资源描述:
《《用户权限角色》PPT课件》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、ControllingUserAccess(控制用户访问)ObjectivesAftercompletingthislesson,youshouldbeabletodothefollowing:Createusers(创建用户)Createrolestoeasesetupandmaintenanceofthesecuritymodel(创建角色)UsetheGRANTandREVOKEstatementstograntandrevokeobjectprivileges(授予和回收权限)ControllingUserAccess(控制用
2、户概述)DatabaseadministratorUsersUsernameandpasswordPrivilegesCreatingUsers(创建用户)TheDBAcreatesusersbyusingtheCREATEUSERstatement.CREATEUSERscottIDENTIFIEDBYtiger;Usercreated.CREATEUSERuserIDENTIFIEDBYpassword;UserSystemPrivileges(用户的系统权限)Onceauseriscreated,theDBAcangrantspe
3、cificsystemprivilegestoauser.(DBA赋予用户系统权限)Anapplicationdeveloper,forexample,mayhavethefollowingsystemprivileges:(最常用的用户系统权限)CREATESESSIONCREATETABLECREATESEQUENCECREATEVIEWCREATEPROCEDUREGRANTprivilege[,privilege...]TOuser[,user
4、role,PUBLIC...];GrantingSystemPrivileges(赋
5、权限)TheDBAcangrantauserspecificsystemprivileges.GRANTcreatesession,createtable,createsequence,createviewTOscott;Grantsucceeded.WhatisaRole?(角色的概念)AllocatingprivilegeswithoutaroleAllocatingprivilegeswitharolePrivilegesUsersManagerCreatingandGrantingPrivilegestoaRole(创建角色,
6、赋予权限)CREATEROLEmanager;Rolecreated.GRANTcreatetable,createviewTOmanager;Grantsucceeded.GRANTmanagerTODEHAAN,KOCHHAR;Grantsucceeded.Createarole(创建角色)Grantprivilegestoarole(赋予角色权限)Grantaroletousers(赋予用户角色)ObjectPrivilegeTableViewSequenceProcedureALTERÖÖDELETEÖÖEXECUTEÖINDE
7、XÖINSERTÖÖREFERENCESÖÖSELECTÖÖÖUPDATEÖÖObjectPrivileges(对象权限)GrantingObjectPrivileges(例子)GrantqueryprivilegesontheEMPLOYEEStable.Grantprivilegestoupdatespecificcolumnstousersandroles.GRANTselectONemployeesTOsue,rich;Grantsucceeded.GRANTupdate(department_name,location_id)O
8、NdepartmentsTOscott,manager;Grantsucceeded.UsingtheWITHGRANTOPTIONandPUBLICKeywordsGiveauserauthoritytopassalongprivileges.(Withgrantoption可传递权限)AllowallusersonthesystemtoquerydatafromAlice’sDEPARTMENTStable.(Public是所有用户)GRANTselect,insertONdepartmentsTOscottWITHGRANTOPTI
9、ON;Grantsucceeded.GRANTselectONalice.departmentsTOPUBLIC;Grantsucceeded.HowtoRevokeObjectPrivile