Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
DCL Full Form
Clients can store, direct, and recover information from data sets utilizing programming known as a data set administration framework (DBMS). DBMS languages and interfaces, an essential component of a DBMS, enable user interaction with the database system.
Data Control Language is referred to as DCL in SQL. It is a part of the SQL (Structured Query Language) subset that deals with rights and authorization for database objects. To give or revoke rights, manage user access, and regulate the security features of a database system, DCL statements are utilized.
DCL Commands
There are several DCL commands, such as −
GRANT
A user or role can be granted specified capabilities on a database object using the GRANT command. The GRANT command has the following syntax −
GRANT SELECT, INSERT, UPDATE ON employees TO jane;
Example
For instance, suppose we have a database called "employees" and we want to give the user "jane" access to SELECT, INSERT, and UPDATE rights. The following command can be used −
GRANT SELECT, INSERT, UPDATE ON employees TO jane;
Output
The GRANT command does not really construct an output table, therefore the output table would be identical to the input table. However, the command would give the user Jane access to the SELECT, INSERT, and UPDATE functions on the employees table.
REVOKE
Removing previously given rights from a user or role on a database object is done using the REVOKE command. The REVOKE command has the following syntax −
REVOKE privilege_name ON object_name FROM user_or_role;
Example
Say, for illustration, that we wish to remove the user "jane" from the "employees" table's SELECT privilege. The following command can be used −
REVOKE SELECT ON employees FROM jane;
Output
The CQL statement "REVOKE SELECT ON employees FROM jane" just revokes the SELECT permission previously given to the user "jane" on the "employees" database in the current keyspace, which explains why there is no change in the input and output tables. The table's columns and contents stay the same.
As a result, the data and structure of the input and output tables are identical. The sole change is that in the present key space, the user "jane" would no longer be allowed to do SELECT queries on the "employees" table.
DENY
A user or role can have certain rights on a database object denied by using the DENY command. The DENY command has the following syntax −
DENY privilege_name ON object_name TO user_or_role;
Example
For instance, suppose we wish to prevent the user "jane" from inserting data into the "employees" database. The following command can be used −
DENY INSERT ON employees TO jane;
Output
The CQL statement "DENY INSERT ON employees TO jane" only forbids the "jane" user from attempting to insert data into the "employees" table, which explains why the input and output tables are left unchanged. The table's columns and contents stay the same.
As a result, the data and structure of the input and output tables are identical. The "employees" table's access control permissions, which have been changed to deny the "INSERT" permission to the "jane" user, are the only thing that differs.
ALTER
An existing user or role's permissions can be changed using the ALTER command. The ALTER command has the following syntax −
ALTER USER user_name WITH {GRANT|DENY} privilege_name ON object_name;
Example
For instance, suppose we wish to give the user "jane" the SELECT privilege on the "employees" table. The following command can be used −
ALTER USER jane WITH GRANT SELECT ON employees;
Output
This command has no related output table. If the operation is successfully carried out, the Cassandra database's user account's permissions are only updated. When the user next signs in or tries to run a query that needs the SELECT permission on the "employees" table, the changed permissions will take effect.
Conclusion
Commands are available in the Data Control Language (DCL) to control permissions and access to database objects. The primary commands in DCL are ALTER, GRANT, REVOKE, and DENY. You can give or remove particular capabilities to users or roles on database objects using these procedures. Database administrators and security professionals both use these commands because they are crucial for managing security and access control in a database.
171 Views
