Note
This view is available starting with V4.0.0.
Purpose
This view displays user and role information under all tenants in the cluster.
Columns
| Column | Type | Nullable | Description |
|---|---|---|---|
| TENANT_ID | bigint(20) | NO | The tenant ID. |
| USER_NAME | varchar(128) | NO | The username or role name. |
| HOST | varchar(128) | NO | The server name. |
| PASSWD | varchar(128) | NO | The password of the user or role. |
| INFO | varchar(4096) | NO | The information of the user or role. |
| PRIV_ALTER | varchar(3) | NO | Indicates whether the user or role has the privilege to modify databases or tables. |
| PRIV_CREATE | varchar(3) | NO | Indicates whether the user or role has the privilege to create databases or tables. |
| PRIV_DELETE | varchar(3) | NO | Indicates whether the user or role has the privilege to delete records in databases or tables. |
| PRIV_DROP | varchar(3) | NO | Indicates whether the user or role has the privilege to drop databases or tables. |
| PRIV_GRANT_OPTION | varchar(3) | NO | Indicates whether the user or role has the privilege to grant privileges. |
| PRIV_INSERT | varchar(3) | NO | Indicates whether the user or role has the privilege to insert records. |
| PRIV_UPDATE | varchar(3) | NO | Indicates whether the user or role has the privilege to update records. |
| PRIV_SELECT | varchar(3) | NO | Indicates whether the user or role has the privilege to query records. |
| PRIV_INDEX | varchar(3) | NO | Indicates whether the user or role has the privilege to create indexes. |
| PRIV_CREATE_VIEW | varchar(3) | NO | Indicates whether the user or role has the privilege to create views. |
| PRIV_SHOW_VIEW | varchar(3) | NO | Indicates whether the user or role has the privilege to query views. |
| PRIV_SHOW_DB | varchar(3) | NO | Indicates whether the user or role has the privilege to query all databases. |
| PRIV_CREATE_USER | varchar(3) | NO | Indicates whether the user or role has the privilege to create users. |
| PRIV_SUPER | varchar(3) | NO | Indicates whether the user or role has the privilege of a superuser. |
| IS_LOCKED | varchar(3) | NO | Indicates whether the user or role is locked. |
| PRIV_PROCESS | varchar(3) | NO | Indicates whether the user or role has the privilege to query all threads. |
| PRIV_CREATE_SYNONYM | varchar(3) | NO | Indicates whether the user or role has the privilege to create synonyms. |
| SSL_TYPE | bigint(20) | NO | The SSL standard encryption security type. |
| SSL_CIPHER | varchar(1024) | NO | The SSL standard encryption security password. |
| X509_ISSUER | varchar(1024) | NO | The name of the X.509 publisher. |
| X509_SUBJECT | varchar(1024) | NO | The name of the X.509 certificate subject. |
| TYPE | varchar(4) | NO | The type. Valid values:
|
| PROFILE_ID | bigint(20) | NO | The profile ID. |
| PASSWORD_LAST_CHANGED | timestamp(6) | YES | The last time when the password was changed. |
| PRIV_FILE | varchar(3) | NO | Indicates whether the user or role has the privilege to query files. |
| PRIV_ALTER_TENANT | varchar(3) | NO | Indicates whether the user or role has the privilege to modify tenant information. |
