创建数据库用户和授权
创建数据库。请注意,缩短的单词 SCHEMA 可用作同义词。
CREATE DATABASE Baseball; -- creates a database named Baseball
如果数据库已存在,则返回错误 1007。要解决此错误,请尝试:
CREATE DATABASE IF NOT EXISTS Baseball;
同样的,
DROP DATABASE IF EXISTS Baseball; -- Drops a database if it exists, avoids Error 1008
DROP DATABASE xyz; -- If xyz does not exist, ERROR 1008 will occur
由于上述错误的可能性,DDL 语句通常与 IF EXISTS 一起使用。
可以使用默认的 CHARACTER SET 和排序规则创建数据库。例如:
CREATE DATABASE Baseball CHARACTER SET utf8 COLLATE utf8_general_ci;
SHOW CREATE DATABASE Baseball;
+----------+-------------------------------------------------------------------+
| `Database` | Create Database |
+----------+-------------------------------------------------------------------+
| `Baseball` | CREATE DATABASE `Baseball` /*!40100 DEFAULT CHARACTER SET utf8 */ |
+----------+-------------------------------------------------------------------+
查看你当前的数据库:
SHOW DATABASES;
+---------------------+
| `Database` |
+---------------------+
| information_schema |
| ajax_stuff |
| `Baseball` |
+---------------------+
设置当前活动的数据库,并查看一些信息:
USE Baseball; -- set it as the current database
SELECT @@character_set_database as cset,@@collation_database as col;
+------+-----------------+
| `cset` | col |
+------+-----------------+
| `utf8` | utf8_general_ci |
+------+-----------------+
以上显示了数据库的默认 CHARACTER SET 和 Collation。
创建用户:
CREATE USER 'John123'@'%' IDENTIFIED BY 'OpenSesame';
上面创建了一个用户 John123,由于%通配符,可以连接任何主机名。用户的密码设置为散列的’OpenSesame’。
并创造另一个:
CREATE USER 'John456'@'%' IDENTIFIED BY 'somePassword';
通过检查特殊的 mysql 数据库显示已创建用户:
SELECT user,host,password from mysql.user where user in ('John123','John456');
+---------+------+-------------------------------------------+
| `user` | host | password |
+---------+------+-------------------------------------------+
| `John123` | % | *E6531C342ED87 .................... |
| `John456` | % | *B04E11FAAAE9A .................... |
+---------+------+-------------------------------------------+
请注意,此时已创建用户,但没有使用 Baseball 数据库的任何权限。
使用用户和数据库的权限。授予用户 John123 对 Baseball 数据库拥有完全权限的权限,以及对其他用户的 SELECT 权限:
GRANT ALL ON Baseball.* TO 'John123'@'%';
GRANT SELECT ON Baseball.* TO 'John456'@'%';
验证以上内容:
SHOW GRANTS FOR 'John123'@'%';
+--------------------------------------------------------------------------------------------------------+
| Grants for John123@% |
+--------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'John123'@'%' IDENTIFIED BY PASSWORD '*E6531C342ED87 .................... |
| GRANT ALL PRIVILEGES ON `baseball`.* TO 'John123'@'%' |
+--------------------------------------------------------------------------------------------------------+
SHOW GRANTS FOR 'John456'@'%';
+--------------------------------------------------------------------------------------------------------+
| Grants for John456@% |
+--------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'John456'@'%' IDENTIFIED BY PASSWORD '*B04E11FAAAE9A .................... |
| GRANT SELECT ON `baseball`.* TO 'John456'@'%' |
+--------------------------------------------------------------------------------------------------------+
请注意,你将始终看到的 GRANT USAGE 仅表示用户可以登录。这就是所有这一切。