Google Git
Sign in
apache / iotdb-website / refs/heads/asf-site / . / zh / UserGuide / V1.2.x / User-Manual / Authority-Management.html
blob: 6818f0cedcc22419feb0eed104ee9f3696c8f8a3 [file] [log] [blame]
<!doctype html>
<html lang="zh-CN" data-theme="light">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<meta name="generator" content="VuePress 2.0.0-rc.9" />
<meta name="theme" content="VuePress Theme Hope 2.0.0-rc.34" />
<style>
html {
background: var(--bg-color, #fff);
}
html[data-theme="dark"] {
background: var(--bg-color, #1d1e1f);
}
body {
background: var(--bg-color);
}
</style>
<script>
const userMode = localStorage.getItem("vuepress-theme-hope-scheme");
const systemDarkMode =
window.matchMedia &&
window.matchMedia("(prefers-color-scheme: dark)").matches;
if (userMode === "dark" || (userMode !== "light" && systemDarkMode)) {
document.documentElement.setAttribute("data-theme", "dark");
}
</script>
<link rel="alternate" hreflang="en-us" href="https://iotdb.apache.org/UserGuide/V1.2.x/User-Manual/Authority-Management.html"><meta property="og:url" content="https://iotdb.apache.org/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.html"><meta property="og:site_name" content="IoTDB Website"><meta property="og:title" content="权限管理"><meta property="og:description" content="权限管理 IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。 我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 。同时,在 JAVA 编程环境中,您可以使用 单条或批量执行权限管理类语句。 基本概念 用户 用户即数据库的合法使用者。一个用户与一个唯一的用户名相..."><meta property="og:type" content="article"><meta property="og:locale" content="zh-CN"><meta property="og:locale:alternate" content="en-US"><meta property="og:updated_time" content="2023-11-07T08:05:06.000Z"><meta property="article:modified_time" content="2023-11-07T08:05:06.000Z"><script type="application/ld+json">{"@context":"https://schema.org","@type":"Article","headline":"权限管理","image":[""],"dateModified":"2023-11-07T08:05:06.000Z","author":[]}</script><link rel="icon" href="/favicon.ico"><meta name="Description" content="Apache IoTDB: Time Series Database for IoT"><meta name="Keywords" content="TSDB, time series, time series database, IoTDB, IoT database, IoT data management,时序数据库, 时间序列管理, IoTDB, 物联网数据库, 实时数据库, 物联网数据管理, 物联网数据"><meta name="baidu-site-verification" content="wfKETzB3OT"><meta name="google-site-verification" content="mZWAoRY0yj_HAr-s47zHCGHzx5Ju-RVm5wDbPnwQYFo"><script type="text/javascript">
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(["setDoNotTrack", true]);
_paq.push(["disableCookies"]);
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="https://analytics.apache.org/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '56']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script><title>权限管理 | IoTDB Website</title><meta name="description" content="权限管理 IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。 我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 。同时,在 JAVA 编程环境中,您可以使用 单条或批量执行权限管理类语句。 基本概念 用户 用户即数据库的合法使用者。一个用户与一个唯一的用户名相...">
<link rel="preload" href="/assets/style-DnEHAOmf.css" as="style"><link rel="stylesheet" href="/assets/style-DnEHAOmf.css">
<link rel="modulepreload" href="/assets/app-DrPcRZG6.js"><link rel="modulepreload" href="/assets/Authority-Management.html-B4QhqWTY.js">
</head>
<body>
<div id="app"><!--[--><!--[--><!--[--><span tabindex="-1"></span><a href="#main-content" class="vp-skip-link sr-only">跳至主要內容</a><!--]--><!--[--><div class="theme-container has-toc"><!--[--><header id="navbar" class="vp-navbar hide-icon"><div class="vp-navbar-start"><button type="button" class="vp-toggle-sidebar-button" title="Toggle Sidebar"><span class="icon"></span></button><!--[--><!----><!--]--><!--[--><a class="route-link vp-brand" href="/zh/"><img class="vp-nav-logo" src="/logo.png" alt><!----><span class="vp-site-name hide-in-pad">IoTDB Website</span></a><!--]--><!--[--><!----><!--]--></div><div class="vp-navbar-center"><!--[--><!----><!--]--><!--[--><!--]--><!--[--><!----><!--]--></div><div class="vp-navbar-end"><!--[--><!----><!--]--><!--[--><!--[--><div id="docsearch-container" style="display:none;"></div><div><button type="button" class="DocSearch DocSearch-Button" aria-label="搜索文档"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">搜索文档</span></span><span class="DocSearch-Button-Keys"><kbd class="DocSearch-Button-Key"><svg width="15" height="15" class="DocSearch-Control-Key-Icon"><path d="M4.505 4.496h2M5.505 5.496v5M8.216 4.496l.055 5.993M10 7.5c.333.333.5.667.5 1v2M12.326 4.5v5.996M8.384 4.496c1.674 0 2.116 0 2.116 1.5s-.442 1.5-2.116 1.5M3.205 9.303c-.09.448-.277 1.21-1.241 1.203C1 10.5.5 9.513.5 8V7c0-1.57.5-2.5 1.464-2.494.964.006 1.134.598 1.24 1.342M12.553 10.5h1.953" stroke-width="1.2" stroke="currentColor" fill="none" stroke-linecap="square"></path></svg></kbd><kbd class="DocSearch-Button-Key">K</kbd></span></button></div><!--]--><nav class="vp-nav-links"><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="文档"><span class="title"><!---->文档</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/latest/QuickStart/QuickStart.html" aria-label="v1.3.x"><!---->v1.3.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/V1.2.x/QuickStart/QuickStart.html" aria-label="v1.2.x"><!---->v1.2.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/V1.1.x/QuickStart/QuickStart.html" aria-label="v1.1.x"><!---->v1.1.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/V1.0.x/QuickStart/QuickStart.html" aria-label="v1.0.x"><!---->v1.0.x<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/UserGuide/V0.13.x/QuickStart/QuickStart.html" aria-label="v0.13.x"><!---->v0.13.x<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><a href="https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=177051872" rel="noopener noreferrer" target="_blank" aria-label="系统设计" class="nav-link"><!---->系统设计<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="vp-nav-item hide-in-mobile"><a class="route-link nav-link" href="/zh/Download/" aria-label="下载"><!---->下载<!----></a></div><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="社区"><span class="title"><!---->社区</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/About.html" aria-label="关于社区"><!---->关于社区<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/Development-Guide.html" aria-label="贡献指南"><!---->贡献指南<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/Powered-By.html" aria-label="社区伙伴"><!---->社区伙伴<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/Feedback.html" aria-label="交流与反馈"><!