passwords and permissions in MySQL

Question

This might come across as a simple question, but I have very limited experience with relational databases. How do I fine tune permissions in MySQL. For example, if I have the following code

CREATE TABLE IF NOT EXISTS user(
ID INT NOT NULL AUTO_INCREMENT,

//...other columns

PRIMARY KEY(ID)
)ENGINE=InnoDB



CREATE TABLE IF NOT EXISTS pictures
(
ID INT NOT NULL AUTO_INCREMENT,
userID INT NOT NULL,

//...other columns

PRIMARY KEY(ID),
FOREIGN KEY (userID) REFERENCES user(ID)
)ENGINE=InnoDB";

and I create two new users, user1 and user2, I can give them permission to the tables as such

GRANT ALL PRIVILIGES ON db_name.* to ".user1."@\"%\" identified by ".pass1
GRANT ALL PRIVILIGES ON db_name.* to ".user2."@\"%\" identified by ".pass2

but is there anywhere to restrict privileges inside a table to only a specific subset? Should I carry this out in my PHP code instead? I'm used to object oriented programming, so I am not accustomed to massive tables which hold all the information.

Answer 1

Specifically, you can't grant access to some rows of a table and not others, which sounds like what you are asking to do.

Answer 2

I recommend doing your permissioning for end-users of your application in PHP. Using database users to control access is an antiquated method (in my opinion) and can be difficult to do/support in MySQL/PHP as its not commonly done.

Answer 3

In the Grant Documentation you'll need to check the docs to see what specific privileges you are looking for; but you'll need to perform multiple grants for the same user for each separate privilege (i.e. one for select, one for update, etc...).