Why not use a different DB user for migrations

I’m not sure if this has been discussed before, but are there significant challenges to having one database user to run migrations (ability to CREATE and/or EDIT schema) and another user to do CRUD actions on the data itself? I understand Rails takes care of a lot of sql injection attacks for us, but if the database user that rails used lacked schema EDIT capability, it would be impossible for a malicious user to DROP or ADD tables. Sure, there is still a lot of danger posed by a malicious data user (DELETE FROM table), but couldn’t we limit the attack area on the database with a more powerful “migration only” user?