---->交流与反馈<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/Materials.html" aria-label="活动与报告"><!---->活动与报告<!----></a></li><li class="dropdown-item"><a class="route-link nav-link" href="/zh/Community/Community-Project-Committers.html" aria-label="Commiters"><!---->Commiters<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="ASF"><span class="title"><!---->ASF</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="https://www.apache.org/" rel="noopener noreferrer" target="_blank" aria-label="基金会" class="nav-link"><!---->基金会<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/licenses/" rel="noopener noreferrer" target="_blank" aria-label="许可证" class="nav-link"><!---->许可证<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/security/" rel="noopener noreferrer" target="_blank" aria-label="安全" class="nav-link"><!---->安全<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/sponsorship.html" rel="noopener noreferrer" target="_blank" aria-label="赞助" class="nav-link"><!---->赞助<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/foundation/thanks.html" rel="noopener noreferrer" target="_blank" aria-label="致谢" class="nav-link"><!---->致谢<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://www.apache.org/events/current-event" rel="noopener noreferrer" target="_blank" aria-label="活动" class="nav-link"><!---->活动<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-item"><a href="https://privacy.apache.org/policies/privacy-policy-public.html" rel="noopener noreferrer" target="_blank" aria-label="隐私" class="nav-link"><!---->隐私<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li></ul></button></div></div></nav><div class="vp-nav-item"><div class="dropdown-wrapper"><button type="button" class="dropdown-title" aria-label="选择语言"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon i18n-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="i18n icon" style="width:1rem;height:1rem;vertical-align:middle;"><path d="M379.392 460.8 494.08 575.488l-42.496 102.4L307.2 532.48 138.24 701.44l-71.68-72.704L234.496 460.8l-45.056-45.056c-27.136-27.136-51.2-66.56-66.56-108.544h112.64c7.68 14.336 16.896 27.136 26.112 35.84l45.568 46.08 45.056-45.056C382.976 312.32 409.6 247.808 409.6 204.8H0V102.4h256V0h102.4v102.4h256v102.4H512c0 70.144-37.888 161.28-87.04 210.944L378.88 460.8zM576 870.4 512 1024H409.6l256-614.4H768l256 614.4H921.6l-64-153.6H576zM618.496 768h196.608L716.8 532.48 618.496 768z"></path></svg><!--]--><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a class="route-link nav-link" href="/UserGuide/V1.2.x/User-Manual/Authority-Management.html" aria-label="English"><!---->English<!----></a></li><li class="dropdown-item"><a class="route-link nav-link active" href="/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.html" aria-label="简体中文"><!---->简体中文<!----></a></li></ul></button></div></div><div class="vp-nav-item hide-in-mobile"><button type="button" id="appearance-switch"><svg xmlns="http://www.w3.org/2000/svg" class="icon auto-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="auto icon" style="display:none;"><path d="M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm0-840c-198.78 0-360 161.22-360 360 0 198.84 161.22 360 360 360s360-161.16 360-360c0-198.78-161.22-360-360-360zm0 660V212c165.72 0 300 134.34 300 300 0 165.72-134.28 300-300 300z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon dark-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="dark icon" style="display:none;"><path d="M524.8 938.667h-4.267a439.893 439.893 0 0 1-313.173-134.4 446.293 446.293 0 0 1-11.093-597.334A432.213 432.213 0 0 1 366.933 90.027a42.667 42.667 0 0 1 45.227 9.386 42.667 42.667 0 0 1 10.24 42.667 358.4 358.4 0 0 0 82.773 375.893 361.387 361.387 0 0 0 376.747 82.774 42.667 42.667 0 0 1 54.187 55.04 433.493 433.493 0 0 1-99.84 154.88 438.613 438.613 0 0 1-311.467 128z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon light-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="light icon" style="display:block;"><path d="M952 552h-80a40 40 0 0 1 0-80h80a40 40 0 0 1 0 80zM801.88 280.08a41 41 0 0 1-57.96-57.96l57.96-58a41.04 41.04 0 0 1 58 58l-58 57.96zM512 752a240 240 0 1 1 0-480 240 240 0 0 1 0 480zm0-560a40 40 0 0 1-40-40V72a40 40 0 0 1 80 0v80a40 40 0 0 1-40 40zm-289.88 88.08-58-57.96a41.04 41.04 0 0 1 58-58l57.96 58a41 41 0 0 1-57.96 57.96zM192 512a40 40 0 0 1-40 40H72a40 40 0 0 1 0-80h80a40 40 0 0 1 40 40zm30.12 231.92a41 41 0 0 1 57.96 57.96l-57.96 58a41.04 41.04 0 0 1-58-58l58-57.96zM512 832a40 40 0 0 1 40 40v80a40 40 0 0 1-80 0v-80a40 40 0 0 1 40-40zm289.88-88.08 58 57.96a41.04 41.04 0 0 1-58 58l-57.96-58a41 41 0 0 1 57.96-57.96z"></path></svg></button></div><div class="vp-nav-item vp-action"><a class="vp-action-link" href="https://github.com/apache/iotdb" target="_blank" rel="noopener noreferrer" aria-label="GitHub"><svg xmlns="http://www.w3.org/2000/svg" class="icon github-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="github icon" style="width:1.25rem;height:1.25rem;vertical-align:middle;"><path d="M511.957 21.333C241.024 21.333 21.333 240.981 21.333 512c0 216.832 140.544 400.725 335.574 465.664 24.49 4.395 32.256-10.07 32.256-23.083 0-11.69.256-44.245 0-85.205-136.448 29.61-164.736-64.64-164.736-64.64-22.315-56.704-54.4-71.765-54.4-71.765-44.587-30.464 3.285-29.824 3.285-29.824 49.195 3.413 75.179 50.517 75.179 50.517 43.776 75.008 114.816 53.333 142.762 40.79 4.523-31.66 17.152-53.377 31.19-65.537-108.971-12.458-223.488-54.485-223.488-242.602 0-53.547 19.114-97.323 50.517-131.67-5.035-12.33-21.93-62.293 4.779-129.834 0 0 41.258-13.184 134.912 50.346a469.803 469.803 0 0 1 122.88-16.554c41.642.213 83.626 5.632 122.88 16.554 93.653-63.488 134.784-50.346 134.784-50.346 26.752 67.541 9.898 117.504 4.864 129.834 31.402 34.347 50.474 78.123 50.474 131.67 0 188.586-114.73 230.016-224.042 242.09 17.578 15.232 33.578 44.672 33.578 90.454v135.85c0 13.142 7.936 27.606 32.854 22.87C862.25 912.597 1002.667 728.747 1002.667 512c0-271.019-219.648-490.667-490.71-490.667z"></path></svg></a></div><!--]--><!--[--><!----><!--]--><button type="button" class="vp-toggle-navbar-button" aria-label="Toggle Navbar" aria-expanded="false" aria-controls="nav-screen"><span><span class="vp-top"></span><span class="vp-middle"></span><span class="vp-bottom"></span></span></button></div></header><!----><!--]--><!----><div class="toggle-sidebar-wrapper"><span class="arrow start"></span></div><aside id="sidebar" class="vp-sidebar"><!