| <!DOCTYPE html> |
| <html lang="zh-CN" data-theme="light"> |
| <head> |
| <meta charset="utf-8" /> |
| <meta name="viewport" content="width=device-width,initial-scale=1" /> |
| <meta name="generator" content="VuePress 2.0.0-beta.61" /> |
| <meta name="theme" content="VuePress Theme Hope" /> |
| <link rel="alternate" hreflang="en-us" href="https://iotdb.apache.org/UserGuide/V0.13.x/Administration-Management/Administration.html"><meta property="og:url" content="https://iotdb.apache.org/zh/UserGuide/V0.13.x/Administration-Management/Administration.html"><meta property="og:site_name" content="IoTDB Website"><meta property="og:title" content="权限管理"><meta property="og:description" content="IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。 我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 数据模式与概念章节 (../Data-Concept/Data-Model-and-Terminology.md)。同时,在 JAVA 编程环境中,您可以使用..."><meta property="og:type" content="article"><meta property="og:locale" content="zh-CN"><meta property="og:locale:alternate" content="en-US"><script type="application/ld+json">{"@context":"https://schema.org","@type":"Article","headline":"权限管理","image":[""],"dateModified":null,"author":[]}</script><link rel="icon" href="/favicon.ico"><meta name="Description" content="Apache IoTDB: Time Series Database for IoT"><meta name="Keywords" content="TSDB, time series, time series database, IoTDB, IoT database, IoT data management,时序数据库, 时间序列管理, IoTDB, 物联网数据库, 实时数据库, 物联网数据管理, 物联网数据"><meta name="baidu-site-verification" content="wfKETzB3OT"><meta name="google-site-verification" content="mZWAoRY0yj_HAr-s47zHCGHzx5Ju-RVm5wDbPnwQYFo"><title>权限管理 | IoTDB Website</title><meta name="description" content="IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。 我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 数据模式与概念章节 (../Data-Concept/Data-Model-and-Terminology.md)。同时,在 JAVA 编程环境中,您可以使用..."> |
| <style> |
| :root { |
| --bg-color: #fff; |
| } |
| |
| html[data-theme="dark"] { |
| --bg-color: #1d1e1f; |
| } |
| |
| html, |
| body { |
| background: var(--bg-color); |
| } |
| </style> |
| <script> |
| const userMode = localStorage.getItem("vuepress-theme-hope-scheme"); |
| const systemDarkMode = |
| window.matchMedia && |
| window.matchMedia("(prefers-color-scheme: dark)").matches; |
| |
| if (userMode === "dark" || (userMode !== "light" && systemDarkMode)) { |
| document.documentElement.setAttribute("data-theme", "dark"); |
| } |
| </script> |
| <link rel="preload" href="/assets/style-99c5bc89.css" as="style"><link rel="stylesheet" href="/assets/style-99c5bc89.css"> |
| <link rel="modulepreload" href="/assets/app-56c0004a.js"><link rel="modulepreload" href="/assets/framework-62ad666a.js"><link rel="modulepreload" href="/assets/Administration.html-70e40093.js"><link rel="modulepreload" href="/assets/Administration.html-58424169.js"> |
| </head> |
| <body> |
| <div id="app"><!--[--><!--[--><!--[--><span tabindex="-1"></span><a href="#main-content" class="skip-link sr-only">跳至主要內容</a><!--]--><!--[--><div class="theme-container has-toc"><!--[--><header class="navbar hide-icon" id="navbar"><div class="navbar-start"><button class="toggle-sidebar-button" title="Toggle Sidebar"><span class="icon"></span></button><!--[--><!----><!--]--><a href="/zh/" class="brand"><img class="logo" src="/logo.png" alt="IoTDB Website"><!----><span class="site-name hide-in-pad">IoTDB Website</span></a><!--[--><!----><!--]--></div><div class="navbar-center"><!--[--><!----><!--]--><!--[--><!----><!--]--></div><div class="navbar-end"><!--[--><!----><!--]--><div id="docsearch-container"></div><nav class="nav-links"><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="文档"><span class="title"><!---->文档</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/zh/UserGuide/Master/QuickStart/QuickStart.html" class="nav-link" aria-label="latest"><!---->latest<!----></a></li><li class="dropdown-item"><a href="/zh/UserGuide/V1.1.x/QuickStart/QuickStart.html" class="nav-link" aria-label="v1.1.x"><!---->v1.1.x<!----></a></li><li class="dropdown-item"><a href="/zh/UserGuide/V1.0.x/QuickStart/QuickStart.html" class="nav-link" aria-label="v1.0.x"><!---->v1.0.x<!----></a></li><li class="dropdown-item"><a href="/zh/UserGuide/V0.13.x/QuickStart/QuickStart.html" class="nav-link" aria-label="v0.13.x"><!---->v0.13.x<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=177051872" rel="noopener noreferrer" target="_blank" aria-label="系统设计" class="nav-link"><!---->系统设计<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="nav-item hide-in-mobile"><a href="/zh/Download/" class="nav-link" aria-label="下载"><!---->下载<!----></a></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="社区"><span class="title"><!