DBMS LAB

User Management
 The MySQL user is a record in the USER table of the MySQL server that contains the
login information, account privileges, and the host information for MySQL account.

 It is essential to create a user in MySQL for accessing and managing the databases.

 The MySQL Create User statement allows us to create a new user account in the
database server.

 It provides authentication, SSL/TLS, resource-limit, role, and password management

properties for the new accounts.

 It also enables us to control the accounts that should be initially locked or unlocked.
MySQL has a feature that provides many control options to the administrators and users on
the database.

GRANT Statement

The grant statement enables system administrators to assign privileges and roles to
the MySQL user accounts so that they can use the assigned permission on the database
whenever required.
Syntax:

GRANT privilege_name(s)
ON object
TO user_account_name;

 privilege_name(s): It specifies the access rights or grant privilege to user accounts. If we

want to give multiple privileges, then use a comma operator to separate them.

 Object: It determines the privilege level on which the access rights are being granted. It
means granting privilege to the table; then the object should be the name of the table.

 User_account_name: It determines the account name of the user to whom the access
rights would be granted.
MySQL supports the following privilege levels:

Privilege Syntax Description

Level
Global GRANT ALL It applies to all databases on MySQL server. We
ON *.* need to use *.* syntax for applying global
TO john@localhost; privileges. Here, the user can query data from all
databases and tables of the current server.
Database GRANT ALL It applies to all objects in the current database.
ON mydb.* We need to use the db_name.* syntax for
TO john@localhost; applying this privilege. Here, a user can query
data from all tables in the given database.
Table GRANT DELETE It applies on all columns in a specified table. We
ON mydb.employees need to use db_name.table_name syntax for
TO john@localhsot; assigning this privilege. Here, a user can query
data from the given table of the specified
database.
Privilege Syntax Description
Level
Column GRANT SELECT (col1), It applies on a single column of a table. Here, we
INSERT (col1, col2), must have to specify the column(s) name
UPDATE (col2) enclosed with parenthesis for each privilege. The
ON mydb.mytable user can select one column, insert values in two
TO john@localhost; columns, and update only one column in the
given table.
Stored GRANT EXECUTE It applies to stored routines (procedure and
Routine ON PROCEDURE functions). It contains CREATE ROUTINE,
mydb.myprocedure ALTER ROUTINE, EXECUTE, and GRANT
TO john@localhost; OPTION privileges. Here, a user can execute the
stored procedure in the current database.
Proxy GRANT PROXY It enables one user to be a proxy for other users.
ON root
TO peter@localhost;
REVOKE Statement
The revoke statement enables system administrators to revoke privileges and roles to the
MySQL user accounts so that they cannot use the assigned permission on the database in the
past.

Syntax

REVOKE privilege_name(s)
ON object
FROM user_account_name
MySQL supports the following privilege levels:

Privilege Syntax Description

Level
Global REVOKE ALL, GRANT OPTION It applies to remove all access rights from the user on
FROM john@localhost; MySQL server.

Database REVOKE ALL ON mydb.* It applies to revoke all privileges from objects in the
FROM john@localhost; current database.

Table REVOKE DELETE It applies to revoke privileges from all columns in a

ON mydb.employees specified table.
FROM john@localhsot;
Column REVOKE SELECT (col1), INSERT It applies to revoke privileges from a single column of a
(col1, col2), UPDATE (col2) ON table.
mydb.mytable
FROM john@localhost;
Privilege Syntax Description
Level
Stored REVOKE EXECUTE ON It applies to revoke all privileges from stored routines
Routine PROCEDURE/FUNCTION (procedure and functions).
mydb.myprocedure
FROM john@localhost;
Proxy REVOKE PROXY ON root It enables us to revoke the proxy user.
FROM peter@localhost;
View
 Table and view are the two basic terms used in the relational database environment.

 The main difference between them is that a table is an object that consists of rows and
columns to store and retrieve data whenever the user needs it.

 In contrast, the view is a virtual table based on an SQL statement's result set and will
disappear when the current session is closed.

 The view is a virtual/logical table formed as a result of a query and used to view or
manipulate parts of the table.

 We can create the columns of the view from one or more tables. Its content is based
on base tables.

 The view is a database object with no values and contains rows and columns the same as
real tables. It does not occupy space on our systems.
The following are the main advantages of the view:

1.Views are usually virtual and do not occupy space in systems.

2.Views enable us to hide some of the columns from the table.

3.It simplifies complex queries because it can draw data from multiple tables and
present it as a single table.

4.It helps in data security that shows only authorized information to the users.

5.It presents a consistent, unchanged image of the database structure, even if the source
tables are renamed, split, or restructured.