Is there is any Drush Command for Drupal 7 to give all permissions to a newly created role?
Ok, if you don't have an admin role, then you can do this:
create a role with drush:
drush role-create 'my role'
Then, you can add all permissions to the created rol:
drush eval "user_role_grant_permissions(user_role_load_by_name('my role')->rid, array_keys(user_permission_get_modules()));"
Well, I hope this help you:
You shouldn't grant all permissions to an anonymus role, because it is not even login into the Drupal site. And it could be extremly dangerious.
You should check your drush version because the commands are differents.
Suppose you are using Drush 7.x and Drupal 7.x. Could you try this:
Create a new user (not role) and grant the Admin permissions to it. Because you don't need a new role, you already have all permissions granted on the Drupal Admin User. To do this:
check all existing roles:
drush role-list
drush user-add-role "administrator role" --name="new user"
Related
Environment: snowflake database.
i am trying to find a way to create a role which have security admin permission but should limit the permission only to specific database. is this doable or not? if so, anyone can help me on this? thanks so much.
Thanks, Alex
SECURITYADMIN is a role created by default in Snowflake and a lot of his permissions are not database-related (for example role and user management). Indeed most of the database-related grants belongs to SYSADMIN role.
So if you want to create a custom role having limited permissions on a specific database. You should list the permission which are database related and grant this permissions to the custom role.
For example if you want to give all privileges to a role on a specific database you can use :
GRANT ALL PRIVILEGES ON DATABASE my_db TO ROLE my_custom_role;
Roles are account-level, not db-level objects. So I am guessing you are trying actually to do the same role mgmt that SECURITYADMIN does, but at db-level. In that case:
use role SECURITYADMIN;
create role SECURITYADMIN_DB1;
grant create user, create role to SECURITYADMIN_DB1;
After that create Access Roles for your db:
https://docs.snowflake.com/en/user-guide/security-access-control-considerations.html#aligning-object-access-with-business-functions
Then assign all access roles to the custom SECURITYADMIN_DB1 role, so your role will manage that particular db only.
At first there is no authentication in mongodb, so I created one for one database with readWrite role.
Now I want to create more users for other databases but as this user doesn't have the privileges to create other users I'm stuck.
The documentation clearly says:
With access control enabled, ensure you have a user with userAdmin or userAdminAnyDatabase role in the admin database. This user can administrate user and roles such as: create users, grant or revoke roles from users, and create or modify customs roles.
If you haven't created such user, you cannot create it now with authentication and access rights enabled. I gues you need to restart the MongoDB server without authentication enabled, create that admin user, and restart the MongoDB server again with authentication enabled.
I highly recommend you read to complete documentation how to enable authentication first to understand the complete concept, before you follow it step by step. Otherwise it might be confusing and creating such state you are currently locked in and cannot continue with all actions.
Please advice regarding below issue. I am new to Snowflake and learning and doing hands on. I created a new warehouse and database from Snowflake web-console under account admin role. I am trying to connect to SnowSQL client to stage my local files.I was able to connect successfully to SnowSQL and to new warehouse. But my new database which I created from Snowflake console is not listing in SnowSQL client. The database in console shows as accountadmin as role. So still not sure why it is not listing in SnowSQL CLI. Please advice?
Thanks,
Tanveer
Great to see you are learning Snowflake. I would suggest creating a role and then "grant role sysadmin to role yourrole. Use the same role in snowsql and you should any object created with that role. As Suzy mentioned, if the role you are using when logging into snowsql has not been granted the role of accountadmin, you will not see the tables created by accountadmin.
Thanks a lot to both of you for quick response. You both are correct. As I mentioned, in snowflake console I created the DB and tables from accountadmin role whereas in snowsql default role is sysadmin (I was unaware of this).So changed the role to sysadmin in snow sql to account admin role and it worked fine. And tried granting necessary priviliedge to sysadmin role in webconsole and that worked too. thanks a lot once again. Am closing this post.
I have a gitlab user and a role assigned to it, now the gitlab user needs extra grant permissions.
I am executing the following sentence. [ssms 2012]
GRANT VIEW SERVER STATE to xxx;
ERROR:
Grantor does not have GRANT permission
What is the permission i should give to gitlab user so that it can give grant permissions to another user.
I have also tried this but same error
grant view server state to xxx with grant option
please tell me as a command
The error is pretty clear - the account that you are using to run the script does not have WITH GRANT permission and therefore it cannot give it to someone else. Check with your DBA.
I have a problem with sqlserver authentication .
When i connect to my instance using this information local,windows authentican i have this permission :
But with sqlserver authentication local,sa,12345 i have this permission:
Last day the both permissions was same ,but today the permission of windows authentication are removed and i need the permission of sqlauthentication in windowsauthentication how can i do that?
because my TFS use the windows authentication login .now my TFS doesn't work.
Best regards
i need the permission of sqlauthentication in windowsauthentication how can i do that?
No, you don't. The reason that your sa account can see all of those other logins is because it is a system administrator (i.e. a member of the sysadmin server role). Whatever you're doing with TFS, I can almost guarantee that it doesn't need that level of permission. Find out what permissions you actually need (this looks like a promising start) and grant those. Running any application with privileges it doesn't need is a bad idea in general.