---->社区</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/zh/Community/About.html" class="nav-link" aria-label="关于社区"><!---->关于社区<!----></a></li><li class="dropdown-item"><a href="https://cwiki.apache.org/confluence/display/iotdb" rel="noopener noreferrer" target="_blank" aria-label="Wiki" class="nav-link"><!---->Wiki<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="/zh/Community/Community-Project-Committers.html" class="nav-link" aria-label="开发人员"><!---->开发人员<!----></a></li><li class="dropdown-item"><a href="/zh/Community/Community-Powered-By.html" class="nav-link" aria-label="技术支持"><!---->技术支持<!----></a></li><li class="dropdown-item"><a href="/Community/Materials.html" class="nav-link" aria-label="活动与报告"><!---->活动与报告<!----></a></li><li class="dropdown-item"><a href="/zh/Community/Feedback.html" class="nav-link" aria-label="交流与反馈"><!---->交流与反馈<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="开发"><span class="title"><!---->开发</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/zh/Development/VoteRelease.html" class="nav-link" aria-label="如何投票"><!---->如何投票<!----></a></li><li class="dropdown-item"><a href="/zh/Development/HowToCommit.html" class="nav-link" aria-label="如何提交代码"><!---->如何提交代码<!----></a></li><li class="dropdown-item"><a href="/zh/Development/HowToJoin.html" class="nav-link" aria-label="成为Contributor"><!---->成为Contributor<!----></a></li><li class="dropdown-item"><a href="/zh/Development/Committer.html" class="nav-link" aria-label="成为Committer"><!---->成为Committer<!----></a></li><li class="dropdown-item"><a href="/zh/Development/ContributeGuide.html" class="nav-link" aria-label="项目开发指南"><!---->项目开发指南<!----></a></li><li class="dropdown-item"><a href="/zh/Development/HowtoContributeCode.html" class="nav-link" aria-label="技术贡献指南"><!---->技术贡献指南<!----></a></li><li class="dropdown-item"><a href="/zh/Development/format-changelist.html" class="nav-link" aria-label="TsFile的更改列表"><!---->TsFile的更改列表<!----></a></li><li class="dropdown-item"><a href="/zh/Development/rpc-changelist" class="nav-link" aria-label="RPC变更清单"><!---->RPC变更清单<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="ASF"><span class="title"><!---->ASF</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="https://www.apache.org/" rel="noopener noreferrer" target="_blank" aria-label="基金会" class="nav-link"><!---->基金会<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/licenses/" rel="noopener noreferrer" target="_blank" aria-label="许可证" class="nav-link"><!---->许可证<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/security/" rel="noopener noreferrer" target="_blank" aria-label="安全" class="nav-link"><!---->安全<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/sponsorship.html" rel="noopener noreferrer" target="_blank" aria-label="赞助" class="nav-link"><!---->赞助<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/thanks.html" rel="noopener noreferrer" target="_blank" aria-label="致谢" class="nav-link"><!---->致谢<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/events/current-event" rel="noopener noreferrer" target="_blank" aria-label="活动" class="nav-link"><!---->活动<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li></ul></button></div></div></nav><div class="nav-item"><div class="dropdown-wrapper i18n-dropdown"><button class="dropdown-title" type="button" aria-label="选择语言"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon i18n-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="i18n icon" style="width:1rem;height:1rem;vertical-align:middle;"><path d="M379.392 460.8 494.08 575.488l-42.496 102.4L307.2 532.48 138.24 701.44l-71.68-72.704L234.496 460.8l-45.056-45.056c-27.136-27.136-51.2-66.56-66.56-108.544h112.64c7.68 14.336 16.896 27.136 26.112 35.84l45.568 46.08 45.056-45.056C382.976 312.32 409.6 247.808 409.6 204.8H0V102.4h256V0h102.4v102.4h256v102.4H512c0 70.144-37.888 161.28-87.04 210.944L378.88 460.8zM576 870.4 512 1024H409.6l256-614.4H768l256 614.4H921.6l-64-153.6H576zM618.496 768h196.608L716.8 532.48 618.496 768z"></path></svg><!--]--><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/UserGuide/V0.13.x/Administration-Management/Administration.html" class="nav-link" aria-label="English"><!---->English<!----></a></li><li class="dropdown-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html" class="router-link-active router-link-exact-active nav-link active" aria-label="简体中文"><!