How to revoke MySQL user privileges for one table?

Question

When I have granted privileges to a user for some specific tables: How do I revoke the privileges for this user, just for table1? Answer Google is your friend! http://dev.mysql.com/doc/refman/5.7/en/revoke.html Syntax: To further explain this answer - I'll teach how to fish (rather than just give you a fish). The MySQL documentation can look confusing at first - the "syntax"

Accepted Answer

Google is your friend!http://dev.mysql.com/doc/refman/5.7/en/revoke.htmlSyntax:REVOKE ALL PRIVILEGES ON table1.* FROM 'user1'@'localhost';To further explain this answer &#8211; I&#8217;ll teach how to fish (rather than just give you a fish).The MySQL documentation can look confusing at first &#8211; the &#8220;syntax&#8221; for REVOKE looks like this:REVOKE    priv_type [(column_list)]      [, priv_type [(column_list)]] ...    ON [object_type] priv_level    FROM user [, user] ...REVOKE ALL PRIVILEGES, GRANT OPTION    FROM user [, user] ...REVOKE PROXY ON user    FROM user [, user] ...It means there are 3 &#8220;ways&#8221; of calling it:REVOKE priv_type ...REVOKE ALL PRIVILEGES, GRANT ...REVOKE PROXY ON ...These three are separated by the blank lines in the MySQL doc page.For each of these, there are &#8220;optional&#8221; parameters/settings/values.  These are denoted by the square brackets, for example:REVOKE priv_type [(column_list)] ...The (column_list) is optional.  You can supply it, but you don&#8217;t have to.(Updated note, Dec 2019:The priv_type is what specifically lets us know we can specify ALL PRIVILEGES; for we are told in the documentation linked above:  For details on the levels at which privileges exist, the permissible priv_type, priv_level, and object_type values, and the syntax for specifying users and passwords, see Section 13.7.1.4, “GRANT Statement”.Section 13.7.1.4 states this:  Privileges Supported by MySQL    The following table summarizes the permissible priv_type privilege types that can be specified for the GRANT and REVOKE statements, and the levels at which each privilege can be granted.      ALL [PRIVILEGES] Grant all privileges at specified access  End update.)Similarly you can chain these together &#8211; they&#8217;ve indented the next line to indicate this (and used ... to show you can continue repeating):priv_type [(column_list)]  [, priv_type [(column_list)]] ...    <-- indented, and note the "..."More complicated examples exist in the MySQL documentation &#8211; like for CREATE TABLE you have lists of optional flags:[COLUMN_FORMAT {FIXED|DYNAMIC|DEFAULT}]This {x|y|z} syntax indicates you must specify one of them (the {...} is non-optional, the [...] means everything inside is optional &#8211; so if you specify COLUMN_FORMAT, one of the three following flags is required), the pipes (|) indicate you can only specify one of the list (FIXED / DYNAMIC / DEFAULT).One final thing to say &#8211; be very aware of the MySQL documentation version.  It&#8217;s stated in several places on the website &#8211; personally I just look at the URL:http://dev.mysql.com/doc/refman/5.7/en/create-table.htmlNote it says 5.7 in it.  This means the documentation you&#8217;re reading may not be applicable to any version other than MySQL 5.7.  That&#8217;s bitten me a lot of times &#8230; usually when I&#8217;m under the gun trying to fix something in a panic!  Always double-check it.

Advertisement

Answer