--[--><!----><!--]--><ul class="vp-sidebar-links"><li><section class="vp-sidebar-group"><p class="vp-sidebar-header"><!----><span class="vp-sidebar-title">IoTDB用户手册 (V1.2.x)</span><!----></p><ul class="vp-sidebar-links"></ul></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">关于IoTDB</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">快速上手</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">基础概念</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">部署与运维</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable active" type="button"><!----><span class="vp-sidebar-title">使用手册</span><span class="vp-arrow down"></span></button><ul class="vp-sidebar-links"><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Syntax-Rule.html" aria-label="语法约定"><!---->语法约定<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Operate-Metadata.html" aria-label="元数据管理"><!---->元数据管理<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Write-Delete-Data.html" aria-label="数据增删"><!---->数据增删<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Query-Data.html" aria-label="数据查询"><!---->数据查询<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Operator-and-Expression.html" aria-label="运算符和表达式"><!---->运算符和表达式<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Streaming.html" aria-label="流处理"><!---->流处理<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Data-Sync.html" aria-label="数据同步"><!---->数据同步<!----></a></li><li><a class="route-link nav-link vp-sidebar-link vp-sidebar-page" href="/zh/UserGuide/V1.2.x/User-Manual/Database-Programming.html" aria-label="数据库编程"><!---->数据库编程<!----></a></li><li><a class="route-link nav-link active vp-sidebar-link vp-sidebar-page active" href="/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.html" aria-label="权限管理"><!---->权限管理<!----></a></li></ul></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">工具体系</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">应用编程接口</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">系统集成</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">SQL手册</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">FAQ</span><span class="vp-arrow end"></span></button><!----></section></li><li><section class="vp-sidebar-group"><button class="vp-sidebar-header clickable" type="button"><!----><span class="vp-sidebar-title">参考</span><span class="vp-arrow end"></span></button><!----></section></li></ul><!--[--><!----><!--]--></aside><!--[--><main id="main-content" class="vp-page"><!--[--><!--[--><!----><!--]--><!----><nav class="vp-breadcrumb disable"></nav><div class="vp-page-title"><h1><!---->权限管理</h1><div class="page-info"><!----><!----><span class="page-date-info" aria-label="写作日期"><svg xmlns="http://www.w3.org/2000/svg" class="icon calendar-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="calendar icon"><path d="M716.4 110.137c0-18.753-14.72-33.473-33.472-33.473-18.753 0-33.473 14.72-33.473 33.473v33.473h66.993v-33.473zm-334.87 0c0-18.753-14.72-33.473-33.473-33.473s-33.52 14.72-33.52 33.473v33.473h66.993v-33.473zm468.81 33.52H716.4v100.465c0 18.753-14.72 33.473-33.472 33.473a33.145 33.145 0 01-33.473-33.473V143.657H381.53v100.465c0 18.753-14.72 33.473-33.473 33.473a33.145 33.145 0 01-33.473-33.473V143.657H180.6A134.314 134.314 0 0046.66 277.595v535.756A134.314 134.314 0 00180.6 947.289h669.74a134.36 134.36 0 00133.94-133.938V277.595a134.314 134.314 0 00-133.94-133.938zm33.473 267.877H147.126a33.145 33.145 0 01-33.473-33.473c0-18.752 14.72-33.473 33.473-33.473h736.687c18.752 0 33.472 14.72 33.472 33.473a33.145 33.145 0 01-33.472 33.473z"></path></svg><span><!----></span><meta property="datePublished" content="2023-07-10T03:11:17.000Z"></span><span class="page-pageview-info" aria-label="访问量"><svg xmlns="http://www.w3.org/2000/svg" class="icon eye-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="eye icon"><path d="M992 512.096c0-5.76-.992-10.592-1.28-11.136-.192-2.88-1.152-8.064-2.08-10.816-.256-.672-.544-1.376-.832-2.08-.48-1.568-1.024-3.104-1.6-4.32C897.664 290.112 707.104 160 512 160c-195.072 0-385.632 130.016-473.76 322.592-1.056 2.112-1.792 4.096-2.272 5.856a55.512 55.512 0 00-.64 1.6c-1.76 5.088-1.792 8.64-1.632 7.744-.832 3.744-1.568 11.168-1.568 11.168-.224 2.272-.224 4.032.032 6.304 0 0 .736 6.464 1.088 7.808.128 1.824.576 4.512 1.12 6.976h-.032c.448 2.08 1.12 4.096 1.984 6.08.48 1.536.992 2.976 1.472 4.032C126.432 733.856 316.992 864 512 864c195.136 0 385.696-130.048 473.216-321.696 1.376-2.496 2.24-4.832 2.848-6.912.256-.608.48-1.184.672-1.728 1.536-4.48 1.856-8.32 1.728-8.32l-.032.032c.608-3.104 1.568-7.744 1.568-13.28zM512 672c-88.224 0-160-71.776-160-160s71.776-160 160-160 160 71.776 160 160-71.776 160-160 160z"></path></svg><span id="ArtalkPV" class="vp-pageview waline-pageview-count" data-path="/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.html" data-page-key="/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.html">...</span></span><span class="page-reading-time-info" aria-label="阅读时间"><svg xmlns="http://www.w3.org/2000/svg" class="icon timer-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="timer icon"><path d="M799.387 122.15c4.402-2.978 7.38-7.897 7.38-13.463v-1.165c0-8.933-7.38-16.312-16.312-16.312H256.33c-8.933 0-16.311 7.38-16.311 16.312v1.165c0 5.825 2.977 10.874 7.637 13.592 4.143 194.44 97.22 354.963 220.201 392.763-122.204 37.542-214.893 196.511-220.2 389.397-4.661 5.049-7.638 11.651-7.638 19.03v5.825h566.49v-5.825c0-7.379-2.849-13.981-7.509-18.9-5.049-193.016-97.867-351.985-220.2-389.527 123.24-37.67 216.446-198.453 220.588-392.892zM531.16 450.445v352.632c117.674 1.553 211.787 40.778 211.787 88.676H304.097c0-48.286 95.149-87.382 213.728-88.676V450.445c-93.077-3.107-167.901-81.297-167.901-177.093 0-8.803 6.99-15.793 15.793-15.793 8.803 0 15.794 6.99 15.794 15.793 0 80.261 63.69 145.635 142.01 145.635s142.011-65.374 142.011-145.635c0-8.803 6.99-15.793 15.794-15.793s15.793 6.99 15.793 15.793c0 95.019-73.789 172.82-165.96 177.093z"></path></svg><span>大约 13 分钟</span><meta property="timeRequired" content="PT13M"></span><!----><!----></div><hr></div><div class="vp-toc-placeholder"><aside id="toc"><!--[--><!----><!