Open Source RDBMS - Seamless, Scalable, Stable and Free

한국어 | Login |Register

Versions available for this page: CUBRID 8.2.1  |  CUBRID 8.3.0  |  CUBRID 8.3.1  |  CUBRID 8.4.0 |  CUBRID 8.4.1  |  CUBRID 8.4.3  |  CUBRID 9.0.0  | 

Granting Authorization

Description

In CUBRID, the smallest grant unit of authorization is a table. You must grant appropriate authorization to other users (groups) before allowing them to access the table you created.

You don't need to grant authorization individually because the members of the granted group have the same authorization. The access to the (virtual) table created by a PUBLIC user is allowed to all other users. You can grant access authorization to a user by using the GRANT statement.

Syntax

GRANT operation [ { ,operation }_ ] ON table_name [ { ,table_name }_ ]

TO user [ { ,user }_ ] [ WITH GRANT OPTION ] [ ; ]

  • operation : Indicates an operation that can be used when granting authorization. The following table shows the operations:
    • SELECT : Allows to read the table definitions and retrieve records. The most general type of permissions.
    • INSERT : Allows to create records in the table.
    • UPDATE : Allows to modify the records already existing in the table.
    • DELETE : Allows to delete records in the table.
    • ALTER : Allows to modify the table definition, rename or delete the table.
    • INDEX : Allows to call table methods or instance methods.
    • EXECUTE : Allows to call table methods or instance methods.
    • ALL PRIVILEGES : Includes all permissions described above.
  • table_name : Specifies the name of the table or virtual table to be granted.
  • user : Specifies the name of the user (group) to be granted. Enter the login name of the database user or PUBLIC, a system-defined user. If PUBLIC is specified, all database users are granted with the permission.
  • WITH GRANT OPTION : WITH GRANT OPTION allows the grantee of authorization to grant that same privilege to another user.
Example 1

The following is an example in which the SELECT authorization for the olympic table is granted to Fred (all members of Fred).

GRANT SELECT ON olympic TO Fred;

Example 2

The following is an example in which SELECT, INSERT, UPDATE and DELETE authorization for the nation and athlete tables are granted to Jeniffer and Daniel (all members belonging to Jeniffer and Daniel).

GRANT SELECT, INSERT, UPDATE, DELETE ON nation, athlete TO  Jeniffer, Daniel;

Example 3

The following is an example in which all authorization for the game and event tables are granted to all users.

GRANT ALL PRIVILEGES ON game, event TO public;

Example 4

In the following example, the GRANT statement grants search authorization for the record and history tables to Ross, and WITH GRANT OPTION allows Ross to grant the same authorization to another user.

GRANT SELECT ON record, history TO Ross WITH GRANT OPTION;

Caution
  • The grantor of authorization must be the owner of all tables listed before the grant operation or have WITH GRANT OPTION specified.
  • Before granting SELECT, UPDATE, DELETE and INSERT authorization for a virtual table, the owner of the virtual table must have SELECT and GRANT authorization for all the tables included in the queries in the virtual table's query specification. The DBA user and the members of the DBA group are automatically granted all authorization for all tables.