---->简体中文<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><button id="appearance-switch"><svg xmlns="http://www.w3.org/2000/svg" class="icon auto-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="auto icon" style="display:block;"><path d="M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm0-840c-198.78 0-360 161.22-360 360 0 198.84 161.22 360 360 360s360-161.16 360-360c0-198.78-161.22-360-360-360zm0 660V212c165.72 0 300 134.34 300 300 0 165.72-134.28 300-300 300z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon dark-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="dark icon" style="display:none;"><path d="M524.8 938.667h-4.267a439.893 439.893 0 0 1-313.173-134.4 446.293 446.293 0 0 1-11.093-597.334A432.213 432.213 0 0 1 366.933 90.027a42.667 42.667 0 0 1 45.227 9.386 42.667 42.667 0 0 1 10.24 42.667 358.4 358.4 0 0 0 82.773 375.893 361.387 361.387 0 0 0 376.747 82.774 42.667 42.667 0 0 1 54.187 55.04 433.493 433.493 0 0 1-99.84 154.88 438.613 438.613 0 0 1-311.467 128z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon light-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="light icon" style="display:none;"><path d="M952 552h-80a40 40 0 0 1 0-80h80a40 40 0 0 1 0 80zM801.88 280.08a41 41 0 0 1-57.96-57.96l57.96-58a41.04 41.04 0 0 1 58 58l-58 57.96zM512 752a240 240 0 1 1 0-480 240 240 0 0 1 0 480zm0-560a40 40 0 0 1-40-40V72a40 40 0 0 1 80 0v80a40 40 0 0 1-40 40zm-289.88 88.08-58-57.96a41.04 41.04 0 0 1 58-58l57.96 58a41 41 0 0 1-57.96 57.96zM192 512a40 40 0 0 1-40 40H72a40 40 0 0 1 0-80h80a40 40 0 0 1 40 40zm30.12 231.92a41 41 0 0 1 57.96 57.96l-57.96 58a41.04 41.04 0 0 1-58-58l58-57.96zM512 832a40 40 0 0 1 40 40v80a40 40 0 0 1-80 0v-80a40 40 0 0 1 40-40zm289.88-88.08 58 57.96a41.04 41.04 0 0 1-58 58l-57.96-58a41 41 0 0 1 57.96-57.96z"></path></svg></button></div><div class="nav-item"><a class="repo-link" href="https://github.com/apache/iotdb" target="_blank" rel="noopener noreferrer" aria-label="GitHub"><svg xmlns="http://www.w3.org/2000/svg" class="icon github-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="github icon" style="width:1.25rem;height:1.25rem;vertical-align:middle;"><path d="M511.957 21.333C241.024 21.333 21.333 240.981 21.333 512c0 216.832 140.544 400.725 335.574 465.664 24.49 4.395 32.256-10.07 32.256-23.083 0-11.69.256-44.245 0-85.205-136.448 29.61-164.736-64.64-164.736-64.64-22.315-56.704-54.4-71.765-54.4-71.765-44.587-30.464 3.285-29.824 3.285-29.824 49.195 3.413 75.179 50.517 75.179 50.517 43.776 75.008 114.816 53.333 142.762 40.79 4.523-31.66 17.152-53.377 31.19-65.537-108.971-12.458-223.488-54.485-223.488-242.602 0-53.547 19.114-97.323 50.517-131.67-5.035-12.33-21.93-62.293 4.779-129.834 0 0 41.258-13.184 134.912 50.346a469.803 469.803 0 0 1 122.88-16.554c41.642.213 83.626 5.632 122.88 16.554 93.653-63.488 134.784-50.346 134.784-50.346 26.752 67.541 9.898 117.504 4.864 129.834 31.402 34.347 50.474 78.123 50.474 131.67 0 188.586-114.73 230.016-224.042 242.09 17.578 15.232 33.578 44.672 33.578 90.454v135.85c0 13.142 7.936 27.606 32.854 22.87C862.25 912.597 1002.667 728.747 1002.667 512c0-271.019-219.648-490.667-490.71-490.667z"></path></svg></a></div><!--[--><!----><!--]--><button class="toggle-navbar-button" aria-label="Toggle Navbar" aria-expanded="false" aria-controls="nav-screen"><span class="button-container"><span class="button-top"></span><span class="button-middle"></span><span class="button-bottom"></span></span></button></div></header><!----><!--]--><!----><div class="toggle-sidebar-wrapper"><span class="arrow start"></span></div><aside class="sidebar" id="sidebar"><!--[--><!----><!--]--><ul class="sidebar-links"><li><section class="sidebar-group"><p class="sidebar-heading"><!----><span class="title">IoTDB用户手册 (V0.13.x)</span><!----></p><ul class="sidebar-links"></ul></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">IoTDB简介</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">快速上手</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">数据模式与概念</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">语法约定</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">应用编程接口</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">元数据操作</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">数据写入和删除</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">数据查询</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">数据处理</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable active"><!----><span class="title">权限管理</span><span class="arrow down"></span></button><ul class="sidebar-links"><li><!--[--><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html" class="router-link-active router-link-exact-active nav-link active sidebar-link sidebar-page active" aria-label="权限管理"><!---->权限管理<!----></a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#基本概念" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="基本概念"><!---->基本概念<!----></a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="用户"><!