Difference between revisions of "User Management"

From BaseX Documentation
Jump to navigation Jump to search
Line 14: Line 14:
 
Admin permissions are needed to execute one of the following processes.
 
Admin permissions are needed to execute one of the following processes.
 
   
 
   
===Creating user 'test' with password 'test'===
+
'''Creating user 'test' with password 'test':'''
 +
 
 
<code>&gt; CREATE USER test test</code>  
 
<code>&gt; CREATE USER test test</code>  
 
   
 
   
 
As global permissions, you can set 'none', 'read', 'write', 'create' and 'admin':
 
As global permissions, you can set 'none', 'read', 'write', 'create' and 'admin':
 
   
 
   
===Revoking all global permissions from user 'test'===
+
'''Revoking all global permissions from user 'test': '''
 +
 
 
<code>&gt; GRANT none TO test</code>  
 
<code>&gt; GRANT none TO test</code>  
 
   
 
   
 
Valid local permissions are 'none', 'read' and 'write':
 
Valid local permissions are 'none', 'read' and 'write':
 
   
 
   
===Granting write permission on database 'factbook' to user 'test'===
+
'''Granting write permission on database 'factbook' to user 'test': '''
 +
 
 
<code>&gt; GRANT write ON factbook TO test</code>  
 
<code>&gt; GRANT write ON factbook TO test</code>  
  
Line 33: Line 36:
 
inherited.
 
inherited.
 
   
 
   
===Showing global permissions===
+
'''Showing global permissions:'''
 +
 
 
<code>&gt; SHOW USERS</code>  
 
<code>&gt; SHOW USERS</code>  
 
   
 
   
===Showing local permissions on database 'factbook'===
+
'''Showing local permissions on database 'factbook':'''
 +
 
 
<code>&gt; SHOW USERS ON factbook</code>
 
<code>&gt; SHOW USERS ON factbook</code>
  
===Dropping of user 'test'===
+
'''Dropping of user 'test':'''
 +
 
 
<code>&gt; DROP USER test</code>  
 
<code>&gt; DROP USER test</code>  
  
 
[[Category:Server]]
 
[[Category:Server]]

Revision as of 01:51, 6 May 2011

The user management, an advanced feature of the client/server architecture of BaseX, defines which permissions are required by a user to perform a specific database command.

In the permission hierarchy below, the existing permissions are illustrated. A higher permission includes all lower permissions. For example, all users who have the WRITE permission assigned will also be able to execute commands requiring READ permission.

Permissions hierarchy

Commands

Admin permissions are needed to execute one of the following processes.

Creating user 'test' with password 'test':

> CREATE USER test test

As global permissions, you can set 'none', 'read', 'write', 'create' and 'admin':

Revoking all global permissions from user 'test':

> GRANT none TO test

Valid local permissions are 'none', 'read' and 'write':

Granting write permission on database 'factbook' to user 'test':

> GRANT write ON factbook TO test

Note: Local permissions overwrite global permissions. As a consequence, the 'test' user will only be allowed to access (i.e., read and write) the 'factbook' database. If no local permissions are set, the global rights are inherited.

Showing global permissions:

> SHOW USERS

Showing local permissions on database 'factbook':

> SHOW USERS ON factbook

Dropping of user 'test':

> DROP USER test