MySQL 5.6 Reference Manual Including MySQL NDB Cluster 7.3-7.4 Reference Guide
SHOW GRANTS [FOR user
]
This statement displays the privileges that are assigned to a
MySQL user account, in the form of
GRANT
statements that must be
executed to duplicate the privilege assignments.
SHOW GRANTS
requires the
SELECT
privilege for the
mysql
system database, except to display
privileges for the current user. For output that includes an
IDENTIFIED BY PASSWORD
clause displaying an
account password hash value, the
SUPER
privilege is required to
see the actual hash value. Otherwise, the value displays as
<secret>
.
To name the account for SHOW
GRANTS
, use the same format as for the
GRANT
statement (for example,
'jeffrey'@'localhost'
):
mysql> SHOW GRANTS FOR 'jeffrey'@'localhost';
+------------------------------------------------------------------+
| Grants for jeffrey@localhost |
+------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `jeffrey`@`localhost` |
| GRANT SELECT, INSERT, UPDATE ON `db1`.* TO `jeffrey`@`localhost` |
+------------------------------------------------------------------+
The host part, if omitted, defaults to '%'
.
For additional information about specifying account names, see
Section 6.2.4, “Specifying Account Names”.
To display the privileges granted to the current user (the account you are using to connect to the server), you can use any of the following statements:
SHOW GRANTS; SHOW GRANTS FOR CURRENT_USER; SHOW GRANTS FOR CURRENT_USER();
If SHOW GRANTS FOR CURRENT_USER
(or any
equivalent syntax) is used in definer context, such as within a
stored procedure that executes with definer rather than invoker
privileges, the grants displayed are those of the definer and
not the invoker.
SHOW GRANTS
does not display
privileges that are available to the named account but are
granted to a different account. For example, if an anonymous
account exists, the named account might be able to use its
privileges, but SHOW GRANTS
does
not display them.