--]--><div class="vp-toc-header">此页内容<button type="button" class="print-button" title="打印"><svg xmlns="http://www.w3.org/2000/svg" class="icon print-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="print icon"><path d="M819.2 364.8h-44.8V128c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v236.8h-44.8C145.067 364.8 96 413.867 96 473.6v192c0 59.733 49.067 108.8 108.8 108.8h44.8V896c0 17.067 14.933 32 32 32h460.8c17.067 0 32-14.933 32-32V774.4h44.8c59.733 0 108.8-49.067 108.8-108.8v-192c0-59.733-49.067-108.8-108.8-108.8zM313.6 160h396.8v204.8H313.6V160zm396.8 704H313.6V620.8h396.8V864zM864 665.6c0 25.6-19.2 44.8-44.8 44.8h-44.8V588.8c0-17.067-14.933-32-32-32H281.6c-17.067 0-32 14.933-32 32v121.6h-44.8c-25.6 0-44.8-19.2-44.8-44.8v-192c0-25.6 19.2-44.8 44.8-44.8h614.4c25.6 0 44.8 19.2 44.8 44.8v192z"></path></svg></button><div class="arrow end"></div></div><div class="vp-toc-wrapper"><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#基本概念">基本概念</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#用户">用户</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#权限">权限</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#角色">角色</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#默认用户及其具有的角色">默认用户及其具有的角色</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#权限操作示例">权限操作示例</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#创建用户">创建用户</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#赋予用户权限">赋予用户权限</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#撤销用户权限">撤销用户权限</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#sql-语句">SQL 语句</a></li><!----><!--]--></ul></li><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level2" href="#其他说明">其他说明</a></li><li><ul class="vp-toc-list"><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#用户、权限与角色的关系">用户、权限与角色的关系</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#系统所含权限列表">系统所含权限列表</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#用户名限制">用户名限制</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#密码限制">密码限制</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#角色名限制">角色名限制</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#权限管理中的路径模式">权限管理中的路径模式</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#权限缓存">权限缓存</a></li><!----><!--]--><!--[--><li class="vp-toc-item"><a class="route-link vp-toc-link level3" href="#非root用户限制进行的操作">非root用户限制进行的操作</a></li><!----><!--]--></ul></li><!--]--></ul><div class="vp-toc-marker" style="top:-1.7rem;"></div></div><!--[--><!----><!--]--></aside></div><!--[--><!----><!--]--><div class="theme-hope-content"><h1 id="权限管理" tabindex="-1"><a class="header-anchor" href="#权限管理"><span>权限管理</span></a></h1><p>IoTDB 为用户提供了权限管理操作,从而为用户提供对于数据的权限管理功能,保障数据的安全。</p><p>我们将通过以下几个具体的例子为您示范基本的用户权限操作,详细的 SQL 语句及使用方式详情请参见本文 <a class="route-link" href="/zh/UserGuide/V1.2.x/Basic-Concept/Data-Model-and-Terminology.html">数据模式与概念章节</a>。同时,在 JAVA 编程环境中,您可以使用 <a class="route-link" href="/zh/UserGuide/V1.2.x/API/Programming-JDBC.html">JDBC API</a> 单条或批量执行权限管理类语句。</p><h2 id="基本概念" tabindex="-1"><a class="header-anchor" href="#基本概念"><span>基本概念</span></a></h2><h3 id="用户" tabindex="-1"><a class="header-anchor" href="#用户"><span>用户</span></a></h3><p>用户即数据库的合法使用者。一个用户与一个唯一的用户名相对应,并且拥有密码作为身份验证的手段。一个人在使用数据库之前,必须先提供合法的(即存于数据库中的)用户名与密码,使得自己成为用户。</p><h3 id="权限" tabindex="-1"><a class="header-anchor" href="#权限"><span>权限</span></a></h3><p>数据库提供多种操作,并不是所有的用户都能执行所有操作。如果一个用户可以执行某项操作,则称该用户有执行该操作的权限。权限可分为数据管理权限(如对数据进行增删改查)以及权限管理权限(用户、角色的创建与删除,权限的赋予与撤销等)。数据管理权限往往需要一个路径来限定其生效范围,可使用<a class="route-link" href="/zh/UserGuide/V1.2.x/Basic-Concept/Data-Model-and-Terminology.html">路径模式</a>灵活管理权限。</p><h3 id="角色" tabindex="-1"><a class="header-anchor" href="#角色"><span>角色</span></a></h3><p>角色是若干权限的集合,并且有一个唯一的角色名作为标识符。用户通常和一个现实身份相对应(例如交通调度员),而一个现实身份可能对应着多个用户。这些具有相同现实身份的用户往往具有相同的一些权限。角色就是为了能对这样的权限进行统一的管理的抽象。</p><h3 id="默认用户及其具有的角色" tabindex="-1"><a class="header-anchor" href="#默认用户及其具有的角色"><span>默认用户及其具有的角色</span></a></h3><p>初始安装后的 IoTDB 中有一个默认用户:root,默认密码为 root。该用户为管理员用户,固定拥有所有权限,无法被赋予、撤销权限,也无法被删除。</p><h2 id="权限操作示例" tabindex="-1"><a class="header-anchor" href="#权限操作示例"><span>权限操作示例</span></a></h2><p>根据本文中描述的 <a href="https://github.com/thulab/iotdb/files/4438687/OtherMaterial-Sample.Data.txt" target="_blank" rel="noopener noreferrer">样例数据<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a> 内容,IoTDB 的样例数据可能同时属于 ln, sgcc 等不同发电集团,不同的发电集团不希望其他发电集团获取自己的数据库数据,因此我们需要将不同的数据在集团层进行权限隔离。</p><h3 id="创建用户" tabindex="-1"><a class="header-anchor" href="#创建用户"><span>创建用户</span></a></h3><p>使用 <code>CREATE USER &lt;userName&gt; &lt;password&gt;</code> 创建用户。例如,我们可以使用具有所有权限的root用户为 ln 和 sgcc 集团创建两个用户角色,名为 ln_write_user, sgcc_write_user,密码均为 write_pwd。建议使用反引号(`)包裹用户名。SQL 语句为:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>CREATE USER `ln_write_user` &#39;write_pwd&#39;
CREATE USER `sgcc_write_user` &#39;write_pwd&#39;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>此时使用展示用户的 SQL 语句:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST USER
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>我们可以看到这两个已经被创建的用户,结果如下:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>IoTDB&gt; CREATE USER `ln_write_user` &#39;write_pwd&#39;
Msg: The statement is executed successfully.
IoTDB&gt; CREATE USER `sgcc_write_user` &#39;write_pwd&#39;
Msg: The statement is executed successfully.
IoTDB&gt; LIST USER
+---------------+
| user|
+---------------+
| ln_write_user|
| root|
|sgcc_write_user|
+---------------+
Total line number = 3
It costs 0.157s
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="赋予用户权限" tabindex="-1"><a class="header-anchor" href="#赋予用户权限"><span>赋予用户权限</span></a></h3><p>此时,虽然两个用户已经创建,但是他们不具有任何权限,因此他们并不能对数据库进行操作,例如我们使用 ln_write_user 用户对数据库中的数据进行写入,SQL 语句为:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true)
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>此时,系统不允许用户进行此操作,会提示错误:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>IoTDB&gt; INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true)
Msg: 602: No permissions for this operation, please add privilege INSERT_TIMESERIES.
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>现在,我们用root用户分别赋予他们向对应 database 数据的写入权限.</p><p>我们使用 <code>GRANT USER &lt;userName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeName&gt;</code> 语句赋予用户权限(注:其中,创建用户权限无需指定路径),例如:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT USER `ln_write_user` PRIVILEGES INSERT_TIMESERIES on root.ln.**
GRANT USER `sgcc_write_user` PRIVILEGES INSERT_TIMESERIES on root.sgcc1.**, root.sgcc2.**
GRANT USER `ln_write_user` PRIVILEGES CREATE_USER
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>执行状态如下所示:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>IoTDB&gt; GRANT USER `ln_write_user` PRIVILEGES INSERT_TIMESERIES on root.ln.**
Msg: The statement is executed successfully.
