIED BY PASSWORD '*demo2-hased*' |
+-----------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MySQL version:
mysql> select version();
+------------------------+
| version() |
+------------------------+
| 5.1.68.0 |
+------------------------+
1 row in set (0.00 sec)
BTW, after I set read_only = 0 I can use demo to create table. I just don't know why the demo2 can create table while read-only is on.
Thanks!
Please check the My.cnf for Linux or My.ini for windows under [mysqld] remove read only parameters then restart the service and try again that will solve the read only problem, but if you create table in read only that will be a temp table.
I'm using MySQL 5.5.16 noinstall Zip Archive on Win7.
After I started the server, the command show databases showed me a list of 2 databases: information_schema and test. The latter is empty.
Where is the table user?
I tried to create a new user through this command create user newUser; and got the following error message: ERROR 1227 (42000): Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation
What should I do to create, databases, tables, and do all the operations I want to do? I don't know if the fact that I'm using MySQL 5.5.16 noinstall Zip Archive has something to do with the error message?
First thing to do is run this:
SHOW GRANTS;
You will quickly see you were assigned the anonymous user to authenticate into mysql.
Instead of logging into mysql with
mysql
login like this:
mysql -uroot
By default, root#localhost has all rights and no password.
If you cannot login as root without a password, do the following:
Step 01) Add the two options in the mysqld section of my.ini:
[mysqld]
skip-grant-tables
skip-networking
Step 02) Restart mysql
net stop mysql
<wait 10 seconds>
net start mysql
Step 03) Connect to mysql
mysql
Step 04) Create a password from root#localhost
UPDATE mysql.user SET password=password('whateverpasswordyoulike')
WHERE user='root' AND host='localhost';
exit
Step 05) Restart mysql
net stop mysql
<wait 10 seconds>
net start mysql
Step 06) Login as root with password
mysql -u root -p
You should be good from there.
CAVEAT: Please remove anonymous users !!!
For me the issue was ( for a very strange reason ) the fact that root had Host of % instead of localhost
I received the above error when trying to DROP USER;
Privileges as suggested in the answer above - I already had, so the solution wasn't suitable for me.
The DB looked like this:
mysql> drop user 'testuser'#'%';
ERROR 1227 (42000): Access denied; you need (at least one of) the SYSTEM_USER privilege(s) for this operation
mysql> select Host,User,drop_priv from user;
+------+------------------+-----------+
| Host | User | drop_priv |
+------+------------------+-----------+
| % | mysql.infoschema | N |
| % | mysql.session | N |
| % | mysql.sys | N |
| % | root | Y |
+------+------------------+-----------+
And
mysql> SHOW GRANTS FOR 'root'#'%';
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#% |
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `root`#`%` WITH GRANT OPTION |
+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
I tried many things, but eventually I changed the Host from % to localhost for security concerns, nothing else.
mysql> UPDATE user SET Host='localhost' WHERE user='root' LIMIT 1;
Query OK, 1 row affected (0.03 sec)
Rows matched: 1 Changed: 1 Warnings: 0
I don't know why, but it worked.
mysql> quit
$ mysql -u root -p
.. ENTER (NO PASSWORD) ..
mysql> drop user 'testuser'#'%';
Query OK, 0 rows affected (0.02 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.02 sec)
No idea why, but hope it will help others ...
I'm using CentOS which has SELinux and other stuff, which maybe other components are correlated with this. don't know.