CAN I
Syntax
CAN I [
[
CREATE_DATABASE
| CREATE_STORE
| CREATE_SCHEMA_REGISTRY
| CREATE_DESCRIPTOR_SOURCE
| CREATE_FUNCTION_SOURCE
| CREATE_FUNCTION
| CREATE_CONNECTOR
| CREATE_QUERY
| MANAGE_MEMBERS
| MANAGE_GRANTS
]
| [
[ USE | CREATE IN | SELECT FROM | INSERT INTO | DROP ]
[
DATABASE
| SCHEMA
| STORE
| DESCRIPTOR_SOURCE
| QUERY
| RELATION
| FUNCTION_SOURCE
| FUNCTION
| ROLE
| REGION
] target_name
]
];
Description
This command shows whether the current User can execute specific commands in the current Organization.
Arguments
target_name
Name of the object to use for testing authorization for the privilege target. Use this only for testing authorization of a privilege type, — for example, USE
.
Examples
Check whether the user can create a database
<no-db>/<no-store># CAN I CREATE_DATABASE;
+------------+
| Can I |
+============+
| true |
+------------+
Check whether the user can create a query
<no-db>/<no-store># CAN I CREATE_QUERY;
+------------+
| Can I |
+============+
| true |
+------------+
Check whether the user with the current role can create objects in another role
<no-db>/<no-store># CAN I CREATE IN ROLE useradmin;
+------------+
| Can I |
+============+
| false |
+------------+
Check whether user has USAGE privilege on a database
<no-db>/<no-store># CAN I USE DATABASE db;
+------------+
| Can I |
+============+
| true |
+------------+
Check whether user can user another role
<no-db>/<no-store># CAN I USE ROLE useradmin;
+------------+
| Can I |
+============+
| false |
+------------+
Check whether user can drop a database
main_db.public/pub_demo_msk# CAN I DROP DATABASE user_db;
+------------+
| Can I |
+============+
| false |
+------------+
Check whether user can select from an existing relation
db.public/<no-store># CAN I SELECT FROM RELATION pageviews;
+------------+
| Can I |
+============+
| true |
+------------+
Check whether user can insert records into an existing relation
db.public/<no-store># CAN I INSERT INTO RELATION pageviews;
+------------+
| Can I |
+============+
| true |
+------------+
Check whether user can manage grants
db.public/<no-store># CAN I MANAGE_GRANTS;
+------------+
| Can I |
+============+
| false |
+------------+
Last updated