Basics of SQLBasics of SQL8
  1. 1Introduction to SQL
  2. 2Installing SQL and Using SQL Tools
  3. 3SQL Syntax and Statements
  4. 4SQL Data Types
  5. 5CREATE TABLE Statement
  6. 6INSERT INTO Statement
  7. 7UPDATE Statement in SQL
  8. 8DELETE Statement in SQL
Querying DataQuerying Data10
  1. 1SELECT Statement in SQL
  2. 2SQL WHERE Clause
  3. 3ORDER BY Clause in SQL
  4. 4GROUP BY Clause in SQL
  5. 5HAVING Clause in SQL
  6. 6LIMIT / TOP Clause in SQL
  7. 7DISTINCT Keyword in SQL
  8. 8SQL Operators - AND, OR, NOT, IN, BETWEEN, LIKE
  9. 9SQL Aliases
  10. 10SQL CASE Statement
SQL JoinsSQL Joins6
  1. 1SQL INNER JOIN
  2. 2SQL LEFT JOIN
  3. 3SQL RIGHT JOIN
  4. 4SQL FULL OUTER JOIN
  5. 5SQL SELF JOIN
  6. 6SQL CROSS JOIN
Intermediate SQLIntermediate SQL6
  1. 1SQL Subqueries
  2. 2SQL Views
  3. 3SQL Indexes
  4. 4SQL Constraints
  5. 5SQL Functions – String, Numeric, Date & Aggregate
  6. 6SQL NULL Handling – IS NULL, COALESCE, IFNULL
Advanced SQLAdvanced SQL7
  1. 1SQL Stored Procedures
  2. 2SQL User Defined Functions (UDF)
  3. 3SQL Triggers
  4. 4SQL Transactions – COMMIT, ROLLBACK, SAVEPOINT
  5. 5SQL Cursors
  6. 6SQL Error Handling – BEGIN...HANDLER, SIGNAL
  7. 7Dynamic SQL
Database DesignDatabase Design5
  1. 1Database Normalization – 1NF, 2NF, 3NF, BCNF
  2. 2SQL Denormalization
  3. 3ER Diagrams and Schema Design
  4. 4Primary Key vs Unique Key
  5. 5Foreign Keys and Relationships
OptimizationOptimization3
  1. 1SQL Performance Tuning
  2. 2SQL Execution Plans
  3. 3Index Optimization in SQL
SecuritySecurity2
  1. 1SQL Injection and Security
  2. 2User Management and Permissions in SQL
Advanced QueryingAdvanced Querying4
  1. 1Common Table Expressions in SQL
  2. 2Window Functions in SQL – RANK, ROW_NUMBER, LEAD, LAG
  3. 3SQL Pivot and Unpivot
  4. 4Recursive Queries in SQL
IntegrationsIntegrations4
  1. 1SQL with Python
  2. 2SQL with Java
  3. 3SQL with Excel
  4. 4Connecting to SQL Databases via JDBC/ODBC

User Management and Permissions
Controlling Access to Your Database

Introduction

Imagine a school where everyone had keys to every room — from classrooms to the principal’s office. It would be chaos. The same goes for databases. User management and permissions allow you to assign just the right access to each user — no more, no less — ensuring both security and accountability.

Why User Management Matters

  • Protect sensitive data (like student marks)
  • Enforce roles (teacher vs admin vs auditor)
  • Track and log who did what

Creating a New User

-- Syntax (MySQL):
CREATE USER 'teacher1'@'localhost' IDENTIFIED BY 'SecurePass@123';

This creates a user named teacher1 who can connect from the local machine.

Granting Permissions

Give read-only access to students table:

GRANT SELECT ON school.students TO 'teacher1'@'localhost';

Give full access to marks table:

GRANT SELECT, INSERT, UPDATE ON school.marks TO 'teacher1'@'localhost';

Apply changes:

FLUSH PRIVILEGES;

Viewing User Privileges

SHOW GRANTS FOR 'teacher1'@'localhost';

GRANT SELECT ON school.students TO 'teacher1'@'localhost';
GRANT SELECT, INSERT, UPDATE ON school.marks TO 'teacher1'@'localhost';

Revoking Permissions

REVOKE INSERT, UPDATE ON school.marks FROM 'teacher1'@'localhost';

This removes data modification rights but retains read-only access.

Dropping a User

DROP USER 'teacher1'@'localhost';

This permanently removes the user from the system.

Permission Scope Explained

Permission Description
SELECTRead rows
INSERTAdd new rows
UPDATEModify existing rows
DELETERemove rows
ALLFull access to a table or DB

Real-World School Use Cases

  • Teachers: Read/write access to marks, no access to admin tables
  • Principal: Full access to all tables
  • Auditors: Read-only access to financial and academic data
  • IT Admins: ALL privileges + permission to create/drop users

Security Best Practices

  • Never use root for applications
  • Create separate users for read vs write operations
  • Change default passwords immediately
  • Use REVOKE when permissions are no longer needed
  • Review SHOW GRANTS regularly

Summary

Just like in a school, not everyone needs access to every file cabinet. Managing SQL users and their permissions helps enforce clear boundaries. Done right, it protects your data, clarifies roles, and supports system stability.

QUIZ

Question 1:Which SQL command is used to give a specific user access to a table?

Question 2:The REVOKE statement is used to remove privileges that were previously granted to a user.

Question 3:Which of the following are valid privileges you can grant in SQL?

Question 4:In a school database, which command would allow a user 'staff_admin' to insert new rows into the 'students' table?

Question 5:Every user in a database automatically has permission to delete records from every table.

Question 6:Which are benefits of using roles instead of assigning permissions individually?