You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by su...@apache.org on 2022/01/19 11:01:21 UTC
[iotdb] 01/01: Add more SQL in Administration doc

This is an automated email from the ASF dual-hosted git repository.

sunzesong pushed a commit to branch admin_doc
in repository https://gitbox.apache.org/repos/asf/iotdb.git

commit a3d441862801c7ea81468d56725652b5db923be8
Author: Zesong Sun <v-...@microsoft.com>
AuthorDate: Wed Jan 19 19:00:15 2022 +0800

    Add more SQL in Administration doc
---
 .../Administration-Management/Administration.md    | 130 ++++++++++++++++++++-
 .../Administration-Management/Administration.md    | 130 ++++++++++++++++++++-
 2 files changed, 256 insertions(+), 4 deletions(-)

diff --git a/docs/UserGuide/Administration-Management/Administration.md b/docs/UserGuide/Administration-Management/Administration.md
index 2b151a6..ec5af8f 100644
--- a/docs/UserGuide/Administration-Management/Administration.md
+++ b/docs/UserGuide/Administration-Management/Administration.md
@@ -50,7 +50,7 @@ According to the [sample data](https://github.com/thulab/iotdb/files/4438687/Oth
 
 ### Create User
 
-We can create two users for ln and sgcc groups, named ln\_write\_user and sgcc\_write\_user, with both passwords being write\_pwd. The SQL statement is:
+We use `CREATE USER <userName> <password>` to create users. For example, we can create two users for ln and sgcc groups, named ln\_write\_user and sgcc\_write\_user, with both passwords being write\_pwd. The SQL statement is:
 
 ```
 CREATE USER ln_write_user 'write_pwd'
@@ -88,7 +88,9 @@ The SQL statement will not be executed and the corresponding error prompt is giv
 Msg: 602: No permissions for this operation INSERT
 ```
 
-Now, we grant the two users write privileges to the corresponding storage groups, and try to write data again. The SQL statement is:
+Now, we grant the two users write privileges to the corresponding storage groups, and try to write data again.
+
+We use `GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName>` to grant user privileges. For example:
 
 ```
 GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln
@@ -106,6 +108,130 @@ IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, tr
 Msg: The statement is executed successfully.
 ```
 
+### Other SQL Statements
+
+Here are some more SQL statements:
+
+* Delete User
+
+```
+DROP USER <userName>;  
+Eg: IoTDB > DROP USER xiaoming;
+```
+
+* Create Role
+
+```
+CREATE ROLE <roleName>;  
+Eg: IoTDB > CREATE ROLE admin;
+```
+
+* Delete Role
+
+```
+DROP ROLE <roleName>;  
+Eg: IoTDB > DROP ROLE admin;
+```
+
+* Grant Role Privileges
+
+```
+GRANT ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > GRANT ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* Grant User Role
+
+```
+GRANT <roleName> TO <userName>;  
+Eg: IoTDB > GRANT temprole TO tempuser;
+```
+
+* Revoke User Privileges
+
+```
+REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName>;   
+Eg: IoTDB > REVOKE USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln;
+```
+
+* Revoke Role Privileges
+
+```
+REVOKE ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > REVOKE ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* Revoke Role From User
+
+```
+REVOKE <roleName> FROM <userName>;
+Eg: IoTDB > REVOKE temprole FROM tempuser;
+```
+
+* List Users
+
+```
+LIST USER
+Eg: IoTDB > LIST USER
+```
+
+* List Roles
+
+```
+LIST ROLE
+Eg: IoTDB > LIST ROLE
+```
+
+* List Privileges
+
+```
+LIST PRIVILEGES USER  <username> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES USER sgcc_wirte_user ON root.sgcc;
+```
+
+* List Privileges of Roles
+
+```
+LIST ROLE PRIVILEGES <roleName>
+Eg: IoTDB > LIST ROLE PRIVILEGES actor;
+```
+
+* List Privileges of Roles(On Specific Path)
+
+```
+LIST PRIVILEGES ROLE <roleName> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES ROLE wirte_role ON root.sgcc;
+```
+
+* List Privileges of Users
+
+```
+LIST USER PRIVILEGES <username> ;   
+Eg: IoTDB > LIST USER PRIVILEGES tempuser;
+```
+
+* List Roles of Users
+
+```
+LIST ALL ROLE OF USER <username> ;  
+Eg: IoTDB > LIST ALL ROLE OF USER tempuser;
+```
+
+* List Users of Role
+
+```
+LIST ALL USER OF ROLE <roleName>;
+Eg: IoTDB > LIST ALL USER OF ROLE roleuser;
+```
+
+* Alter Password
+
+```
+ALTER USER <username> SET PASSWORD <password>;
+Eg: IoTDB > ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+
 ## Other Instructions
 