IoTDB&gt; GRANT USER `sgcc_write_user` PRIVILEGES INSERT_TIMESERIES on root.sgcc1.**, root.sgcc2.**
Msg: The statement is executed successfully.
IoTDB&gt; GRANT USER `ln_write_user` PRIVILEGES CREATE_USER
Msg: The statement is executed successfully.
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>接着使用ln_write_user再尝试写入数据</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>IoTDB&gt; INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true)
Msg: The statement is executed successfully.
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="撤销用户权限" tabindex="-1"><a class="header-anchor" href="#撤销用户权限"><span>撤销用户权限</span></a></h3><p>授予用户权限后,我们可以使用 <code>REVOKE USER &lt;userName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeName&gt;</code> 来撤销已授予的用户权限(注:其中,撤销创建用户权限无需指定路径)。例如,用root用户撤销ln_write_user和sgcc_write_user的权限:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE USER `ln_write_user` PRIVILEGES INSERT_TIMESERIES on root.ln.**
REVOKE USER `sgcc_write_user` PRIVILEGES INSERT_TIMESERIES on root.sgcc1.**, root.sgcc2.**
REVOKE USER `ln_write_user` PRIVILEGES CREATE_USER
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>执行状态如下所示:</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE USER `ln_write_user` PRIVILEGES INSERT_TIMESERIES on root.ln.**
Msg: The statement is executed successfully.
REVOKE USER `sgcc_write_user` PRIVILEGES INSERT_TIMESERIES on root.sgcc1.**, root.sgcc2.**
Msg: The statement is executed successfully.
REVOKE USER `ln_write_user` PRIVILEGES CREATE_USER
Msg: The statement is executed successfully.
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>撤销权限后,ln_write_user就没有向root.ln.**写入数据的权限了。</p><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, true)
Msg: 602: No permissions for this operation, please add privilege INSERT_TIMESERIES.
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="sql-语句" tabindex="-1"><a class="header-anchor" href="#sql-语句"><span>SQL 语句</span></a></h3><p>与权限相关的语句包括:</p><ul><li>创建用户</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>CREATE USER &lt;userName&gt; &lt;password&gt;;
Eg: IoTDB &gt; CREATE USER `thulab` &#39;passwd&#39;;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>删除用户</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>DROP USER &lt;userName&gt;;
Eg: IoTDB &gt; DROP USER `xiaoming`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>创建角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>CREATE ROLE &lt;roleName&gt;;
Eg: IoTDB &gt; CREATE ROLE `admin`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>删除角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>DROP ROLE &lt;roleName&gt;;
Eg: IoTDB &gt; DROP ROLE `admin`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予用户权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT USER &lt;userName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeNames&gt;;
Eg: IoTDB &gt; GRANT USER `tempuser` PRIVILEGES INSERT_TIMESERIES, DELETE_TIMESERIES on root.ln.**, root.sgcc.**;
Eg: IoTDB &gt; GRANT USER `tempuser` PRIVILEGES CREATE_ROLE;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予用户全部的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT USER &lt;userName&gt; PRIVILEGES ALL;
Eg: IoTDB &gt; GRANT USER `tempuser` PRIVILEGES ALL;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予角色权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT ROLE &lt;roleName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeNames&gt;;
Eg: IoTDB &gt; GRANT ROLE `temprole` PRIVILEGES INSERT_TIMESERIES, DELETE_TIMESERIES ON root.sgcc.**, root.ln.**;
Eg: IoTDB &gt; GRANT ROLE `temprole` PRIVILEGES CREATE_ROLE;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予角色全部的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT ROLE &lt;roleName&gt; PRIVILEGES ALL;
Eg: IoTDB &gt; GRANT ROLE `temprole` PRIVILEGES ALL;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>赋予用户角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>GRANT &lt;roleName&gt; TO &lt;userName&gt;;
Eg: IoTDB &gt; GRANT `temprole` TO tempuser;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销用户权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE USER &lt;userName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeNames&gt;;
Eg: IoTDB &gt; REVOKE USER `tempuser` PRIVILEGES DELETE_TIMESERIES on root.ln.**;
Eg: IoTDB &gt; REVOKE USER `tempuser` PRIVILEGES CREATE_ROLE;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>移除用户所有权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE USER &lt;userName&gt; PRIVILEGES ALL;
Eg: IoTDB &gt; REVOKE USER `tempuser` PRIVILEGES ALL;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销角色权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE ROLE &lt;roleName&gt; PRIVILEGES &lt;privileges&gt; ON &lt;nodeNames&gt;;
Eg: IoTDB &gt; REVOKE ROLE `temprole` PRIVILEGES DELETE_TIMESERIES ON root.ln.**;
Eg: IoTDB &gt; REVOKE ROLE `temprole` PRIVILEGES CREATE_ROLE;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销角色全部的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE ROLE &lt;roleName&gt; PRIVILEGES ALL;
Eg: IoTDB &gt; REVOKE ROLE `temprole` PRIVILEGES ALL;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>撤销用户角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>REVOKE &lt;roleName&gt; FROM &lt;userName&gt;;
Eg: IoTDB &gt; REVOKE `temprole` FROM tempuser;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出所有用户</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST USER
Eg: IoTDB &gt; LIST USER
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出指定角色下所有用户</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST USER OF ROLE &lt;roleName&gt;;
Eg: IoTDB &gt; LIST USER OF ROLE `roleuser`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出所有角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST ROLE
Eg: IoTDB &gt; LIST ROLE
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出指定用户下所有角色</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST ROLE OF USER &lt;username&gt; ;
