CAN I [ [ CREATE_DATABASE | CREATE_STORE | CREATE_SCHEMA_REGISTRY | CREATE_DESCRIPTOR_SOURCE | CREATE_FUNCTION_SOURCE | CREATE_FUNCTION | CREATE_CONNECTOR | CREATE_QUERY | MANAGE_MEMBERS | MANAGE_GRANTS ] | [ [ USE | CREATE IN | SELECT FROM | INSERT INTO | DROP ] [DATABASE | SCHEMA | STORE | DESCRIPTOR_SOURCE | QUERY | RELATION | FUNCTION_SOURCE | FUNCTION | ROLE | REGION ] target_name ]];
Description
This command shows whether the current User can execute specific commands in the current Organization.
Arguments
target_name
Name of the object to use for testing authorization for the privilege target. Use this only for testing authorization of a privilege type, — for example, USE.
Examples
Check whether the user can create a database
<no-db>/<no-store># CAN I CREATE_DATABASE;+------------+|CanI|+============+|true|+------------+
Check whether the user can create a query
<no-db>/<no-store># CAN I CREATE_QUERY;+------------+|CanI|+============+|true|+------------+
Check whether the user with the current role can create objects in another role
<no-db>/<no-store># CAN I CREATE IN ROLE useradmin;
+------------+
| Can I |
+============+
| false |
+------------+
Check whether user has USAGE privilege on a database
<no-db>/<no-store># CAN I USE DATABASE db;+------------+|CanI|+============+|true|+------------+
Check whether user can user another role
<no-db>/<no-store># CAN I USE ROLE useradmin;+------------+|CanI|+============+|false|+------------+
