Grants permissions to a user.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
PrivilegeBag Object Yes

The information of the permissions.

HiveObjectPrivilege Array Yes

The array of the permission information.

HiveObjectRef Object Yes

The information about the authorization granularity.

DbName String Yes db001

The database name. This parameter is required if you want to grant permissions on a database or table to the user.

HiveObjectType String Yes GLOBAL

The scope of the permissions that you grant to the user. Valid values: GLOBAL, DATABASE, and TABLE. GLOBAL indicates the permissions on all databases, DATABASE indicates the permissions on a database, and TABLE indicates the permissions on a table.

TableName String Yes tbl001

The table name. This parameter is required if you want to grant permissions on a table to the user.

PrincipalName String Yes user001

The name of the user to whom you want to grant the permissions.

PrincipalType String Yes USER

The type of the user to whom you want to grant the permissions. Set the value to USER.

PrivilegeGrantInfo Object Yes

The information of the permissions.

GrantOption Boolean Yes false

Specifies whether the authorized user can grant the obtained permissions to other users.

Grantor String Yes user002

The username of the sub-account used by the user who grants the permissions.

PrincipalType String Yes USER

The type of the user who grants the permissions. Set the value to USER.

Privilege String Yes CREATE,SHOW

The specific permissions that you want to grant to the user.

Response parameters

Parameter Type Example Description
Code String NO_PRIVILEGE

The error code returned.

Data Boolean false

Indicates whether the authorization is successful.

Message String Access denied for user 'user002' to grant 'CREATE,SHOW' to user001

The error message returned.

RequestId String 9BEAC206-0795-4DE3-B1FD-964BEF432B23

The ID of the request.

Success Boolean false

Indicates whether the request is successful.

Examples

Sample requests

http(s)://[Endpoint]/?PrivilegeBag={"HiveObjectPrivilege":[{"PARAM_KEY":{"PrivilegeGrantInfo":{"GrantOption":"false","Grantor":"user002","Privilege":"CREATE,SHOW","PrincipalType":"USER"},"HiveObjectRef":{"TableName":"tbl001","DbName":"db001","HiveObjectType":"GLOBAL"},"PrincipalName":"user001","PrincipalType":"USER"}}]}
&<Common request parameters>

Sample success responses

XML format

<Message>Access denied for user 'user002'  to grant 'CREATE,SHOW' to user001</Message>
<RequestId>9BEAC206-0795-4DE3-B1FD-964BEF432B23</RequestId>
<Data>false</Data>
<Code>NO_PRIVILEGE</Code>
<Success>false</Success>

JSON format

{
    "Message": "Access denied for user 'user002'  to grant 'CREATE,SHOW' to user001",
    "RequestId": "9BEAC206-0795-4DE3-B1FD-964BEF432B23",
    "Data": "false",
    "Code": "NO_PRIVILEGE",
    "Success": "false"
}

Error codes

For a list of error codes, visit the API Error Center.