Skytable's access control is very simple:
- there is only one
- there are zero or more standard users
Types of users
As noted earlier there can be only one
root account and this is primarily for security concerns. We however do plan to support
creating multiple users (the implementation isn't hard but security is key).
Root users have exclusive rights to use plus everything that standard users have access to:
Resetting the root password
We strongly recommend that you keep the root password in someplace safe, but if you happen to lose it — just like many other databases, you will first need to stop the server to reset it. Once you have stopped the server, you will need to modify the root password that you set in your configuration source (such as CLI/ENV/configuration file). You will then need to restart the server. The server will issue a warning in the logs that the root password has changed but since that is what you intended, you can safely ignore it.
You can have any number of standard users. Standard users can essentially manipulate data but can't modify the objects that store them.
Changing account passwords
To change the password for a given account, you can follow the instructions on BlueQL's DCL guide here.
Standard users can access the following query types:
SYSCTL REPORT STATUS
The single DDL query that lets you do a "sneak peek" into the status of the entire system is the
INSPECT GLOBAL query. It
returns a JSON string like this:
spaces: lists all the spaces in the system
users: lists all usersAccess control note
This is only returned if you are the
rootuser. Standard users cannot see the other users in the system
settings: returns system settings (currently an empty dictionary is returned)