 ### The Relationship among Users, Privileges and Roles
diff --git a/docs/zh/UserGuide/Administration-Management/Administration.md b/docs/zh/UserGuide/Administration-Management/Administration.md
index 2a984c8..f66e1db 100644
--- a/docs/zh/UserGuide/Administration-Management/Administration.md
+++ b/docs/zh/UserGuide/Administration-Management/Administration.md
@@ -49,7 +49,7 @@ IoTDB 为用户提供了权限管理操作，从而为用户提供对于数据
 
 ### 创建用户
 
-我们可以为 ln 和 sgcc 集团创建两个用户角色，名为 ln_write_user, sgcc_write_user，密码均为 write_pwd。SQL 语句为：
+使用 `CREATE USER <userName> <password>` 创建用户。我们可以为 ln 和 sgcc 集团创建两个用户角色，名为 ln_write_user, sgcc_write_user，密码均为 write_pwd。SQL 语句为：
 
 ```
 CREATE USER ln_write_user 'write_pwd'
@@ -94,7 +94,9 @@ INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true)
 Msg: 602: No permissions for this operation INSERT
 ```
 
-现在，我们分别赋予他们向对应存储组数据的写入权限，并再次尝试向对应的存储组进行数据写入。SQL 语句为：
+现在，我们分别赋予他们向对应存储组数据的写入权限，并再次尝试向对应的存储组进行数据写入。
+
+我们 `GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName>` 语句赋予用户权限，例如：
 ```
 GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln
 GRANT USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc
@@ -111,6 +113,130 @@ IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, tr
 Msg: The statement is executed successfully.
 ```
 
+### 其他 SQL 语句
+
+其他与权限相关的语句包括：
+
+* 删除用户
+
+```
+DROP USER <userName>;  
+Eg: IoTDB > DROP USER xiaoming;
+```
+
+* 创建角色
+
+```
+CREATE ROLE <roleName>;  
+Eg: IoTDB > CREATE ROLE admin;
+```
+
+* 删除角色
+
+```
+DROP ROLE <roleName>;  
+Eg: IoTDB > DROP ROLE admin;
+```
+
+* 赋予角色权限
+
+```
+GRANT ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > GRANT ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* 赋予用户角色
+
+```
+GRANT <roleName> TO <userName>;  
+Eg: IoTDB > GRANT temprole TO tempuser;
+```
+
+* 撤销用户权限
+
+```
+REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName>;   
+Eg: IoTDB > REVOKE USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln;
+```
+
+* 撤销角色权限
+
+```
+REVOKE ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > REVOKE ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* 撤销用户角色
+
+```
+REVOKE <roleName> FROM <userName>;
+Eg: IoTDB > REVOKE temprole FROM tempuser;
+```
+
+* 列出用户
+
+```
+LIST USER
+Eg: IoTDB > LIST USER
+```
+
+* 列出角色
+
+```
+LIST ROLE
+Eg: IoTDB > LIST ROLE
+```
+
+* 列出权限
+
+```
+LIST PRIVILEGES USER  <username> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES USER sgcc_wirte_user ON root.sgcc;
+```
+
+* 列出角色权限
+
+```
+LIST ROLE PRIVILEGES <roleName>
+Eg: IoTDB > LIST ROLE PRIVILEGES actor;
+```
+
+* 列出角色在具体路径上的权限
+
+```
+LIST PRIVILEGES ROLE <roleName> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES ROLE wirte_role ON root.sgcc;
+```
+
+* 列出用户权限
+
+```
+LIST USER PRIVILEGES <username> ;   
+Eg: IoTDB > LIST USER PRIVILEGES tempuser;
+```
+
+* 列出用户角色
+
+```
+LIST ALL ROLE OF USER <username> ;  
+Eg: IoTDB > LIST ALL ROLE OF USER tempuser;
+```
+
+* 列出角色用户
+
+```
+LIST ALL USER OF ROLE <roleName>;
+Eg: IoTDB > LIST ALL USER OF ROLE roleuser;
+```
+
+* 更新密码
+
+```
+ALTER USER <username> SET PASSWORD <password>;
+Eg: IoTDB > ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+
 ## 其他说明
 
 ### 用户、权限与角色的关系