| PRIV_ALTER_SYSTEM | varchar(3) | NO | Indicates whether the user or role has the privilege to modify server configuration parameters. |
| PRIV_CREATE_RESOURCE_POOL | varchar(3) | NO | Indicates whether the user or role has the privilege to create, modify, and drop resource pools. |
| PRIV_CREATE_RESOURCE_UNIT | varchar(3) | NO | Indicates whether the user or role has the privilege to create, modify, and drop resource units. |
| MAX_CONNECTIONS | bigint(20) | NO | The maximum number of connections. |
| MAX_USER_CONNECTIONS | bigint(20) | NO | The maximum number of tenant connections. |
| PRIV_REPL_SLAVE | varchar(3) | NO | Indicates whether the user or role has the privilege to manage a replica server. A tenant can specify the locations of the replica server and the primary server. |
| PRIV_REPL_CLIENT | varchar(3) | NO | Indicates whether the user or role has the privilege to manage a primary server. A tenant can read binary log files for maintaining the replication database environment. The user is located in the primary system and facilitates communication between the host and client. |
| PRIV_DROP_DATABASE_LINK | varchar(3) | NO | Indicates whether the user or role has the privilege to drop database links. |
| PRIV_CREATE_DATABASE_LINK | varchar(3) | NO | Indicates whether the user or role has the privilege to create database links. |
| PRIV_EXECUTE | varchar(3) | NO | Indicates whether the user or role has the privilege to execute procedures and functions. |
| PRIV_ALTER_ROUTINE | varchar(3) | NO | Indicates whether the user or role has the privilege to modify and drop procedures and functions. |
| PRIV_CREATE_ROUTINE | varchar(3) | NO | Indicates whether the user or role has the privilege to create procedures and functions. |
| PRIV_CREATE_TABLESPACE | varchar(3) | NO | Indicates whether the user or role has the privilege to create, modify, and drop tablespaces. |
| PRIV_SHUTDOWN | varchar(3) | NO | Indicates whether the user or role has the privilege to execute the mysqladmin shutdown command. |
| PRIV_RELOAD | varchar(3) | NO | Whether the user has the authority to perform the Flush operation |
| PRIV_REFERENCES | varchar(3) | NO | Whether the user has the authority to create foreign keys |
| PRIV_CREATE_ROLE | varchar(3) | NO | Whether the user has the authority to create roles |
| PRIV_DROP_ROLE | varchar(3) | NO | Whether the user has the authority to drop roles |
| PRIV_TRIGGER | varchar(3) | NO | Whether the user has the authority to activate triggers |
| PRIV_ENCRYPT | varchar(3) | NO | Whether the user has the authority to invoke the ENHANCED_AES_ENCRYPT function |
| PRIV_DECRYPT | varchar(3) | NO | Whether the user has the authority to invoke the ENHANCED_AES_DECRYPT function |
Sample query
In the sys tenant, query the user and role information of the tenant with the tenant ID of 1002.
obclient [oceanbase]> SELECT * FROM oceanbase.CDB_OB_USERS WHERE TENANT_ID=1002\G
The query result is as follows:
*************************** 1. row ***************************
TENANT_ID: 1002
USER_NAME: root
HOST: %
PASSWD: *****************************
INFO: system administrator
