(doris-website) branch master updated: [auth]Add explanation for show grants (#2205)

Wed, 23 Apr 2025 04:45:05 -0700 

This is an automated email from the ASF dual-hosted git repository.

kassiez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/doris-website.git


The following commit(s) were added to refs/heads/master by this push:
     new 862dc555c31 [auth]Add explanation for show grants (#2205)
862dc555c31 is described below

commit 862dc555c311a703968c9b8f44da088170d19f80
Author: zhangdong <[email protected]>
AuthorDate: Wed Apr 23 19:44:40 2025 +0800

    [auth]Add explanation for show grants (#2205)
    
    ## Versions
    
    - [x] dev
    - [x] 3.0
    - [x] 2.1
    - [ ] 2.0
    
    ## Languages
    
    - [x] Chinese
    - [x] English
    
    ## Docs Checklist
    
    - [ ] Checked by AI
    - [ ] Test Cases Built
---
 docs/sql-manual/sql-statements/account-management/SHOW-GRANTS.md      | 1 +
 docs/sql-manual/sql-statements/account-management/SHOW-ROLES.md       | 3 +++
 .../sql-manual/sql-statements/account-management/SHOW-GRANTS.md       | 1 +
 .../sql-manual/sql-statements/account-management/SHOW-ROLES.md        | 4 ++++
 .../sql-manual/sql-statements/account-management/SHOW-GRANTS.md       | 1 +
 .../sql-manual/sql-statements/account-management/SHOW-ROLES.md        | 4 ++++
 .../sql-manual/sql-statements/account-management/SHOW-GRANTS.md       | 1 +
 .../sql-manual/sql-statements/account-management/SHOW-ROLES.md        | 4 ++++
 .../sql-manual/sql-statements/account-management/SHOW-GRANTS.md       | 1 +
 .../sql-manual/sql-statements/account-management/SHOW-ROLES.md        | 4 ++++
 .../sql-manual/sql-statements/account-management/SHOW-GRANTS.md       | 1 +
 .../sql-manual/sql-statements/account-management/SHOW-ROLES.md        | 3 +++
 12 files changed, 28 insertions(+)

diff --git a/docs/sql-manual/sql-statements/account-management/SHOW-GRANTS.md 
b/docs/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 17780ef16b7..ed7b0e91e4c 100644
--- a/docs/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ b/docs/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ Users executing this SQL command must have at least the 
following privileges:
   - `SHOW ALL GRANTS` can view all users' permissions, but requires the 
`GRANT_PRIV` permission.
   - If the `user_identity` is specified, the permissions of the specified user 
are viewed. And the `user_identity` must be created by the `CREATE USER` 
command.
   - If the `user_identity` is not specified, the permissions of the current 
user are viewed.
+  - Doris implements permission control based on the RBAC (Role-Based Access 
Control) model. Therefore, the permissions displayed here are actually the 
combined permissions of all roles assigned to the user. If you want to check 
which specific role a permission comes from, you can use the [SHOW 
ROLES](./SHOW-ROLES.md) command to view the details.
 
 ## Examples
 
diff --git a/docs/sql-manual/sql-statements/account-management/SHOW-ROLES.md 
b/docs/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index 850f42e3771..2b19f7e8204 100644
--- a/docs/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ b/docs/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,9 @@ The user executing this SQL command must have at least the 
following privileges:
 |:--------------|:----------|:------|
 | GRANT_PRIV    | USER or ROLE    | This operation can only be performed by 
users or roles with GRANT_PRIV permissions  |
 
+## Usage Notes
+
+Doris creates a default role for each user. If you want to display the default 
role, you can execute the command ```set show_user_default_role=true;```.
 
 ## Example
 
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 2bc23f2ec20..f41ff63cbcc 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ SHOW [ALL] GRANTS [FOR <user_identity>];
   - `SHOW ALL GRANTS` 可以查看所有用户的权限,但需要有 `GRANT_PRIV` 权限。
   - 如果指定 `user_identity`,则查看该指定用户的权限。且该 `user_identity` 必须为通过 `CREATE USER` 
命令创建的。
   - 如果不指定 `user_identity`,则查看当前用户的权限。
+  - Doris 基于 RBAC(Role-Based Access 
Control)的权限管理模型进行权限控制,因此这里展示出来的权限其实是用户所有角色的权限合集,如果想查看具体权限来源于哪个角色, 可以通过[SHOW 
ROLES](./SHOW-ROLES.md)查看
 
 ## 示例
 
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-ROLES.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index e896e582099..623614e3fe0 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,10 @@ SHOW ROLES
 |:------------|:------------|:--------------|
 | GRANT_PRIV  | 用户(User)或 角色(Role) | 用户或者角色拥有 GRANT_PRIV 权限才能进行此操作 |
 
+## 注意事项
+
+Doris 会为每个用户创建一个默认角色,如果想展示出默认角色,可以 ```set show_user_default_role=true;```
+
 ## 示例
 
 - 查看已创建的角色
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 2bc23f2ec20..f41ff63cbcc 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ SHOW [ALL] GRANTS [FOR <user_identity>];
   - `SHOW ALL GRANTS` 可以查看所有用户的权限,但需要有 `GRANT_PRIV` 权限。
   - 如果指定 `user_identity`,则查看该指定用户的权限。且该 `user_identity` 必须为通过 `CREATE USER` 
命令创建的。
   - 如果不指定 `user_identity`,则查看当前用户的权限。
+  - Doris 基于 RBAC(Role-Based Access 
Control)的权限管理模型进行权限控制,因此这里展示出来的权限其实是用户所有角色的权限合集,如果想查看具体权限来源于哪个角色, 可以通过[SHOW 
ROLES](./SHOW-ROLES.md)查看
 
