| <!doctype html> |
| <html lang="en-US" data-theme="light"> |
| <head> |
| <meta charset="utf-8" /> |
| <meta name="viewport" content="width=device-width,initial-scale=1" /> |
| <meta name="generator" content="VuePress 2.0.0-rc.9" /> |
| <meta name="theme" content="VuePress Theme Hope 2.0.0-rc.34" /> |
| <style> |
| html { |
| background: var(--bg-color, #fff); |
| } |
| |
| html[data-theme="dark"] { |
| background: var(--bg-color, #1d1e1f); |
| } |
| |
| body { |
| background: var(--bg-color); |
| } |
| </style> |
| <script> |
| const userMode = localStorage.getItem("vuepress-theme-hope-scheme"); |
| const systemDarkMode = |
| window.matchMedia && |
| window.matchMedia("(prefers-color-scheme: dark)").matches; |
| |
| if (userMode === "dark" || (userMode !== "light" && systemDarkMode)) { |
| document.documentElement.setAttribute("data-theme", "dark"); |
| } |
| </script> |
| <link rel="alternate" hreflang="zh-cn" href="https://iotdb.apache.org/zh/UserGuide/latest/User-Manual/Authority-Management.html"><meta property="og:url" content="https://iotdb.apache.org/UserGuide/latest/User-Manual/Authority-Management.html"><meta property="og:site_name" content="IoTDB Website"><meta property="og:title" content="Administration Management"><meta property="og:description" content="Administration Management IoTDB provides permission management operations, offering users the ability to manage permissions for data and cluster systems, ensuring data and syste..."><meta property="og:type" content="article"><meta property="og:locale" content="en-US"><meta property="og:locale:alternate" content="zh-CN"><meta property="og:updated_time" content="2024-01-17T06:56:46.000Z"><meta property="article:modified_time" content="2024-01-17T06:56:46.000Z"><script type="application/ld+json">{"@context":"https://schema.org","@type":"Article","headline":"Administration Management","image":[""],"dateModified":"2024-01-17T06:56:46.000Z","author":[]}</script><link rel="icon" href="/favicon.ico"><meta name="Description" content="Apache IoTDB: Time Series Database for IoT"><meta name="Keywords" content="TSDB, time series, time series database, IoTDB, IoT database, IoT data management,时序数据库, 时间序列管理, IoTDB, 物联网数据库, 实时数据库, 物联网数据管理, 物联网数据"><meta name="baidu-site-verification" content="wfKETzB3OT"><meta name="google-site-verification" content="mZWAoRY0yj_HAr-s47zHCGHzx5Ju-RVm5wDbPnwQYFo"><script type="text/javascript"> |
| var _paq = window._paq = window._paq || []; |
| /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ |
| _paq.push(["setDoNotTrack", true]); |
| _paq.push(["disableCookies"]); |
| _paq.push(['trackPageView']); |
| _paq.push(['enableLinkTracking']); |
| (function() { |
| var u="https://analytics.apache.org/"; |
| _paq.push(['setTrackerUrl', u+'matomo.php']); |
| _paq.push(['setSiteId', '56']); |
| var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; |
| g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); |
| })(); |
| </script><title>Administration Management | IoTDB Website</title><meta name="description" content="Administration Management IoTDB provides permission management operations, offering users the ability to manage permissions for data and cluster systems, ensuring data and syste..."> |
| <link rel="preload" href="/assets/style-DnEHAOmf.css" as="style"><link rel="stylesheet" href="/assets/style-DnEHAOmf.css"> |
| <link rel="modulepreload" href="/assets/app-DrPcRZG6.js"><link rel="modulepreload" href="/assets/Authority-Management.html-CbU7HFWa.js"> |
| |
| </head> |
| <body> |
| <div id="app"><!--[--><!--[--><!--[--><span tabindex="-1"></span><a href="#main-content" class="vp-skip-link sr-only">Skip to main content</a><!--]--><!--[--><div class="theme-container has-toc"><!--[--><header id="navbar" class="vp-navbar hide-icon"><div class="vp-navbar-start"><button type="button" class="vp-toggle-sidebar-button" title="Toggle Sidebar"><span class="icon"></span></button><!--[--><!----><!--]--><!--[--><a class="route-link vp-brand" href="/"><img class="vp-nav-logo" src="/logo.png" alt><!----><span class="vp-site-name hide-in-pad">IoTDB Website</span></a><!--]--><!--[--><!----><!--]--></div><div class="vp-navbar-center"><!--[--><!----><!--]--><!--[--><!--]--><!--[--><!----><!--]--></div><div class="vp-navbar-end"><!--[--><!----><!--]--><!--[--><!--[--><div id="docsearch-container" style="display:none;"></div><div><button type="button" class="DocSearch DocSearch-Button" aria-label="Search"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">Search</span></span><span class="DocSearch-Button-Keys"><kbd class="DocSearch-Button-Key"><svg width="15" height="15" class="DocSearch-Control-Key-Icon"><path d="M4.505 4.496h2M5.505 5.496v5M8.216 4.496l.055 5.993M10 7.5c.333.333.5.667.5 1v2M12.326 4.5v5.996M8.384 4.496c1.674 0 2.116 0 2.116 1.5s-.442 1.5-2.116 1.5M3.205 9.303c-.09.448-.277 1.21-1.241 1.203C1 10.5.5 9.513.5 8V7c0-1.57.5-2.5 1.464-2.494.964.006 1.134.598 1.24 1.342M12.553 10.5h1.953" stroke-width="1.2" stroke="currentColor" fill="none" stroke-linecap="square"></path></svg></kbd><kbd class="DocSearch-Button-Key">K</kbd></span></button></div><!--]--><nav class="vp-nav-links"><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="Documentation"><span class="title"><!---->Documentation</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/latest/QuickStart/QuickStart.html" aria-label="v1.3.x"><!---->v1.3.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/V1.2.x/QuickStart/QuickStart.html" aria-label="v1.2.x"><!---->v1.2.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/V1.1.x/QuickStart/QuickStart.html" aria-label="v1.1.x"><!---->v1.1.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/V1.0.x/QuickStart/QuickStart.html" aria-label="v1.0.x"><!---->v1.0.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/V0.13.x/QuickStart/QuickStart.html" aria-label="v0.13.x"><!---->v0.13.x<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><a href="https://cwiki.apache.org/confluence/display/IOTDB/System+Design" rel="noopener noreferrer" target="_blank" aria-label="Design" class="nav-link"><!---->Design<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="vp-nav-item hide-in-mobile"><a class="route-link nav-link" href="/Download/" aria-label="Download"><!---->Download<!----></a></div><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="Community"><span class="title"><!---->Community</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/Community/About.html" aria-label="About"><!---->About<!----></a></li><li class="dropdown-item"><a href="https://cwiki.apache.org/confluence/display/iotdb" rel="noopener noreferrer" target="_blank" aria-label="Wiki" class="nav-link"><!---->Wiki<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Community/Community-Project-Committers.html" aria-label="People"><!---->People<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Community/Community-Powered-By.html" aria-label="Powered By"><!---->Powered By<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Community/Materials.html" aria-label="Resources"><!---->Resources<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Community/Feedback.html" aria-label="Feedback"><!---->Feedback<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="Development"><span class="title"><!---->Development</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/Development/VoteRelease.html" aria-label="How to vote"><!---->How to vote<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/HowToCommit.html" aria-label="How to Commit"><!---->How to Commit<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/HowToJoin.html" aria-label="Become a Contributor"><!---->Become a Contributor<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/Committer.html" aria-label="Become a Committer"><!---->Become a Committer<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/ContributeGuide.html" aria-label="ContributeGuide"><!---->ContributeGuide<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/HowtoContributeCode.html" aria-label="How to Contribute Code"><!---->How to Contribute Code<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/format-changelist.html" aria-label="Changelist of TsFile"><!---->Changelist of TsFile<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/Development/rpc-changelist.html" aria-label="Changelist of RPC"><!---->Changelist of RPC<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="ASF"><span class="title"><!---->ASF</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="https://www.apache.org/" rel="noopener noreferrer" target="_blank" aria-label="Foundation" class="nav-link"><!---->Foundation<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/licenses/" rel="noopener noreferrer" target="_blank" aria-label="License" class="nav-link"><!---->License<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/security/" rel="noopener noreferrer" target="_blank" aria-label="Security" class="nav-link"><!