You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@iotdb.apache.org by su...@apache.org on 2022/01/19 11:01:20 UTC

[iotdb] branch admin_doc created (now a3d4418)

This is an automated email from the ASF dual-hosted git repository.

sunzesong pushed a change to branch admin_doc
in repository https://gitbox.apache.org/repos/asf/iotdb.git.


      at a3d4418  Add more SQL in Administration doc

This branch includes the following new commits:

     new a3d4418  Add more SQL in Administration doc

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[iotdb] 01/01: Add more SQL in Administration doc

Posted by su...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

sunzesong pushed a commit to branch admin_doc
in repository https://gitbox.apache.org/repos/asf/iotdb.git

commit a3d441862801c7ea81468d56725652b5db923be8
Author: Zesong Sun <v-...@microsoft.com>
AuthorDate: Wed Jan 19 19:00:15 2022 +0800

    Add more SQL in Administration doc
---
 .../Administration-Management/Administration.md    | 130 ++++++++++++++++++++-
 .../Administration-Management/Administration.md    | 130 ++++++++++++++++++++-
 2 files changed, 256 insertions(+), 4 deletions(-)

diff --git a/docs/UserGuide/Administration-Management/Administration.md b/docs/UserGuide/Administration-Management/Administration.md
index 2b151a6..ec5af8f 100644
--- a/docs/UserGuide/Administration-Management/Administration.md
+++ b/docs/UserGuide/Administration-Management/Administration.md
@@ -50,7 +50,7 @@ According to the [sample data](https://github.com/thulab/iotdb/files/4438687/Oth
 
 ### Create User
 
-We can create two users for ln and sgcc groups, named ln\_write\_user and sgcc\_write\_user, with both passwords being write\_pwd. The SQL statement is:
+We use `CREATE USER <userName> <password>` to create users. For example, we can create two users for ln and sgcc groups, named ln\_write\_user and sgcc\_write\_user, with both passwords being write\_pwd. The SQL statement is:
 
 ```
 CREATE USER ln_write_user 'write_pwd'
@@ -88,7 +88,9 @@ The SQL statement will not be executed and the corresponding error prompt is giv
 Msg: 602: No permissions for this operation INSERT
 ```
 
-Now, we grant the two users write privileges to the corresponding storage groups, and try to write data again. The SQL statement is:
+Now, we grant the two users write privileges to the corresponding storage groups, and try to write data again.
+
+We use `GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName>` to grant user privileges. For example:
 
 ```
 GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln
@@ -106,6 +108,130 @@ IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, tr
 Msg: The statement is executed successfully.
 ```
 
+### Other SQL Statements
+
+Here are some more SQL statements:
+
+* Delete User
+
+```
+DROP USER <userName>;  
+Eg: IoTDB > DROP USER xiaoming;
+```
+
+* Create Role
+
+```
+CREATE ROLE <roleName>;  
+Eg: IoTDB > CREATE ROLE admin;
+```
+
+* Delete Role
+
+```
+DROP ROLE <roleName>;  
+Eg: IoTDB > DROP ROLE admin;
+```
+
+* Grant Role Privileges
+
+```
+GRANT ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > GRANT ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* Grant User Role
+
+```
+GRANT <roleName> TO <userName>;  
+Eg: IoTDB > GRANT temprole TO tempuser;
+```
+
+* Revoke User Privileges
+
+```
+REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName>;   
+Eg: IoTDB > REVOKE USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln;
+```
+
+* Revoke Role Privileges
+
+```
+REVOKE ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > REVOKE ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* Revoke Role From User
+
+```
+REVOKE <roleName> FROM <userName>;
+Eg: IoTDB > REVOKE temprole FROM tempuser;
+```
+
+* List Users
+
+```
+LIST USER
+Eg: IoTDB > LIST USER
+```
+
+* List Roles
+
+```
+LIST ROLE
+Eg: IoTDB > LIST ROLE
+```
+
+* List Privileges
+
+```
+LIST PRIVILEGES USER  <username> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES USER sgcc_wirte_user ON root.sgcc;
+```
+
+* List Privileges of Roles
+
+```
+LIST ROLE PRIVILEGES <roleName>
+Eg: IoTDB > LIST ROLE PRIVILEGES actor;
+```
+
+* List Privileges of Roles(On Specific Path)
+
+```
+LIST PRIVILEGES ROLE <roleName> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES ROLE wirte_role ON root.sgcc;
+```
+
+* List Privileges of Users
+
+```
+LIST USER PRIVILEGES <username> ;   
+Eg: IoTDB > LIST USER PRIVILEGES tempuser;
+```
+
+* List Roles of Users
+
+```
+LIST ALL ROLE OF USER <username> ;  
+Eg: IoTDB > LIST ALL ROLE OF USER tempuser;
+```
+
+* List Users of Role
+
+```
+LIST ALL USER OF ROLE <roleName>;
+Eg: IoTDB > LIST ALL USER OF ROLE roleuser;
+```
+
+* Alter Password
+
+```
+ALTER USER <username> SET PASSWORD <password>;
+Eg: IoTDB > ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+
 ## Other Instructions
 
