Grants permissions to a specific user.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes GrantPrivileges

The operation that you want to perform. Set the value to GrantPrivileges.

PrivilegeBag Object Yes

The information about the permission.

HiveObjectPrivilege Array Yes

The array of the permission information.

HiveObjectRef Object Yes

The scope of the permissions that you want to grant to the user.

DbName String No db001

The name of the database. This parameter is required if you want to grant permissions on a database or table to the user.

HiveObjectType String Yes GLOBAL

The scope of the permissions that you want to grant to the user. Valid values: GLOBAL, DATABASE, and TABLE. GLOBAL indicates the permissions on all databases. DATABASE indicates the permissions on a database. TABLE indicates the permissions on a table.

TableName String No tbl001

The name of the table. This parameter is required if you want to grant permissions on a table to the user.

PrincipalName String Yes user001

The user to be authorized.

PrincipalType String No USER

Set the value to USER.

PrivilegeGrantInfo Object Yes

The authorization information.

GrantOption Boolean No false

Specifies whether the user to be authorized can grant the obtained permissions to other users.

Grantor String Yes user002

The DLA username that is used to grant permissions to the user.

PrincipalType String No USER

Set the value to USER.

Privilege String Yes CREATE

The permissions that you want to grant to the user.

Response parameters

Parameter Type Example Description
Code String NO_PRIVILEGE

The error code returned.

Data Boolean false

Indicates whether the authorization was successful.

Message String Access denied for user 'user002' to grant 'CREATE,SHOW' to user001

The error message returned.

RequestId String 9BEAC206-0795-4DE3-B1FD-964BEF432B23

The ID of the request.

Success Boolean false

Indicates whether the request was successful.

Examples

Sample requests

http(s)://[Endpoint]/?Action=GrantPrivileges
&PrivilegeBag={"HiveObjectPrivilege":[{"HiveObjectRef":{"DbName":"db001","HiveObjectType":"GLOBAL","TableName":"tbl001"},"PrincipalName":"user001","PrincipalType":"USER","PrivilegeGrantInfo":{"GrantOption":false,"Grantor":"user002","PrincipalType":"USER","Privilege":"CREATE"}}]}
&<Common request parameters>

Sample responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<Message>Access denied for user 'user002'  to grant 'CREATE,SHOW' to user001</Message>
<RequestId>9BEAC206-0795-4DE3-B1FD-964BEF432B23</RequestId>
<Data>false</Data>
<Code>NO_PRIVILEGE</Code>
<Success>false</Success>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "Message" : "Access denied for user 'user002'  to grant 'CREATE,SHOW' to user001",
  "RequestId" : "9BEAC206-0795-4DE3-B1FD-964BEF432B23",
  "Data" : "false",
  "Code" : "NO_PRIVILEGE",
  "Success" : "false"
}

Error codes

For a list of error codes, visit the API Error Center.