PRIV_ALTER: YES
PRIV_CREATE: YES
PRIV_DELETE: YES
PRIV_DROP: YES
PRIV_GRANT_OPTION: YES
PRIV_INSERT: YES
PRIV_UPDATE: YES
PRIV_SELECT: YES
PRIV_INDEX: YES
PRIV_CREATE_VIEW: YES
PRIV_SHOW_VIEW: YES
PRIV_SHOW_DB: YES
PRIV_CREATE_USER: YES
PRIV_SUPER: YES
IS_LOCKED: NO
PRIV_PROCESS: YES
PRIV_CREATE_SYNONYM: YES
SSL_TYPE: 0
SSL_CIPHER:
X509_ISSUER:
X509_SUBJECT:
TYPE: USER
PROFILE_ID: -1
PASSWORD_LAST_CHANGED: 2025-02-05 17:48:54.593368
PRIV_FILE: YES
PRIV_ALTER_TENANT: YES
PRIV_ALTER_SYSTEM: YES
PRIV_CREATE_RESOURCE_POOL: YES
PRIV_CREATE_RESOURCE_UNIT: YES
MAX_CONNECTIONS: 0
MAX_USER_CONNECTIONS: 0
PRIV_REPL_SLAVE: YES
PRIV_REPL_CLIENT: YES
PRIV_DROP_DATABASE_LINK: YES
PRIV_CREATE_DATABASE_LINK: YES
PRIV_EXECUTE: YES
PRIV_ALTER_ROUTINE: YES
PRIV_CREATE_ROUTINE: YES
PRIV_CREATE_TABLESPACE: YES
PRIV_SHUTDOWN: YES
PRIV_RELOAD: YES
PRIV_REFERENCES: YES
PRIV_CREATE_ROLE: YES
PRIV_DROP_ROLE: YES
PRIV_TRIGGER: YES
PRIV_ENCRYPT: YES
PRIV_DECRYPT: YES
*************************** 2. row ***************************
TENANT_ID: 1002
USER_NAME: ORAAUDITOR
HOST: %
PASSWD: *****************************
INFO: system administrator
PRIV_ALTER: NO
PRIV_CREATE: NO
PRIV_DELETE: NO
PRIV_DROP: NO
PRIV_GRANT_OPTION: NO
PRIV_INSERT: NO
PRIV_UPDATE: NO
PRIV_SELECT: NO
PRIV_INDEX: NO
PRIV_CREATE_VIEW: NO
PRIV_SHOW_VIEW: NO
PRIV_SHOW_DB: NO
PRIV_CREATE_USER: NO
PRIV_SUPER: NO
IS_LOCKED: YES
PRIV_PROCESS: NO
PRIV_CREATE_SYNONYM: NO
SSL_TYPE: 0
SSL_CIPHER:
X509_ISSUER:
X509_SUBJECT:
TYPE: USER
PROFILE_ID: -1
PASSWORD_LAST_CHANGED: 2025-02-05 17:45:58.962446
PRIV_FILE: NO
PRIV_ALTER_TENANT: NO
PRIV_ALTER_SYSTEM: NO
PRIV_CREATE_RESOURCE_POOL: NO
PRIV_CREATE_RESOURCE_UNIT: NO
MAX_CONNECTIONS: 0
MAX_USER_CONNECTIONS: 0
PRIV_REPL_SLAVE: NO
PRIV_REPL_CLIENT: NO
PRIV_DROP_DATABASE_LINK: NO
PRIV_CREATE_DATABASE_LINK: NO
PRIV_EXECUTE: NO
PRIV_ALTER_ROUTINE: NO
PRIV_CREATE_ROUTINE: NO
PRIV_CREATE_TABLESPACE: NO
PRIV_SHUTDOWN: NO
PRIV_RELOAD: NO
PRIV_REFERENCES: NO
PRIV_CREATE_ROLE: NO
PRIV_DROP_ROLE: NO
PRIV_TRIGGER: NO
PRIV_ENCRYPT: NO
PRIV_DECRYPT: NO
*************************** 3. row ***************************
TENANT_ID: 1002
USER_NAME: test2
HOST: %
PASSWD: ************************************
INFO:
PRIV_ALTER: NO
PRIV_CREATE: NO
PRIV_DELETE: NO
PRIV_DROP: NO
PRIV_GRANT_OPTION: NO
PRIV_INSERT: NO
PRIV_UPDATE: NO
PRIV_SELECT: NO
PRIV_INDEX: NO
PRIV_CREATE_VIEW: NO
PRIV_SHOW_VIEW: NO
PRIV_SHOW_DB: NO
PRIV_CREATE_USER: NO
PRIV_SUPER: NO
IS_LOCKED: NO
PRIV_PROCESS: NO
PRIV_CREATE_SYNONYM: NO
SSL_TYPE: 0
SSL_CIPHER:
X509_ISSUER:
X509_SUBJECT:
TYPE: USER
PROFILE_ID: -1
PASSWORD_LAST_CHANGED: 2025-02-20 15:11:58.158111
PRIV_FILE: NO
PRIV_ALTER_TENANT: NO
PRIV_ALTER_SYSTEM: NO
PRIV_CREATE_RESOURCE_POOL: NO
PRIV_CREATE_RESOURCE_UNIT: NO
MAX_CONNECTIONS: 0
MAX_USER_CONNECTIONS: 0
PRIV_REPL_SLAVE: NO
PRIV_REPL_CLIENT: NO
PRIV_DROP_DATABASE_LINK: NO
PRIV_CREATE_DATABASE_LINK: NO
PRIV_EXECUTE: NO
PRIV_ALTER_ROUTINE: NO
PRIV_CREATE_ROUTINE: NO
PRIV_CREATE_TABLESPACE: NO
PRIV_SHUTDOWN: NO
PRIV_RELOAD: NO
PRIV_REFERENCES: NO
PRIV_CREATE_ROLE: NO
PRIV_DROP_ROLE: NO
PRIV_TRIGGER: NO
PRIV_ENCRYPT: NO
PRIV_DECRYPT: NO
3 rows in set