i'm looking for a way to find all privileges for a specific user.
Provided I have a User "John" who has read-only rights on some tables, is there any "select" or "show" to retrieve me the names of the tables "john" has the rights for? So far, i looked in information_schema but couldn't find any specific information on grants for tables.
Or if i set up a role via mysqlworkbench, where is the formation on this role stored in?
how can i manually assign a new user to this role?
Thank you!
SHOW GRANT FOR user will display multiple rows of data for the user.
SELECT * from mysql.user where User = 'user'
will get the grants for the whole server.
SELECT * from mysql.db where User = 'user'
will get the grants by database.
mysql.tables_priv mysql.columns_priv, and mysql.procs_priv show the fine-grained grants if any happen to exist.
Related
I want to see the GRANTS for all the users on a concrete DATABASE.
I use
SELECT * FROM mysql.user;
but it shows the GRANTS for all the databases (I suppose).
I want to see, for example, if I apply:
GRANT ALL ON Movies TO 'jNavarro';
I want to see how the GRANTS are changed to Y on the Movies Database, because If i apply the SELECT shown before the Grants for jNavarro doesn't change.
Thanks
If you are an admin then running this will get you what you want
select user from mysql.db where db='DB_NAME';
I have created the user on MySQL and grant SELECT access on some tables. I only want this user has SELECT access on these tables, nothing else. This is my query for creating the user and granting access:
create user 'test'#'localhost' identified by '123test';
grant select on APE.CertificationAttachment to 'test'#'localhost';
The problem is when I use this user login, I can not see anything under schema in Workbench. I try to login at other tools such as Dbeaver but the table and schema still don't show up. I tried to give schema privilege to the user, but that action will either give select access to all table or show the entire schema.
So my question is how should I do to make the users see the table and only these table that they have SELECT access to.
I deleted a bunch of databases but forgot to revoke privileges for certain user... What is easiest way to get list of databases that don't exist but user has privileges on, so i can foreach that array and revoke privileges on (found_list) from my user?
You can use SCHEMATA and SCHEMA_PRIVILEGES tables in INFORMATION_SCHEMA:
SELECT * FROM schema_privileges
LEFT JOIN schemata ON (catalog_name=table_catalog and schema_name=TABLE_SCHEMA)
WHERE schema_name IS NULL;
This will give you privileges that were granted for tables that don't exist anymore. It may not take into account certain permissions give using wildcards so please pay attention on output.
How can I give one user the identical set of privileges as another (pre-existing) user?
I can do:
SHOW GRANTS FOR 'user1'
But not:
GRANT (SHOW GRANTS for 'user1') to 'user2';
or
CREATE USER 'user1' LIKE 'user2'
So I can't see a way programmatically add all these grants a different user2 in an SQL way (other than writing a script in an app language to iterate thru that SHOW GRANTS)
Maybe there is a way going to the mysql.user table? Or is that a bad idea in general? I am not particularly knowledgeable about, or comfortable messing around with, that table.
I want to hide certain tables (some definition tables) in the database from certain users. There is this mysql.tables_priv table which is empty. Should I insert something in that table to make it happen and what should be the value of 'table_priv' column?
You should be looking into the SQL GRANT command. With GRANT, you can assign privileges to users like this:
GRANT SELECT ON table TO user;
If the tables_priv is empty, i believe it means no privileges has been granted for that database table. You can do a quick test and grant select on database.table_name to user
and see if a row appears in that table. But normally your grants on tables appear in that table.