友情链接:
鄂ICP备13006431号 版权 © 2010-2024 由忆向所有
授予用户的权限可能分全局层级权限、数据库层级权限、表层级别权限、列层级别权限、子程序层级权限。具体分类如下:
全局权限适用于一个给定服务器中的所有数据库。这些权限存储在mysql.user表中。GRANT ALL ON *.*和REVOKE ALL ON *.*只授予和撤销全局权限。
数据库权限适用于一个给定数据库中的所有目标。这些权限存储在mysql.db和mysql.host表中。GRANT ALL ON db_name.*和REVOKE ALL ON db_name.*只授予和撤销数据库权限。
表权限适用于一个给定表中的所有列。这些权限存储在mysql.tables_priv表中。GRANT ALL ON db_name.tbl_name和REVOKE ALL ON db_name.tbl_name只授予和撤销表权限。
列权限适用于一个给定表中的单一列。这些权限存储在mysql.columns_priv表中。当使用REVOKE时,您必须指定与被授权列相同的列。
举例:
grant select (id, col1) on MyDB.TEST1 to test@'%' identified by 'test';
列权限适用于一个给定表中的单一列。这些权限存储在mysql.columns_priv表中。当使用REVOKE时,您必须指定与被授权列相同的列。
下图中的Levels就表示该权限能用在哪个层级:
| Privilege | Meaning and Grantable Levels |
|---|---|
| ALL [PRIVILEGES] | Grant all privileges at specified access level except GRANT OPTION |
| ALTER | Enable use of ALTER TABLE. Levels: Global, database, table. |
| ALTER ROUTINE | Enable stored routines to be altered or dropped. Levels: Global, database, procedure. |
| CREATE | Enable database and table creation. Levels: Global, database, table. |
| CREATE ROUTINE | Enable stored routine creation. Levels: Global, database. |
| CREATE TABLESPACE | Enable tablespaces and log file groups to be created, altered, or dropped. Level: Global. |
| CREATE TEMPORARY TABLES | Enable use of CREATE TEMPORARY TABLE. Levels: Global, database. |
| CREATE USER | Enable use of CREATE USER, DROP USER, RENAME USER, and REVOKE ALL PRIVILEGES. Level: Global. |
| CREATE VIEW | Enable views to be created or altered. Levels: Global, database, table. |
| DELETE | Enable use of DELETE. Level: Global, database, table. |
| DROP | Enable databases, tables, and views to be dropped. Levels: Global, database, table. |
| EVENT | Enable use of events for the Event Scheduler. Levels: Global, database. |
| EXECUTE | Enable the user to execute stored routines. Levels: Global, database, table. |
| FILE | Enable the user to cause the server to read or write files. Level: Global. |
| GRANT OPTION | Enable privileges to be granted to or removed from other accounts. Levels: Global, database, table, procedure, proxy. |
| INDEX | Enable indexes to be created or dropped. Levels: Global, database, table. |
| INSERT | Enable use of INSERT. Levels: Global, database, table, column. |
| LOCK TABLES | Enable use of LOCK TABLES on tables for which you have the SELECT privilege. Levels: Global, database. |
| PROCESS | Enable the user to see all processes with SHOW PROCESSLIST. Level: Global. |
| PROXY | Enable user proxying. Level: From user to user. |
| REFERENCES | Not implemented |
| RELOAD | Enable use of FLUSH operations. Level: Global. |
| REPLICATION CLIENT | Enable the user to ask where master or slave servers are. Level: Global. |
| REPLICATION SLAVE | Enable replication slaves to read binary log events from the master. Level: Global. |
| SELECT | Enable use of SELECT. Levels: Global, database, table, column. |
| SHOW DATABASES | Enable SHOW DATABASES to show all databases. Level: Global. |
| SHOW VIEW | Enable use of SHOW CREATE VIEW. Levels: Global, database, table. |
| SHUTDOWN | Enable use of mysqladmin shutdown. Level: Global. |
| SUPER | Enable use of other administrative operations such as CHANGE MASTER TO,KILL, PURGE BINARY LOGS, SET GLOBAL, and mysqladmin debug command. Level: Global. |
| TRIGGER | Enable trigger operations. Levels: Global, database, table. |
| UPDATE | Enable use of UPDATE. Levels: Global, database, table, column. |
| USAGE | Synonym for “no privileges” |