Spec-Zone .ru
спецификации, руководства, описания, API
|
|
Spec-Zone .ru
спецификации, руководства, описания, API
|
CREATE [DEFINER = { user | CURRENT_USER }] TRIGGER trigger_name trigger_time trigger_event ON tbl_name FOR EACH ROW trigger_bodytrigger_time: { BEFORE | AFTER }trigger_event: { INSERT | UPDATE | DELETE }
This statement creates a new trigger. A trigger is a named database object that is associated with a table, and
that activates when a particular event occurs for the table. The trigger becomes associated with the table named
tbl_name, which must refer to a permanent table. You cannot associate
a trigger with a TEMPORARY table or a view.
CREATE TRIGGER requires the TRIGGER privilege for the table associated with the trigger. The statement might
also require the SUPER
privilege, depending on the DEFINER value, as described later in this section. If
binary logging is enabled, CREATE TRIGGER
might require the SUPER
privilege, as described in Section 19.7, "Binary Logging of
Stored Programs".
The DEFINER clause determines the security context to be used when checking access
privileges at trigger activation time. See later in this section for more information.
trigger_time is the trigger action time. It can be BEFORE or AFTER to indicate that the trigger activates
before or after each row to be modified.
trigger_event indicates the kind of operation that activates the
trigger. These trigger_event values are permitted:
INSERT: The trigger activates whenever a new row is inserted into the
table; for example, through INSERT, LOAD DATA, and REPLACE statements.
UPDATE: The trigger activates whenever a row is modified; for example,
through UPDATE statements.
DELETE: The trigger activates whenever a row is deleted from the table;
for example, through DELETE and REPLACE
statements. DROP TABLE and TRUNCATE TABLE statements on the table do not
activate this trigger, because they do not use DELETE.
Dropping a partition does not activate DELETE triggers, either.
It is important to understand that the trigger_event does not
represent a literal type of SQL statement that activates the trigger so much as it represents a type of table
operation. For example, an INSERT trigger is activated by not only INSERT statements but also LOAD DATA statements because both statements insert rows into a table.
A potentially confusing example of this is the INSERT INTO ... ON DUPLICATE KEY UPDATE
... syntax: a BEFORE INSERT trigger will activate for every row, followed by
either an AFTER INSERT trigger or both the BEFORE
UPDATE and AFTER UPDATE triggers, depending on whether there was a
duplicate key for the row.
Cascaded foreign key actions do not activate triggers.
There cannot be two triggers for a given table that have the same trigger action time and event. For example,
you cannot have two BEFORE UPDATE triggers for a table. But you can have a BEFORE UPDATE and a BEFORE INSERT trigger, or a
BEFORE UPDATE and an AFTER UPDATE trigger.
trigger_body is the statement to execute when the trigger activates. If
you want to execute multiple statements, use the BEGIN ... END compound statement construct. This also enables you to use the
same statements that are permissible within stored routines. See Section
13.6.1, "BEGIN ... END Compound-Statement Syntax". Some statements are not
permitted in triggers; see Section E.1, "Restrictions on Stored
Programs".
You can refer to columns in the subject table (the table associated with the trigger) by using the aliases OLD and NEW. OLD. refers to a column of an existing row before it is
updated or deleted. col_nameNEW. refers
to the column of a new row to be inserted or an existing row after it is updated. col_name
MySQL stores the sql_mode
system variable setting in effect when a trigger is created, and always executes the trigger with this setting
in force, regardless of the current server SQL mode when the trigger begins
executing.
The DEFINER clause specifies the MySQL account to be used when checking access
privileges at trigger activation time. If a user value is given, it
should be a MySQL account specified as ' (the same format used in the user_name'@'host_name'GRANT statement), CURRENT_USER, or CURRENT_USER(). The default DEFINER value is the
user who executes the CREATE TRIGGER
statement. This is the same as specifying DEFINER = CURRENT_USER explicitly.
If you specify the DEFINER clause, these rules determine the valid DEFINER user values:
If you do not have the SUPER privilege, the only permitted user value is your own account, either specified literally or
by using CURRENT_USER. You cannot set the definer to some other account.
If you have the SUPER privilege, you can specify any syntactically valid account name. If
the account does not actually exist, a warning is generated.
Although it is possible to create a trigger with a nonexistent DEFINER account, it is not a good idea for such triggers to be activated
until the account actually does exist. Otherwise, the behavior with respect to privilege checking is
undefined.
MySQL takes the DEFINER user into account when checking trigger privileges as
follows:
At CREATE
TRIGGER time, the user who issues the statement must have the TRIGGER privilege.
At trigger activation time, privileges are checked against the DEFINER user. This user must have these privileges:
The TRIGGER privilege.
The SELECT privilege for the subject table if references to table
columns occur using OLD.
or col_nameNEW. in
the trigger definition. col_name
The UPDATE privilege for the subject table if table columns are
targets of SET NEW. assignments in the trigger
definition. col_name
= value
Whatever other privileges normally are required for the statements executed by the trigger.
For more information about trigger security, see Section 19.6, "Access Control for Stored Programs and Views".
Within a trigger, the CURRENT_USER()
function returns the account used to check privileges at trigger activation time. This is the DEFINER user, not the user whose actions caused the trigger to be activated. For
information about user auditing within triggers, see Section
6.3.12, "SQL-Based MySQL Account Activity Auditing".
If you use LOCK TABLES
to lock a table that has triggers, the tables used within the trigger are also locked, as described in Section
13.3.5.2, "LOCK TABLES and Triggers".
For additional discussion of trigger use, see Section 19.3.1, "Trigger Syntax and Examples".