mysql> grant select on aaa.t1 to 'user_a'@'%' identified by '123456'; 
Query OK, 0 rows affected (0.33 sec) 


[mysql@localhost ~]$ mysql -u user_a -p -h 127.0.0.1 
Enter password: 
Welcome to the MySQL monitor. Commands end with ; or \g. 
Your MySQL connection id is 2 
Server version: 5.6.23-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial) 

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. 

Oracle is a registered trademark of Oracle Corporation and/or its 
affiliates. Other names may be trademarks of their respective 
owners. 

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 


mysql> show grants for 'user_a'@'%'; 
+-------------------------------------------------------------------------------------------------------+ 
| Grants for user_a@% | 
+-------------------------------------------------------------------------------------------------------+ 
| GRANT USAGE ON *.* TO 'user_a'@'%' IDENTIFIED BY PASSWORD '*6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9' | 
| GRANT SELECT ON `aaa`.`t1` TO 'user_a'@'%' | 
+-------------------------------------------------------------------------------------------------------+ 
2 rows in set (0.00 sec) 

mysql> select * from aaa.t1; 
+------+ 
| id | 
+------+ 
| 1 | 
+------+ 
1 row in set (0.00 sec) 

mysql> select * from aaa.t2; 
ERROR 1142 (42000): SELECT command denied to user 'user_a'@'localhost' for table 't2' 
mysql> select * from test.t1; 
+------+------+------+ 
| id | name | sex | 
+------+------+------+ 
| 1 | NULL | NULL | 
| 2 | NULL | NULL | 
+------+------+------+ 
2 rows in set (0.00 sec) 

mysql> use test; 
Reading table information for completion of table and column names 
You can turn off this feature to get a quicker startup with -A 

Database changed 
mysql> show tables; 
+-----------------+ 
| Tables_in_test | 
+-----------------+ 
| 员工表 | 
| V1 | 
| eb_goods_depict | 
| t1 | 
| t11 | 
| t111 | 
| t2 | 
| t3 | 
| ta | 
| ta_myisam | 
| tb | 
| test | 
| tt | 
| tttttttt | 
| user | 
| users | 
| v_test | 
+-----------------+ 
17 rows in set (0.00 sec) 

mysql> select count(*) from t1; 
+----------+ 
| count(*) | 
+----------+ 
| 2 | 
+----------+ 
1 row in set (0.00 sec) 


在有权限有用户中查看： 
mysql> select host,user,db from mysql.db; 
+------+------+---------+ 
| host | user | db | 
+------+------+---------+ 
| % | | test | 
| % | | test\_% | 
+------+------+---------+ 
2 rows in set (0.00 sec) 
mysql> delete from mysql.db where db='test'; 
Query OK, 1 row affected (0.00 sec) 

mysql> flush privileges; 
Query OK, 0 rows affected (0.01 sec) 


再次查看时： 是没有权限了 
[mysql@localhost ~]$ mysql -u user_a -p -h 127.0.0.1 
Enter password: 
Welcome to the MySQL monitor. Commands end with ; or \g. 
Your MySQL connection id is 5 
Server version: 5.6.23-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial) 

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. 

Oracle is a registered trademark of Oracle Corporation and/or its 
affiliates. Other names may be trademarks of their respective 
owners. 

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 

mysql> select count(*) from test.t1; 
ERROR 1142 (42000): SELECT command denied to user 'user_a'@'localhost' for table 't1' 

总结：原来是mysql.db里有那条记录搞的 
先验证db表，再验证tables_priv表