【例13.1】使用root用戶登錄到本地mysql服務器的test庫中
mysql -uroot -p -hlocalhost test
【例13.2】使用root用戶登錄到本地mysql服務器的test庫中,執行一條查詢語句
mysql -uroot -p -hlocalhost test -e "DESC person;"
【例13.3】使用CREATE USER創建一個用戶,用戶名是jeffrey,密碼是mypass,主機名是localhost
CREATE USER 'jeffrey'@'localhost' IDENTIFIED BY 'mypass';
【例13.4】使用GRANT語句創建一個新的用戶testUser,密碼爲testpwd。用戶 testUser對所有的數據有查詢和更新權限,並授於對所有數據表的SELECT和UPDATE權限
GRANT SELECT,UPDATE ON *.* TO 'testUser'@'localhost' IDENTIFIED BY 'testpwd'; /*創建賬戶並授予權限*/
SELECT Host,User,Select_priv,Update_priv, FROM mysql.user where user='testUser'; /*查看賬戶權限信息*/
【例13.5】使用INSERT創建一個新賬戶,其用戶名稱爲customer1,主機名稱爲localhost,密碼爲customer1:
INSERT INTO user (Host,User,Password) VALUES('localhost','customer1',PASSWORD('customer1'));
【例13.6】使用DROP USER刪除用戶'jeffrey'@'localhost'
DROP USER 'jeffrey'@'localhost';
【例13.7】使用DELETE刪除用戶'customer1'@'localhost'
DELETE FROM mysql.user WHERE host='localhost' and user='customer1';
【例13.8】使用mysqladmin將root用戶的密碼修改爲“rootpwd”
mysqladmin -u root -p password "123456"
【例13.9】使用UPDATE語句將root用戶的密碼修改爲“rootpwd2”:
UPDATE mysql.user set Password=password("rootpwd2")
WHERE User="root" and Host="localhost";
【例13.10】使用SET語句將root用戶的密碼修改爲“rootpwd3”:
SET PASSWORD=password("rootpwd3");
【例13.11】使用SET語句將testUser用戶的密碼修改爲“newpwd”:
SET PASSWORD FOR 'testUser'@'localhost'=password("newpwd");
【例13.12】使用UPDATE語句將testUser用戶的密碼修改爲“newpwd2”:
UPDATE mysql.user set Password=PASSWORD("newpwd2")
WHERE User="testUser" and Host="localhost";
【例13.13】使用GRANT語句將testUser用戶的密碼修改爲“newpwd3”:
GRANT USAGE ON *.* TO 'testUser'@'localhost' IDENTIFIED BY 'newpwd3';
【例13.14】testUser用戶使用SET語句將自身的密碼修改爲“newpwd4”:
SET PASSWORD = PASSWORD("newpwd4");
【例13.15】使用GRANT語句創建一個新的用戶grantUser,密碼爲“grantpwd”。用戶grantUser對所有的數據有查詢、插入權限,並授於GRANT權限。GRANT語句及其執行結果如下:
MySQL> GRANT SELECT,INSERT ON *.* TO 'grantUser'@'localhost' IDENTIFIED BY 'grantpwd' WITH GRANT OPTION;
Query OK, 0 rows affected (0.03 sec)
結果顯示執行成功,使用SELECT語句查詢用戶testUser2的權限:
MySQL> SELECT Host,User,Select_priv,Insert_priv, Grant_priv FROM mysql.user where user='grantUser';
+-----------+------------+-------------+--------------+-------------+
| Host | User | Select_priv | Insert_priv | Grant_priv |
+-----------+------------+-------------+--------------+--------------+
| localhost | testUser2 | Y | Y | Y |
+-----------+------------+-------------+--------------+--------------+
1 row in set (0.00 sec)
【例13.16】使用REVOKE語句取消用戶testUser的更新權限。REVOKE語句及其執行結果如下:
MySQL> REVOKE UPDATE ON *.* FROM 'testUser'@'localhost';
Query OK, 0 rows affected (0.00 sec)
執行結果顯示執行成功,使用SELECT語句查詢用戶test的權限:
MySQL> SELECT Host,User,Select_priv,Update_priv,Grant_priv FROM MySQL.user where user='testUser';
+-----------+------+--------------+---------------+--------------+
| Host | User | Select_priv | Update_priv | Grant_priv |
+-----------+------+--------------+---------------+--------------+
| localhost | test | Y | N | Y |
+-----------+------+-------------+---------------+--------------+
1 row in set (0.00 sec)
【例13.17】使用SHOW GRANTS語句查詢用戶testUser的權限信息。SHOW GRANTS語句及其執行結果如下:
