Open Source RDBMS - Seamless, Scalable, Stable and Free

한국어 | Login |Register

Versions available for this page: CUBRID 8.2.1 |  CUBRID 8.3.0 |  CUBRID 8.3.1 |  CUBRID 8.4.0 |  CUBRID 8.4.1 |  CUBRID 8.4.3 |  CUBRID 9.0.0 | 



Granting Authorization

Description

In CUBRID, the smallest grant unit of authorization is a table. You must grant appropriate authorization to other users (groups) before allowing them to access the table you created.

You don't need to grant authorization individually because the members of the granted group have the same authorization. The access to the (virtual) table created by a PUBLIC user is allowed to all other users. You can grant access authorization to a user by using the GRANT statement.

Syntax

GRANT operation [ { ,operation }_ ] ON table_name [ { ,table_name }_ ]

TO user [ { ,user }_ ] [ WITH GRANT OPTION ] [ ; ]

  • operation : Indicates an operation that can be used when granting authorization. The following table shows operations.
    • SELECT : Allows to read the table definitions and retrieve records. The most general type of permissions.
    • INSERT : Allows to create records in the table.
    • UPDATE : Allows to modify the records already existing in the table.
    • DELETE : Allows to delete records in the table.
    • ALTER : Allows to modify the table definition, rename or delete the table.
    • INDEX : Allows to call table methods or instance methods.
    • EXECUTE : Allows to call table methods or instance methods.
    • ALL PRIVILEGES : Includes all permissions described above.
  • table_name : Specifies the name of the table or virtual table to be granted.
  • user : Specifies the name of the user (group) to be granted. Enter the login name of the database user or PUBLIC, a system-defined user. If PUBLIC is specified, all database users are granted with the permission.
  • WITH GRANT OPTION : WITH GRANT OPTION allows the grantee of authorization to grant that same authorization to another user.
Example 1

The following example shows how to grant the SELECT authorization for the olympic table to Fred (including his members).

GRANT SELECT ON olympic TO Fred;

Example 2

The following example shows how to grant the SELECT, INSERT, UPDATE and DELETE authorization on the nation and athlete tables to Jeniffer and Daniel (including their members).

GRANT SELECT, INSERT, UPDATE, DELETE ON nation, athlete TO  Jeniffer, Daniel;

Example 3

The following example shows how to grant every authorization on the game and event tables to all users.

GRANT ALL PRIVILEGES ON game, event TO public;

Example 4

The following example shows how to grant retrieving authorization on the record and history tables to ROSS. Using WITH GRANT OPTION allows ROSS to grant retrieving to another users. Ross can grant authorization to others within her authorization.

GRANT SELECT ON record, history TO Ross WITH GRANT OPTION;

Caution
  • The grantor of authorization must be the owner of all tables listed before the grant operation or have WITH GRANT OPTION specified.
  • Before granting SELECT, UPDATE, DELETE and INSERT authorization for a virtual table, the owner of the virtual table must have SELECT and GRANT authorization for all the tables included in the query specification. The DBA user and the members of the DBA group are automatically granted all authorization for all tables.
  • To execute the TRUNCATE statement, the ALTER, INDEX, and DELETE authorization is required.