---->Security<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/sponsorship.html" rel="noopener noreferrer" target="_blank" aria-label="Sponsorship" class="nav-link"><!---->Sponsorship<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/thanks.html" rel="noopener noreferrer" target="_blank" aria-label="Thanks" class="nav-link"><!---->Thanks<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/events/current-event" rel="noopener noreferrer" target="_blank" aria-label="Current Events" class="nav-link"><!---->Current Events<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://privacy.apache.org/policies/privacy-policy-public.html" rel="noopener noreferrer" target="_blank" aria-label="Privacy" class="nav-link"><!---->Privacy<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li></ul></button></div></div></nav><div class="vp-nav-item"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="Select language"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon i18n-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="i18n icon" style="width:1rem;height:1rem;vertical-align:middle;"><path d="M379.392 460.8 494.08 575.488l-42.496 102.4L307.2 532.48 138.24 701.44l-71.68-72.704L234.496 460.8l-45.056-45.056c-27.136-27.136-51.2-66.56-66.56-108.544h112.64c7.68 14.336 16.896 27.136 26.112 35.84l45.568 46.08 45.056-45.056C382.976 312.32 409.6 247.808 409.6 204.8H0V102.4h256V0h102.4v102.4h256v102.4H512c0 70.144-37.888 161.28-87.04 210.944L378.88 460.8zM576 870.4 512 1024H409.6l256-614.4H768l256 614.4H921.6l-64-153.6H576zM618.496 768h196.608L716.8 532.48 618.496 768z"></path></svg><!--]--><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link active" href="/UserGuide/latest/User-Manual/Authority-Management.html" aria-label="English"><!---->English<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/latest/User-Manual/Authority-Management.html" aria-label="简体中文"><!---->简体中文<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><button type="button" id="appearance-switch"><svg xmlns="http://www.w3.org/2000/svg" class="icon auto-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="auto icon" style="display:none;"><path d="M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm0-840c-198.78 0-360 161.22-360 360 0 198.84 161.22 360 360 360s360-161.16 360-360c0-198.78-161.22-360-360-360zm0 660V212c165.72 0 300 134.34 300 300 0 165.72-134.28 300-300 300z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon dark-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="dark icon" style="display:none;"><path d="M524.8 938.667h-4.267a439.893 439.893 0 0 1-313.173-134.4 446.293 446.293 0 0 1-11.093-597.334A432.213 432.213 0 0 1 366.933 90.027a42.667 42.667 0 0 1 45.227 9.386 42.667 42.667 0 0 1 10.24 42.667 358.4 358.4 0 0 0 82.773 375.893 361.387 361.387 0 0 0 376.747 82.774 42.667 42.667 0 0 1 54.187 55.04 433.493 433.493 0 0 1-99.84 154.88 438.613 438.613 0 0 1-311.467 128z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon light-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="light icon" style="display:block;"><path d="M952 552h-80a40 40 0 0 1 0-80h80a40 40 0 0 1 0 80zM801.88 280.08a41 41 0 0 1-57.96-57.96l57.96-58a41.04 41.04 0 0 1 58 58l-58 57.96zM512 752a240 240 0 1 1 0-480 240 240 0 0 1 0 480zm0-560a40 40 0 0 1-40-40V72a40 40 0 0 1 80 0v80a40 40 0 0 1-40 40zm-289.88 88.08-58-57.96a41.04 41.04 0 0 1 58-58l57.96 58a41 41 0 0 1-57.96 57.96zM192 512a40 40 0 0 1-40 40H72a40 40 0 0 1 0-80h80a40 40 0 0 1 40 40zm30.12 231.92a41 41 0 0 1 57.96 57.96l-57.96 58a41.04 41.04 0 0 1-58-58l58-57.96zM512 832a40 40 0 0 1 40 40v80a40 40 0 0 1-80 0v-80a40 40 0 0 1 40-40zm289.88-88.08 58 57.96a41.04 41.04 0 0 1-58 58l-57.96-58a41 41 0 0 1 57.96-57.96z"></path></svg></button></div><div class="vp-nav-item vp-action"><a class="vp-action-link" href="https://github.com/apache/iotdb" target="_blank" rel="noopener noreferrer" aria-label="GitHub"><svg xmlns="http://www.w3.org/2000/svg" class="icon github-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="github icon" style="width:1.25rem;height:1.25rem;vertical-align:middle;"><path d="M511.957 21.333C241.024 21.333 21.333 240.981 21.333 512c0 216.832 140.544 400.725 335.574 465.664 24.49 4.395 32.256-10.07 32.256-23.083 0-11.69.256-44.245 0-85.205-136.448 29.61-164.736-64.64-164.736-64.64-22.315-56.704-54.4-71.765-54.4-71.765-44.587-30.464 3.285-29.824 3.285-29.824 49.195 3.413 75.179 50.517 75.179 50.517 43.776 75.008 114.816 53.333 142.762 40.79 4.523-31.66 17.152-53.377 31.19-65.537-108.971-12.458-223.488-54.485-223.488-242.602 0-53.547 19.114-97.323 50.517-131.67-5.035-12.33-21.93-62.293 4.779-129.834 0 0 41.258-13.184 134.912 50.346a469.803 469.803 0 0 1 122.88-16.554c41.642.213 83.626 5.632 122.88 16.554 93.653-63.488 134.784-50.346 134.784-50.346 26.752 67.541 9.898 117.504 4.864 129.834 31.402 34.347 50.474 78.123 50.474 131.67 0 188.586-114.73 230.016-224.042 242.09 17.578 15.232 33.578 44.672 33.578 90.454v135.85c0 13.142 7.936 27.606 32.854 22.87C862.25 912.597 1002.667 728.747 1002.667 512c0-271.019-219.648-490.667-490.71-490.667z"></path></svg></a></div><!--]--><!--[--><!----><!--]--><button type="button" class="vp-toggle-navbar-button" aria-label="Toggle Navbar" aria-expanded="false" aria-controls="nav-screen"><span><span class="vp-top"></span><span class="vp-middle"></span><span class="vp-bottom"></span></span></button></div></header><!----><!--]--><!----><div class="toggle-sidebar-wrapper"><span class="arrow start"></span></div><aside id="sidebar" class="vp-sidebar"><!--[--><!----><!--]--><ul class="vp-sidebar-links"><li><section class="vp-sidebar-group"><p class="vp-sidebar-header"><!----><span class="vp-sidebar-title">IoTDB User Guide (V1.3.x)</span><!----></p><ul class="vp-sidebar-links"></ul></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">About IoTDB</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Quick Start</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Basic Concept</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Deployment & Maintenance</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable active" type="button"><!----><span class="vp-sidebar-title">User Manual</span><span class="vp-arrow down"></span></button><ul class="vp-sidebar-links"><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Syntax-Rule.html" aria-label="Syntax Rule"><!---->Syntax Rule<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Operate-Metadata.html" aria-label="Operate Metadata"><!---->Operate Metadata<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Write-Delete-Data.html" aria-label="Write Delete Data"><!---->Write Delete Data<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Query-Data.html" aria-label="Query Data"><!---->Query Data<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Operator-and-Expression.html" aria-label="Operator and Expression"><!---->Operator and Expression<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Streaming.html" aria-label="Streaming"><!---->Streaming<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Data-Sync.html" aria-label="Data Sync"><!---->Data Sync<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Database-Programming.html" aria-label="Database Programming"><!---->Database Programming<!----></a></li><li><a class="route-link nav-link active vp-sidebar-link vp-sidebar-page active" href="/UserGuide/latest/User-Manual/Authority-Management.html" aria-label="Authority Management"><!---->Authority Management<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/UserGuide/latest/User-Manual/Maintennance.html" aria-label="Maintennance"><!---->Maintennance<!----></a></li></ul></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Tools System</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">API</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Ecosystem Integration</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">SQL Manual</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">FAQ</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">Reference</span><span class="vp-arrow end"></span></button><!----></section></li></ul><!--[--><!----><!--]--></aside><!--[--><main id="main-content" class="vp-page"><!--[--><!--[--><!----><!--]--><!----><nav class="vp-breadcrumb disable"></nav><div class="vp-page-title"><h1><!---->Administration Management</h1><div class="page-info"><!----><!----><span class="page-date-info" aria-label="Writing Date"><svg xmlns="http://www.w3.org/2000/svg" class="icon calendar-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="calendar icon"><path d="M716.4 110.137c0-18.753-14.72-33.473-33.472-33.473-18.753 0-33.473 14.72-33.473 33.473v33.473h66.993v-33.473zm-334.87 0c0-18.753-14.72-33.473-33.473-33.473s-33.52 14.72-33.52 33.473v33.473h66.993v-33.473zm468.81 33.52H716.4v100.465c0 18.753-14.72 33.473-33.472 33.473a33.145 33.145 0 01-33.473-33.473V143.657H381.53v100.465c0 18.753-14.72 33.473-33.473 33.473a33.145 33.145 0 01-33.473-33.473V143.657H180.6A134.314 134.314 0 0046.66 277.595v535.756A134.314 134.314 0 00180.6 947.289h669.74a134.36 134.36 0 00133.94-133.938V277.595a134.314 134.314 0 00-133.94-133.938zm33.473 267.877H147.126a33.145 33.145 0 01-33.473-33.473c0-18.752 14.72-33.473 33.473-33.473h736.687c18.752 0 33.472 14.72 33.472 33.473a33.145 33.145 0 01-33.472 33.473z"></path></svg><span><!