Difference between revisions of "GRANT"
From Recital Documentation Wiki
Yvonnemilne (Talk | contribs) |
Yvonnemilne (Talk | contribs) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
==Purpose== | ==Purpose== | ||
Grants access privileges for users to tables | Grants access privileges for users to tables | ||
Line 21: | Line 14: | ||
==See Also== | ==See Also== | ||
− | [[ALTER TABLE]], [[CREATE TABLE]], [[GETENV()]], [[REVOKE | + | [[ALTER TABLE]], [[CREATE TABLE]], [[GETENV()]], [[REVOKE]] |
Line 45: | Line 38: | ||
|READ ONLY||The ability to read from any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. | |READ ONLY||The ability to read from any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. | ||
|- | |- | ||
− | |database||The name of the database to which the table belongs. Databases in Recital are implemented as directories containing files that correspond to the tables and associated files in the database. Operating System file protection can be applied individually to the files for added security. The directory is a sub-directory of the Recital data directory. The environment variable | + | |database||The name of the database to which the table belongs. Databases in Recital are implemented as directories containing files that correspond to the tables and associated files in the database. Operating System file protection can be applied individually to the files for added security. The directory is a sub-directory of the Recital data directory. The environment variable DB_DATADIR points to the current Recital data directory and can be queried using the GETENV() function. Files from other directories can be added to the database using the ADD TABLE command or via the database catalog and SET AUTOCATALOG functionality. The '!' character must be included between the database name and the table name. |
|- | |- | ||
|table||The name of the table to which the privileges are granted. | |table||The name of the table to which the privileges are granted. | ||
Line 61: | Line 54: | ||
<code lang="recital"> | <code lang="recital"> | ||
// Grant update privilege for columns lastname and firstname and insert for the table | // Grant update privilege for columns lastname and firstname and insert for the table | ||
− | + | GRANT UPDATE (lastname, firstname) INSERT; | |
− | GRANT UPDATE (lastname, firstname) INSERT | + | ON customer; |
− | ON customer | + | TO '[20,100]' |
− | TO '[20,100]' | + | |
// Grant all privileges to all users | // Grant all privileges to all users | ||
− | + | GRANT ALL ON test TO PUBLIC | |
− | GRANT ALL ON test TO PUBLIC | + | |
</code> | </code> | ||
==Products== | ==Products== | ||
− | Recital | + | Recital Server, Recital |
[[Category:Documentation]] | [[Category:Documentation]] | ||
[[Category:SQL]] | [[Category:SQL]] | ||
[[Category:Commands]] | [[Category:Commands]] |
Latest revision as of 17:42, 22 December 2009
Purpose
Grants access privileges for users to tables
Syntax
GRANT
ALL | [SELECT [(<column> [,...])]] [UPDATE [(<column> [,...])]]
[INSERT] [DELETE] [ALTER] [READ ONLY [(<column> [,...])]]
ON [<database>!] <table> TO '<user>,<group>' [,...] | PUBLIC
See Also
ALTER TABLE, CREATE TABLE, GETENV(), REVOKE
Description
The GRANT command is used to grant access privileges for users to tables. It can extend user privileges but cannot limit existing privileges. Later GRANT statements do affect privileges already granted to a user. Privileges can only be removed with the REVOKE statement. To grant privileges you must be the owner of the table or have already been granted ALTER privileges.
Keywords | Description |
---|---|
ALL | All privileges are granted. |
SELECT | The ability to name any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. |
UPDATE | The ability to name any column in an UPDATE statement. The privilege can be restricted to one or more columns by listing them. |
INSERT | The ability to INSERT rows into the table. |
DELETE | The ability to DELETE rows from the table. |
ALTER | The data type to be stored in that column, and the applicable length or precision. |
READ ONLY | The ability to read from any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. |
database | The name of the database to which the table belongs. Databases in Recital are implemented as directories containing files that correspond to the tables and associated files in the database. Operating System file protection can be applied individually to the files for added security. The directory is a sub-directory of the Recital data directory. The environment variable DB_DATADIR points to the current Recital data directory and can be queried using the GETENV() function. Files from other directories can be added to the database using the ADD TABLE command or via the database catalog and SET AUTOCATALOG functionality. The '!' character must be included between the database name and the table name. |
table | The name of the table to which the privileges are granted. |
user | The user access control string that will be granted the privilege. User access control strings are defined by the operating system. |
group | The group access control string that will be granted the privilege. Group access control strings are defined by the operating system |
PUBLIC | All users and groups will be granted the privilege. |
Example
// Grant update privilege for columns lastname and firstname and insert for the table GRANT UPDATE (lastname, firstname) INSERT; ON customer; TO '[20,100]' // Grant all privileges to all users GRANT ALL ON test TO PUBLIC
Products
Recital Server, Recital