The developers in my company have done some DB dev and created a number of procedures and triggers which work great, but now I'm ready to move it into a Production environment
For the procedures, I have changed the security to by the Invoker.. This seems simple so I can manage the permissions by granting specific accounts execute, similar to MSSQL.
But what do i do for triggers since the only option is to have use a definer. Do I just compile them as root%localhost or should I make a specific user called like TriggerUser which has select/update/delete/insert on all tables? The 2nd option sounds pretty good now that I type it out.
A trigger is always linked to a table. So anyone attempting to perform any operation on a table containing triggers will have these automatically invoked. Our policy is to keep these linked with the table owners.