0

I'm using MariaDB. I have a set of entity tables like order, inventory etc and other audit tables order_audit, inventory_audit to track any changes made to the original tables. I do not want to allow database user that is being used by the Java application to have DELETE or UPDATE permissions on audit tables.

I could assign permissions in following way

grant select,insert,update,delete on my_db_name.* to 'my_app_db_user';

But the above query grants update and delete permissions to audit tables as well. I did a quick search and figured its not possible to use patterns on table names in MySQL.

Most of the solutions suggest using a different database for such tables that require different permissions. But since my audit tables belong to original tables, I don't like them in a separate database. Is there any workaround ?

TechCrunch
  • 2,924
  • 5
  • 45
  • 79
  • The easiest way would I would do it would be with a UI if possible. I grant all and then get the revoke script for the audit tables via the ui so you can save it in an external script. Otherwise it would be fairly manual... – MiltoxBeyond Mar 02 '16 at 17:32
  • I am using liquibase for releases. So this is not an option. – TechCrunch Mar 02 '16 at 19:29

0 Answers0