Hi!
>>>>> "Alexander" == Alexander Keremidarski <salle@stripped>
> writes:
Alexander> Michael Widenius wrote:
>> Hi!
>>
>> We will in MySQL 4.0.2 introduce some new fields in the MySQL user
>> table, to make it possible to limit the number of queries / hour for a
>> user.
>>
>> At the same time we could add some new privilege fields to MySQL.
>>
skip>
>>
>> Do anyone have a suggestion for any other privilege we should add at
>> the same time ?
>>
Alexander> Isn't it time to revise mysql.user table and split it into 2 tables?
Alexander> With 4.0.1 it contains 14 priv_ columns adding more global privileges
Alexander> will add more columns.
Alexander> Something like:
Alexander> mysql.user
Alexander> (host, user, password)
Alexander> mysql.global
Alexander> (host, user, priv_name, priv enum('N', 'Y'))
Alexander> looks better as DB design.
We plan to in 5.0 change all the privileges to be a 'set' in the user
and db tables. The main reason is that this makes it much easier to
read the privilege and we can also easily add new privileges (up to
64) without changing the table structure.
Some could agree that having two tables would be more 'pure', but for
this case the set is faster and easier to maintain.
<cut>
Alexander> If Views are implemented current privileges schema will become much more
Alexander> flexible. Like create view Old_style_mysql.user as select from
Alexander> mysql.user, mysql.global;
Alexander> And what is more interesting with Views you can render privileges tables
Alexander> visible within current database like SYSTEM_USER table containing users
Alexander> with privileges to current database only. It is usefull for large setups
Alexander> - many databases, each db with its own DBA, complex privileges.
Alexander> Even read-only views will be quite helpful. DBA can grant DB users
Alexander> select_priv to SYSTEM_USER without granting them SELECT on mysql.*
I wouldn't like to start planing for views before 4.1 is done.
I will however consider this later.
Thanks for the comments.
Regards,
Monty