---->用户<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#权限" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="权限"><!---->权限<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#角色" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="角色"><!---->角色<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#默认用户及其具有的角色" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="默认用户及其具有的角色"><!---->默认用户及其具有的角色<!----></a><ul class="sidebar-sub-headers"></ul></li></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#权限操作示例" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="权限操作示例"><!---->权限操作示例<!----></a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#创建用户" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="创建用户"><!---->创建用户<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#赋予用户权限" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="赋予用户权限"><!---->赋予用户权限<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#撤销用户权限" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="撤销用户权限"><!---->撤销用户权限<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#sql-语句" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="SQL 语句"><!---->SQL 语句<!----></a><ul class="sidebar-sub-headers"></ul></li></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#其他说明" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="其他说明"><!---->其他说明<!----></a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户、权限与角色的关系" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="用户、权限与角色的关系"><!---->用户、权限与角色的关系<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#系统所含权限列表" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="系统所含权限列表"><!---->系统所含权限列表<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户名限制" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="用户名限制"><!---->用户名限制<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#密码限制" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="密码限制"><!---->密码限制<!----></a><ul class="sidebar-sub-headers"></ul></li><li class="sidebar-sub-header"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#角色名限制" class="router-link-active router-link-exact-active nav-link sidebar-link heading" aria-label="角色名限制"><!---->角色名限制<!----></a><ul class="sidebar-sub-headers"></ul></li></ul></li></ul><!--]--></li></ul></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">运维工具</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">系统集成</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">UDF 资料库</span><span class="arrow end"></span></button><!----></section></li><li><section class="sidebar-group"><button class="sidebar-heading clickable"><!----><span class="title">参考</span><span class="arrow end"></span></button><!----></section></li></ul><!--[--><!----><!--]--></aside><!--[--><main class="page" id="main-content"><!--[--><!----><nav class="breadcrumb disable"></nav><div class="page-title"><h1><!---->权限管理</h1><div class="page-info"><!----><!----><!----><!----><span class="page-reading-time-info" aria-label="阅读时间"><svg xmlns="http://www.w3.org/2000/svg" class="icon timer-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="timer icon"><path d="M799.387 122.15c4.402-2.978 7.38-7.897 7.38-13.463v-1.165c0-8.933-7.38-16.312-16.312-16.312H256.33c-8.933 0-16.311 7.38-16.311 16.312v1.165c0 5.825 2.977 10.874 7.637 13.592 4.143 194.44 97.22 354.963 220.201 392.763-122.204 37.542-214.893 196.511-220.2 389.397-4.661 5.049-7.638 11.651-7.638 19.03v5.825h566.49v-5.825c0-7.379-2.849-13.981-7.509-18.9-5.049-193.016-97.867-351.985-220.2-389.527 123.24-37.67 216.446-198.453 220.588-392.892zM531.16 450.445v352.632c117.674 1.553 211.787 40.778 211.787 88.676H304.097c0-48.286 95.149-87.382 213.728-88.676V450.445c-93.077-3.107-167.901-81.297-167.901-177.093 0-8.803 6.99-15.793 15.793-15.793 8.803 0 15.794 6.99 15.794 15.793 0 80.261 63.69 145.635 142.01 145.635s142.011-65.374 142.011-145.635c0-8.803 6.99-15.793 15.794-15.793s15.793 6.99 15.793 15.793c0 95.019-73.789 172.82-165.96 177.093z"></path></svg><span>大约 9 分钟</span><meta property="timeRequired" content="PT9M"></span><!----><!----></div><hr></div><div class="toc-place-holder"><aside id="toc"><!--[--><!----><!