Eg: IoTDB &gt; LIST ROLE OF USER `tempuser`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出用户所有权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST PRIVILEGES USER &lt;username&gt;;
Eg: IoTDB &gt; LIST PRIVILEGES USER `tempuser`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出用户在具体路径上相关联的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST PRIVILEGES USER &lt;username&gt; ON &lt;paths&gt;;
Eg: IoTDB&gt; LIST PRIVILEGES USER `tempuser` ON root.ln.**, root.ln.wf01.**;
+--------+-----------------------------------+
| role| privilege|
+--------+-----------------------------------+
| | root.ln.** : ALTER_TIMESERIES|
|temprole|root.ln.wf01.** : CREATE_TIMESERIES|
+--------+-----------------------------------+
Total line number = 2
It costs 0.005s
IoTDB&gt; LIST PRIVILEGES USER `tempuser` ON root.ln.wf01.wt01.**;
+--------+-----------------------------------+
| role| privilege|
+--------+-----------------------------------+
| | root.ln.** : ALTER_TIMESERIES|
|temprole|root.ln.wf01.** : CREATE_TIMESERIES|
+--------+-----------------------------------+
Total line number = 2
It costs 0.005s
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出角色所有权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST PRIVILEGES ROLE &lt;roleName&gt;;
Eg: IoTDB &gt; LIST PRIVILEGES ROLE `actor`;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>列出角色在具体路径上相关联的权限</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>LIST PRIVILEGES ROLE &lt;roleName&gt; ON &lt;paths&gt;;
Eg: IoTDB&gt; LIST PRIVILEGES ROLE `temprole` ON root.ln.**, root.ln.wf01.wt01.**;
+-----------------------------------+
| privilege|
+-----------------------------------+
|root.ln.wf01.** : CREATE_TIMESERIES|
+-----------------------------------+
Total line number = 1
It costs 0.005s
IoTDB&gt; LIST PRIVILEGES ROLE `temprole` ON root.ln.wf01.wt01.**;
+-----------------------------------+
| privilege|
+-----------------------------------+
|root.ln.wf01.** : CREATE_TIMESERIES|
+-----------------------------------+
Total line number = 1
It costs 0.005s
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>更新密码</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>ALTER USER &lt;username&gt; SET PASSWORD &lt;password&gt;;
Eg: IoTDB &gt; ALTER USER `tempuser` SET PASSWORD &#39;newpwd&#39;;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h2 id="其他说明" tabindex="-1"><a class="header-anchor" href="#其他说明"><span>其他说明</span></a></h2><h3 id="用户、权限与角色的关系" tabindex="-1"><a class="header-anchor" href="#用户、权限与角色的关系"><span>用户、权限与角色的关系</span></a></h3><p>角色是权限的集合,而权限和角色都是用户的一种属性。即一个角色可以拥有若干权限。一个用户可以拥有若干角色与权限(称为用户自身权限)。</p><p>目前在 IoTDB 中并不存在相互冲突的权限,因此一个用户真正具有的权限是用户自身权限与其所有的角色的权限的并集。即要判定用户是否能执行某一项操作,就要看用户自身权限或用户的角色的所有权限中是否有一条允许了该操作。用户自身权限与其角色权限,他的多个角色的权限之间可能存在相同的权限,但这并不会产生影响。</p><p>需要注意的是:如果一个用户自身有某种权限(对应操作 A),而他的某个角色有相同的权限。那么如果仅从该用户撤销该权限无法达到禁止该用户执行操作 A 的目的,还需要从这个角色中也撤销对应的权限,或者从这个用户将该角色撤销。同样,如果仅从上述角色将权限撤销,也不能禁止该用户执行操作 A。</p><p>同时,对角色的修改会立即反映到所有拥有该角色的用户上,例如对角色增加某种权限将立即使所有拥有该角色的用户都拥有对应权限,删除某种权限也将使对应用户失去该权限(除非用户本身有该权限)。</p><h3 id="系统所含权限列表" tabindex="-1"><a class="header-anchor" href="#系统所含权限列表"><span>系统所含权限列表</span></a></h3><table><thead><tr><th style="text-align:left;">权限名称</th><th style="text-align:left;">说明</th><th>示例</th></tr></thead><tbody><tr><td style="text-align:left;">CREATE_DATABASE</td><td style="text-align:left;">创建 database。包含设置 database 的权限和TTL。路径相关</td><td>Eg1: <code>CREATE DATABASE root.ln;</code><br>Eg2:<code>set ttl to root.ln 3600000;</code><br>Eg3:<code>unset ttl to root.ln;</code></td></tr><tr><td style="text-align:left;">DELETE_DATABASE</td><td style="text-align:left;">删除 database。路径相关</td><td>Eg: <code>delete database root.ln;</code></td></tr><tr><td style="text-align:left;">CREATE_TIMESERIES</td><td style="text-align:left;">创建时间序列。路径相关</td><td>Eg1: 创建时间序列<br><code>create timeseries root.ln.wf02.status with datatype=BOOLEAN,encoding=PLAIN;</code><br>Eg2: 创建对齐时间序列<br><code>create aligned timeseries root.ln.device1(latitude FLOAT encoding=PLAIN compressor=SNAPPY, longitude FLOAT encoding=PLAIN compressor=SNAPPY);</code></td></tr><tr><td style="text-align:left;">INSERT_TIMESERIES</td><td style="text-align:left;">插入数据。路径相关</td><td>Eg1: <code>insert into root.ln.wf02(timestamp,status) values(1,true);</code><br>Eg2: <code>insert into root.sg1.d1(time, s1, s2) aligned values(1, 1, 1)</code></td></tr><tr><td style="text-align:left;">ALTER_TIMESERIES</td><td style="text-align:left;">修改时间序列标签。路径相关</td><td>Eg1: <code>alter timeseries root.turbine.d1.s1 ADD TAGS tag3=v3, tag4=v4;</code><br>Eg2: <code>ALTER timeseries root.turbine.d1.s1 UPSERT ALIAS=newAlias TAGS(tag2=newV2, tag3=v3) ATTRIBUTES(attr3=v3, attr4=v4);</code></td></tr><tr><td style="text-align:left;">READ_TIMESERIES</td><td style="text-align:left;">查询数据。路径相关</td><td>Eg1: <code>SHOW DATABASES;</code> <br>Eg2: <code>show child paths root.ln, show child nodes root.ln;</code><br>Eg3: <code>show devices;</code><br>Eg4: <code>show timeseries root.**;</code><br>Eg5: <code>show schema templates;</code><br>Eg6: <code>show all ttl</code><br>Eg7: <a class="route-link" href="/zh/UserGuide/V1.2.x/User-Manual/Query-Data.html#%E8%AF%AD%E6%B3%95%E8%AF%B4%E6%98%8E">数据查询</a>(这一节之下的查询语句均使用该权限)<br>Eg8: CVS格式数据导出<br><code>./export-csv.bat -h 127.0.0.1 -p 6667 -u tempuser -pw root -td ./</code><br>Eg9: 查询性能追踪<br><code>tracing select * from root.**</code><br>Eg10: UDF查询<br><code>select example(*) from root.sg.d1</code><br>Eg11: 查询触发器<br><code>show triggers</code><br>Eg12: 统计查询<br><code>count devices</code></td></tr><tr><td style="text-align:left;">DELETE_TIMESERIES</td><td style="text-align:left;">删除数据或时间序列。路径相关</td><td>Eg1: 删除时间序列<br><code>delete timeseries root.ln.wf01.wt01.status</code><br>Eg2: 删除数据<br><code>delete from root.ln.wf02.wt02.status where time &lt; 10</code><br>Eg3: 使用DROP关键字<br><code>drop timeseries root.ln.wf01.wt01.status</code></td></tr><tr><td style="text-align:left;">CREATE_USER</td><td style="text-align:left;">创建用户。