1.给某个用户授权
grant select on database ffcs_cheny to user ffcs_cheny;
2.
ddlStatement : ( createDatabaseStatement | switchDatabaseStatement | dropDatabaseStatement | createTableStatement | dropTableStatement | truncateTableStatement | alterStatement | descStatement | showStatement | metastoreCheck | createViewStatement | dropViewStatement | createFunctionStatement | createMacroStatement | createIndexStatement | dropIndexStatement | dropFunctionStatement | dropMacroStatement | analyzeStatement | lockStatement | unlockStatement | createRoleStatement | dropRoleStatement | grantPrivileges | revokePrivileges | showGrants | showRoleGrants | grantRole | revokeRole )
3.GRANT ALL on database default to group hive; // hive组的用户有全部权限
GRANT ALL on database default to user hive1; // hive1用户有全部权限
GRANT SELECT on table tableName to group hive; // hive组对tableName表只有select权限
GRANT SELECT on table tableName to user hive2; // hive2用户对tableName表只有select权限
上面是组和用户的设置。还有角色的设置,这里不表了
4.收回权限:
--回收用户hadoop的create授权
revoke create on database default from user hadoop;
--回收组hadoop的select授权
revoke select on database default from group hadoop;
相关权限:
ALTER | 更改表结构,创建分区 |
CREATE | 创建表 |
DROP | 删除表,或分区 |
INDEX | 创建和删除索引 |
LOCK | 锁定表,保证并发 |
SELECT | 查询表权限 |
SHOW_DATABASE | 查看数据库权限 |
UPDATE | 为表加载本地数据的权限 |