--]--><div class="toc-header">此页内容<button class="print-button" title="打印"><svg xmlns="http://www.w3.org/2000/svg" class="icon print-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="print icon"><path d="M819.2 364.8h-44.8V128c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v236.8h-44.8C145.067 364.8 96 413.867 96 473.6v192c0 59.733 49.067 108.8 108.8 108.8h44.8V896c0 17.067 14.933 32 32 32h460.8c17.067 0 32-14.933 32-32V774.4h44.8c59.733 0 108.8-49.067 108.8-108.8v-192c0-59.733-49.067-108.8-108.8-108.8zM313.6 160h396.8v204.8H313.6V160zm396.8 704H313.6V620.8h396.8V864zM864 665.6c0 25.6-19.2 44.8-44.8 44.8h-44.8V588.8c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v121.6h-44.8c-25.6 0-44.8-19.2-44.8-44.8v-192c0-25.6 19.2-44.8 44.8-44.8h614.4c25.6 0 44.8 19.2 44.8 44.8v192z"></path></svg></button></div><div class="toc-wrapper"><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#基本概念" class="router-link-active router-link-exact-active toc-link level2">基本概念</a></li><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户" class="router-link-active router-link-exact-active toc-link level3">用户</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#权限" class="router-link-active router-link-exact-active toc-link level3">权限</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#角色" class="router-link-active router-link-exact-active toc-link level3">角色</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#默认用户及其具有的角色" class="router-link-active router-link-exact-active toc-link level3">默认用户及其具有的角色</a></li><!----><!--]--></ul><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#权限操作示例" class="router-link-active router-link-exact-active toc-link level2">权限操作示例</a></li><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#创建用户" class="router-link-active router-link-exact-active toc-link level3">创建用户</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#赋予用户权限" class="router-link-active router-link-exact-active toc-link level3">赋予用户权限</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#撤销用户权限" class="router-link-active router-link-exact-active toc-link level3">撤销用户权限</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#sql-语句" class="router-link-active router-link-exact-active toc-link level3">SQL 语句</a></li><!----><!--]--></ul><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#其他说明" class="router-link-active router-link-exact-active toc-link level2">其他说明</a></li><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户、权限与角色的关系" class="router-link-active router-link-exact-active toc-link level3">用户、权限与角色的关系</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#系统所含权限列表" class="router-link-active router-link-exact-active toc-link level3">系统所含权限列表</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#用户名限制" class="router-link-active router-link-exact-active toc-link level3">用户名限制</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#密码限制" class="router-link-active router-link-exact-active toc-link level3">密码限制</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/zh/UserGuide/V0.13.x/Administration-Management/Administration.html#角色名限制" class="router-link-active router-link-exact-active toc-link level3">角色名限制</a></li><!----><!--]--></ul><!--]--></ul></div><!--[--><!----><!--]--></aside></div><!----><div class="theme-hope-content"><!-- |
| |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| |
| --><h1 id="权限管理" tabindex="-1"><a class="header-anchor" href="#权限管理" aria-hidden="true">#</a> 权限管理</h1><p>IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。</p><p>我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 <a href="/zh/UserGuide/V0.13.x/Data-Concept/Data-Model-and-Terminology.html" class="">数据模式与概念章节</a>。同时,在 JAVA 编程环境中,您可以使用 <a href="/zh/UserGuide/V0.13.x/API/Programming-JDBC.html" class="">JDBC API</a> 单条或批量执行权限管理类语句。</p><h2 id="基本概念" tabindex="-1"><a class="header-anchor" href="#基本概念" aria-hidden="true">#</a> 基本概念</h2><h3 id="用户" tabindex="-1"><a class="header-anchor" href="#用户" aria-hidden="true">#</a> 用户</h3><p>用户即数据库的合法使用者。一个用户与一个唯一的用户名相对应,并且拥有密码作为身份验证的手段。一个人在使用数据库之前,必须先提供合法的(即存于数据库中的)用户名与密码,使得自己成为用户。</p><h3 id="权限" tabindex="-1"><a class="header-anchor" href="#权限" aria-hidden="true">#</a> 权限</h3><p>数据库提供多种操作,并不是所有的用户都能执行所有操作。如果一个用户可以执行某项操作,则称该用户有执行该操作的权限。权限可分为数据管理权限(如对数据进行增删改查)以及权限管理权限(用户、角色的创建与删除,权限的赋予与撤销等)。数据管理权限往往需要一个路径来限定其生效范围,它的生效范围是以该路径对应的节点为根的一棵子树(具体请参考 IoTDB 的数据组织)。</p><blockquote><p>注意:在授予或移除权限时不允许使用路径通配符。</p></blockquote><p>以下示例是错误的用法:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln.**; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>正确用法应该为:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="角色" tabindex="-1"><a class="header-anchor" href="#角色" aria-hidden="true">#</a> 角色</h3><p>角色是若干权限的集合,并且有一个唯一的角色名作为标识符。用户通常和一个现实身份相对应(例如交通调度员),而一个现实身份可能对应着多个用户。这些具有相同现实身份的用户往往具有相同的一些权限。角色就是为了能对这样的权限进行统一的管理的抽象。</p><h3 id="默认用户及其具有的角色" tabindex="-1"><a class="header-anchor" href="#默认用户及其具有的角色" aria-hidden="true">#</a> 默认用户及其具有的角色</h3><p>初始安装后的 IoTDB 中有一个默认用户:root,默认密码为 root。该用户为管理员用户,固定拥有所有权限,无法被赋予、撤销权限,也无法被删除。</p><h2 id="权限操作示例" tabindex="-1"><a class="header-anchor" href="#权限操作示例" aria-hidden="true">#</a> 权限操作示例</h2><p>根据本文中描述的 <a href="https://github.com/thulab/iotdb/files/4438687/OtherMaterial-Sample.Data.txt" target="_blank" rel="noopener noreferrer">样例数据<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a> 内容,IoTDB 的样例数据可能同时属于 ln, sgcc 等不同发电集团,不同的发电集团不希望其他发电集团获取自己的数据库数据,因此我们需要将不同的数据在集团层进行权限隔离。</p><h3 id="创建用户" tabindex="-1"><a class="header-anchor" href="#创建用户" aria-hidden="true">#</a> 创建用户</h3><p>使用 <code>CREATE USER <userName> <password></code> 创建用户。我们可以为 ln 和 sgcc 集团创建两个用户角色,名为 ln_write_user, sgcc_write_user,密码均为 write_pwd。SQL 语句为:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>CREATE USER ln_write_user 'write_pwd' |
