table of Contents
User Management
Add and delete users
1. Add user
You can use CREATE USER to add one or more users.
Syntax format:CREATE USER '用户名' @'主机名' IDENTIFIED BY PASSWORD,USER '用户名' @'主机名' IDENTIFIED BY PASSWORD...
create user
'user001'@'localhost' identified by 'root',
'user002'@'localhost' identified by 'root';
Create two users here
mysql> create user'user001'@'localhost' identified by 'root', 'user002'@'localhost' identified by 'root';
Query OK, 0 rows affected (0.01 sec)
mysql> use mysql;
Database changed
mysql> select * from user;
Created
Here, try to log in the user user001 This user
has been logged in
2. Delete user
Syntax format: DROP USER 用户
delete user001 user here. If you delete
this user, there will be an error. If you want to return to the root account,
OK has successfully deleted the user
Modify user name and password
1. Modify user name
Syntax format: rename user '用户名' @'主机名' to '新用户名' @'主机名';
here modify user user002 to user001
mysql> rename user 'user002'@'localhost' to 'user001'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> use mysql;
Database changed
mysql> select * from user;
Modification has been completed
2. Modify user password
Syntax format: set password for '用户名' @'主机名'=password('新密码');
here, modify the password of user001 to python
mysql> set password for 'user001'@'localhost' =password('python');
Query OK, 0 rows affected (0.00 sec)
mysql>
authority management
Granted permission
The permissions granted are as follows
: 1. Column permissions: related to a specific column in the
table 2. Table permissions: related to all data in a specific table
3. Database permissions: related to all tables in a specific database
4 .User permissions: related to all MySQL databases, such as deleting an existing database or creating a new database permissions to
grant table permissions
here to grant user001select student table permissions
mysql> grant select
-> on student
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
At this time, under the user001 user, you can query the student table to
grant column permissions.
Column permissions can only take SELECT, INSERT, UPDATE, followed by column names.
Grant update permissions to user001
mysql> grant update(sno,sname,sage)
-> on student
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
mysql> update student set sage=30 where sno='2018001001';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select * from student;
+------------+--------------+--------+------+-------+
| sno | sname | sex | sage | sdept |
+------------+--------------+--------+------+-------+
| 2018001001 | zhangsan | male | 30 | cs |
| 2018001002 | lisi | female | 19 | MA |
| 2018001003 | jack | male | 20 | CS |
| 2018001004 | clinton | male | 21 | IS |
| 2018001005 | trump | male | 19 | IS |
| 2018001006 | putin | male | 20 | CS |
| 2018001007 | starlin | male | 19 | MA |
| 2018001008 | hilery | female | 19 | IS |
| 2018001009 | zhangming | female | 20 | CS |
| 2018001010 | ligang | male | 19 | MA |
| 2018001011 | 令狐冲 | male | 18 | cs |
| 2018001012 | 任盈盈 | female | 19 | MA |
| 2018001013 | 岳不群 | male | 20 | CS |
| 2018001014 | 余沧海 | male | 21 | IS |
| 2018001015 | 林平之 | male | 19 | IS |
| 2018001016 | 岳灵珊 | male | 20 | CS |
| 2018001017 | 朱元璋 | male | 19 | MA |
| 2018001018 | 郑成功 | female | 19 | IS |
| 2018001019 | 爱新觉罗玄烨 | female | 20 | CS |
| 2018001020 | 慈禧 | male | 19 | MA |
+------------+--------------+--------+------+-------+
20 rows in set (0.00 sec)
mysql> update student set sdept='MA' where sno='2018001001';
ERROR 1143 (42000): UPDATE command denied to user 'user001'@'localhost' for column 'sdept' in table 'student'
mysql>
Because the user001update sdept permission is not granted, an error will be reported to
grant database permissions.
Grant user001 select permissions for all tables in the database yingmo.
First create two tables in the yingmo database.
mysql> grant select
-> on yingmo.*
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
At this time, it can be seen in user001 user.
Grant user001 all database permissions in all yingmo databases.
grant all
on *
to user001@localhost;
Grant user permissions
Grant user001 create, alter, and drop permissions on all tables in the database
grant create,alter,drop
on *.*
to user001@localhost;
Permission transfer and restriction
mysql> grant select
-> on yingmo.student
-> to user001@localhost
-> with grant option;
Query OK, 0 rows affected (0.00 sec)
mysql>
Here the select permission has been granted to user001, here the select permission is passed to user002, and user002 user is created at this time
mysql> create user
-> 'user002'@'localhost' identified by 'root';
Query OK, 0 rows affected (0.00 sec)
Login user002 user
permissions have been transferred
This transfer method seems to have no restrictions, how to limit it?
Such as restricting user002 to process a select statement every two hours
mysql> grant select
-> on yingmo.student
-> to user002@localhost
-> with max_queries_per_hour 2;
Query OK, 0 rows affected (0.00 sec)
Permission reclaim
Reclaim user001's select permission on the student table
mysql> revoke select
-> on student
-> from user001@localhost;
use
mysql> revoke all privileges,grant option
-> from user001@localhost;
Query OK, 0 rows affected (2.08 sec)
Reclaim all permissions
of user001 At this time, the database yingmo cannot be viewed in user001 user