資源描述:
《《用戶權(quán)限角色》PPT課件》由會(huì)員上傳分享,免費(fèi)在線閱讀,更多相關(guān)內(nèi)容在教育資源-天天文庫。
1、ControllingUserAccess(控制用戶訪問)ObjectivesAftercompletingthislesson,youshouldbeabletodothefollowing:Createusers(創(chuàng)建用戶)Createrolestoeasesetupandmaintenanceofthesecuritymodel(創(chuàng)建角色)UsetheGRANTandREVOKEstatementstograntandrevokeobjectprivileges(授予和回收權(quán)限)ControllingUserAccess(控制用
2、戶概述)DatabaseadministratorUsersUsernameandpasswordPrivilegesCreatingUsers(創(chuàng)建用戶)TheDBAcreatesusersbyusingtheCREATEUSERstatement.CREATEUSERscottIDENTIFIEDBYtiger;Usercreated.CREATEUSERuserIDENTIFIEDBYpassword;UserSystemPrivileges(用戶的系統(tǒng)權(quán)限)Onceauseriscreated,theDBAcangrantspe
3、cificsystemprivilegestoauser.(DBA賦予用戶系統(tǒng)權(quán)限)Anapplicationdeveloper,forexample,mayhavethefollowingsystemprivileges:(最常用的用戶系統(tǒng)權(quán)限)CREATESESSIONCREATETABLECREATESEQUENCECREATEVIEWCREATEPROCEDUREGRANTprivilege[,privilege...]TOuser[,user
4、role,PUBLIC...];GrantingSystemPrivileges(賦
5、權(quán)限)TheDBAcangrantauserspecificsystemprivileges.GRANTcreatesession,createtable,createsequence,createviewTOscott;Grantsucceeded.WhatisaRole?(角色的概念)AllocatingprivilegeswithoutaroleAllocatingprivilegeswitharolePrivilegesUsersManagerCreatingandGrantingPrivilegestoaRole(創(chuàng)建角色,
6、賦予權(quán)限)CREATEROLEmanager;Rolecreated.GRANTcreatetable,createviewTOmanager;Grantsucceeded.GRANTmanagerTODEHAAN,KOCHHAR;Grantsucceeded.Createarole(創(chuàng)建角色)Grantprivilegestoarole(賦予角色權(quán)限)Grantaroletousers(賦予用戶角色)ObjectPrivilegeTableViewSequenceProcedureALTER??DELETE??EXECUTE?INDE
7、X?INSERT??REFERENCES??SELECT???UPDATE??ObjectPrivileges(對象權(quán)限)GrantingObjectPrivileges(例子)GrantqueryprivilegesontheEMPLOYEEStable.Grantprivilegestoupdatespecificcolumnstousersandroles.GRANTselectONemployeesTOsue,rich;Grantsucceeded.GRANTupdate(department_name,location_id)O
8、NdepartmentsTOscott,manager;Grantsucceeded.UsingtheWITHGRANTOPTIONandPUBLICKeywordsGiveauserauthoritytopassalongprivileges.(Withgrantoption可傳遞權(quán)限)AllowallusersonthesystemtoquerydatafromAlice’sDEPARTMENTStable.(Public是所有用戶)GRANTselect,insertONdepartmentsTOscottWITHGRANTOPTI
9、ON;Grantsucceeded.GRANTselectONalice.departmentsTOPUBLIC;Grantsucceeded.HowtoRevokeObjectPrivile