----></span><meta property="datePublished" content="2023-08-01T06:02:08.000Z"></span><span class="page-pageview-info" aria-label="Page views"><svg xmlns="http://www.w3.org/2000/svg" class="icon eye-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="eye icon"><path d="M992 512.096c0-5.76-.992-10.592-1.28-11.136-.192-2.88-1.152-8.064-2.08-10.816-.256-.672-.544-1.376-.832-2.08-.48-1.568-1.024-3.104-1.6-4.32C897.664 290.112 707.104 160 512 160c-195.072 0-385.632 130.016-473.76 322.592-1.056 2.112-1.792 4.096-2.272 5.856a55.512 55.512 0 00-.64 1.6c-1.76 5.088-1.792 8.64-1.632 7.744-.832 3.744-1.568 11.168-1.568 11.168-.224 2.272-.224 4.032.032 6.304 0 0 .736 6.464 1.088 7.808.128 1.824.576 4.512 1.12 6.976h-.032c.448 2.08 1.12 4.096 1.984 6.08.48 1.536.992 2.976 1.472 4.032C126.432 733.856 316.992 864 512 864c195.136 0 385.696-130.048 473.216-321.696 1.376-2.496 2.24-4.832 2.848-6.912.256-.608.48-1.184.672-1.728 1.536-4.48 1.856-8.32 1.728-8.32l-.032.032c.608-3.104 1.568-7.744 1.568-13.28zM512 672c-88.224 0-160-71.776-160-160s71.776-160 160-160 160 71.776 160 160-71.776 160-160 160z"></path></svg><span id="ArtalkPV" class="vp-pageview waline-pageview-count" data-path="/UserGuide/latest/User-Manual/Authority-Management.html" data-page-key="/UserGuide/latest/User-Manual/Authority-Management.html">...</span></span><span class="page-reading-time-info" aria-label="Reading Time"><svg xmlns="http://www.w3.org/2000/svg" class="icon timer-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="timer icon"><path d="M799.387 122.15c4.402-2.978 7.38-7.897 7.38-13.463v-1.165c0-8.933-7.38-16.312-16.312-16.312H256.33c-8.933 0-16.311 7.38-16.311 16.312v1.165c0 5.825 2.977 10.874 7.637 13.592 4.143 194.44 97.22 354.963 220.201 392.763-122.204 37.542-214.893 196.511-220.2 389.397-4.661 5.049-7.638 11.651-7.638 19.03v5.825h566.49v-5.825c0-7.379-2.849-13.981-7.509-18.9-5.049-193.016-97.867-351.985-220.2-389.527 123.24-37.67 216.446-198.453 220.588-392.892zM531.16 450.445v352.632c117.674 1.553 211.787 40.778 211.787 88.676H304.097c0-48.286 95.149-87.382 213.728-88.676V450.445c-93.077-3.107-167.901-81.297-167.901-177.093 0-8.803 6.99-15.793 15.793-15.793 8.803 0 15.794 6.99 15.794 15.793 0 80.261 63.69 145.635 142.01 145.635s142.011-65.374 142.011-145.635c0-8.803 6.99-15.793 15.794-15.793s15.793 6.99 15.793 15.793c0 95.019-73.789 172.82-165.96 177.093z"></path></svg><span>About 12 min</span><meta property="timeRequired" content="PT12M"></span><!----><!----></div><hr></div><div class="vp-toc-placeholder"><aside id="toc"><!--[--><!----><!--]--><div class="vp-toc-header">On This Page<button type="button" class="print-button" title="Print"><svg xmlns="http://www.w3.org/2000/svg" class="icon print-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="print icon"><path d="M819.2 364.8h-44.8V128c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v236.8h-44.8C145.067 364.8 96 413.867 96 473.6v192c0 59.733 49.067 108.8 108.8 108.8h44.8V896c0 17.067 14.933 32 32 32h460.8c17.067 0 32-14.933 32-32V774.4h44.8c59.733 0 108.8-49.067 108.8-108.8v-192c0-59.733-49.067-108.8-108.8-108.8zM313.6 160h396.8v204.8H313.6V160zm396.8 704H313.6V620.8h396.8V864zM864 665.6c0 25.6-19.2 44.8-44.8 44.8h-44.8V588.8c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v121.6h-44.8c-25.6 0-44.8-19.2-44.8-44.8v-192c0-25.6 19.2-44.8 44.8-44.8h614.4c25.6 0 44.8 19.2 44.8 44.8v192z"></path></svg></button><div class="arrow end"></div></div><div class="vp-toc-wrapper"><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#basic-concepts">Basic Concepts</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#user">User</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#permission">Permission</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#role">Role</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#default-users-and-roles">Default Users and Roles</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#user-definition">User Definition</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#username-constraints">Username Constraints</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#password-constraints">Password Constraints</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#role-name-constraints">Role Name Constraints</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#permission-management">Permission Management</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#series-permissions">Series Permissions</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#global-permissions">Global Permissions</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#granting-and-revoking-permissions">Granting and Revoking Permissions</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#authentication">Authentication</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#function-syntax-and-examples">Function Syntax and Examples</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#user-and-role-related">User and Role Related</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#authorization-and-deauthorization">Authorization and Deauthorization</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#examples">Examples</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#other-explanations">Other Explanations</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#upgrading-from-a-previous-version">Upgrading from a previous version</a></li><!----><!--]--></ul><div class="vp-toc-marker" style="top:-1.7rem;"></div></div><!--[--><!----><!--]--></aside></div><!--[--><!----><!--]--><div class="theme-hope-content"><h1 id="administration-management" tabindex="-1"><a class="header-anchor" href="#administration-management"><span>Administration Management</span></a></h1><p>IoTDB provides permission management operations, offering users the ability to manage permissions for data and cluster systems, ensuring data and system security.</p><p>This article introduces the basic concepts of the permission module in IoTDB, including user definition, permission management, authentication logic, and use cases. In the JAVA programming environment, you can use the <a href="https://chat.openai.com/API/Programming-JDBC.md" target="_blank" rel="noopener noreferrer">JDBC API<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a> to execute permission management statements individually or in batches.</p><h2 id="basic-concepts" tabindex="-1"><a class="header-anchor" href="#basic-concepts"><span>Basic Concepts</span></a></h2><h3 id="user" tabindex="-1"><a class="header-anchor" href="#user"><span>User</span></a></h3><p>A user is a legitimate user of the database. Each user corresponds to a unique username and has a password as a means of authentication. Before using the database, a person must provide a valid (i.e., stored in the database) username and password for a successful login.</p><h3 id="permission" tabindex="-1"><a class="header-anchor" href="#permission"><span>Permission</span></a></h3><p>The database provides various operations, but not all users can perform all operations. If a user can perform a certain operation, they are said to have permission to execute that operation. Permissions are typically limited in scope by a path, and <a href="https://chat.openai.com/Basic-Concept/Data-Model-and-Terminology.md" target="_blank" rel="noopener noreferrer">path patterns<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a> can be used to manage permissions flexibly.</p><h3 id="role" tabindex="-1"><a class="header-anchor" href="#role"><span>Role</span></a></h3><p>A role is a collection of multiple permissions and has a unique role name as an identifier. Roles often correspond to real-world identities (e.g., a traffic dispatcher), and a real-world identity may correspond to multiple users. Users with the same real-world identity often have the same permissions, and roles are abstractions for unified management of such permissions.</p><h3 id="default-users-and-roles" tabindex="-1"><a class="header-anchor" href="#default-users-and-roles"><span>Default Users and Roles</span></a></h3><p>After installation and initialization, IoTDB includes a default user: root, with the default password root. This user is an administrator with fixed permissions, which cannot be granted or revoked and cannot be deleted. There is only one administrator user in the database.</p><p>A newly created user or role does not have any permissions initially.</p><h2 id="user-definition" tabindex="-1"><a class="header-anchor" href="#user-definition"><span>User Definition</span></a></h2><p>Users with MANAGE_USER and MANAGE_ROLE permissions or administrators can create users or roles. Creating a user must meet the following constraints.