Can GRANT USAGE to @user'%' for a specific column table work?

StackOverflow https://stackoverflow.com/questions/22385913

  •  14-06-2023
  •  | 
  •  

Question

novice in mysql here .

I have a database created in mysql called 'productes' and 'productos' is one of the database tables.

Productos has the following columns :

  CREATE TABLE Productos
  (
   IdProducto           INT NOT NULL AUTO_INCREMENT,
   NombreProducto       CHAR(40) NOT NULL,
   IdProveedor          INT,
   IdCategoria          INT,
   PrecioUnidad         DECIMAL(20,4),
   UnidadesEnExistenci  SMALLINT,
   Suspendido           TINYINT,
   KEY (IdCategoria),
   KEY (IdCategoria),
   KEY (IdProveedor),
   KEY (NombreProducto),
   PRIMARY KEY (IdProducto),
   KEY (IdProveedor)
  );

What I tried to do as root user from the command line was the following : 

mysql>GRANT USAGE (PrecioUnidad) ON productes.productos TO pepe@'%' IDENTIFIED BY            
      'pepe';

(i.e deny all access to user 'pepe' from all the domain machines to the column 'PrecioUnidad' of the table productos )

And I got an error(ERROR 1064) saying that I have an error in my syntax .

I thought to grant privileges to the rest of the columns of the table and exclude the specific one to get the desired result but I thought that maybe there is another way .

So my question is this : Can grant usage be applied for a specific column table and I'm just missing something here , or is there another way to disallow all privileges for only one column table ?

Was it helpful?

Solution

You can create a view with all columns but PrecioUnidad and then grant (allow) pepe access to that view.

CREATE VIEW pepes_productos AS
 SELECT 
  IdProducto,
  NombreProducto,
  IdProveedor,
  IdCategoria,
  UnidadesEnExistenci,
  Suspendido  
 FROM productos

OTHER TIPS

From the Mysql Manual

Column Privileges

Column privileges apply to single columns in a given table. Each privilege to be granted at the column level must be followed by the column or columns, enclosed within parentheses.

GRANT SELECT (col1), INSERT (col1,col2) ON mydb.mytbl TO 'someuser'@'somehost'; The permissible priv_type values for a column (that is, when you use a column_list clause) are INSERT, SELECT, and UPDATE.

MySQL stores column privileges in the mysql.columns_priv table.

http://dev.mysql.com/doc/refman/5.1/en/grant.html#grant-column-privileges

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top