SQL-Permissions of Application-Database-User

Hello

I would like to know which SQL-Permissions (SELECT, INSERT, UPDATE, DELETE, so on) a MariaDB/MySQL-Application-Database-User needs for SuiteCRM? The idea is to allow as little as possible.

Who knows this and/or can point me to documentation covering this?

Thank you,

Corinna

Any idea would be very much appreciated.

Almost all permissions will need to be granted.

The CRM has lots of functionality and there are SELECT, INSERT, UPDATE, ALTER commands used.

The CRM sets items deleted=1 when you delete an item from the CRM UI so I don’t think the ‘DELETE’ permission is needed, but it would be beneficial to grant this.

Thanks,

Will.

1 Like

Hi Will,

thank you very much for your reply. Can you explain a bit more why it is a good idea to also grant ‘DELETE’ permissions? Do you know of any good documentation to find out if it is actually needed or not?

Thanks again,

Corinna

There may be core functionality which runs direct queries to delete. There may also be extensions you install/use which do direct queries(instead of going through the ‘Bean’).

I would recommend you do a test without granting delete privileges and see if you experience any issues.

Thanks,

Will.

1 Like