</p><h3 id="username-constraints" tabindex="-1"><a class="header-anchor" href="#username-constraints"><span>Username Constraints</span></a></h3><p>4 to 32 characters, supports the use of uppercase and lowercase English letters, numbers, and special characters (<code>!@#$%^&*()_+-=</code>).</p><p>Users cannot create users with the same name as the administrator.</p><h3 id="password-constraints" tabindex="-1"><a class="header-anchor" href="#password-constraints"><span>Password Constraints</span></a></h3><p>4 to 32 characters, can use uppercase and lowercase letters, numbers, and special characters (<code>!@#$%^&*()_+-=</code>). Passwords are encrypted by default using MD5.</p><h3 id="role-name-constraints" tabindex="-1"><a class="header-anchor" href="#role-name-constraints"><span>Role Name Constraints</span></a></h3><p>4 to 32 characters, supports the use of uppercase and lowercase English letters, numbers, and special characters (<code>!@#$%^&*()_+-=</code>).</p><p>Users cannot create roles with the same name as the administrator.</p><h2 id="permission-management" tabindex="-1"><a class="header-anchor" href="#permission-management"><span>Permission Management</span></a></h2><p>IoTDB primarily has two types of permissions: series permissions and global permissions.</p><h3 id="series-permissions" tabindex="-1"><a class="header-anchor" href="#series-permissions"><span>Series Permissions</span></a></h3><p>Series permissions constrain the scope and manner in which users access data. IOTDB support authorization for both absolute paths and prefix-matching paths, and can be effective at the timeseries granularity.</p><p>The table below describes the types and scope of these permissions:</p><table><thead><tr><th>Permission Name</th><th>Description</th></tr></thead><tbody><tr><td>READ_DATA</td><td>Allows reading time series data under the authorized path.</td></tr><tr><td>WRITE_DATA</td><td>Allows reading time series data under the authorized path.<br>Allows inserting and deleting time series data under the authorized path.<br>Allows importing and loading data under the authorized path. When importing data, you need the WRITE_DATA permission for the corresponding path. When automatically creating databases or time series, you need MANAGE_DATABASE and WRITE_SCHEMA permissions.</td></tr><tr><td>READ_SCHEMA</td><td>Allows obtaining detailed information about the metadata tree under the authorized path, <br>including databases, child paths, child nodes, devices, time series, templates, views, etc.</td></tr><tr><td>WRITE_SCHEMA</td><td>Allows obtaining detailed information about the metadata tree under the authorized path.<br>Allows creating, deleting, and modifying time series, templates, views, etc. under the authorized path. When creating or modifying views, it checks the WRITE_SCHEMA permission for the view path and READ_SCHEMA permission for the data source. When querying and inserting data into views, it checks the READ_DATA and WRITE_DATA permissions for the view path.<br> Allows setting, unsetting, and viewing TTL under the authorized path. <br> Allows attaching or detaching templates under the authorized path.</td></tr></tbody></table><h3 id="global-permissions" tabindex="-1"><a class="header-anchor" href="#global-permissions"><span>Global Permissions</span></a></h3><p>Global permissions constrain the database functions that users can use and restrict commands that change the system and task state. Once a user obtains global authorization, they can manage the database.<br> The table below describes the types of system permissions:</p><table><thead><tr><th style="text-align:center;">Permission Name</th><th>Description</th></tr></thead><tbody><tr><td style="text-align:center;">MANAGE_DATABASE</td><td>Allow users to create and delete databases.</td></tr><tr><td style="text-align:center;">MANAGE_USER</td><td>Allow users to create, delete, modify, and view users.</td></tr><tr><td style="text-align:center;">MANAGE_ROLE</td><td>Allow users to create, delete, modify, and view roles. <br>Allow users to grant/revoke roles to/from other users.</td></tr><tr><td style="text-align:center;">USE_TRIGGER</td><td>Allow users to create, delete, and view triggers.<br>Independent of data source permission checks for triggers.</td></tr><tr><td style="text-align:center;">USE_UDF</td><td>Allow users to create, delete, and view user-defined functions. <br> Independent of data source permission checks for user-defined functions.</td></tr><tr><td style="text-align:center;">USE_CQ</td><td>Allow users to create, delete, and view continuous queries. <br> Independent of data source permission checks for continuous queries.</td></tr><tr><td style="text-align:center;">USE_PIPE</td><td>Allow users to create, start, stop, delete, and view pipelines. <br>Allow users to create, delete, and view pipeline plugins. <br>Independent of data source permission checks for pipelines.</td></tr><tr><td style="text-align:center;">EXTEND_TEMPLATE</td><td>Permission to automatically create templates.</td></tr><tr><td style="text-align:center;">MAINTAIN</td><td>Allow users to query and cancel queries. <br>Allow users to view variables. <br>Allow users to view cluster status.</td></tr><tr><td style="text-align:center;">USE_MODEL</td><td>Allow users to create, delete and view deep learning model.</td></tr><tr><td style="text-align:center;">Regarding template permissions:</td><td></td></tr></tbody></table><ol><li>Only administrators are allowed to create, delete, modify, query, mount, and unmount templates.</li><li>To activate a template, you need to have WRITE_SCHEMA permission for the activation path.</li><li>If automatic creation is enabled, writing to a non-existent path that has a template mounted will automatically extend the template and insert data. Therefore, one needs EXTEND_TEMPLATE permission and WRITE_DATA permission for writing to the sequence.</li><li>To deactivate a template, WRITE_SCHEMA permission for the mounted template path is required.</li><li>To query paths that use a specific metadata template, you needs READ_SCHEMA permission for the paths; otherwise, it will return empty results.</li></ol><h3 id="granting-and-revoking-permissions" tabindex="-1"><a class="header-anchor" href="#granting-and-revoking-permissions"><span>Granting and Revoking Permissions</span></a></h3><p>In IoTDB, users can obtain permissions through three methods:</p><ol><li>Granted by administrator, who has control over the permissions of other users.</li><li>Granted by a user allowed to authorize permissions, and this user was assigned the grant option keyword when obtaining the permission.</li><li>Granted a certain role by administrator or a user with MANAGE_ROLE, thereby obtaining permissions.</li></ol><p>Revoking a user's permissions can be done through the following methods:</p><ol><li>Revoked by administrator.</li><li>Revoked by a user allowed to authorize permissions, and this user was assigned the grant option keyword when obtaining the permission.</li><li>Revoked from a user's role by administrator or a user with MANAGE_ROLE, thereby revoking the permissions.</li></ol><ul><li>When granting permissions, a path must be specified. Global permissions need to be specified as root.**, while series-specific permissions must be absolute paths or prefix paths ending with a double wildcard.</li><li>When granting user/role permissions, you can specify the "with grant option" keyword for that permission, which means that the user can grant permissions on their authorized paths and can also revoke permissions on other users' authorized paths. For example, if User A is granted read permission for <code>group1.company1.**</code> with the grant option keyword, then A can grant read permissions to others on any node or series below <code>group1.company1</code>, and can also revoke read permissions on any node below <code>group1.company1</code> for other users.</li><li>When revoking permissions, the revocation statement will match against all of the user's permission paths and clear the matched permission paths. For example, if User A has read permission for <code>group1.company1.factory1</code>, when revoking read permission for <code>group1.company1.**</code>, it will remove A's read permission for <code>group1.company1.factory1</code>.</li></ul><h2 id="authentication" tabindex="-1"><a class="header-anchor" href="#authentication"><span>Authentication</span></a></h2><p>User permissions mainly consist of three parts: permission scope (path), permission type, and the "with grant option" flag:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>userTest1: |
| root.t1.** - read_schema, read_data - with grant option |
