MySQL操作之DCL
Posted plf-jack
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了MySQL操作之DCL相关的知识,希望对你有一定的参考价值。
SQL语句的分类
- DDL(Data Definition Languages)语句:数据定义语言。这些语句定义了不同的数据段、
数据库、表、列、索引等数据库对象的定义。常用的语句关键字主要包括create、drop、alter
等。 - DML(Data Manipulation Language)语句:数据操纵语句,用于添加、删除、更新和查
询数据库记录,并检查数据完整性,常用的语句关键字主要包括insert、delete、udpate 和
select 等。 - DCL(Data Control Language)语句:数据控制语句,用于控制不同数据段直接的许可和
访问级别的语句。这些语句定义了数据库、表、字段、用户的访问权限和安全级别。主要的
语句关键字包括grant、revoke 等。
DCL语句
DCL 语句主要是DBA 用来管理系统中的对象权限时所使用,一般的开发人员很少使用。下面
通过一个例子来简单说明一下。
创建一个数据库用户plf,具有对plf数据库中所有表的SELECT/INSERT 权限:
mysql> grant select,insert on plf.* to 'plf'@'%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
[[email protected] ~]# mysql -uplf -p123456 -h 192.168.3.100
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.6.37 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use mysql;
ERROR 1044 (42000): Access denied for user 'plf'@'%' to database 'mysql'
mysql> use plf
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
由于权限变更,需要将 plf 的权限变更,收回 INSERT,只能对数据进行 SELECT 操作,这时我们需要使用root账户进行上述操作:
mysql> revoke insert on plf.* from 'plf'@'%';
Query OK, 0 rows affected (0.00 sec)
mysql> quit
Bye
[[email protected] ~]# mysql -uplf -p123456 -h 192.168.3.100
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.6.37 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use plf
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+---------------+
| Tables_in_plf |
+---------------+
| dept |
| emp |
| hk_info |
| log_info |
| user_info |
+---------------+
5 rows in set (0.00 sec)
mysql> insert into dept values(7,'plf');
ERROR 1142 (42000): INSERT command denied to user 'plf'@'192.168.3.100' for table 'dept'
mysql> select*from dept;
+--------+----------+
| deptno | deptname |
+--------+----------+
| 1 | tech |
| 2 | sale |
| 3 | hr |
| 5 | fin |
+--------+----------+
4 rows in set (0.00 sec)
以上例子中的grant和revoke分别授出和收回了用户plf的部分权限,达到了我们的目的,关于权限的更多内容,将会在第4篇中详细介绍。
以上是关于MySQL操作之DCL的主要内容,如果未能解决你的问题,请参考以下文章