用户的 DEFAULT_SECONDARY_ROLES 对象属性的默认值更改为 (‘ALL’)¶

此行为变更最初于 2024_07 捆绑包中引入。为了给用户额外的时间来评估这一变更，这一行为变更在 2024_08 中保持禁用。

This BCR affects all users. If a new or existing user has their DEFAULT_SECONDARY_ROLES object property unset, or set to NULL, then their DEFAULT_SECONDARY_ROLES object property changes to ('ALL').

如果新用户或现有用户的 DEFAULT_SECONDARY_ROLES 对象属性已明确设置，则其 DEFAULT_SECONDARY_ROLES 对象属性不会改变。

Setting a user’s DEFAULT_SECONDARY_ROLES object property to () specifies that a user does not have secondary roles. If you want to preserve the existing behavior of the DEFAULT_SECONDARY_ROLES object property in your account, you can use the following procedure to explicitly set DEFAULT_SECONDARY_ROLES to an empty list:

CREATE OR REPLACE PROCEDURE update_default_secondary_roles()
RETURNS VARIANT NOT NULL
LANGUAGE JAVASCRIPT
EXECUTE AS CALLER
AS
$$
let updated_users = [];
let users = snowflake.execute({sqlText: "SHOW USERS"});
while (users.next()) {
  let username = users.getColumnValue("name");
  let dsr = users.getColumnValue("default_secondary_roles");
  if (dsr !== "") {
    continue;
  }
  snowflake.execute({
    sqlText: "alter user identifier(?) set default_secondary_roles=()",
    binds: ["\"" + username + "\""],
  });
  updated_users.push(username);
}
return updated_users;
$$;

CALL update_default_secondary_roles();

For more information, see the community article (https://community.snowflake.com/s/article/default-secondary-roles-all-overview-and-additional-explanations)

Before the change:

用户的 DEFAULT_SECONDARY_ROLES 对象属性的默认值是 NULL。

After the change:

用户的 DEFAULT_SECONDARY_ROLES 对象属性的默认值是 (‘ALL’)。

参考：1692