第一关:数据库授权
创建用户
create user ‘用户名’@‘允许登录的主机地址’ identified by 密码;
示例:
创建指定ip为 192.168.1.1 的lyn用户登录
create user ‘lyn’@‘192.168.1.1’ identified by ‘123’;
创建指定ip为 192.168.1 开头的lyn用户登录
create user ‘lyn’@‘192.168.1.%’ identified by ‘123’;
创建指定任何ip的lyn用户登录
create user ‘lyn’@‘%’ identified by ‘123’;
删除用户
drop user ‘用户名’@‘允许登录的主机地址’;
修改用户名
rename user ‘用户名’@‘IP地址’ to ‘新用户名’@‘IP地址’;
修改密码
set password for ‘用户名’@‘IP地址’ = Password(‘新密码’);
查看权限
show grants for ‘用户’@‘IP地址’
MySQL 的权限命令是grant,语法:
grant 权限列表 on 库.表 to 用户名@‘ip’ identified by “密码”;
编程任务
将用户casual_user@'localhost’的密码修改为123456,并给其授所有数据库的“增改查”的权限。(连接数据库的用户名为:root,密码为:123123。)
代码实现
输出结果
1.±------------±----------±------------------------------------------+
2.| user | host | password |
3.±------------±----------±------------------------------------------+
4.| casual_user | localhost | 5.*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9
6.±---------------------------------------------------------------------------------------------------------------------------+
7.| Grants for casual_user@localhost |
8.±---------------------------------------------------------------------------------------------------------------------------+
9.| GRANT SELECT, INSERT, UPDATE ON . TO ‘casual_user’@‘localhost’ IDENTIFIED BY PASSWORD ‘*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9’ |
10.±-------------------------------------------------------------------------------------------------------------------------+
第二关:数据库撤销权限
撤销权限
revoke 权限列表 on 库.表 from 用户名@‘ip’;
编程任务
将用户user1对数据库mydb1中的table1和table2的所有权限收回
将用户user2对数据库mydb2中的所有表(mydb2.*)的增加、查询、更新、删除、创建、修改属性权限收回
代码实现
输出结果
1.±-------------------------------------------------------------------------------------------------------------+
2.| Grants for user1@localhost |
3.±-------------------------------------------------------------------------------------------------------------+
4.| GRANT USAGE ON . TO ‘user1’@‘localhost’ IDENTIFIED BY PASSWORD ‘*23AE809DDACAF96AF0FD78ED04B6A265E05AA257’ |
5.| GRANT ALL PRIVILEGES ON mydb1
.table3
TO ‘user1’@‘localhost’ |
6.±-------------------------------------------------------------------------------------------------------------+
7.±---------------------------------------------------------------------------------------------------------------------------+
8.| Grants for user2@localhost |
9.±--------------------------------------------------------------------------------------------------------------------------+
10.| GRANT USAGE ON . TO ‘user2’@‘localhost’ IDENTIFIED BY PASSWORD '23AE809DDACAF96AF0FD78ED04B6A265E05AA257’ |
11.| GRANT DROP, REFERENCES, INDEX, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON mydb2
. TO ‘user2’@‘localhost’ |
12.±-------------------------------------------------------------------------------------------------------------------------+