 ## 示例
 
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index 92f28c3ad49..b6fe29843e7 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,10 @@ SHOW ROLES
 |:------------|:------------|:--------------|
 | GRANT_PRIV  | 用户(User)或 角色(Role) | 用户或者角色拥有 GRANT_PRIV 权限才能进行此操作 |
 
+## 注意事项
+
+Doris 会为每个用户创建一个默认角色,如果想展示出默认角色,可以 ```set show_user_default_role=true;```
+
 ## 示例
 
 - 查看已创建的角色
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 2bc23f2ec20..f41ff63cbcc 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ SHOW [ALL] GRANTS [FOR <user_identity>];
   - `SHOW ALL GRANTS` 可以查看所有用户的权限,但需要有 `GRANT_PRIV` 权限。
   - 如果指定 `user_identity`,则查看该指定用户的权限。且该 `user_identity` 必须为通过 `CREATE USER` 
命令创建的。
   - 如果不指定 `user_identity`,则查看当前用户的权限。
+  - Doris 基于 RBAC(Role-Based Access 
Control)的权限管理模型进行权限控制,因此这里展示出来的权限其实是用户所有角色的权限合集,如果想查看具体权限来源于哪个角色, 可以通过[SHOW 
ROLES](./SHOW-ROLES.md)查看
 
 ## 示例
 
diff --git 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index 2ff21c1f690..92ac0a5ffd6 100644
--- 
a/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ 
b/i18n/zh-CN/docusaurus-plugin-content-docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,10 @@ SHOW ROLES
 |:------------|:------------|:--------------|
 | GRANT_PRIV  | 用户(User)或 角色(Role) | 用户或者角色拥有 GRANT_PRIV 权限才能进行此操作 |
 
+## 注意事项
+
+Doris 会为每个用户创建一个默认角色,如果想展示出默认角色,可以 ```set show_user_default_role=true;```
+
 ## 示例
 
 - 查看已创建的角色
diff --git 
a/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
 
b/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 17780ef16b7..ed7b0e91e4c 100644
--- 
a/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ 
b/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ Users executing this SQL command must have at least the 
following privileges:
   - `SHOW ALL GRANTS` can view all users' permissions, but requires the 
`GRANT_PRIV` permission.
   - If the `user_identity` is specified, the permissions of the specified user 
are viewed. And the `user_identity` must be created by the `CREATE USER` 
command.
   - If the `user_identity` is not specified, the permissions of the current 
user are viewed.
+  - Doris implements permission control based on the RBAC (Role-Based Access 
Control) model. Therefore, the permissions displayed here are actually the 
combined permissions of all roles assigned to the user. If you want to check 
which specific role a permission comes from, you can use the [SHOW 
ROLES](./SHOW-ROLES.md) command to view the details.
 
 ## Examples
 
diff --git 
a/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
 
b/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index ceaeb7b9f6d..5d2fb5c4e06 100644
--- 
a/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ 
b/versioned_docs/version-2.1/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,10 @@ The user executing this SQL command must have at least the 
following privileges:
 | GRANT_PRIV    | USER or ROLE    | This operation can only be performed by 
users or roles with GRANT_PRIV permissions  |
 
 
+## Usage Notes
+
+Doris creates a default role for each user. If you want to display the default 
role, you can execute the command ```set show_user_default_role=true;```.
+
 ## Example
 
 - View created roles
diff --git 
a/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
 
b/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
index 17780ef16b7..ed7b0e91e4c 100644
--- 
a/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
+++ 
b/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-GRANTS.md
@@ -72,6 +72,7 @@ Users executing this SQL command must have at least the 
following privileges:
   - `SHOW ALL GRANTS` can view all users' permissions, but requires the 
`GRANT_PRIV` permission.
   - If the `user_identity` is specified, the permissions of the specified user 
are viewed. And the `user_identity` must be created by the `CREATE USER` 
command.
   - If the `user_identity` is not specified, the permissions of the current 
user are viewed.
+  - Doris implements permission control based on the RBAC (Role-Based Access 
Control) model. Therefore, the permissions displayed here are actually the 
combined permissions of all roles assigned to the user. If you want to check 
which specific role a permission comes from, you can use the [SHOW 
ROLES](./SHOW-ROLES.md) command to view the details.
 
 ## Examples
 
diff --git 
a/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
 
b/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
index 850f42e3771..2b19f7e8204 100644
--- 
a/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
+++ 
b/versioned_docs/version-3.0/sql-manual/sql-statements/account-management/SHOW-ROLES.md
@@ -56,6 +56,9 @@ The user executing this SQL command must have at least the 
following privileges:
 |:--------------|:----------|:------|
 | GRANT_PRIV    | USER or ROLE    | This operation can only be performed by 
users or roles with GRANT_PRIV permissions  |
 
+## Usage Notes
+
+Doris creates a default role for each user. If you want to display the default 
role, you can execute the command ```set show_user_default_role=true;```.
 
 ## Example
 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to