開發發來問題說,開發環境的幾個視圖已經授權,但是指定用戶登錄后卻無法訪問。報錯信息如下:
[SQL]select * from ipost; [Err] 1045 - Access denied for user 'iqm'@'%' (using password: YES)
正式環境可以正常訪問。
一開始以為是權限沒有給予正確。
查看正式的授權情況:
mysql> show grants for tiq\G *************************** 1. row *************************** Grants for tiq@%: GRANT USAGE ON *.* TO 'tiq'@'%' *************************** 2. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`iperson` TO 'tiq'@'%' *************************** 3. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`idept` TO 'tiq'@'%' *************************** 4. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`icomp` TO 'tiq'@'%' *************************** 5. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`ipost` TO 'tiq'@'%' 5 rows in set (0.00 sec) mysql>
查看測試環境授權情況:
mysql> show grants for tiq\G *************************** 1. row *************************** Grants for tiq@%: GRANT USAGE ON *.* TO 'tiq'@'%' *************************** 2. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`idept` TO 'tiq'@'%' *************************** 3. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`icomp` TO 'tiq'@'%' *************************** 4. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`iperson` TO 'tiq'@'%' *************************** 5. row *************************** Grants for tiq@%: GRANT SELECT ON `tuc`.`ipost` TO 'tiq'@'%' 5 rows in set (0.00 sec) mysql>
對比發現授權沒有問題。
然后查看其中一個視圖在正式、測試環境中的定義。
正式環境查看視圖的定義:
mysql> show create view ipost\G *************************** 1. row *************************** View: ipost Create View: CREATE ALGORITHM=UNDEFINED DEFINER=`uadmin`@`%` SQL SECURITY DEFINER VIEW `ipost` AS select `t_post`.`id` AS `id`,`t_post`.`postcode` AS `postcode`,`t_post`.`postname` AS `postname`,`t_post`.`pk_job` AS `pk_job`,`t_post`.`job_code` AS `job_code`,`t_post`.`job_name` AS `job_name`,`t_post`.`org_code` AS `org_code`,`t_post`.`org_name` AS `org_name`,`t_post`.`pk_org` AS `pk_org`,`t_post`.`pk_post` AS `pk_post`,`t_post`.`status` AS `STATUS`,`t_post`.`enablestate` AS `enablestate`,`t_post`.`writebackoperate` AS `writebackoperate`,`t_post`.`writebackts` AS `writebackts`,`t_post`.`syncts` AS `syncts`,`t_post`.`operate` AS `operate`,`t_post`.`dirty` AS `dirty`,`t_post`.`ts` AS `ts`,`t_post`.`del_flag` AS `del_flag` from `t_post` character_set_client: utf8 collation_connection: utf8_general_ci 1 row in set (0.00 sec) mysql>
測試環境查看視圖的定義:
mysql> show create view ipost\G *************************** 1. row *************************** View: ipost Create View: CREATE ALGORITHM=UNDEFINED DEFINER=`uadmin`@`%` SQL SECURITY DEFINER VIEW `ipost` AS select `t_post`.`id` AS `id`,`t_post`.`postcode` AS `postcode`,`t_post`.`postname` AS `postname`,`t_post`.`pk_job` AS `pk_job`,`t_post`.`job_code` AS `job_code`,`t_post`.`job_name` AS `job_name`,`t_post`.`org_code` AS `org_code`,`t_post`.`org_name` AS `org_name`,`t_post`.`pk_org` AS `pk_org`,`t_post`.`pk_post` AS `pk_post`,`t_post`.`status` AS `STATUS`,`t_post`.`enablestate` AS `enablestate`,`t_post`.`writebackoperate` AS `writebackoperate`,`t_post`.`writebackts` AS `writebackts`,`t_post`.`syncts` AS `syncts`,`t_post`.`operate` AS `operate`,`t_post`.`dirty` AS `dirty`,`t_post`.`ts` AS `ts`,`t_post`.`del_flag` AS `del_flag` from `t_post` character_set_client: utf8 collation_connection: utf8_general_ci 1 row in set, 1 warning (0.00 sec) mysql>
從這里可以發現,結果顯示有個一個warning存在。
查看該warning的具體內容:
mysql> show warnings; +-------+------+--------------------------------------------------------------+ | Level | Code | Message | +-------+------+--------------------------------------------------------------+ | Note | 1449 | The user specified as a definer ('uadmin'@'%') does not exist | +-------+------+--------------------------------------------------------------+ 1 row in set (0.00 sec)
從這里可以看出,視圖創建的時候,將正式環境的用戶帶了過來,但是測試環境並不存在該用戶。其實原因很簡單,就開發從ide中直接從正式環境把定義語句導出后在測試環境執行了。