用户管理
添加删除用户
1.添加用户
可以使用CREATE USER添加一个或多个用户。
语法格式:CREATE USER '用户名' @'主机名' IDENTIFIED BY PASSWORD,USER '用户名' @'主机名' IDENTIFIED BY PASSWORD...
create user
'user001'@'localhost' identified by 'root',
'user002'@'localhost' identified by 'root';
这里创建两个用户
mysql> create user'user001'@'localhost' identified by 'root', 'user002'@'localhost' identified by 'root';
Query OK, 0 rows affected (0.01 sec)
mysql> use mysql;
Database changed
mysql> select * from user;
已创建
这里尝试登录一下user001这个用户
已登录进来
2.删除用户
语法格式:DROP USER 用户
这里删除user001用户
在这个用户下删除是会出现错误的,要回到root账户下
OK已经成功删除该用户
修改用户名,密码
1.修改用户名
语法格式:rename user '用户名' @'主机名' to '新用户名' @'主机名';
这里把用户user002修改为user001
mysql> rename user 'user002'@'localhost' to 'user001'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> use mysql;
Database changed
mysql> select * from user;
已经修改完毕
2.修改用户密码
语法格式:set password for '用户名' @'主机名'=password('新密码');
这里把user001的密码修改为python
mysql> set password for 'user001'@'localhost' =password('python');
Query OK, 0 rows affected (0.00 sec)
mysql>
权限管理
授予权限
授予的权限为以下几种
1.列权限:和表中的一个具体列相关
2.表权限:和一个具体表中的所有数据相关
3.数据库权限:和一个具体的数据库中的所有表相关
4.用户权限:和MySQL所有数据库相关,例如删除已有数据库或创建一个新数据库的权限
授予表权限
这里授予user001select student表的权限
mysql> grant select
-> on student
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
这时在user001用户下就可以查询student表了
授予列权限
列权限只能取SELECT,INSERT,UPDATE,后面加上列名
授予update权限给user001
mysql> grant update(sno,sname,sage)
-> on student
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
mysql> update student set sage=30 where sno='2018001001';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select * from student;
+------------+--------------+--------+------+-------+
| sno | sname | sex | sage | sdept |
+------------+--------------+--------+------+-------+
| 2018001001 | zhangsan | male | 30 | cs |
| 2018001002 | lisi | female | 19 | MA |
| 2018001003 | jack | male | 20 | CS |
| 2018001004 | clinton | male | 21 | IS |
| 2018001005 | trump | male | 19 | IS |
| 2018001006 | putin | male | 20 | CS |
| 2018001007 | starlin | male | 19 | MA |
| 2018001008 | hilery | female | 19 | IS |
| 2018001009 | zhangming | female | 20 | CS |
| 2018001010 | ligang | male | 19 | MA |
| 2018001011 | 令狐冲 | male | 18 | cs |
| 2018001012 | 任盈盈 | female | 19 | MA |
| 2018001013 | 岳不群 | male | 20 | CS |
| 2018001014 | 余沧海 | male | 21 | IS |
| 2018001015 | 林平之 | male | 19 | IS |
| 2018001016 | 岳灵珊 | male | 20 | CS |
| 2018001017 | 朱元璋 | male | 19 | MA |
| 2018001018 | 郑成功 | female | 19 | IS |
| 2018001019 | 爱新觉罗玄烨 | female | 20 | CS |
| 2018001020 | 慈禧 | male | 19 | MA |
+------------+--------------+--------+------+-------+
20 rows in set (0.00 sec)
mysql> update student set sdept='MA' where sno='2018001001';
ERROR 1143 (42000): UPDATE command denied to user 'user001'@'localhost' for column 'sdept' in table 'student'
mysql>
因为没有授予user001update sdept的权限,所以会报错
授予数据库权限
授予user001在数据库yingmo中所有表的select权限
首先在yingmo数据库中创建两个表
mysql> grant select
-> on yingmo.*
-> to user001@localhost;
Query OK, 0 rows affected (0.00 sec)
这时已经可以在user001用户中看到
授予user001所有yingmo数据库中所有数据库权限
grant all
on *
to user001@localhost;
授予用户权限
授予user001对数据库的所有表的create,alter,drop权限
grant create,alter,drop
on *.*
to user001@localhost;
权限转移和限制
mysql> grant select
-> on yingmo.student
-> to user001@localhost
-> with grant option;
Query OK, 0 rows affected (0.00 sec)
mysql>
这里已经把select权限授予user001,这里将select权限传递给user002,此时创建user002用户
mysql> create user
-> 'user002'@'localhost' identified by 'root';
Query OK, 0 rows affected (0.00 sec)
登录user002用户
权限已转移
这样的转移方式似乎没有添加限制,如何去限制呢?
如限制user002每两个小时处理一条select语句
mysql> grant select
-> on yingmo.student
-> to user002@localhost
-> with max_queries_per_hour 2;
Query OK, 0 rows affected (0.00 sec)
权限回收
回收user001对student表的select权限
mysql> revoke select
-> on student
-> from user001@localhost;
使用
mysql> revoke all privileges,grant option
-> from user001@localhost;
Query OK, 0 rows affected (2.08 sec)
回收user001的全部权限
此时在user001用户中无法查看数据库yingmo