Home » Mysql » Is `definer` required when creating a stored procedure?

Is `definer` required when creating a stored procedure?

Posted by: admin November 30, 2017 Leave a comment

Questions:

I’ve written all of MySQL procedures as [email protected]:

CREATE DEFINER=`root`@`localhost` PROCEDURE `p_add_user`(...)

Trouble is, when deploying to another server, I have to replace root with current user and replace localhost with current IP, which is annoying.

Is there any way to write procedures so that someone who wants to use my database and procedures would not have to modify the definer of each procedure?

Answers:

As stated in MySQL documentation here

CREATE
[DEFINER = { user | CURRENT_USER }]
PROCEDURE sp_name ([proc_parameter[,...]])
[characteristic ...] routine_body

So, the DEFINER part is not mandatory, just CREATE PROCEDURE should work.

Questions:
Answers:
CREATE DEFINER=[your_web_user]@% PROCEDURE p_add_user(...)

Check it.. probably this will help you, if you want to define the user in your procedure…

Questions:
Answers:

You can specify execution privileges by adding the following statement in the procedure body (after declaration):

SQL SECURITY INVOKER

Example:

CREATE DEFINER=`root`@`localhost` PROCEDURE `p_add_user`()
SQL SECURITY INVOKER
(...)

Doing so, the actual invoker privileges are applied and the DEFINER part is omitted (even when it is auto-added during schema import).
Full reference here:
https://dev.mysql.com/doc/refman/5.7/en/stored-programs-security.html