CREATE DATABASE [exp6]
ON PRIMARY
( NAME = N'exp6',
FILENAME = N'D:\SQLDatabase\exp6.mdf' ,
SIZE = 5120KB ,
MAXSIZE = 10240KB ,
FILEGROWTH = 1024KB )
LOG ON
( NAME = N'exp6_log',
FILENAME = N'D:\SQLDatabase\exp6_log.ldf' ,
SIZE = 1024KB ,
MAXSIZE = 5120KB ,
FILEGROWTH = 1024KB )
GO
USE [exp6]
GO
--2.表的创建
/*部门(部门号,名称,经理名,地址,电话号码)*/
/*Part 部门表的创建*/
CREATE TABLE Part(
PartNo char(10) NOT NULL primary key,--部门号
PName char(20) NOT NULL,--部门名称
PmangerName char(8) NOT NULL,--经理名
Paddress char(50) NOT NULL,--地址
Ptelephone char(20) NOT NULL,--电话号码
);
CREATE TABLE Worker(
WorkerNo char(8) NOT NULL primary key,--职工编号
WorkerName char(8) NOT NULL,--职工姓名
Wage int NOT NULL check(Wage>=18),--职工年龄
Wjob char(20) NOT NULL,--职工职务
Wpay int NOT NULL,--职工工资
partNo char(10) NOT NULL,--职工部门号
FOREIGN KEY(partNo) references Part(PartNo),
);
INSERT Part VALUES('A01','人事部','张三','珠海大楼6楼601室','020-12345678')
INSERT Part VALUES('A02','信息管理部','李四','珠海大楼5楼501室','020-12345123')
INSERT Part VALUES('A03','市场营销部','王一','珠海大楼5楼502室','020-12345888')
--往职工表中插入信息
INSERT Worker VALUES('A01001','张三','35','总经理','25000','A01')
INSERT Worker VALUES('A01002','张小四','32','副经理','19800','A01')
INSERT Worker VALUES('A01003','张小五','25','职员','12000','A01')
INSERT Worker VALUES('A02001','李四','29','总经理','23500','A02')
INSERT Worker VALUES('A02002','李小五','28','副经理','19500','A02')
INSERT Worker VALUES('A02003','李小六','23','职员','12500','A02')
INSERT Worker VALUES('A03001','王一','36','总经理','32000','A03')
INSERT Worker VALUES('A03002','王小二','33','副经理','29100','A03')
INSERT Worker VALUES('A03003','王小三','29','职员','25600','A03')
INSERT Worker VALUES('A03004','王明','28','职员','25600','A03')
--4.创建用户
--登录名分别为:王明、李勇、刘星、张新、周平、杨兰等;这些登录只能是public角色的成员;
USE [exp6]
GO
CREATE LOGIN 王明 WITH PASSWORD='1234';
CREATE USER 王明 FOR LOGIN 王明;
CREATE LOGIN 李勇 WITH PASSWORD='1234';
CREATE USER 李勇 FOR LOGIN 李勇;
CREATE LOGIN 刘星 WITH PASSWORD='1234';
CREATE USER 刘星 FOR LOGIN 刘星;
CREATE LOGIN 张新 WITH PASSWORD='1234';
CREATE USER 张新 FOR LOGIN 张新;
CREATE LOGIN 周平 WITH PASSWORD='1234';
CREATE USER 周平 FOR LOGIN 周平;
CREATE LOGIN 杨兰 WITH PASSWORD='1234';
CREATE USER 杨兰 FOR LOGIN 杨兰;
GRANT select ON Part TO 王明;
GRANT select ON Worker TO 王明;
USE [exp6]
GO;
SELECT *
FROM Worker,Part
WHERE Part.PartNo=Worker.partNo
--(b) 用户李勇对两个表有insert和delete权限;
GRANT insert,delete,select ON Part TO 李勇;
GRANT insert,delete,select ON Worker TO 李勇;
USE [exp6]
GO
INSERT INTO Part VALUES('B01','法务部','刘律师','珠海大楼5楼503室','020-12345666');
SELECT * FROM Part WHERE PartNo='B01'
DELETE FROM Part WHERE PartNo='B01'
INSERT INTO Worker VALUES('A03005','王小四',23,'实习生','12900','A03')
SELECT * FROM Worker WHERE WorkerNo='A03005'
DELETE FROM Worker WHERE WorkerNo='A03005'
--(c) 每个职工只对自己的记录有select权限;---------------------------------------
CREATE VIEW SELECT_WPAY
AS
SELECT *
FROM Worker
WHERE WorkerName=(SELECT system_user)
GRANT SELECT ON SELECT_WPAY TO PUBLIC;
SELECT system_user;
SELECT *
FROM SELECT_WPAY
--(d) 用户刘星对职工表有select权限,对工资字段具有更新权限;
GRANT SELECT ON Worker TO 刘星;
GRANT UPDATE ON Worker(Wpay) To 刘星;
SELECT * FROM Worker WHERE WorkerNo='A01001'
UPDATE Worker SET Wpay=25100 WHERE WorkerNo='A01001'
--(e) 用户张新具有修改这两个表的结构的权限;
GRANT ALTER,SELECT ON Part TO 张新;
GRANT ALTER,SELECT ON Worker TO 张新;
ALTER TABLE Part ADD other char(20) default 0
ALTER TABLE Part DROP CONSTRAINT DF__Part__other__276EDEB3 --先删除默认约束
ALTER TABLE Part DROP COLUMN OTHER --再删除字段
SELECT * FROM Part
ALTER TABLE Worker ADD other char(20) default 0
ALTER TABLE Worker DROP CONSTRAINT DF__Worker__other__239E4DCF --先删除默认约束
ALTER TABLE Worker DROP COLUMN OTHER --再删除字段
SELECT * FROM Worker
--(f) 用户周平具有对两个表所有权限(查询,插入,修改,删除数据),并具有给其他用户授权的权限;
GRANT ALL PRIVILEGES ON Part TO 周平 WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON Worker TO 周平 WITH GRANT OPTION;
SELECT *
FROM Worker a,Part b
WHERE a.PartNo=b.partNo
INSERT INTO Part VALUES('B01','法务部','刘律师','珠海大楼5楼503室','020-12345666');
SELECT * FROM Part WHERE PartNo='B01'
UPDATE Part SET Ptelephone='020-12345667' WHERE PartNo='B01'
DELETE FROM Part WHERE PartNo='B01'
INSERT INTO Worker VALUES('A03004','王小四',23,'实习生','12900','A03')
SELECT * FROM Worker WHERE WorkerNo='A03004'
UPDATE Worker SET Wpay=15000 WHERE WorkerNo='A03004'
DELETE FROM Worker WHERE WorkerNo='A03004'
--(g)用户杨兰具有从每个部门职工中select最高工资,最低工资,平均工资的权限,他不能查看每个人的工资。
CREATE VIEW selectWpay
AS
SELECT max(Wpay) 最高工资,min(Wpay) 最低工资,AVG(Wpay) 平均工资
FROM Worker
GROUP BY partNo
GRANT SELECT ON selectWpay TO 杨兰;
SELECT *
FROM selectWpay
--6. 把上面(a)~(g)的每一种情况,撤销各用户所授予的权限。
--a)
REVOKE SELECT ON Part FROM 王明;
REVOKE SELECT ON Worker FROM 王明;
REVOKE INSERT,DELETE ON Part FROM 李勇;
REVOKE INSERT,DELETE ON Worker FROM 李勇;
REVOKE SELECT ON SELECT_WPAY FROM public;
REVOKE SELECT,UPDATE ON Worker FROM 刘星;
REVOKE alter ON Worker FROM 张新;
REVOKE ALL PRIVILEGES ON Worker FROM 周平;
REVOKE SELECT ON selectWpay FROM 杨兰;
DROP VIEW selectWpay;