| root.** - write_schema, write_data - with grant option |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Each user has such a permission access list, identifying all the permissions they have acquired. You can view their permissions by using the command <code>LIST PRIVILEGES OF USER <username></code>.</p><p>When authorizing a path, the database will match the path with the permissions. For example, when checking the read_schema permission for <code>root.t1.t2</code>, it will first match with the permission access list <code>root.t1.**</code>. If it matches successfully, it will then check if that path contains the permission to be authorized. If not, it continues to the next path-permission match until a match is found or all matches are exhausted.</p><p>When performing authorization for multiple paths, such as executing a multi-path query task, the database will only present data for which the user has permissions. Data for which the user does not have permissions will not be included in the results, and information about these paths without permissions will be output to the alert messages.</p><p>Please note that the following operations require checking multiple permissions:</p><ol><li><p>Enabling the automatic sequence creation feature requires not only write permission for the corresponding sequence when a user inserts data into a non-existent sequence but also metadata modification permission for the sequence.</p></li><li><p>When executing the "select into" statement, it is necessary to check the read permission for the source sequence and the write permission for the target sequence. It should be noted that the source sequence data may only be partially accessible due to insufficient permissions, and if the target sequence has insufficient write permissions, an error will occur, terminating the task.</p></li><li><p>View permissions and data source permissions are independent. Performing read and write operations on a view will only check the permissions of the view itself and will not perform permission validation on the source path.</p></li></ol><h2 id="function-syntax-and-examples" tabindex="-1"><a class="header-anchor" href="#function-syntax-and-examples"><span>Function Syntax and Examples</span></a></h2><p>IoTDB provides composite permissions for user authorization:</p><table><thead><tr><th>Permission Name</th><th>Permission Scope</th></tr></thead><tbody><tr><td>ALL</td><td>All permissions</td></tr><tr><td>READ</td><td>READ_SCHEMA, READ_DATA</td></tr><tr><td>WRITE</td><td>WRITE_SCHEMA, WRITE_DATA</td></tr></tbody></table><p>Composite permissions are not specific permissions themselves but a shorthand way to denote a combination of permissions, with no difference from directly specifying the corresponding permission names.</p><p>The following series of specific use cases will demonstrate the usage of permission statements. Non-administrator users executing the following statements require obtaining the necessary permissions, which are indicated after the operation description.</p><h3 id="user-and-role-related" tabindex="-1"><a class="header-anchor" href="#user-and-role-related"><span>User and Role Related</span></a></h3><ul><li>Create user (Requires MANAGE_USER permission)</li></ul><div class="language-SQL line-numbers-mode" data-ext="SQL" data-title="SQL"><pre class="language-SQL"><code>CREATE USER <userName> <password> |
| eg: CREATE USER user1 'passwd' |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Delete user (Requires MANAGE_USER permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">DROP</span> <span class="token keyword">USER</span> <span class="token operator"><</span>userName<span class="token operator">></span> |
| eg: <span class="token keyword">DROP</span> <span class="token keyword">USER</span> user1 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Create role (Requires MANAGE_ROLE permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">CREATE</span> ROLE <span class="token operator"><</span>roleName<span class="token operator">></span> |
| eg: <span class="token keyword">CREATE</span> ROLE role1 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Delete role (Requires MANAGE_ROLE permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">DROP</span> ROLE <span class="token operator"><</span>roleName<span class="token operator">></span> |
| eg: <span class="token keyword">DROP</span> ROLE role1 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Grant role to user (Requires MANAGE_ROLE permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">GRANT</span> ROLE <span class="token operator"><</span>ROLENAME<span class="token operator">></span> <span class="token keyword">TO</span> <span class="token operator"><</span>USERNAME<span class="token operator">></span> |
| eg: <span class="token keyword">GRANT</span> ROLE admin <span class="token keyword">TO</span> user1 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Revoke role from user(Requires MANAGE_ROLE permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">REVOKE</span> ROLE <span class="token operator"><</span>ROLENAME<span class="token operator">></span> <span class="token keyword">FROM</span> <span class="token operator"><</span><span class="token keyword">USER</span><span class="token operator">></span> |
| eg: <span class="token keyword">REVOKE</span> ROLE admin <span class="token keyword">FROM</span> user1 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>List all user (Requires MANAGE_USER permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST <span class="token keyword">USER</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>List all role (Requires MANAGE_ROLE permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST ROLE |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>List all users granted specific role.(Requires MANAGE_USER permission)</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST <span class="token keyword">USER</span> <span class="token keyword">OF</span> ROLE <span class="token operator"><</span>roleName<span class="token operator">></span> |
| eg: LIST <span class="token keyword">USER</span> <span class="token keyword">OF</span> ROLE roleuser |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li><p>List all role granted to specific user.</p><p>Users can list their own roles, but listing roles of other users requires the MANAGE_ROLE permission.</p></li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST ROLE <span class="token keyword">OF</span> <span class="token keyword">USER</span> <span class="token operator"><</span>username<span class="token operator">></span> |
| eg: LIST ROLE <span class="token keyword">OF</span> <span class="token keyword">USER</span> tempuser |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>List all privileges of user</li></ul><p>Users can list their own privileges, but listing privileges of other users requires the MANAGE_USER permission.</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST <span class="token keyword">PRIVILEGES</span> <span class="token keyword">OF</span> <span class="token keyword">USER</span> <span class="token operator"><</span>username<span class="token operator">></span><span class="token punctuation">;</span> |
| eg: LIST <span class="token keyword">PRIVILEGES</span> <span class="token keyword">OF</span> <span class="token keyword">USER</span> tempuser<span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>List all privileges of role</li></ul><p>Users can list the permission information of roles they have, but listing permissions of other roles requires the MANAGE_ROLE permission.</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST <span class="token keyword">PRIVILEGES</span> <span class="token keyword">OF</span> ROLE <span class="token operator"><</span>roleName<span class="token operator">></span><span class="token punctuation">;</span> |
| eg: LIST <span class="token keyword">PRIVILEGES</span> <span class="token keyword">OF</span> ROLE actor<span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>Update password</li></ul><p>Users can update their own password, but updating passwords of other users requires the MANAGE_USER permission.</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">ALTER</span> <span class="token keyword">USER</span> <span class="token operator"><</span>username<span class="token operator">></span> <span class="token keyword">SET</span> PASSWORD <span class="token operator"><</span>password<span class="token operator">></span><span class="token punctuation">;</span> |
