box.schema.role.grant()

box.schema.role.grant(role-name, permissions, object-type, object-name[, option])¶

box.schema.role.grant(role-name, permissions, 'universe'[, nil, option])

box.schema.role.grant(role-name, role-name[, nil, nil, option])

Grant privileges to a role.

Parameters:

Parameters:	role-name (`string`) – the name of the role permissions (`string`) – one or more permissions to grant to the role (for example, `read` or `read,write`) object-type (`string`) – a database object type to grant permissions to (for example, `space`, `role`, or `function`) object-name (`string`) – the name of a database object to grant permissions to option (`table`) – `if_not_exists` = `true\|false` (default = `false`) - boolean; `true` means there should be no error if the role already has the privilege

role-name (string) – the name of the role
permissions (string) – one or more permissions to grant to the role (for example, read or read,write)
object-type (string) – a database object type to grant permissions to (for example, space, role, or function)
object-name (string) – the name of a database object to grant permissions to
option (table) – if_not_exists = true|false (default = false) - boolean; true means there should be no error if the role already has the privilege

The role must exist, and the object must exist.

Variation: instead of object-type, object-name say universe which means ‘all object-types and all objects’. In this case, object name is omitted.

Variation: instead of permissions, object-type, object-name say role-name – to grant a role to a role.

Example:

box.schema.role.grant('books_space_manager', 'read,write', 'space', 'books')

Version:

box.schema.role.grant()