0% found this document useful (0 votes)
78 views

SQL Grant and Revoke Commands: Mallika Perepa

The document discusses SQL Grant and Revoke commands. Grant is used to provide privileges on database objects to users, with syntax to grant a privilege on an object to a user or role. Revoke removes user privileges on objects, with syntax to revoke a privilege on an object from a user. Privileges define access rights on objects, and roles are collections of privileges that can be granted or revoked to automatically manage multiple user privileges.

Uploaded by

Tariq Ahmed
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
78 views

SQL Grant and Revoke Commands: Mallika Perepa

The document discusses SQL Grant and Revoke commands. Grant is used to provide privileges on database objects to users, with syntax to grant a privilege on an object to a user or role. Revoke removes user privileges on objects, with syntax to revoke a privilege on an object from a user. Privileges define access rights on objects, and roles are collections of privileges that can be granted or revoked to automatically manage multiple user privileges.

Uploaded by

Tariq Ahmed
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

SQL Grant and Revoke Commands

Mallika Perepa
([email protected])
Overview
•  DCL commands are used to enforce database security in a
multiple database environment.

•  Two types of DCL commands are


•  Grant
•  Revoke

•  Database Administrator's or owner’s of the database object can


provide/remove privileges on a database object.
SQL Grant Command
•  SQL Grant command is used to provide access or privileges on the
database objects to the users.

•  The syntax for the GRANT command is:


" "GRANT privilege_name ON object_name
" " "TO {user_name | PUBLIC | role_name} [with GRANT option];
"Here, privilege_name: is the access right or privilege granted to
"the user.
"object_name: is the name of the database object like table, view
"etc.,.
"user_name: is the name of the user to whom an access right is
"being granted.
"Public is used to grant rights to all the users.
"With Grant option: allows users to grant access rights to other
"users.

"
SQL Revoke Command

•  The revoke command removes user access rights or privileges to


the database objects.

•  The syntax for the REVOKE command is:


"REVOKE privilege_name ON object_name
"FROM {User_name | PUBLIC | Role_name}

•  For Example:
(a) GRANT SELECT ON employee TO user1
This command grants a SELECT permission on employee table to
user1.

"(b) REVOKE SELECT ON employee FROM user1


This command will revoke a SELECT privilege on employee table from
user1.
Privileges and Roles
•  Privileges defines the access rights provided to a user on a
database objects. There are two types of privileges:

"(a) System Privileges: This indicate user to CREATE, ALTER, or "


" "DROP database elements.

"(b) Object Privileges: This allows user to EXECUTE, SELECT,


"INSERT, or DELETE data from database objects to which the
"privileges apply.

•  Roles are the collection of privileges or access rights. When there


are many users in a database it becomes difficult to grant or
revoke privileges to the users.

•  So, if we define roles we can automatically grant/revoke privileges.


Reference  

http://beginner-sql-tutorial.com/sql-grant-revoke-privileges-roles.htm

You might also like