| eg: <span class="token keyword">ALTER</span> <span class="token keyword">USER</span> tempuser <span class="token keyword">SET</span> PASSWORD <span class="token string">'newpwd'</span><span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="authorization-and-deauthorization" tabindex="-1"><a class="header-anchor" href="#authorization-and-deauthorization"><span>Authorization and Deauthorization</span></a></h3><p>Users can use authorization statements to grant permissions to other users. The syntax is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">GRANT</span> <span class="token operator"><</span><span class="token keyword">PRIVILEGES</span><span class="token operator">></span> <span class="token keyword">ON</span> <span class="token operator"><</span>PATHS<span class="token operator">></span> <span class="token keyword">TO</span> ROLE<span class="token operator">/</span><span class="token keyword">USER</span> <span class="token operator"><</span>NAME<span class="token operator">></span> <span class="token punctuation">[</span><span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">]</span>; |
| eg: <span class="token keyword">GRANT</span> <span class="token keyword">READ</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> ROLE role1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">GRANT</span> READ_DATA<span class="token punctuation">,</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">GRANT</span> READ_DATA<span class="token punctuation">,</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span>root<span class="token punctuation">.</span>t2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">GRANT</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1 <span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">;</span> |
| eg: <span class="token keyword">GRANT</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1 <span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Users can use deauthorization statements to revoke permissions from others. The syntax is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">REVOKE</span> <span class="token operator"><</span><span class="token keyword">PRIVILEGES</span><span class="token operator">></span> <span class="token keyword">ON</span> <span class="token operator"><</span>PATHS<span class="token operator">></span> <span class="token keyword">FROM</span> ROLE<span class="token operator">/</span><span class="token keyword">USER</span> <span class="token operator"><</span>NAME<span class="token operator">></span><span class="token punctuation">;</span> |
| eg: <span class="token keyword">REVOKE</span> <span class="token keyword">READ</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> ROLE role1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">REVOKE</span> READ_DATA<span class="token punctuation">,</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">REVOKE</span> READ_DATA<span class="token punctuation">,</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span> root<span class="token punctuation">.</span>t2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">REVOKE</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| eg: <span class="token keyword">REVOKE</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> ROOT<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li><p><strong>When non-administrator users execute authorization/deauthorization statements, they need to have <PRIVILEGES> permissions on <PATHS>, and these permissions must be marked with WITH GRANT OPTION.</strong></p></li><li><p>When granting or revoking global permissions or when the statement contains global permissions (expanding ALL includes global permissions), you must specify the path as root**. For example, the following authorization/deauthorization statements are valid:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">GRANT</span> MANAGE_USER <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| <span class="token keyword">GRANT</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> ROLE role1 <span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">;</span> |
| <span class="token keyword">GRANT</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> role role1 <span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">;</span> |
| <span class="token keyword">REVOKE</span> MANAGE_USER <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| <span class="token keyword">REVOKE</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> ROLE role1<span class="token punctuation">;</span> |
| <span class="token keyword">REVOKE</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> ROLE role1<span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following statements are invalid:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">GRANT</span> <span class="token keyword">READ</span><span class="token punctuation">,</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| <span class="token keyword">GRANT</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span>t2 <span class="token keyword">TO</span> <span class="token keyword">USER</span> user1 <span class="token keyword">WITH</span> <span class="token keyword">GRANT</span> <span class="token keyword">OPTION</span><span class="token punctuation">;</span> |
| <span class="token keyword">REVOKE</span> <span class="token keyword">ALL</span> <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span>t2 <span class="token keyword">FROM</span> <span class="token keyword">USER</span> user1<span class="token punctuation">;</span> |
| <span class="token keyword">REVOKE</span> <span class="token keyword">READ</span><span class="token punctuation">,</span> MANAGE_ROLE <span class="token keyword">ON</span> root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span>t2 <span class="token keyword">FROM</span> ROLE ROLE1<span class="token punctuation">;</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div></li><li><p><PATH> must be a full path or a matching path ending with a double wildcard. The following paths are valid:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>root<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> |
| root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span>t2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> |
| root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span>t2<span class="token punctuation">.</span>t3 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>The following paths are invalid:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span> |
| root<span class="token punctuation">.</span>t1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">.</span>t2 |
| root<span class="token punctuation">.</span>t1<span class="token operator">*</span><span class="token punctuation">.</span>t2<span class="token punctuation">.</span>t3 |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div></li></ul><h2 id="examples" tabindex="-1"><a class="header-anchor" href="#examples"><span>Examples</span></a></h2><p>Based on the described <a href="https://github.com/thulab/iotdb/files/4438687/OtherMaterial-Sample.Data.txt" target="_blank" rel="noopener noreferrer">sample data<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a>, IoTDB's sample data may belong to different power generation groups such as ln, sgcc, and so on. Different power generation groups do not want other groups to access their database data, so we need to implement data isolation at the group level.</p><h4 id="create-users" tabindex="-1"><a class="header-anchor" href="#create-users"><span>Create Users</span></a></h4><p>Use <code>CREATE USER <userName> <password></code> to create users. For example, we can create two users for the ln and sgcc groups with the root user, who has all permissions, and name them ln_write_user and sgcc_write_user. It is recommended to enclose the username in backticks. The SQL statements are as follows:</p><div class="language-SQL line-numbers-mode" data-ext="SQL" data-title="SQL"><pre class="language-SQL"><code>CREATE USER `ln_write_user` 'write_pwd' |
| CREATE USER `sgcc_write_user` 'write_pwd' |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Now, using the SQL statement to display users:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>LIST <span class="token keyword">USER</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>We can see that these two users have been created, and the result is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">CREATE</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>ln_write_user<span class="token punctuation">`</span></span> <span class="token string">'write_pwd'</span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| IoTDB<span class="token operator">></span> <span class="token keyword">CREATE</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>sgcc_write_user<span class="token punctuation">`</span></span> <span class="token string">'write_pwd'</span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| IoTDB<span class="token operator">></span> LIST <span class="token keyword">USER</span><span class="token punctuation">;</span> |
| <span class="token operator">+</span><span class="token comment">---------------+</span> |
| <span class="token operator">|</span> <span class="token keyword">user</span><span class="token operator">|</span> |
| <span class="token operator">+</span><span class="token comment">---------------+</span> |