 ### The Relationship among Users, Privileges and Roles
diff --git a/docs/zh/UserGuide/Administration-Management/Administration.md b/docs/zh/UserGuide/Administration-Management/Administration.md
index 2a984c8..f66e1db 100644
--- a/docs/zh/UserGuide/Administration-Management/Administration.md
+++ b/docs/zh/UserGuide/Administration-Management/Administration.md
@@ -49,7 +49,7 @@ IoTDB 为用户提供了权限管理操作，从而为用户提供对于数据
 
 ### 创建用户
 
-我们可以为 ln 和 sgcc 集团创建两个用户角色，名为 ln_write_user, sgcc_write_user，密码均为 write_pwd。SQL 语句为：
+使用 `CREATE USER <userName> <password>` 创建用户。我们可以为 ln 和 sgcc 集团创建两个用户角色，名为 ln_write_user, sgcc_write_user，密码均为 write_pwd。SQL 语句为：
 
 ```
 CREATE USER ln_write_user 'write_pwd'
@@ -94,7 +94,9 @@ INSERT INTO root.ln.wf01.wt01(timestamp,status) values(1509465600000,true)
 Msg: 602: No permissions for this operation INSERT
 ```
 
-现在，我们分别赋予他们向对应存储组数据的写入权限，并再次尝试向对应的存储组进行数据写入。SQL 语句为：
+现在，我们分别赋予他们向对应存储组数据的写入权限，并再次尝试向对应的存储组进行数据写入。
+
+我们 `GRANT USER <userName> PRIVILEGES <privileges> ON <nodeName>` 语句赋予用户权限，例如：
 ```
 GRANT USER ln_write_user PRIVILEGES INSERT_TIMESERIES on root.ln
 GRANT USER sgcc_write_user PRIVILEGES INSERT_TIMESERIES on root.sgcc
@@ -111,6 +113,130 @@ IoTDB> INSERT INTO root.ln.wf01.wt01(timestamp, status) values(1509465600000, tr
 Msg: The statement is executed successfully.
 ```
 
+### 其他 SQL 语句
+
+其他与权限相关的语句包括：
+
+* 删除用户
+
+```
+DROP USER <userName>;  
+Eg: IoTDB > DROP USER xiaoming;
+```
+
+* 创建角色
+
+```
+CREATE ROLE <roleName>;  
+Eg: IoTDB > CREATE ROLE admin;
+```
+
+* 删除角色
+
+```
+DROP ROLE <roleName>;  
+Eg: IoTDB > DROP ROLE admin;
+```
+
+* 赋予角色权限
+
+```
+GRANT ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > GRANT ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* 赋予用户角色
+
+```
+GRANT <roleName> TO <userName>;  
+Eg: IoTDB > GRANT temprole TO tempuser;
+```
+
+* 撤销用户权限
+
+```
+REVOKE USER <userName> PRIVILEGES <privileges> ON <nodeName>;   
+Eg: IoTDB > REVOKE USER tempuser PRIVILEGES DELETE_TIMESERIES on root.ln;
+```
+
+* 撤销角色权限
+
+```
+REVOKE ROLE <roleName> PRIVILEGES <privileges> ON <nodeName>;  
+Eg: IoTDB > REVOKE ROLE temprole PRIVILEGES DELETE_TIMESERIES ON root.ln;
+```
+
+* 撤销用户角色
+
+```
+REVOKE <roleName> FROM <userName>;
+Eg: IoTDB > REVOKE temprole FROM tempuser;
+```
+
+* 列出用户
+
+```
+LIST USER
+Eg: IoTDB > LIST USER
+```
+
+* 列出角色
+
+```
+LIST ROLE
+Eg: IoTDB > LIST ROLE
+```
+
+* 列出权限
+
+```
+LIST PRIVILEGES USER  <username> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES USER sgcc_wirte_user ON root.sgcc;
+```
+
+* 列出角色权限
+
+```
+LIST ROLE PRIVILEGES <roleName>
+Eg: IoTDB > LIST ROLE PRIVILEGES actor;
+```
+
+* 列出角色在具体路径上的权限
+
+```
+LIST PRIVILEGES ROLE <roleName> ON <path>;    
+Eg: IoTDB > LIST PRIVILEGES ROLE wirte_role ON root.sgcc;
+```
+
+* 列出用户权限
+
+```
+LIST USER PRIVILEGES <username> ;   
+Eg: IoTDB > LIST USER PRIVILEGES tempuser;
+```
+
+* 列出用户角色
+
+```
+LIST ALL ROLE OF USER <username> ;  
+Eg: IoTDB > LIST ALL ROLE OF USER tempuser;
+```
+
+* 列出角色用户
+
+```
+LIST ALL USER OF ROLE <roleName>;
+Eg: IoTDB > LIST ALL USER OF ROLE roleuser;
+```
+
+* 更新密码
+
+```
+ALTER USER <username> SET PASSWORD <password>;
+Eg: IoTDB > ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+
 ## 其他说明
 
 ### 用户、权限与角色的关系