路径无关</td><td>Eg: <code>create user thulab &#39;passwd&#39;;</code></td></tr><tr><td style="text-align:left;">DELETE_USER</td><td style="text-align:left;">删除用户。路径无关</td><td>Eg: <code>drop user xiaoming;</code></td></tr><tr><td style="text-align:left;">MODIFY_PASSWORD</td><td style="text-align:left;">修改所有用户的密码。路径无关。(没有该权限者仍然能够修改自己的密码。)</td><td>Eg: <code>alter user tempuser SET PASSWORD &#39;newpwd&#39;;</code></td></tr><tr><td style="text-align:left;">LIST_USER</td><td style="text-align:left;">列出所有用户,列出具有某角色的所有用户,列出用户在指定路径下相关权限。路径无关</td><td>Eg1: <code>list user;</code><br>Eg2: <code>list user of role &#39;wirte_role&#39;;</code><br>Eg3: <code>list privileges user admin;</code><br>Eg4: <code>list privileges user &#39;admin&#39; on root.sgcc.**;</code></td></tr><tr><td style="text-align:left;">GRANT_USER_PRIVILEGE</td><td style="text-align:left;">赋予用户权限。路径无关</td><td>Eg: <code>grant user tempuser privileges DELETE_TIMESERIES on root.ln.**;</code></td></tr><tr><td style="text-align:left;">REVOKE_USER_PRIVILEGE</td><td style="text-align:left;">撤销用户权限。路径无关</td><td>Eg: <code>revoke user tempuser privileges DELETE_TIMESERIES on root.ln.**;</code></td></tr><tr><td style="text-align:left;">GRANT_USER_ROLE</td><td style="text-align:left;">赋予用户角色。路径无关</td><td>Eg: <code>grant temprole to tempuser;</code></td></tr><tr><td style="text-align:left;">REVOKE_USER_ROLE</td><td style="text-align:left;">撤销用户角色。路径无关</td><td>Eg: <code>revoke temprole from tempuser;</code></td></tr><tr><td style="text-align:left;">CREATE_ROLE</td><td style="text-align:left;">创建角色。路径无关</td><td>Eg: <code>create role admin;</code></td></tr><tr><td style="text-align:left;">DELETE_ROLE</td><td style="text-align:left;">删除角色。路径无关</td><td>Eg: <code>drop role admin;</code></td></tr><tr><td style="text-align:left;">LIST_ROLE</td><td style="text-align:left;">列出所有角色,列出某用户下所有角色,列出角色在指定路径下相关权限。路径无关</td><td>Eg1: <code>list role</code><br>Eg2: <code>list role of user &#39;actor&#39;;</code><br>Eg3: <code>list privileges role wirte_role;</code><br>Eg4: <code>list privileges role wirte_role ON root.sgcc;</code></td></tr><tr><td style="text-align:left;">GRANT_ROLE_PRIVILEGE</td><td style="text-align:left;">赋予角色权限。路径无关</td><td>Eg: <code>grant role temprole privileges DELETE_TIMESERIES ON root.ln.**;</code></td></tr><tr><td style="text-align:left;">REVOKE_ROLE_PRIVILEGE</td><td style="text-align:left;">撤销角色权限。路径无关</td><td>Eg: <code>revoke role temprole privileges DELETE_TIMESERIES ON root.ln.**;</code></td></tr><tr><td style="text-align:left;">CREATE_FUNCTION</td><td style="text-align:left;">注册 UDF。路径无关</td><td>Eg: <code>create function example AS &#39;org.apache.iotdb.udf.UDTFExample&#39;;</code></td></tr><tr><td style="text-align:left;">DROP_FUNCTION</td><td style="text-align:left;">卸载 UDF。路径无关</td><td>Eg: <code>drop function example</code></td></tr><tr><td style="text-align:left;">CREATE_TRIGGER</td><td style="text-align:left;">创建触发器。路径相关</td><td>Eg1: <code>CREATE TRIGGER &lt;TRIGGER-NAME&gt; BEFORE INSERT ON &lt;FULL-PATH&gt; AS &lt;CLASSNAME&gt;</code><br>Eg2: <code>CREATE TRIGGER &lt;TRIGGER-NAME&gt; AFTER INSERT ON &lt;FULL-PATH&gt; AS &lt;CLASSNAME&gt;</code></td></tr><tr><td style="text-align:left;">DROP_TRIGGER</td><td style="text-align:left;">卸载触发器。路径相关</td><td>Eg: <code>drop trigger &#39;alert-listener-sg1d1s1&#39;</code></td></tr><tr><td style="text-align:left;">CREATE_CONTINUOUS_QUERY</td><td style="text-align:left;">创建连续查询。路径无关</td><td>Eg: <code>CREATE CONTINUOUS QUERY cq1 RESAMPLE RANGE 40s BEGIN &lt;QUERY-BODY&gt; END</code></td></tr><tr><td style="text-align:left;">DROP_CONTINUOUS_QUERY</td><td style="text-align:left;">卸载连续查询。路径无关</td><td>Eg1: <code>DROP CONTINUOUS QUERY cq3</code><br>Eg2: <code>DROP CQ cq3</code></td></tr><tr><td style="text-align:left;">SHOW_CONTINUOUS_QUERIES</td><td style="text-align:left;">展示所有连续查询。路径无关</td><td>Eg1: <code>SHOW CONTINUOUS QUERIES</code><br>Eg2: <code>SHOW cqs</code></td></tr><tr><td style="text-align:left;">UPDATE_TEMPLATE</td><td style="text-align:left;">创建、删除模板。路径无关。</td><td>Eg1: <code>create schema template t1(s1 int32)</code><br>Eg2: <code>drop schema template t1</code></td></tr><tr><td style="text-align:left;">READ_TEMPLATE</td><td style="text-align:left;">查看所有模板、模板内容。 路径无关</td><td>Eg1: <code>show schema templates</code><br>Eg2: <code>show nodes in template t1</code></td></tr><tr><td style="text-align:left;">APPLY_TEMPLATE</td><td style="text-align:left;">挂载、卸载、激活、解除模板。路径有关。</td><td>Eg1: <code>set schema template t1 to root.sg.d</code><br>Eg2: <code>unset schema template t1 from root.sg.d</code><br>Eg3: <code>create timeseries of schema template on root.sg.d</code><br>Eg4: <code>delete timeseries of schema template on root.sg.d</code></td></tr><tr><td style="text-align:left;">READ_TEMPLATE_APPLICATION</td><td style="text-align:left;">查看模板的挂载路径和激活路径。路径无关</td><td>Eg1: <code>show paths set schema template t1</code><br>Eg2: <code>show paths using schema template t1</code></td></tr></tbody></table><p>注意: 路径无关的权限只能在路径root.**下赋予或撤销;</p><p>注意: 下述sql语句需要赋予多个权限才可以使用:</p><ul><li>导入数据,需要赋予<code>READ_TIMESERIES</code><code>INSERT_TIMESERIES</code>两种权限。</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; ./import-csv.bat -h 127.0.0.1 -p 6667 -u renyuhua -pw root -f dump0.csv
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>查询写回(SELECT_INTO) <ul><li>需要所有 <code>select</code> 子句中源序列的 <code>READ_TIMESERIES</code> 权限</li><li>需要所有 <code>into</code> 子句中目标序列 <code>INSERT_TIMESERIES</code> 权限</li></ul></li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; select s1, s1 into t1, t2 from root.sg.d1 limit 5 offset 1000