| <span class="token operator">|</span> ln_write_user<span class="token operator">|</span> |
| <span class="token operator">|</span> root<span class="token operator">|</span> |
| <span class="token operator">|</span>sgcc_write_user<span class="token operator">|</span> |
| <span class="token operator">+</span><span class="token comment">---------------+</span> |
| Total line number <span class="token operator">=</span> <span class="token number">3</span> |
| It costs <span class="token number">0.012</span>s |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="granting-permissions-to-users" tabindex="-1"><a class="header-anchor" href="#granting-permissions-to-users"><span>Granting Permissions to Users</span></a></h4><p>At this point, although two users have been created, they do not have any permissions, so they cannot operate on the database. For example, if we use the ln_write_user to write data to the database, the SQL statement is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">INSERT</span> <span class="token keyword">INTO</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">(</span><span class="token keyword">timestamp</span><span class="token punctuation">,</span><span class="token keyword">status</span><span class="token punctuation">)</span> <span class="token keyword">values</span><span class="token punctuation">(</span><span class="token number">1509465600000</span><span class="token punctuation">,</span><span class="token boolean">true</span><span class="token punctuation">)</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>At this point, the system does not allow this operation, and an error is displayed:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">INSERT</span> <span class="token keyword">INTO</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">(</span><span class="token keyword">timestamp</span><span class="token punctuation">,</span><span class="token keyword">status</span><span class="token punctuation">)</span> <span class="token keyword">values</span><span class="token punctuation">(</span><span class="token number">1509465600000</span><span class="token punctuation">,</span><span class="token boolean">true</span><span class="token punctuation">)</span> |
| Msg: <span class="token number">803</span>: <span class="token keyword">No</span> permissions <span class="token keyword">for</span> this operation<span class="token punctuation">,</span> please <span class="token keyword">add</span> privilege WRITE_DATA <span class="token keyword">on</span> <span class="token punctuation">[</span>root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">.</span><span class="token keyword">status</span><span class="token punctuation">]</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>Now, we will grant each user write permissions to the corresponding paths using the root user.</p><p>We use the <code>GRANT <PRIVILEGES> ON <PATHS> TO USER <username></code> statement to grant permissions to users, for example:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">GRANT</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>ln_write_user<span class="token punctuation">`</span></span> |
| <span class="token keyword">GRANT</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>sgcc1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span> root<span class="token punctuation">.</span>sgcc2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>sgcc_write_user<span class="token punctuation">`</span></span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>The execution status is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">GRANT</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>ln_write_user<span class="token punctuation">`</span></span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| IoTDB<span class="token operator">></span> <span class="token keyword">GRANT</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>sgcc1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span> root<span class="token punctuation">.</span>sgcc2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">TO</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>sgcc_write_user<span class="token punctuation">`</span></span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>Then, using ln_write_user, try to write data again:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">INSERT</span> <span class="token keyword">INTO</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">(</span><span class="token keyword">timestamp</span><span class="token punctuation">,</span> <span class="token keyword">status</span><span class="token punctuation">)</span> <span class="token keyword">values</span><span class="token punctuation">(</span><span class="token number">1509465600000</span><span class="token punctuation">,</span> <span class="token boolean">true</span><span class="token punctuation">)</span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="revoking-user-permissions" tabindex="-1"><a class="header-anchor" href="#revoking-user-permissions"><span>Revoking User Permissions</span></a></h4><p>After granting user permissions, we can use the <code>REVOKE <PRIVILEGES> ON <PATHS> FROM USER <USERNAME></code> to revoke the permissions granted to users. For example, using the root user to revoke the permissions of ln_write_user and sgcc_write_user:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code><span class="token keyword">REVOKE</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>ln_write_user<span class="token punctuation">`</span></span> |
| <span class="token keyword">REVOKE</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>sgcc1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span> root<span class="token punctuation">.</span>sgcc2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>sgcc_write_user<span class="token punctuation">`</span></span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>The execution status is as follows:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">REVOKE</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>ln_write_user<span class="token punctuation">`</span></span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| IoTDB<span class="token operator">></span> <span class="token keyword">REVOKE</span> WRITE_DATA <span class="token keyword">ON</span> root<span class="token punctuation">.</span>sgcc1<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span><span class="token punctuation">,</span> root<span class="token punctuation">.</span>sgcc2<span class="token punctuation">.</span><span class="token operator">*</span><span class="token operator">*</span> <span class="token keyword">FROM</span> <span class="token keyword">USER</span> <span class="token identifier"><span class="token punctuation">`</span>sgcc_write_user<span class="token punctuation">`</span></span> |
| Msg: The statement <span class="token operator">is</span> executed successfully<span class="token punctuation">.</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>After revoking the permissions, ln_write_user no longer has the permission to write data to root.ln.**:</p><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>IoTDB<span class="token operator">></span> <span class="token keyword">INSERT</span> <span class="token keyword">INTO</span> root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">(</span><span class="token keyword">timestamp</span><span class="token punctuation">,</span> <span class="token keyword">status</span><span class="token punctuation">)</span> <span class="token keyword">values</span><span class="token punctuation">(</span><span class="token number">1509465600000</span><span class="token punctuation">,</span> <span class="token boolean">true</span><span class="token punctuation">)</span> |
| Msg: <span class="token number">803</span>: <span class="token keyword">No</span> permissions <span class="token keyword">for</span> this operation<span class="token punctuation">,</span> please <span class="token keyword">add</span> privilege WRITE_DATA <span class="token keyword">on</span> <span class="token punctuation">[</span>root<span class="token punctuation">.</span>ln<span class="token punctuation">.</span>wf01<span class="token punctuation">.</span>wt01<span class="token punctuation">.</span><span class="token keyword">status</span><span class="token punctuation">]</span> |
| </code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h2 id="other-explanations" tabindex="-1"><a class="header-anchor" href="#other-explanations"><span>Other Explanations</span></a></h2><p>Roles are collections of permissions, and both permissions and roles are attributes of users. In other words, a role can have multiple permissions, and a user can have multiple roles and permissions (referred to as the user's self-permissions).</p><p>Currently, in IoTDB, there are no conflicting permissions. Therefore, the actual permissions a user has are the union of their self-permissions and the permissions of all their roles. In other words, to determine if a user can perform a certain operation, it's necessary to check whether their self-permissions or the permissions of all their roles allow that operation. Self-permissions, role permissions, and the permissions of multiple roles a user has may contain the same permission, but this does not have any impact.</p><p>It's important to note that if a user has a certain permission (corresponding to operation A) on their own, and one of their roles has the same permission, revoking the permission from the user alone will not prevent the user from performing operation A. To prevent the user from performing operation A, you need to revoke the permission from both the user and the role, or remove the user from the role that has the permission. Similarly, if you only revoke the permission from the role, it won't prevent the user from performing operation A if they have the same permission on their own.</p><p>At the same time, changes to roles will be immediately reflected in all users who have that role. For example, adding a certain permission to a role will immediately grant that permission to all users who have that role, and removing a certain permission will cause those users to lose that permission (unless the user has it on their own).</p><h2 id="upgrading-from-a-previous-version" tabindex="-1"><a class="header-anchor" href="#upgrading-from-a-previous-version"><span>Upgrading from a previous version</span></a></h2><p>Before version 1.3, there were many different permission types. In 1.3 version's implementation, we have streamlined the permission types.</p><p>The permission paths in version 1.3 of the database must be either full paths or matching paths ending with a double wildcard. During system upgrades, any invalid permission paths and permission types will be automatically converted. The first invalid node on the path will be replaced with "**", and any unsupported permission types will be mapped to the permissions supported by the current system.</p><table><thead><tr><th>Permission</th><th>Path</th><th>Mapped-Permission</th><th>Mapped-path</th></tr></thead><tbody><tr><td>CREATE_DATBASE</td><td>root.db.t1.*</td><td>MANAGE_DATABASE</td><td>root.**</td></tr><tr><td>INSERT_TIMESERIES</td><td>root.db.t2.*.t3</td><td>WRITE_DATA</td><td>root.db.t2.**</td></tr><tr><td>CREATE_TIMESERIES</td><td>root.db.t2*c.t3</td><td>WRITE_SCHEMA</td><td>root.db.**</td></tr><tr><td>LIST_ROLE</td><td>root.**</td><td>(ignore)</td><td></td></tr></tbody></table><p>You can refer to the table below for a comparison of permission types between the old and new versions (where "--IGNORE" indicates that the new version ignores that permission):</p><table><thead><tr><th>Permission Name</th><th>Path-Related</th><th>New Permission Name</th><th>Path-Related</th></tr></thead><tbody><tr><td>CREATE_DATABASE</td><td>YES</td><td>MANAGE_DATABASE</td><td>NO</td></tr><tr><td>INSERT_TIMESERIES</td><td>YES</td><td>WRITE_DATA</td><td>YES</td></tr><tr><td>UPDATE_TIMESERIES</td><td>YES</td><td>WRITE_DATA</td><td>YES</td></tr><tr><td>READ_TIMESERIES</td><td>YES</td><td>READ_DATA</td><td>YES</td></tr><tr><td>CREATE_TIMESERIES</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>DELETE_TIMESERIES</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>CREATE_USER</td><td>NO</td><td>MANAGE_USER</td><td>NO</td></tr><tr><td>DELETE_USER</td><td>NO</td><td>MANAGE_USER</td><td>NO</td></tr><tr><td>MODIFY_PASSWORD</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>LIST_USER</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>GRANT_USER_PRIVILEGE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>REVOKE_USER_PRIVILEGE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>GRANT_USER_ROLE</td><td>NO</td><td>MANAGE_ROLE</td><td>NO</td></tr><tr><td>REVOKE_USER_ROLE</td><td>NO</td><td>MANAGE_ROLE</td><td>NO</td></tr><tr><td>CREATE_ROLE</td><td>NO</td><td>MANAGE_ROLE</td><td>NO</td></tr><tr><td>DELETE_ROLE</td><td>NO</td><td>MANAGE_ROLE</td><td>NO</td></tr><tr><td>LIST_ROLE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>GRANT_ROLE_PRIVILEGE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>REVOKE_ROLE_PRIVILEGE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>CREATE_FUNCTION</td><td>NO</td><td>USE_UDF</td><td>NO</td></tr><tr><td>DROP_FUNCTION</td><td>NO</td><td>USE_UDF</td><td>NO</td></tr><tr><td>CREATE_TRIGGER</td><td>YES</td><td>USE_TRIGGER</td><td>NO</td></tr><tr><td>DROP_TRIGGER</td><td>YES</td><td>USE_TRIGGER</td><td>NO</td></tr><tr><td>START_TRIGGER</td><td>YES</td><td>USE_TRIGGER</td><td>NO</td></tr><tr><td>STOP_TRIGGER</td><td>YES</td><td>USE_TRIGGER</td><td>NO</td></tr><tr><td>CREATE_CONTINUOUS_QUERY</td><td>NO</td><td>USE_CQ</td><td>NO</td></tr><tr><td>DROP_CONTINUOUS_QUERY</td><td>NO</td><td>USE_CQ</td><td>NO</td></tr><tr><td>ALL</td><td>NO</td><td>All privilegs</td><td></td></tr><tr><td>DELETE_DATABASE</td><td>YES</td><td>MANAGE_DATABASE</td><td>NO</td></tr><tr><td>ALTER_TIMESERIES</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>UPDATE_TEMPLATE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>READ_TEMPLATE</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>APPLY_TEMPLATE</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>READ_TEMPLATE_APPLICATION</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>SHOW_CONTINUOUS_QUERIES</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>CREATE_PIPEPLUGIN</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>DROP_PIPEPLUGINS</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>SHOW_PIPEPLUGINS</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>CREATE_PIPE</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>START_PIPE</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>STOP_PIPE</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>DROP_PIPE</td><td>NO</td><td>USE_PIPE</td><td>NO</td></tr><tr><td>SHOW_PIPES</td><td>NO</td><td>-- IGNORE</td><td></td></tr><tr><td>CREATE_VIEW</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>ALTER_VIEW</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>RENAME_VIEW</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr><tr><td>DELETE_VIEW</td><td>YES</td><td>WRITE_SCHEMA</td><td>YES</td></tr></tbody></table></div><!--[--><!----><!--]--><footer class="vp-page-meta"><div class="vp-meta-item edit-link"><a href="https://github.com/apache/iotdb-docs/edit/main/src/UserGuide/latest/User-Manual/Authority-Management.md" rel="noopener noreferrer" target="_blank" aria-label="Found Error? Edit this page on GitHub" class="nav-link vp-meta-label"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon edit-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="edit icon"><path d="M430.818 653.65a60.46 60.46 0 0 1-50.96-93.281l71.69-114.012 7.773-10.365L816.038 80.138A60.46 60.46 0 0 1 859.225 62a60.46 60.46 0 0 1 43.186 18.138l43.186 43.186a60.46 60.46 0 0 1 0 86.373L588.879 565.55l-8.637 8.637-117.466 68.234a60.46 60.46 0 0 1-31.958 11.229z"></path><path d="M728.802 962H252.891A190.883 190.883 0 0 1 62.008 771.98V296.934a190.883 190.883 0 0 1 190.883-192.61h267.754a60.46 60.46 0 0 1 0 120.92H252.891a69.962 69.962 0 0 0-69.098 69.099V771.98a69.962 69.962 0 0 0 69.098 69.098h475.911A69.962 69.962 0 0 0 797.9 771.98V503.363a60.46 60.46 0 1 1 120.922 0V771.98A190.883 190.883 0 0 1 728.802 962z"></path></svg><!--]-->Found Error? Edit this page on GitHub<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="vp-meta-item git-info"><div class="update-time"><span class="vp-meta-label">Last update: </span><!----></div><!----></div></footer><nav class="vp-page-nav"><a class="route-link nav-link prev" href="/UserGuide/latest/User-Manual/Database-Programming.html" aria-label="Database Programming"><div class="hint"><span class="arrow start"></span>Prev</div><div class="link"><!---->Database Programming</div></a><a class="route-link nav-link next" href="/UserGuide/latest/User-Manual/Maintennance.html" aria-label="Maintennance"><div class="hint">Next<span class="arrow end"></span></div><div class="link">Maintennance<!----></div></a></nav><!----><!--[--><!----><!--]--><!--]--></main><!--]--><footer style="padding-bottom:2rem;"><span id="doc-version" style="display:none;">latest</span><p style="text-align:center;color:#909399;font-size:12px;margin:0 30px;">Copyright © 2024 The Apache Software Foundation.<br> Apache and the Apache feather logo are trademarks of The Apache Software Foundation</p><p style="text-align:center;margin-top:10px;color:#909399;font-size:12px;margin:0 30px;"><strong>Have a question?</strong> Connect with us on QQ, WeChat, or Slack. <a href="https://github.com/apache/iotdb/issues/1995">Join the community</a> now.</p></footer></div><!--]--><!--]--><!--[--><!----><!--]--><!--]--></div> |
| <script type="module" src="/assets/app-DrPcRZG6.js" defer></script> |
| </body> |
| </html> |
