Permissions for Queries

    1. Read data queries: , SHOW, DESCRIBE, EXISTS.
    2. Write data queries: INSERT, OPTIMIZE.
    3. DDL queries: , ALTER, RENAME, ATTACH, DETACH, DROP TRUNCATE.
    4. KILL QUERY.

    The following settings regulate user permissions by the type of query:

    • — Restricts permissions for all types of queries except DDL queries.
    • allow_ddl — Restricts permissions for DDL queries.

    can be performed with any settings.

    Restricts permissions for reading data, write data and change settings queries.

    See how the queries are divided into types .

    • 1 — Only read data queries are allowed.
    • 2 — Read data and change settings queries are allowed.

    After setting readonly = 1, the user can’t change readonly and allow_ddl settings in the current session.

    When using the GET method in the HTTP interface, readonly = 1 is set automatically. To modify data, use the POST method.

    Setting readonly = 1 prohibit the user from changing all the settings. There is a way to prohibit the user
    from changing only specific settings, for details see .

    Default value: 0

    allow_ddl

    See how the queries are divided into types .

    Possible values:

    • 0 — DDL queries are not allowed.
    • 1 — DDL queries are allowed.

    You can’t execute if allow_ddl = 0 for the current session.

    Default value: 1