flavours-without-borders/Database implementation/users/users.sql

# Simple users of the application (aka customers)
CREATE USER 'user'@'localhost' IDENTIFIED BY 'userPasswd';
CREATE USER 'user'@'%' IDENTIFIED BY 'userPasswd';

# Users can access, add and update rows for all the tables
GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'localhost';
GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'%';
# except the columns that indicate whether a restaurant/food/drink/diet is approved or not
REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'%';
REVOKE SELECT, INSERT, UPDATE (food_is_approved) ON flavours_without_borders.food FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (food_is_approved) ON flavours_without_borders.food FROM 'user'@'%';
REVOKE SELECT, INSERT, UPDATE (drink_is_approved) ON flavours_without_borders.drink FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (drink_is_approved) ON flavours_without_borders.drink FROM 'user'@'%';
REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'%';

# Moderators
CREATE USER 'moderator'@'localhost' IDENTIFIED BY 'moderatorPasswd';
CREATE USER 'moderator'@'%' IDENTIFIED BY 'moderatorPasswd';

# Mods have elevated privileges
GRANT SELECT, INSERT, UPDATE, DELETE ON flavours_without_borders.* TO 'moderator'@'localhost';
GRANT SELECT, INSERT, UPDATE, DELETE ON flavours_without_borders.* TO 'moderator'@'%';

# Owners of restaurants or other stuff (cooks etc.)
CREATE USER 'owner'@'localhost' IDENTIFIED BY 'ownerPasswd';
CREATE USER 'owner'@'%' IDENTIFIED BY 'ownerPasswd';

# Owners can access, add and update rows for all the tables
GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'localhost';
GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'%';
# except the columns that indicate whether a restaurant/diet is approved or not
REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'%';
REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'localhost';
REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'%';

# They can however view and alter the columns that indicate whether a food/drink is approved or not!
Init users, Other improvements 6 years ago			`# Simple users of the application (aka customers)`
			`CREATE USER 'user'@'localhost' IDENTIFIED BY 'userPasswd';`
			`CREATE USER 'user'@'%' IDENTIFIED BY 'userPasswd';`

			`# Users can access, add and update rows for all the tables`
			`GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'localhost';`
			`GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'%';`
			`# except the columns that indicate whether a restaurant/food/drink/diet is approved or not`
			`REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'%';`
			`REVOKE SELECT, INSERT, UPDATE (food_is_approved) ON flavours_without_borders.food FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (food_is_approved) ON flavours_without_borders.food FROM 'user'@'%';`
			`REVOKE SELECT, INSERT, UPDATE (drink_is_approved) ON flavours_without_borders.drink FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (drink_is_approved) ON flavours_without_borders.drink FROM 'user'@'%';`
			`REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'%';`

			`# Moderators`
			`CREATE USER 'moderator'@'localhost' IDENTIFIED BY 'moderatorPasswd';`
			`CREATE USER 'moderator'@'%' IDENTIFIED BY 'moderatorPasswd';`

			`# Mods have elevated privileges`
			`GRANT SELECT, INSERT, UPDATE, DELETE ON flavours_without_borders.* TO 'moderator'@'localhost';`
			`GRANT SELECT, INSERT, UPDATE, DELETE ON flavours_without_borders.* TO 'moderator'@'%';`

			`# Owners of restaurants or other stuff (cooks etc.)`
			`CREATE USER 'owner'@'localhost' IDENTIFIED BY 'ownerPasswd';`
			`CREATE USER 'owner'@'%' IDENTIFIED BY 'ownerPasswd';`

			`# Owners can access, add and update rows for all the tables`
			`GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'localhost';`
			`GRANT SELECT, INSERT, UPDATE ON flavours_without_borders.* TO 'user'@'%';`
			`# except the columns that indicate whether a restaurant/diet is approved or not`
			`REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (restaurant_is_approved) ON flavours_without_borders.restaurant FROM 'user'@'%';`
			`REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'localhost';`
			`REVOKE SELECT, INSERT, UPDATE (diet_is_approved) ON flavours_without_borders.diet FROM 'user'@'%';`

			`# They can however view and alter the columns that indicate whether a food/drink is approved or not!`