`
sunwch
  • 浏览: 163672 次
  • 性别: Icon_minigender_1
  • 来自: free-town
社区版块
存档分类
最新评论

mysql grant revoke

阅读更多
我们一般在开发的过程中,尤其是涉及到加密性比较高的项目时,往往我们在开发的过程中只是能看到给定的一些数据,如可以指定用户只执行查询操作并且可以指定需要查询的列,还有就是可以指定用户对数据库的各种操作,又如:用户只能查询,不能删除和更新数据...
下面简单的谈谈授权:
1、首先进入控制台,当前进入控制台的用户需要拥有super administartion的权限
>create user userName;
>grant create,select on dbName.tableNane to userName@serverAddress identified by password;

2、如果要回收用户的某个权限使用以下命令,但同时执行下面命令的用户具备超级管理员的角色:
>revoke select on dbName.tableName from userName@serverAddress;
如果是远端的服务器把serverAddress改成机器对应的IP地址就OK了...

GRANT Syntax
GRANT
    priv_type [(column_list)]
      [, priv_type [(column_list)]] ...
    ON [object_type] priv_level
    TO user [IDENTIFIED BY [PASSWORD] 'password']
        [, user [IDENTIFIED BY [PASSWORD] 'password']] ...
    [REQUIRE {NONE | ssl_option [[AND] ssl_option] ...}]
    [WITH with_option ...]
priv_type:
Privilege	Meaning
ALL [PRIVILEGES]	Grant all privileges at specified access level except GRANT OPTION
ALTER	Enable use of ALTER TABLE
ALTER ROUTINE	Enable stored routines to be altered or dropped
CREATE	Enable database and table creation
CREATE ROUTINE	Enable stored routine creation
CREATE TEMPORARY TABLES	Enable use of CREATE TEMPORARY TABLE
CREATE USER	Enable use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES
CREATE VIEW	Enable views to be created or altered
DELETE	Enable use of DELETE
DROP	Enable databases, tables, and views to be dropped
EXECUTE	Enable the user to execute stored routines
FILE	Enable the user to cause the server to read or write files
GRANT OPTION	Enable privileges to be granted to or removed from other accounts
INDEX	Enable indexes to be created or dropped
INSERT	Enable use of INSERT
LOCK TABLES	Enable use of LOCK TABLES on tables for which you have the SELECT privilege
PROCESS	Enable the user to see all processes with SHOW PROCESSLIST
REFERENCES	Not implemented
RELOAD	Enable use of FLUSH operations
REPLICATION CLIENT	Enable the user to ask where master or slave servers are
REPLICATION SLAVE	Enable replication slaves to read binary log events from the master
SELECT	Enable use of SELECT
SHOW DATABASES	Enable SHOW DATABASES to show all databases
SHOW VIEW	Enable use of SHOW CREATE VIEW
SHUTDOWN	Enable use of mysqladmin shutdown
SUPER	Enable use of other adminstrative operations such as CHANGE MASTER TO, KILL, PURGE BINARY LOGS, SET GLOBAL, and mysqladmin debug command
UPDATE	Enable use of UPDATE
USAGE	Synonym for “no privileges”

object_type:TABLE | FUNCTION | PROCEDURE

priv_level:* | *.* | db_name.* | db_name.tbl_name | tbl_name | db_name.routine_name

ssl_option:SSL  | X509  | CIPHER 'cipher'  | ISSUER 'issuer'  | SUBJECT 'subject'

with_option: GRANT OPTION  | MAX_QUERIES_PER_HOUR count  | MAX_UPDATES_PER_HOUR count  | MAX_CONNECTIONS_PER_HOUR count  | MAX_USER_CONNECTIONS count
分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics