Books
in black and white
Main menu
Share a book About us Home
Books
Biology Business Chemistry Computers Culture Economics Fiction Games Guide History Management Mathematical Medicine Mental Fitnes Physics Psychology Scince Sport Technics
Ads

Teradata RDBMS forUNIX SQL Reference - NCR

NCR Teradata RDBMS forUNIX SQL Reference - NCR, 1997. - 913 p.
Download (direct link): teradataforunix1997.pdf
Previous << 1 .. 149 150 151 152 153 154 < 155 > 156 157 158 159 160 161 .. 241 >> Next

TO Introduces the clause that specifies the recipient of the GRANT results.
[ALL] username Specifies the name of a database or user that identifies the recipient. username must be the identifier of a user already defined in the Teradata RDBMS. Up to 25 names can be entered. If ALL is specified, the privileges are to be granted to the named database or user, and to every database or user owned by that database or user now and in the future. ALL DBC is equivalent to PUBLIC. Note: ALL is flagged as non-ANSI when the SQL flagger is enabled.
public Specifies that the privileges are to be granted to all existing and future users of the Teradata RDBMS.
WITH GRANT OPTION Specifies that the grantee will receive privileges WITH GRANT OPTION.

Object-name is the name of a table, view or macro. If the form of the Object"Name rights option includes a set of column-names then object-name must

be for either a table or view.

If the object-name is not qualified by either a database-name or username and there is an object with that name both under the current database of the executing user and that of the grantee then it is assumed that the object is that in the current database of the executing user. Also, an unqualified object name is considered to be that of the current database if the name is that of the current database and also the name of a table either within the current database or within the database of the grantee.

The REFERENCES privilege applies at both the table and column REFERENCES level. It is required on the columns implicitly or explicitly referenced

in a FOREIGN KEY clause of a CREATE or ALTER TABLE statement. This privilege, with grant authority, is given to the owner and creator of a table by the system.

If a column-name list is included with the keyword REFERENCES (or UPDATE) and the specified grantee set already has the right

Teradata RDBMS for UNIX SQL Reference

8-155
Teradata SQL Syntax Guide

GRANT Statement (SQL)

specified at the table level with the specified grant authority, then the system accepts the statement but takes no action. This is because possessing UPDATE or REFERENCES (or UPDATE) right at table level allows that action against all columns of the table.

The INDEX privilege only applies at table level. The privilege (or DROP TABLE) are required to execute the CREATE or DROP INDEX statements. The system automatically gives this privilege, with grant authority, to the owner and creator of the table.

The DBC.AccessRights table now has column defined, which Column Level Rights contains the field id of a column on which UPDATE or

REFERENCES right has been granted. The column type is a nonnull small integer. If the right defined by the row is not at the column level then the value of the column is zero.

Column level rights are implicitly granted to the owner/creator of a table. However, a row is not generated in the DBC.AccessRights table for these column level rights.

Rows are not generated in the access rights table for individual columns when the UPDATE or REFERENCES rights are granted at the table level.

Rows only exist in the table for rights granted through execution of a GRANT statement at the column level when the grantee does not have the right at the table level. The only exception to this is the case of a user having the right at the table level without GRANT authority and then that user is given the same right on an individual column with grant authority.

Rights Required to Perform UPDATE, DELETE, and INSERT

Any user who needs to perform conditioned updates, deletes, or inserts must be granted SELECT access privileges on all tables where there is a need to read values from the target table.

For INSERT, SELECT rights are required only if a table is to be reflexively grown by INSERT-SELECT statements upon itself.

Take care granting the privilege to delete data through a view because data in fields that might not be known to the user (and which may be important to the enterprise) may be deleted when a row is deleted through a view.

The user submitting the GRANT statement either must be user DBC Who Can Use GRA.NT? or someone DBC has granted privileges to, or must have WITH

GRANT OPTION for the privilege to be granted, plus all of the privileges that are to be conferred, on the object.

8-156

Teradata RDBMS for UNIX SQL Reference
Teradata SQL Syntax Guide

GRANT Statement (SQL)

Logging Access Attempts

Restrictions on Granted Privileges

Verifying Privileges on Views and Macros

If the object is a view or macro, the owner of the view or macro also must have the WITH GRANT OPTION for applicable privileges, plus all other applicable privileges, on the objects referenced by that view or macro.

A user need not be related to a grantor through ownership to receive a privilege.

If a GRANT statement is at the database or user level, the privilege applies to all objects, both current and future, created in that space. If a REVOKE statement later removes the privilege, the privilege is dropped for all objects, regardless of when they were created.
Previous << 1 .. 149 150 151 152 153 154 < 155 > 156 157 158 159 160 161 .. 241 >> Next