| CREATE USER sgcc_write_user 'write_pwd' |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>此时使用展示用户的 SQL 语句:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST USER |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>我们可以看到这两个已经被创建的用户,结果如下:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>IoTDB> CREATE USER ln_write_user 'write_pwd' |
| Msg: The statement is executed successfully. |
| IoTDB> CREATE USER sgcc_write_user 'write_pwd' |
| Msg: The statement is executed successfully. |
| IoTDB> LIST USER |
| +---------------+ |
| | user| |
| +---------------+ |
| | ln_write_user| |
| | root| |
| |sgcc_write_user| |
| +---------------+ |
| Total line number = 3 |
| It costs 0.157s |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="赋予用户权限" tabindex="-1"><a class="header-anchor" href="#赋予用户权限" aria-hidden="true">#</a> 赋予用户权限</h3><p>此时,虽然两个用户已经创建,但是他们不具有任何权限,因此他们并不能对数据库进行操作,例如我们使用 ln_write_user 用户对数据库中的数据进行写入,SQL 语句为:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true) |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>此时,系统不允许用户进行此操作,会提示错误:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true) |
| INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true) |
| Msg: 602: No permissions for this operation, please add privilege READ_TIMESERIES. |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>现在,我们分别赋予他们向对应存储组数据的写入权限,并再次尝试向对应的存储组进行数据写入。</p><p>我们 <code>GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName></code> 语句赋予用户权限,例如:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln |
| GRANT USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc |
| INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true) |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>执行状态如下所示:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>IoTDB> GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln |
| Msg: The statement is executed successfully. |
| IoTDB> GRANT USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc |
| Msg: The statement is executed successfully. |
| IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true) |
| Msg: The statement is executed successfully. |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="撤销用户权限" tabindex="-1"><a class="header-anchor" href="#撤销用户权限" aria-hidden="true">#</a> 撤销用户权限</h3><p>授予用户权限后,我们可以使用 <code>REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName></code> 来撤销已授予的用户权限。 例如:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>REVOKE USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln |
| REVOKE USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc |
| INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true) |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>执行状态如下所示:</p><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>REVOKE USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln |
| Msg: The statement is executed successfully. |
| REVOKE USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc |
| Msg: The statement is executed successfully. |
| INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true) |
| Msg: 602: No permissions for this operation, please add privilege READ_TIMESERIES. |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="sql-语句" tabindex="-1"><a class="header-anchor" href="#sql-语句" aria-hidden="true">#</a> SQL 语句</h3><p>与权限相关的语句包括:</p><ul><li>创建用户</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>CREATE USER <userName> <password>; |
| Eg: IoTDB > CREATE USER thulab 'passwd'; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>删除用户</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>DROP USER <userName>; |
| Eg: IoTDB > DROP USER xiaoming; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>创建角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>CREATE ROLE <roleName>; |
| Eg: IoTDB > CREATE ROLE admin; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>删除角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>DROP ROLE <roleName>; |
| Eg: IoTDB > DROP ROLE admin; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予用户权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName>; |
