|Your description seems to be going backwards.
What you should be doing.
First create the user.
Second give it access to the specific database.
Until you give it access it should not be able to do anything. Which is why your description seems off. Seems to suggest that you created it with access to everything and now you want to restrict that access. So whatever you did to create it in the first place is wrong.