📣

TiDB Cloud Serverless 现已更名为
Starter
!此页面由 AI 自动翻译,英文原文请见
此处。

ALTER USER

此语句用于修改 TiDB 权限系统中的现有用户。在 MySQL 权限系统中,用户是用户名和连接来源主机的组合。因此,可以创建一个 'newuser2'@'192.168.1.1' 用户,该用户只能从 IP 地址 192.168.1.1 连接。也可以让两个用户具有相同的用户部分,但登录自不同的主机时拥有不同的权限。

概述

AlterUserStmt
ALTERUSERIfExistsUserSpecListRequireClauseOptConnectionOptionsPasswordOptionLockOptionAttributeOptionUSER()IDENTIFIEDBYAuthStringResourceGroupNameOption
UserSpecList
UserSpec,
UserSpec
UsernameAuthOption
RequireClauseOpt
REQUIRENONEREQUIRESSLREQUIREX509REQUIRERequireList
RequireList
ISSUERstringLitSUBJECTstringLitCIPHERstringLitSANstringLitTOKEN_ISSUERstringLit
Username
StringName@StringNamesingleAtIdentifierCURRENT_USEROptionalBraces
AuthOption
IDENTIFIEDBYAuthStringPASSWORDHashStringWITHStringNameBYAuthStringASHashString
PasswordOption
PASSWORDEXPIREDEFAULTNEVERINTERVALNDAYPASSWORDHISTORYDEFAULTNPASSWORDREUSEINTERVALDEFAULTNDAYFAILED_LOGIN_ATTEMPTSNPASSWORD_LOCK_TIMENUNBOUNDED
LockOption
ACCOUNTLOCKACCOUNTUNLOCK
AttributeOption
COMMENTCommentStringATTRIBUTEAttributeString
ResourceGroupNameOption
RESOURCEGROUPIdentifier
RequireClauseOpt
REQUIRENONESSLX509RequireListElementAND
RequireListElement
ISSUERIssuerSUBJECTSubjectCIPHERCipherSANSANTOKEN_ISSUERTokenIssuer

示例

mysql> CREATE USER 'newuser' IDENTIFIED BY 'newuserpassword'; Query OK, 1 row affected (0.01 sec) mysql> SHOW CREATE USER 'newuser'; +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | CREATE USER for newuser@% | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | CREATE USER 'newuser'@'%' IDENTIFIED WITH 'mysql_native_password' AS '*5806E04BBEE79E1899964C6A04D68BCA69B1A879' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 1 row in set (0.00 sec)

修改基本用户信息

更改用户 newuser 的密码:

mysql> ALTER USER 'newuser' IDENTIFIED BY 'newnewpassword'; Query OK, 0 rows affected (0.02 sec) mysql> SHOW CREATE USER 'newuser'; +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | CREATE USER for newuser@% | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | CREATE USER 'newuser'@'%' IDENTIFIED WITH 'mysql_native_password' AS '*FB8A1EA1353E8775CA836233E367FBDFCB37BE73' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 1 row in set (0.00 sec)

锁定用户 newuser

ALTER USER 'newuser' ACCOUNT LOCK;
Query OK, 0 rows affected (0.02 sec)

修改 newuser 的属性:

ALTER USER 'newuser' ATTRIBUTE '{"newAttr": "value", "deprecatedAttr": null}'; SELECT * FROM information_schema.user_attributes;
+-----------+------+--------------------------+ | USER | HOST | ATTRIBUTE | +-----------+------+--------------------------+ | newuser | % | {"newAttr": "value"} | +-----------+------+--------------------------+ 1 rows in set (0.00 sec)

使用 ALTER USER ... COMMENT 修改 newuser 的备注:

ALTER USER 'newuser' COMMENT 'Here is the comment'; SELECT * FROM information_schema.user_attributes;
+-----------+------+--------------------------------------------------------+ | USER | HOST | ATTRIBUTE | +-----------+------+--------------------------------------------------------+ | newuser | % | {"comment": "Here is the comment", "newAttr": "value"} | +-----------+------+--------------------------------------------------------+ 1 rows in set (0.00 sec)

使用 ALTER USER ... ATTRIBUTE 移除 newuser 的备注:

ALTER USER 'newuser' ATTRIBUTE '{"comment": null}'; SELECT * FROM information_schema.user_attributes;
+-----------+------+---------------------------+ | USER | HOST | ATTRIBUTE | +-----------+------+---------------------------+ | newuser | % | {"newAttr": "value"} | +-----------+------+---------------------------+ 1 rows in set (0.00 sec)

通过 ALTER USER ... PASSWORD EXPIRE NEVER 改变 newuser 的密码自动过期策略为永不过期:

ALTER USER 'newuser' PASSWORD EXPIRE NEVER;
Query OK, 0 rows affected (0.02 sec)

通过 ALTER USER ... PASSWORD REUSE INTERVAL ... DAY 设置 newuser 的密码重用策略,不允许在过去 90 天内使用相同密码:

ALTER USER 'newuser' PASSWORD REUSE INTERVAL 90 DAY;
Query OK, 0 rows affected (0.02 sec)

修改用户绑定的资源组

使用 ALTER USER ... RESOURCE GROUP 将用户 newuser 的资源组修改为 rg1

ALTER USER 'newuser' RESOURCE GROUP rg1;
Query OK, 0 rows affected (0.02 sec)

查看当前用户绑定的资源组:

SELECT USER, JSON_EXTRACT(User_attributes, "$.resource_group") FROM mysql.user WHERE user = "newuser";
+---------+---------------------------------------------------+ | USER | JSON_EXTRACT(User_attributes, "$.resource_group") | +---------+---------------------------------------------------+ | newuser | "rg1" | +---------+---------------------------------------------------+ 1 row in set (0.02 sec)

取消用户的资源组绑定,即将用户绑定到 default 资源组。

ALTER USER 'newuser' RESOURCE GROUP `default`; SELECT USER, JSON_EXTRACT(User_attributes, "$.resource_group") FROM mysql.user WHERE user = "newuser";
+---------+---------------------------------------------------+ | USER | JSON_EXTRACT(User_attributes, "$.resource_group") | +---------+---------------------------------------------------+ | newuser | "default" | +---------+---------------------------------------------------+ 1 row in set (0.02 sec)

相关链接

文档内容是否有帮助?