| Eg: IoTDB > GRANT USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予角色权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>; |
| Eg: IoTDB > GRANT ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予用户角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>GRANT <roleName> TO <userName>; |
| Eg: IoTDB > GRANT temprole TO tempuser; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销用户权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName>; |
| Eg: IoTDB > REVOKE USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销角色权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>REVOKE ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>; |
| Eg: IoTDB > REVOKE ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销用户角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>REVOKE <roleName> FROM <userName>; |
| Eg: IoTDB > REVOKE temprole FROM tempuser; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出用户</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST USER |
| Eg: IoTDB > LIST USER |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST ROLE |
| Eg: IoTDB > LIST ROLE |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST PRIVILEGES USER <username> ON <path>; |
| Eg: IoTDB > LIST PRIVILEGES USER sgcc_wirte_user ON root.sgcc; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出角色权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST ROLE PRIVILEGES <roleName> |
| Eg: IoTDB > LIST ROLE PRIVILEGES actor; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出角色在具体路径上的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST PRIVILEGES ROLE <roleName> ON <path>; |
| Eg: IoTDB > LIST PRIVILEGES ROLE wirte_role ON root.sgcc; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出用户权限</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST USER PRIVILEGES <username> ; |
| Eg: IoTDB > LIST USER PRIVILEGES tempuser; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出用户所有的角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST ALL ROLE OF USER <username> ; |
| Eg: IoTDB > LIST ALL ROLE OF USER tempuser; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出所有用户的角色</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>LIST ALL USER OF ROLE <roleName>; |
| Eg: IoTDB > LIST ALL USER OF ROLE roleuser; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>更新密码</li></ul><div class="language-text line-numbers-mode" data-ext="text"><pre class="language-text"><code>ALTER USER <username> SET PASSWORD <password>; |
| Eg: IoTDB > ALTER USER tempuser SET PASSWORD 'newpwd'; |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h2 id="其他说明" tabindex="-1"><a class="header-anchor" href="#其他说明" aria-hidden="true">#</a> 其他说明</h2><h3 id="用户、权限与角色的关系" tabindex="-1"><a class="header-anchor" href="#用户、权限与角色的关系" aria-hidden="true">#</a> 用户、权限与角色的关系</h3><p>角色是权限的集合,而权限和角色都是用户的一种属性。即一个角色可以拥有若干权限。一个用户可以拥有若干角色与权限(称为用户自身权限)。</p><p>目前在 IoTDB 中并不存在相互冲突的权限,因此一个用户真正具有的权限是用户自身权限与其所有的角色的权限的并集。即要判定用户是否能执行某一项操作,就要看用户自身权限或用户的角色的所有权限中是否有一条允许了该操作。用户自身权限与其角色权限,他的多个角色的权限之间可能存在相同的权限,但这并不会产生影响。</p><p>需要注意的是:如果一个用户自身有某种权限(对应操作 A),而他的某个角色有相同的权限。那么如果仅从该用户撤销该权限无法达到禁止该用户执行操作 A 的目的,还需要从这个角色中也撤销对应的权限,或者从这个用户将该角色撤销。同样,如果仅从上述角色将权限撤销,也不能禁止该用户执行操作 A。</p><p>同时,对角色的修改会立即反映到所有拥有该角色的用户上,例如对角色增加某种权限将立即使所有拥有该角色的用户都拥有对应权限,删除某种权限也将使对应用户失去该权限(除非用户本身有该权限)。</p><h3 id="系统所含权限列表" tabindex="-1"><a class="header-anchor" href="#系统所含权限列表" aria-hidden="true">#</a> 系统所含权限列表</h3><p><strong>系统所含权限列表</strong></p><table><thead><tr><th style="text-align:left;">权限名称</th><th style="text-align:left;">说明</th></tr></thead><tbody><tr><td style="text-align:left;">SET_STORAGE_GROUP</td><td style="text-align:left;">创建存储组。包含设置存储组的权限。路径相关</td></tr><tr><td style="text-align:left;">DELETE_STORAGE_GROUP</td><td style="text-align:left;">删除存储组。路径相关</td></tr><tr><td style="text-align:left;">CREATE_TIMESERIES</td><td style="text-align:left;">创建时间序列。路径相关</td></tr><tr><td style="text-align:left;">INSERT_TIMESERIES</td><td style="text-align:left;">插入数据。路径相关</td></tr><tr><td style="text-align:left;">READ_TIMESERIES</td><td style="text-align:left;">查询数据。路径相关</td></tr><tr><td style="text-align:left;">DELETE_TIMESERIES</td><td style="text-align:left;">删除数据或时间序列,解除模板。路径相关</td></tr><tr><td style="text-align:left;">DELETE_STORAGE_GROUP</td><td style="text-align:left;">删除存储组。路径相关</td></tr><tr><td style="text-align:left;">CREATE_USER</td><td style="text-align:left;">创建用户。路径无关</td></tr><tr><td style="text-align:left;">DELETE_USER</td><td style="text-align:left;">删除用户。路径无关</td></tr><tr><td style="text-align:left;">MODIFY_PASSWORD</td><td style="text-align:left;">修改所有用户的密码。路径无关。(没有该权限者仍然能够修改自己的密码。)</td></tr><tr><td style="text-align:left;">LIST_USER</td><td style="text-align:left;">列出所有用户,列出某用户权限,列出某用户具有的角色以及列出所有用户的角色四种操作的权限。