在本文中,我们将讨论如何向 Cassandra 中的角色授予权限。首先,我们将创建一个新角色并展示它如何访问数据库。
创建新角色:
在这一步中,我们将创建一个新角色,这样 user_access 是一个新角色并且想要访问数据库。使用以下 cqlsh 查询创建新角色。
cassandra@cqlsh> create role user_access
... with password = 'user_access'
... and LOGIN = true;
输出:
现在,如果我们可以使用以下 cqlsh 查询查看“user_access”角色访问权限。
cassandra@cqlsh> list all permissions of 'user_access';
role | resource | permissions
------+----------+-------------
(0 rows)
cassandra@cqlsh>
现在,它无法访问现有的密钥空间“大学”。我们来看一下。
cassandra@cqlsh> login user_access
Password:user_access
user_access@cqlsh>
输出:
要解决此错误“未经授权:来自服务器的错误:代码 = 2100 [未经授权] 消息 =”用户 user_access 没有 SELECT 权限
or any of its parents” we can give the grant permissions to access.
Consider if we want only access “student” table on university keyspace then we can use the following cqlsh query.
grant all permissions on university.student to user_access;
Only we can grant permission to access “university.student” table.
Output:
Now, used the following cqlsh query if we want to give the grant access to all tables on a university keyspace.
grant all permissions on keyspace university to user_access;
We can see all the permissions by using “list all permissions”.
Output:
If we want to give the grant access to the full database then used the following cqlsh query.
grant all permissions on all keyspaces to user_access;
Output: