Table of Contents Previous Next



2.3.61 GRANT
GRANT -- define access privileges
ON tablename
TO { username | groupname | PUBLIC } [, ...]
ON tablename
TO { username | groupname | PUBLIC } [, ...]
ON sequencename
TO { username | groupname | PUBLIC } [, ...]
ON FUNCTION progname
( [ [ argmode ] [ argname ] argtype ] [, ...] )
TO { username | groupname | PUBLIC } [, ...]
[ ( [ [ argmode ] [ argname ] argtype ] [, ...] ) ]
TO { username | groupname | PUBLIC } [, ...]
ON PACKAGE packagename
TO { username | groupname | PUBLIC } [, ...]
GRANT role [, ...]
TO { username | groupname | PUBLIC } [, ...]
TO { username | groupname } [, ...]
TO { username | groupname }
TO { username | groupname }
TO { username | groupname }
The GRANT command has three basic variants: one that grants privileges on a database object (table, view, sequence, or program), one that grants membership in a role, and one that grants system privileges. These variants are similar in many ways, but they are different enough to be described separately.
In Advanced Server, the concept of users and groups has been unified into a single type of entity called a role. In this context, a user is a role that has the LOGIN attribute – the role may be used to create a session and connect to an application. A group is a role that does not have the LOGIN attribute – the role may not be used to create a session or connect to an application.


Table of Contents Previous Next