路径无关</td></tr><tr><td style="text-align:left;">GRANT_USER_PRIVILEGE</td><td style="text-align:left;">赋予用户权限。路径无关</td></tr><tr><td style="text-align:left;">REVOKE_USER_PRIVILEGE</td><td style="text-align:left;">撤销用户权限。路径无关</td></tr><tr><td style="text-align:left;">GRANT_USER_ROLE</td><td style="text-align:left;">赋予用户角色。路径无关</td></tr><tr><td style="text-align:left;">REVOKE_USER_ROLE</td><td style="text-align:left;">撤销用户角色。路径无关</td></tr><tr><td style="text-align:left;">CREATE_ROLE</td><td style="text-align:left;">创建角色。路径无关</td></tr><tr><td style="text-align:left;">DELETE_ROLE</td><td style="text-align:left;">删除角色。路径无关</td></tr><tr><td style="text-align:left;">LIST_ROLE</td><td style="text-align:left;">列出所有角色,列出某角色拥有的权限,列出拥有某角色的所有用户三种操作的权限。路径无关</td></tr><tr><td style="text-align:left;">GRANT_ROLE_PRIVILEGE</td><td style="text-align:left;">赋予角色权限。路径无关</td></tr><tr><td style="text-align:left;">REVOKE_ROLE_PRIVILEGE</td><td style="text-align:left;">撤销角色权限。路径无关</td></tr><tr><td style="text-align:left;">CREATE_FUNCTION</td><td style="text-align:left;">注册 UDF。路径无关</td></tr><tr><td style="text-align:left;">DROP_FUNCTION</td><td style="text-align:left;">卸载 UDF。路径无关</td></tr><tr><td style="text-align:left;">CREATE_TRIGGER</td><td style="text-align:left;">创建触发器。路径相关</td></tr><tr><td style="text-align:left;">DROP_TRIGGER</td><td style="text-align:left;">卸载触发器。路径相关</td></tr><tr><td style="text-align:left;">START_TRIGGER</td><td style="text-align:left;">启动触发器。路径相关</td></tr><tr><td style="text-align:left;">STOP_TRIGGER</td><td style="text-align:left;">停止触发器。路径相关</td></tr><tr><td style="text-align:left;">CREATE_CONTINUOUS_QUERY</td><td style="text-align:left;">创建连续查询。路径无关</td></tr><tr><td style="text-align:left;">DROP_CONTINUOUS_QUERY</td><td style="text-align:left;">卸载连续查询。路径无关</td></tr><tr><td style="text-align:left;">UPDATE_TEMPLATE</td><td style="text-align:left;">创建、删除、修改模板。路径无关。</td></tr><tr><td style="text-align:left;">APPLY_TEMPLATE</td><td style="text-align:left;">挂载、卸载、激活模板。路径相关。</td></tr></tbody></table><h3 id="用户名限制" tabindex="-1"><a class="header-anchor" href="#用户名限制" aria-hidden="true">#</a> 用户名限制</h3><p>IoTDB 规定用户名的字符长度不小于 4,其中用户名不能包含空格。</p><h3 id="密码限制" tabindex="-1"><a class="header-anchor" href="#密码限制" aria-hidden="true">#</a> 密码限制</h3><p>IoTDB 规定密码的字符长度不小于 4,其中密码不能包含空格,密码默认采用 MD5 进行加密。</p><h3 id="角色名限制" tabindex="-1"><a class="header-anchor" href="#角色名限制" aria-hidden="true">#</a> 角色名限制</h3><p>IoTDB 规定角色名的字符长度不小于 4,其中角色名不能包含空格。</p></div><!----><footer class="page-meta"><div class="meta-item edit-link"><a href="https://github.com/apache/iotdb/edit/rel/0.13/docs/zh/UserGuide/Administration-Management/Administration.md" rel="noopener noreferrer" target="_blank" aria-label="发现错误?在 GitHub 上编辑此页" class="nav-link label"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon edit-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="edit icon"><path d="M430.818 653.65a60.46 60.46 0 0 1-50.96-93.281l71.69-114.012 7.773-10.365L816.038 80.138A60.46 60.46 0 0 1 859.225 62a60.46 60.46 0 0 1 43.186 18.138l43.186 43.186a60.46 60.46 0 0 1 0 86.373L588.879 565.55l-8.637 8.637-117.466 68.234a60.46 60.46 0 0 1-31.958 11.229z"></path><path d="M728.802 962H252.891A190.883 190.883 0 0 1 62.008 771.98V296.934a190.883 190.883 0 0 1 190.883-192.61h267.754a60.46 60.46 0 0 1 0 120.92H252.891a69.962 69.962 0 0 0-69.098 69.099V771.98a69.962 69.962 0 0 0 69.098 69.098h475.911A69.962 69.962 0 0 0 797.9 771.98V503.363a60.46 60.46 0 1 1 120.922 0V771.98A190.883 190.883 0 0 1 728.802 962z"></path></svg><!--]-->发现错误?在 GitHub 上编辑此页<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="meta-item git-info"><!----><!----></div></footer><!----><!----><!----><!--]--></main><!--]--><footer style="padding-bottom:2rem;"><span id="doc-version" style="display:none;">rel/0.13</span><p style="text-align:center;color:#909399;font-size:12px;margin:0 30px;">Copyright © 2023 The Apache Software Foundation.<br> Apache and the Apache feather logo are trademarks of The Apache Software Foundation</p><p style="text-align:center;margin-top:10px;color:#909399;font-size:12px;margin:0 30px;"><strong>Have a question?</strong> Connect with us on QQ, WeChat, or Slack. <a href="https://github.com/apache/iotdb/issues/1995">Join the community</a> now.</p><p style="text-align:center;margin-top:10px;color:#909399;font-size:12px;margin:0 30px;"> We use <a href="https://analytics.google.com">Google Analytics</a> to collect anonymous, aggregated usage information. </p></footer></div><!--]--><!--]--><!----><!--]--></div> |
| <script type="module" src="/assets/app-56c0004a.js" defer></script> |
| </body> |
| </html> |