MySQL> SHOW GRANTS FOR 'testUser'@'localhost';
+------------------------------------------------------------------------------------------------------------------------------+
| Grants for testUser@localhost |
+------------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT ON *.* TO 'testUser'@'localhost' IDENTIFIED BY PASSWORD
'*53835E70E1FC57BE1A455169C761A8778D307C81' WITH GRANT OPTION |
+------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
2. 案例操作過程
打開MySQL客戶端工具,輸入登錄命令,登錄MySQL。
C:\>mysql -u root -p
Enter password: **
輸入正確密碼,按回車,出現歡迎信息表示登錄成功。
選擇mysql數據庫爲當前數據庫。
MySQL> use mysql;
Database changed
出現Database changed信息表明切換數據庫成功。
創建新賬戶,用戶名稱爲newAdmin,密碼爲pw1,允許其從本地主機訪問MySQL。
使用GRANT語句創建新賬戶,創建過程如下:
MySQL> GRANT SELECT, UPDATE(id, name, age)
-> ON test_db.person_old
-> TO 'newAdmin'@'localhost' IDENTIFIED BY 'pw1'
-> WITH MAX_CONNECTIONS_PER_HOUR 30;
Query OK, 0 rows affected (0.06 sec)
提示消息可以看到,語句執行成功。
分別從user表中查看新賬戶的賬戶信息,從tables_priv和columns_priv表中查看權限信息。
用戶賬戶創建完成之後,賬戶信息已經保存在user表,權限信息則分別保存在tables_priv和columns_priv中,查詢user名稱爲newAdmin的賬戶信息,執行過程如下:
SELECT host, user, select_priv, update_priv FROM user WHERE user='newAdmin';
SELECT host, db, user, table_name, table_priv, column_priv
FROM tables_priv WHERE user='newAdmin';
SELECT host, db, user, table_name, column_name, column_priv
FROM columns_priv WHERE user='newAdmin';
3條SQL語句的查詢結果分別如下:
MySQL> SELECT host, user, select_priv, update_priv FROM user WHERE user='newAdmin';
+-----------+--------------+-------------+--------------+
| host | user | select_priv | update_priv |
+-----------+--------------+-------------+--------------+
| localhost | newAdmin | N | N |
+-----------+--------------+-------------+--------------+
1 row in set (0.00 sec)
MySQL> SELECT host, db, user, table_name, table_priv, column_priv
-> FROM tables_priv WHERE user='newAdmin';
+-----------+-----+-------------+-------------+-------------+---------------+
| host | db | user | table_name | table_priv | column_priv |
+-----------+-----+-------------+-------------+-------------+---------------+
| localhost | test | newAdmin | person | Select | Update |
+-----------+-----+-------------+-------------+-------------+---------------+
1 row in set (0.00 sec)
MySQL> SELECT host, db, user, table_name, column_name, column_priv
-> FROM columns_priv WHERE user='newAdmin';
+-----------+-----+-------------+-------------+-----------------+----------------+
| host | db | user | table_name | column_name | column_priv |
+-----------+-----+-------------+-------------+-----------------+----------------+
| localhost | test | newAdmin | person | id | Update |
| localhost | test | newAdmin | person | name | Update |
| localhost | test | newAdmin | person | age | Update |
+-----------+-----+-------------+-------------+-----------------+----------------+
3 rows in set (0.00 sec)
使用SHOW GRANTS語句查看newAdmin的權限信息。
查看newAdmin賬戶的權限信息,輸入語句如下:
SHOW GRANTS FOR 'newAdmin'@'localhost';
執行結果如下:
+-----------------------------------------------------------------------------------------------------------------------+
