mysql How to create database roles

Today I'd like to share with you mysql How to create database roles , Detailed content , Clear logic , I believe most people still know too much about this knowledge , So share this article for your reference , I hope you will gain something after reading this article , Now let's take a look .

mysql Database authority management , Simply add permissions to a user directly . There is a troublesome place to do this , When we have a large number of users, if the permissions of these users are the same, the operation will be somewhat redundant . Then we can grant permissions to users through roles .

The understanding of the role

The purpose of introducing roles is It is convenient to manage users with the same permissions . Appropriate permission settings , It can ensure the security of data , This is crucial Important

Create the role  

Create characters to use CREATE ROLE sentence , The grammar is as follows ：  

CREATE ROLE 'role_name'[@'host_name'] [,'role_name'[@'host_name']]...

The naming rules of role names are similar to user names . If host_name Omit , The default is % , role_name Do not omit , Do not for empty .

practice ： We now need to create a manager role , You can use the following code ：    

CREATE ROLE 'manager'@'localhost';

The effect is as follows

Give the role permission

After creating the role , By default, this role does not have any permissions , We need to authorize the role . The syntax structure for authorizing roles is ：

GRANT privileges ON table_name TO 'role_name'[@'host_name'];

Example ： by manager Role grant view dbtest1 Permissions of all tables under the database

View role permissions

As long as you create a character , The system will automatically give you a “ USAGE ” jurisdiction , intend Permission to connect and log in to the database  

Reclaim role permissions

After role authorization , You can maintain the permissions of roles , Add or revoke permissions . Add permission to use GRANT sentence , And role Same authorization . Revoke role or role permission use REVOKE sentence .

Modified the permission of the role , It will affect the permission of the account with this role .

Revoke role permissions SQL The grammar is as follows    

REVOKE privileges ON tablename FROM 'rolename';

Now let's give manager Adding a delete Authority , And then withdraw this permission

Delete the role      

When we need to re integrate our business , You may need to clean up the previously created roles , Remove some corners that will no longer be used color . The operation of deleting roles is very simple , You just need to master the grammatical structure .

DROP ROLE role [,role2]...

Be careful , If you delete a character , Then the user will lose all the permissions obtained through this role .        

Give users roles        

After the role is created and authorized , To be assigned to the user and in active To make a difference . Adding roles to users can use GRANT sentence , language The legal form is as follows ：          

GRANT role [,role2,...] TO user [,user2,...];

In the above statement ,role Representative role ,user On behalf of the user . Multiple roles can be assigned to multiple users at the same time , Separate them with commas .          

Example ： Create a user called wang5 Then give the role manager, The operation is as follows  

use wang5 Log in and operate

give wang5 role manager   Note that this is done through root User implemented

And then through wang5 Log in to view the database

I still can't see dbtest1, What's going on here ？ So we need to activate the character

Activate role

The way 1： Use set default role The command activates the character

SET DEFAULT ROLE ALL TO 'kangshifu'@'localhost';

Now activate manager role

And then through wang5 The user logs in to view

Activation mode 2： take activate_all_roles_on_login Set to ON  

By default ：

Set up SET GLOBAL activate_all_roles_on_login=ON;

This article SQL The meaning of the sentence is , Yes All characters are permanently activated . After running this statement , Users really have all the roles assigned to them jurisdiction .           

So now wang5 Has been endowed with manager role , We know manager The character just has select Authority . Let's do the following  

Remove the user's role

REVOKE role FROM user;

Like undo wang5 Of manager role , adopt root user  

Re pass wang5 Log in to see the effect

That's all “mysql How to create database roles ” All the content of this article , Thank you for reading ！ I believe you will gain a lot after reading this article , Xiaobian will update different knowledge for you every day , If you want to learn more , Please pay attention to the Yisu cloud industry information channel .