數據庫基礎：sql語句之數據控制語句（DCL）

數據控制語句：用於控制不同的數據段直接的許可和訪問級別的語句。這些語句定義了數據庫、表、字段、用戶的訪問權限權限和安全級別，主要包括關鍵字grant、revoke等。其主要是DBA用來管理系統中的對象權限時使用，一般開發人員很少使用。

一、創建用戶

1.創建用戶
create user 'username'@'lhost' identified by 'password'

-- username:你將創建的用戶的用戶名
-- host:指定該用戶在哪個主機上可以登陸,如果是本地用戶可用localhost, 如果想讓該用戶可以從任意遠程主機登陸,可以使用通配符%
-- identified by :確認關鍵字，後接密碼
-- password :用戶的登陸密碼,密碼可以爲空,如果爲空則該用戶可以不需要密碼登陸服務器

/*
舉個例子：
create user 'lzh'@'localhost' identified by '123456';
create user 'lzh'@'%' identified by '123456';
create user 'lzh'@'%' identified by '';  等效於： create user 'lzh'@'%';
*/

二、授權

2.授權
grant privileges on dbname.tablename to 'username'@'host' identified by 'password' [with grant option]

-- privileges:用戶的操作權限,如SELECT , INSERT , UPDATE 等（具體詳見下表）,如果要授予所的權限,則使用all
-- dbname:數據庫名，tablename:表名，如果是所有表的話，則dbname.*
-- with grant option:命令中不帶這個，則，該用戶username不能將權限授予其他人，反之，則可以

/* 
舉個例子：
grant selelct on test.* to 'lzh'@'localhost' identified by '123456';
grant all on  *.* to 'lzh'@'%' with grant option;
*/

三、設置與更改密碼

3.設置及更改密碼
set password for 'username'@'host' = password('new_password')

-- 若是當前登錄用戶，可簡寫： set password = password ('new_password')

四、撤銷用戶權限

4.撤銷用戶權限
 revoke privilege on dbname.tablename from 'username'@'host'

-- privilege:同授權部分

五、刪除用戶

5.刪除用戶
drop user 'username'@'host'

附：

sql權限表：

Privilege	Grant Table Column	Context
all [privileges]	Synonym for “all privileges”	Server administration
alter	Alter_priv	Tables
alter routine	Alter_routine_priv	Stored routines
create	Create_priv	Databases, tables, or indexes
create routine	Create_routine_priv	Stored routines
create tablespace	Create_tablespace_priv	Server administration
create temporary tables	Create_tmp_table_priv	Tables
create user	Create_user_priv	Server administration
create view	Create_view_priv	Views
delete	Delete_priv	Tables
drop	Drop_priv	Databases, tables, or views
event	Event_priv	Databases
execute	Execute_priv	Stored routines
file	File_priv	File access on server host
grant option	Grant_priv	Databases, tables, or stored routines
index	Index_priv	Tables
insert	Insert_priv	Tables or columns
lock tables	Lock_tables_priv	Databases
process	Process_priv	Server administration
proxy	See proxies_priv table	Server administration
references	References_priv	Databases or tables
reload	Reload_priv	Server administration
replication client	Repl_client_priv	Server administration
replication slave	Repl_slave_priv	Server administration
select	Select_priv	Tables or columns
show databases	Show_db_priv	Server administration
show view	Show_view_priv	Views
shutdown	Shutdown_priv	Server administration
super	Super_priv	Server administration
trigger	Trigger_priv	Tables
update	Update_priv	Tables or columns
usage	Synonym for “no privileges”	Server administration