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="用户名限制" tabindex="-1"><a class="header-anchor" href="#用户名限制"><span>用户名限制</span></a></h3><p>IoTDB 规定用户名的字符长度不小于 4,其中用户名不能包含空格。</p><h3 id="密码限制" tabindex="-1"><a class="header-anchor" href="#密码限制"><span>密码限制</span></a></h3><p>IoTDB 规定密码的字符长度不小于 4,其中密码不能包含空格,密码默认采用 MD5 进行加密。</p><h3 id="角色名限制" tabindex="-1"><a class="header-anchor" href="#角色名限制"><span>角色名限制</span></a></h3><p>IoTDB 规定角色名的字符长度不小于 4,其中角色名不能包含空格。</p><h3 id="权限管理中的路径模式" tabindex="-1"><a class="header-anchor" href="#权限管理中的路径模式"><span>权限管理中的路径模式</span></a></h3><p>一个路径模式的结果集包含了它的子模式的结果集的所有元素。例如,<code>root.sg.d.*</code><code>root.sg.*.*</code>的子模式,而<code>root.sg.**</code>不是<code>root.sg.*.*</code>的子模式。当用户被授予对某个路径模式的权限时,在他的DDL或DML中使用的模式必须是该路径模式的子模式,这保证了用户访问时间序列时不会超出他的权限范围。</p><h3 id="权限缓存" tabindex="-1"><a class="header-anchor" href="#权限缓存"><span>权限缓存</span></a></h3><p>在分布式相关的权限操作中,在进行除了创建用户和角色之外的其他权限更改操作时,都会先清除与该用户(角色)相关的所有的<code>dataNode</code>的缓存信息,如果任何一台<code>dataNode</code>缓存信息清楚失败,这个权限更改的任务就会失败。</p><h3 id="非root用户限制进行的操作" tabindex="-1"><a class="header-anchor" href="#非root用户限制进行的操作"><span>非root用户限制进行的操作</span></a></h3><p>目前以下IoTDB支持的sql语句只有<code>root</code>用户可以进行操作,且没有对应的权限可以赋予新用户。</p><h6 id="tsfile管理" tabindex="-1"><a class="header-anchor" href="#tsfile管理"><span>TsFile管理</span></a></h6><ul><li>加载TsFile</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; load &#39;/Users/Desktop/data/1575028885956-101-0.tsfile&#39;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>删除TsFile文件</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; remove &#39;/Users/Desktop/data/data/root.vehicle/0/0/1575028885956-101-0.tsfile&#39;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>卸载TsFile文件到指定目录</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; unload &#39;/Users/Desktop/data/data/root.vehicle/0/0/1575028885956-101-0.tsfile&#39; &#39;/data/data/tmp&#39;
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h6 id="删除时间分区-实验性功能" tabindex="-1"><a class="header-anchor" href="#删除时间分区-实验性功能"><span>删除时间分区(实验性功能)</span></a></h6><ul><li>删除时间分区(实验性功能)</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; DELETE PARTITION root.ln 0,1,2
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h6 id="连续查询" tabindex="-1"><a class="header-anchor" href="#连续查询"><span>连续查询</span></a></h6><ul><li>连续查询(CQ)</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; CREATE CONTINUOUS QUERY cq1 BEGIN SELECT max_value(temperature) INTO temperature_max FROM root.ln.*.* GROUP BY time(10s) END
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h6 id="运维命令" tabindex="-1"><a class="header-anchor" href="#运维命令"><span>运维命令</span></a></h6><ul><li>FLUSH</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; flush
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>MERGE</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; MERGE
Eg: IoTDB &gt; FULL MERGE
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><ul><li>CLEAR CACHE</li></ul><div class="language-sql line-numbers-mode" data-ext="sql" data-title="sql"><pre class="language-sql"><code>Eg: IoTDB <span class="token operator">&gt;</span> CLEAR CACHE
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>SET SYSTEM TO READONLY / WRITABLE</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; SET SYSTEM TO READONLY / WRITABLE
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>查询终止</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; KILL QUERY 1
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h6 id="水印工具" tabindex="-1"><a class="header-anchor" href="#水印工具"><span>水印工具</span></a></h6><ul><li>为新用户施加水印</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; grant watermark_embedding to Alice
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><ul><li>撤销水印</li></ul><div class="language-text line-numbers-mode" data-ext="text" data-title="text"><pre class="language-text"><code>Eg: IoTDB &gt; revoke watermark_embedding from Alice
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div></div><!--[--><!----><!--]--><footer class="vp-page-meta"><div class="vp-meta-item edit-link"><a href="https://github.com/apache/iotdb-docs/edit/main/src/zh/UserGuide/V1.2.x/User-Manual/Authority-Management.md" rel="noopener noreferrer" target="_blank" aria-label="发现错误?在 GitHub 上编辑此页" class="nav-link vp-meta-label"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon edit-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="edit icon"><path d="M430.818 653.65a60.46 60.46 0 0 1-50.96-93.281l71.69-114.012 7.773-10.365L816.038 80.138A60.46 60.46 0 0 1 859.225 62a60.46 60.46 0 0 1 43.186 18.138l43.186 43.186a60.46 60.46 0 0 1 0 86.373L588.879 565.55l-8.637 8.637-117.466 68.234a60.46 60.46 0 0 1-31.958 11.229z"></path><path d="M728.802 962H252.891A190.883 190.883 0 0 1 62.008 771.98V296.934a190.883 190.883 0 0 1 190.883-192.61h267.754a60.46 60.46 0 0 1 0 120.92H252.891a69.962 69.962 0 0 0-69.098 69.099V771.98a69.962 69.962 0 0 0 69.098 69.098h475.911A69.962 69.962 0 0 0 797.9 771.98V503.363a60.46 60.46 0 1 1 120.922 0V771.98A190.883 190.883 0 0 1 728.802 962z"></path></svg><!--]-->发现错误?在 GitHub 上编辑此页<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><div class="vp-meta-item git-info"><div class="update-time"><span class="vp-meta-label">上次编辑于: </span><!----></div><!----></div></footer><nav class="vp-page-nav"><a class="route-link nav-link prev" href="/zh/UserGuide/V1.2.x/User-Manual/Database-Programming.html" aria-label="数据库编程"><div class="hint"><span class="arrow start"></span>上一页</div><div class="link"><!---->数据库编程</div></a><!----></nav><!----><!--[--><!----><!--]--><!--]--></main><!--]--><footer style="padding-bottom:2rem;"><span id="doc-version" style="display:none;">rel/1.2</span><p style="text-align:center;color:#909399;font-size:12px;margin:0 30px;">Copyright © 2024 The Apache Software Foundation.<br> Apache and the Apache feather logo are trademarks of The Apache Software Foundation</p><p style="text-align:center;margin-top:10px;color:#909399;font-size:12px;margin:0 30px;"><strong>Have a question?</strong> Connect with us on QQ, WeChat, or Slack. <a href="https://github.com/apache/iotdb/issues/1995">Join the community</a> now.</p></footer></div><!--]--><!--]--><!--[--><!----><!--]--><!--]--></div>
<script type="module" src="/assets/app-DrPcRZG6.js" defer></script>
</body>
</html>