时间:2021-07-01 10:21:17 帮助过:2人阅读
语法:
GRANT priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level TO user_specification [, user_specification] ... [REQUIRE {NONE | ssl_option [[AND] ssl_option] ...}] [WITH {GRANT OPTION | resource_option} ...] /代理 GRANT PROXY ON user_specification TO user_specification [, user_specification] ... [WITH GRANT OPTION]/联级授权,选了此项,该用户有权将自己的权限授予自己创建的子用户 /授权目标对象类型 object_type: { TABLE | FUNCTION | PROCEDURE } /授权目标 priv_level: { * | *.* | db_name.* | db_name.tbl_name | tbl_name | db_name.routine_name } /授权用户 user_specification: user [ auth_option ] auth_option: { IDENTIFIED BY ‘auth_string‘ | IDENTIFIED BY PASSWORD ‘hash_string‘ | IDENTIFIED WITH auth_plugin | IDENTIFIED WITH auth_plugin AS ‘hash_string‘ } /SSL设置 ssl_option: { SSL | X509 | CIPHER ‘cipher‘ | ISSUER ‘issuer‘ | SUBJECT ‘subject‘ } resource_option: { | MAX_QUERIES_PER_HOUR count /允许用户每小时执行的查询语句数量 | MAX_UPDATES_PER_HOUR count /允许用户每小时执行更新语句数量 | MAX_CONNECTIONS_PER_HOUR count /允许用户每小时连接的次数 | MAX_USER_CONNECTIONS count /允许用户同时连接服务器的数量 }
实例:
/先要创建一个用户,创建了一个名为jeffrey,登录主机为localhost,密码为mypass的用户 CREATE USER ‘jeffrey‘@‘localhost‘ IDENTIFIED BY ‘mypass‘; /授予了用户jeffrey@localhost对数据库db1下所有数据表所有操作权限 GRANT ALL ON db1.* TO ‘jeffrey‘@‘localhost‘; /授予了用户‘jeffrey‘@‘localhost‘对数据库db2下invoice数据表的查询权限 GRANT SELECT ON db2.invoice TO ‘jeffrey‘@‘localhost‘; /USAGE意指无权限,用户jeffrey@localhost 在一个小时内只有90次查询权限 GRANT USAGE ON *.* TO ‘jeffrey‘@‘localhost‘ WITH MAX_QUERIES_PER_HOUR 90;
语法:
REVOKE priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user] ... REVOKE ALL PRIVILEGES, GRANT OPTION FROM user [, user] ... /授权代理 REVOKE PROXY ON user FROM user [, user] ...
实例:/撤回了用户jeffrey@localhost对数据库db1下所有数据表所有操作权限 REVOKE ALL ON db1.* FROM ‘jeffrey‘@‘localhost‘; /撤回了用户‘jeffrey‘@‘localhost‘对数据库db2下invoice数据表的查询权限 REVOKE SELECT ON db2.invoice FROM ‘jeffrey‘@‘localhost‘;
MySQL的数据控制语言DCL
标签: