Skip to content
Related Articles
Get the best out of our app
GFG App
Open App
geeksforgeeks
Browser
Continue

Related Articles

MySQL | Grant / Revoke Privileges

Improve Article
Save Article
Like Article
author
Shubrodeep Banerjee
scholar
583 published articles
Improve Article
Save Article
Like Article

Granting Privileges

We have already learned about how to create users in MySQL using MySQL | create user statement. But using the Create User Statement only creates a new user but does not grant any privileges to the user account. Therefore to grant privileges to a user account, the GRANT statement is used. Syntax:

GRANT privileges_names ON object TO user;

Parameters Used:

  • privileges_name: These are the access rights or privileges granted to the user.
  • object:It is the name of the database object to which permissions are being granted. In the case of granting privileges on a table, this would be the table name.
  • user:It is the name of the user to whom the privileges would be granted.

Privileges: The privileges that can be granted to the users are listed below along with the description: Let us now learn about different ways of granting privileges to the users:

  1. Granting SELECT Privilege to a User in a Table: To grant Select Privilege to a table named “users” where User Name is Amit, the following GRANT statement should be executed.
GRANT SELECT ON Users TO'Amit'@'localhost;
  1. Granting more than one Privilege to a User in a Table: To grant multiple Privileges to a user named “Amit” in a table “users”, the following GRANT statement should be executed.
GRANT SELECT, INSERT, DELETE, UPDATE ON Users TO 'Amit'@'localhost;
  1. Granting All the Privilege to a User in a Table: To Grant all the privileges to a user named “Amit” in a table “users”, the following Grant statement should be executed.
GRANT ALL ON Users TO 'Amit'@'localhost;
  1. Granting a Privilege to all Users in a Table: To Grant a specific privilege to all the users in a table “users”, the following Grant statement should be executed.
GRANT SELECT  ON Users TO '*'@'localhost;
  1. In the above example the “*” symbol is used to grant select permission to all the users of the table “users”.
  2. Granting Privileges on Functions/Procedures: While using functions and procedures, the Grant statement can be used to grant users the ability to execute the functions and procedures in MySQL. Granting Execute Privilege: Execute privilege gives the ability to execute a function or procedure. Syntax:
GRANT EXECUTE ON [ PROCEDURE | FUNCTION ] object TO user;

Different ways of granting EXECUTE Privileges:

Granting EXECUTE privileges on a function in MySQL.: If there is a function named “CalculateSalary” and you want to grant EXECUTE access to the user named Amit, then the following GRANT statement should be executed.

GRANT EXECUTE ON FUNCTION Calculatesalary TO 'Amit'@localhost';

Granting EXECUTE privileges to all Users on a function in MySQL.: If there is a function named “CalculateSalary” and you want to grant EXECUTE access to all the users, then the following GRANT statement should be executed.

GRANT EXECUTE ON FUNCTION Calculatesalary TO '*'@localhost';

Granting EXECUTE privilege to a Users on a procedure in MySQL.: If there is a procedure named “DBMSProcedure” and you want to grant EXECUTE access to the user named Amit, then the following GRANT statement should be executed.

GRANT EXECUTE ON PROCEDURE DBMSProcedure TO 'Amit'@localhost';

Granting EXECUTE privileges to all Users on a procedure in MySQL.: If there is a procedure called “DBMSProcedure” and you want to grant EXECUTE access to all the users, then the following GRANT statement should be executed. 

GRANT EXECUTE ON PROCEDURE DBMSProcedure TO '*'@localhost';

Checking the Privileges Granted to a User: To see the privileges granted to a user in a table, the SHOW GRANTS statement is used. To check the privileges granted to a user named “Amit” and host as “localhost”, the following SHOW GRANTS statement will be executed:

SHOW GRANTS FOR  'Amit'@localhost';

Output:

GRANTS FOR  Amit@localhost 
GRANT USAGE ON *.* TO `SUPER`@localhost`

Revoking Privileges from a Table

The Revoke statement is used to revoke some or all of the privileges which have been granted to a user in the past. Syntax:

REVOKE privileges ON object FROM user;

Parameters Used:

  • object: It is the name of the database object from which permissions are being revoked. In the case of revoking privileges from a table, this would be the table name.
  • user: It is the name of the user from whom the privileges are being revoked.

Privileges can be of the following values: Different Ways of revoking privileges from a user:

  1. Revoking SELECT Privilege to a User in a Table: To revoke Select Privilege to a table named “users” where User Name is Amit, the following revoke statement should be executed.
REVOKE SELECT ON  users FROM 'Amit'@localhost';
  1. Revoking more than Privilege to a User in a Table: To revoke multiple Privileges to a user named “Amit” in a table “users”, the following revoke statement should be executed.
REVOKE SELECT, INSERT, DELETE, UPDATE ON Users FROM 'Amit'@'localhost;
  1. Revoking All the Privilege to a User in a Table: To revoke all the privileges to a user named “Amit” in a table “users”, the following revoke statement should be executed.
REVOKE ALL ON Users FROM 'Amit'@'localhost;
  1. Revoking a Privilege to all Users in a Table: To Revoke a specific privilege to all the users in a table “users”, the following revoke statement should be executed.
REVOKE SELECT  ON Users FROM '*'@'localhost;
  1. Revoking Privileges on Functions/Procedures: While using functions and procedures, the revoke statement can be used to revoke the privileges from users which have been EXECUTE privileges in the past. Syntax:
REVOKE EXECUTE ON [ PROCEDURE | FUNCTION ] object FROM user;
  • Revoking EXECUTE privileges on a function in MySQL.: If there is a function called “CalculateSalary” and you want to revoke EXECUTE access to the user named Amit, then the following revoke statement should be executed.
REVOKE EXECUTE ON FUNCTION Calculatesalary FROM 'Amit'@localhost';
  • Revoking EXECUTE privileges to all Users on a function in MySQL.: If there is a function called “CalculateSalary” and you want to revoke EXECUTE access to all the users, then the following revoke statement should be executed.
REVOKE EXECUTE ON FUNCTION Calculatesalary FROM '*'@localhost';
  • Revoking EXECUTE privilege to a Users on a procedure in MySQL.: If there is a procedure called “DBMSProcedure” and you want to revoke EXECUTE access to the user named Amit, then the following revoke statement should be executed.
REVOKE EXECUTE ON PROCEDURE DBMSProcedure FROM 'Amit'@localhost';
  • Revoking EXECUTE privileges to all Users on a procedure in MySQL.: If there is a procedure called “DBMSProcedure” and you want to revoke EXECUTE access to all the users, then the following revoke statement should be executed.
REVOKE EXECUTE ON PROCEDURE DBMSProcedure FROM '*'@localhost';
My Personal Notes arrow_drop_up
Last Updated : 02 Aug, 2022
Like Article
Save Article
Similar Reads
1. Difference between Grant and Revoke
2. Oracle DataBase - Grant Privileges to a User in SQL Command Line
3. Types of Discretionary Privileges
4. MySQL | Common MySQL Queries
5. MySQL | LEAD() and LAG() Function
6. PHP | MySQL UPDATE Query
7. PHP | MySQL Database Introduction
8. PHP | MySQL ( Creating Database )
9. PHP | MySQL ( Creating Table )
10. PHP | Inserting into MySQL database
Next
MySQL | CREATE USER Statement
Article Contributed By :
https://media.geeksforgeeks.org/auth/avatar.png
Shubrodeep Banerjee
@Shubrodeep Banerjee
Vote for difficulty
Current difficulty : Medium
Improved By :
Article Tags :
Practice Tags :
Report Issue
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox