MySQL 5.7权限的介绍

MySQL支持的权限以下：

ALL或ALL PRIVILEGES 表明指定权限等级的全部权限。
ALTER 容许使用ALTER TABLE来改变表的结构，ALTER TABLE同时也须要CREATE和INSERT权限。重命名一个表须要对旧表具备ALTER和DROP权限，对新版具备CREATE和INSERT权限。
ALTER ROUTINE 容许改变和删除存储过程和函数
CREATE 容许建立新的数据库和表
CREATE ROUTINE 容许建立建立存储过程和包
CREATE TABLESPACE 容许建立、更改和删除表空间和日志文件组
CREATE TEMPORARY TABLES 容许建立临时表
CREATE USER 容许更改、建立、删除、重命名用户和收回全部权限
CREATE VIEW 容许建立视图
DELETE 容许从数据库的表中删除行
DROP 容许删除数据库、表和视图
EVENT 容许在事件调度里面建立、更改、删除和查看事件
EXECUETE 容许执行存储过程和包
FILE 容许在服务器的主机上经过LOAD DATA INFILE、SELECT ... INTO OUTFILE和LOAD_FILE()函数读写文件
GRANT OPTION 容许向其余用户授予或移除权限
INDEX 容许建立和删除索引
INSERT 容许向数据库的表中插入行
LOCK TABLE 容许执行LOCK TABLES语句来锁定表
PROCESS 容许显示在服务器上执行的线程信息，即被会话所执行的语句信息。这个权限容许你执行SHOW PROCESSLIST和mysqladmin processlist命令来查看线程，同时这个权限也容许你执行SHOW ENGINE命令
PROXY 容许用户冒充成为另一个用户
REFERENCES 容许建立外键
RELOAD 容许使用FLUSH语句
REPLICATION CLIENT 容许执行SHOW MASTER STATUS,SHOW SLAVE STATUS和SHOW BINARY LOGS命令
REPLICATION SLAVE 容许SLAVE服务器链接到当前服务器来做为他们的主服务器
SELECT 容许从数据库中查询表
SHOW DATABASES 容许帐户执行SHOW DATABASE语句来查看数据库。没有这个权限的帐户只能看到他们具备权限的数据库。
SHOW VIEW 容许执行SHOW CREATE VIEW语句
SHUTDOWN 容许执行SHUTDOWN语句和mysqladmin shutdown已经mysql_shutdown() C API函数
SUPER 容许用户执行CHANGE MASTER TO,KILL或mysqladmin kill命令来杀掉其余用户的线程，容许执行PURGE BINARY LOGS命令，经过SET GLOBAL来设置系统参数，执行mysqladmin debug命令，开启和关闭日志，即便read_only参数开启也能够执行update语句，打开和关闭从服务器上面的复制，容许在链接数达到max_connections的状况下链接到服务器。
TRIGGER 容许操做触发器
UPDATE 容许更新数据库中的表
USAGE 表明没有任何权限

授予全局权限：

*.*表明全部数据库的权限

mysql> grant all on *.* to 'test'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> grant select, insert on *.* to 'test'@'%';
Query OK, 0 rows affected (0.00 sec)

授予指定数据库的权限：

mysql> grant all on test.* to 'test'@'localhost';
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
mysql> grant select, insert on *.* to 'test'@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> grant select, insert on test.* to 'test'@'%';
Query OK, 0 rows affected (0.00 sec)

授予指定表的权限：

mysql> grant all on test.orders to 'jeffrey'@'localhost';
Query OK, 0 rows affected (0.13 sec)

mysql> grant select, insert on test.orders to 'jeffrey'@'localhost';
Query OK, 0 rows affected (0.07 sec)

授予指定字段的权限：

mysql> desc test.orders_1;
+---------------+-------------+------+-----+---------+-------+
| Field         | Type        | Null | Key | Default | Extra |
+---------------+-------------+------+-----+---------+-------+
| order_date    | date        | YES  |     | NULL    |       |
| order_id      | int(11)     | YES  |     | NULL    |       |
| customer_name | varchar(15) | YES  |     | NULL    |       |
| product_id    | int(11)     | YES  |     | NULL    |       |
+---------------+-------------+------+-----+---------+-------+
4 rows in set (0.00 sec)

mysql> grant select(order_date), insert(order_id,customer_name) on test.orders_1 to 'jeffrey'@'localhost';
Query OK, 0 rows affected (0.01 sec)

[root@T400-kelong ~]# mysql -ujeffrey -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.10-log MySQL Community Server (GPL)

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use test;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from orders_1;
ERROR 1142 (42000): SELECT command denied to user 'jeffrey'@'localhost' for table 'orders_1'

mysql> select order_date from orders_1;
+------------+
| order_date |
+------------+
| 2016-03-26 |
+------------+
1 row in set (0.00 sec)

授予存储过程的权限：

mysql> grant create routine on test.* to 'jeffrey'@'localhost';
Query OK, 0 rows affected (0.08 sec)

mysql> grant execute on procedure test.myproc to 'jeffrey'@'localhost';
Query OK, 0 rows affected (0.04 sec)

授予代理用户权限：

PROX权限能够使一个用户成为另一个用户的代理

mysql> grant proxy on 'jeffrey'@'localhost' to 'test'@'%';
Query OK, 0 rows affected (0.09 sec)