TiDB database cannot revoke DROP DATABASE permission, but retains DROP TABLE permission

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: TiDB数据库无法回收DROP DATABASE的权限,但是保留DROP TABLE的权限

| username: FutureDB

Bug Report
Clearly and accurately describe the issue you found. Providing any possible steps to reproduce the issue will help the development team address it promptly.
【TiDB Version】V6.5.4
【Impact of the Bug】
If the DROP permission is granted, it means both DROP DATABASE and DROP TABLE are allowed, which could lead to the risk of deleting the database and running away. However, if the DROP permission is revoked, both DROP DATABASE and DROP TABLE are disallowed.
【Possible Steps to Reproduce the Issue】

【Observed Unexpected Behavior】

【Expected Behavior】
The permissions for DROP TABLE and DROP DATABASE should be controlled separately and independently.
【Related Components and Specific Versions】

【Other Background Information or Screenshots】
Such as cluster topology, system and kernel versions, application app information, etc. If the issue is related to SQL, please provide the SQL statements and related table schema information. If there are critical errors in the node logs, please provide the relevant node log content or files. If some business-sensitive information is inconvenient to provide, please leave your contact information, and we will communicate with you privately.

| username: Billmay表妹 | Original post link

This is a requirement!

| username: Billmay表妹 | Original post link

Requirement Feedback
Please clearly and accurately describe the problem scenario, desired behavior, and background information to facilitate timely follow-up by the product team.
[Problem Scenario Involved in the Requirement]

[Expected Desired Behavior]

[Alternative Solutions]

[Background Information]
For example, which users will benefit from it, and some usage scenarios. Any API design, models, or diagrams would be helpful.

It is recommended to provide feedback in this manner!

| username: xfworld | Original post link

DDL permission requirements

| username: Billmay表妹 | Original post link

This should be MySQL’s permission mechanism. We follow MySQL, so it is the same. If adjustments are needed, a comprehensive permission design is required. Currently, there are no plans for this.