| Grants for newAdmin@localhost |
+-----------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'newAdmin'@'localhost' IDENTIFIED BY PASSWORD '*2B602296
A79E0A8784ACC5C88D92E46588CCA3C3' WITH MAX_CONNECTIONS_PER_HOUR 30 |
| GRANT SELECT, UPDATE (age, id, name) ON `test`.`person` TO 'newAdmin'@'localhost' |
+-----------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
使用newAdmin用戶登錄MySQL。
退出當前登錄,使用EXIT命令,語句如下:
MySQL> exit
Bye
使用newAdmin賬戶登錄MySQL,語句如下:
C:\>MySQL -u newAdmin -p
Enter password: ***
輸入密碼正確後,出現“mysql>”提示符,登錄成功。
使用newAdmin用戶查看test_db數據庫中person_dd表中的數據。
newAdmin用戶被授予test數據庫中person表中3個字段上的查詢權限,因此可以執行SELECT語句查看這幾個字段的值,執行過程如下:
MySQL> SELECT * FROM test_db.person_dd LIMIT 5;
+----+----------+-----+--------------+
| id | name | age | info |
+----+----------+-----+--------------+
| 1 | Green | 21 | Lawyer |
| 2 | Suse | 22 | dancer |
| 3 | Mary | 24 | Musician |
| 4 | Willam | 20 | sports man |
| 5 | Laura | 25 | NULL |
+----+----------+-----+--------------+
5 rows in set (0.00 sec)
可以看到,查詢結果顯示了表中的前5條記錄。
使用newAdmin用戶向person_dd表中插入一條新記錄,查看語句執行結果。
插入新記錄,輸入語句如下:
INSERT INTO test_db.person_old(name, age,info) VALUES('gaga', 30);
執行結果如下:
ERROR 1142 (42000): INSERT command denied to user 'newAdmin'@'localhost' for table 'person'
可以看到,語句不能執行,錯誤信息表明newAdmin用戶不能對person表進行插入操作。因此,用戶不可以執行沒有被授權的操作語句。
退出當前登錄,使用root用戶重新登錄,收回newAdmin賬戶的權限。
輸入退出命令:
exit
重新以root用戶登錄MySQL,並選擇mysql數據庫爲當前數據庫。
輸入語句收回newAdmin賬戶的權限,執行過程如下:
REVOKE SELECT, UPDATE ON test.person FROM 'newAdmin'@'localhost';
執行結果如下:
MySQL> REVOKE SELECT, UPDATE ON test.person FROM 'newAdmin'@'localhost';
Query OK, 0 rows affected (0.00 sec)
刪除newAdmin的賬戶信息。
刪除指定賬戶,可以使用DROP USER語句,輸入如下:
DROP USER 'newAdmin'@'localhost';
語句執行成功之後,tables_priv和columns_priv中相關的記錄將被刪除。
步驟1.打開MySQL客戶端工具,輸入登錄命令,登錄MySQL:
/*使用root用戶登錄mysql*/
mysql -u root -p
步驟2.將選擇mysql數據庫爲當前數據庫。
use mysql;
步驟3.創建新賬戶,用戶名稱爲newAdmin,允許其從本地主機訪問MySQL。
GRANT SELECT, UPDATE(id, name, age)
ON test.person
TO 'newAdmin'@'localhost' IDENTIFIED BY 'pw1'
WITH MAX_CONNECTIONS_PER_HOUR 30;
步驟4.分別從user表中查看新賬戶的賬戶信息,從tables_priv和columns_priv表中查看權限信息。
/* 查看user表中賬戶信息*/
SELECT host, user, select_priv, update_priv FROM user WHERE user='newAdmin';
/*查看tables_priv表中權限信息*/
SELECT host, db, user, table_name, table_priv, column_priv
FROM tables_priv WHERE user='newAdmin';
/*查看columns_priv表中權限信息*/
SELECT host, db, user, table_name, column_name, column_priv
FROM columns_priv WHERE user='newAdmin';
步驟5.使用SHOW GRANTS語句查看newAdmin的權限信息
SHOW GRANTS FOR 'newAdmin'@'localhost';
步驟6.使用newAdmin用戶登錄MySQL
/*退出命令*/
exit
/*使用newAdmin 用戶登錄mysql*/
mysql -u newAdmin -p
步驟7.使用newAdmin用戶查看test數據庫中person表中的數據
SELECT * FROM test.person LIMIT 5;
步驟8.使用newAdmin用戶向person表中插入一條新記錄,查看語句執行結果。
INSERT INTO test.person(name, age,info) VALUES('gaga', 30);
步驟9.退出當前登錄,使用root用戶重新登錄,收回newAdmin賬戶的權限。
/*退出命令*/
exit
/*使用root用戶登錄mysql*/
mysql -u root -p
REVOKE SELECT, UPDATE ON test.person FROM 'newAdmin'@'localhost';
步驟10.刪除newAdmin的賬戶信息。
刪除指定賬戶,可以使用DROP USER語句,輸入如下:
DROP USER 'newAdmin'@'localhost';