SQL GRANT / REVOKE (Permissions)
The GRANT and REVOKE statements are used to manage user access and privileges in SQL. These ensure users have only the permissions they need โ nothing more.
๐ Why Use GRANT / REVOKE?
To control who can do what in the database:
- Read data (
SELECT) - Modify data (
INSERT,UPDATE,DELETE) - Execute procedures
- Manage tables or users
๐น GRANT โ Give Permissions
-- Syntax
GRANT privilege [, ...] ON object TO user;
-- Example: Allow user to select and insert on employees table
GRANT SELECT, INSERT ON employees TO john;You can also grant privileges with WITH GRANT OPTION to allow users to grant to others:
๐น REVOKE โ Remove Permissions
GRANT SELECT ON employees TO john WITH GRANT OPTION;-- Syntax
REVOKE privilege [, ...] ON object FROM user;
-- Example: Remove insert permission
REVOKE INSERT ON employees FROM john;This ensures the user can no longer perform those operations.
๐น Common Privileges
| Privilege | Action Allowed |
|---|---|
| SELECT | Read rows |
| INSERT | Add new rows |
| UPDATE | Modify existing rows |
| DELETE | Remove rows |
| EXECUTE | Run stored procedures/functions |
| ALL | Grants all applicable rights |
๐ง Quick Recap
| Key Point | Description |
|---|---|
GRANT | Assigns privileges to a user |
REVOKE | Removes previously granted privileges |
| Objects | Tables, views, procedures, etc. |
| Best Practice | Grant minimum permissions needed |
๐ก Always apply the principle of least privilege for better database security.