Granting Privileges

In Texis, the creator of the database would be the automatic administrator of security. This individual can grant to other users different powers, such as the ability to read only, to modify, or to delete data in the database. Through the authorization subsystem, user names and password control which users can see what data. Each user signs onto the computer system with his or her own user name and password (i.e., user identification) and cannot access without permission tables created by some other user with a different user name.

The person who creates a table is considered the "owner" of the table. Initially, that person is the only one who can access, update, and destroy the table. The owner, however, can grant to other users the right, or privilege, to do the following:

  • Access the tables created by the owner.

  • Add, change, or delete values in a table.

  • Grant rights the user receives from the owner to other users.

The owner of the table can grant to other users privileges that include the following:

SELECT: Retrieve rows without changing values in a table.
INSERT: Add new rows to a table.
UPDATE: Change values in a table.
DELETE: Remove rows from a table.

The authorization subsystem of Texis is based on privileges that are controlled by the statements GRANT and REVOKE. The GRANT command allows the "owner" of a table to specify the operations, or privileges, that other users may perform on a table. The format of the command is: 

GRANT  [ALL]
            privilege1 [,privilege2] ...
     ON     table-name1
     TO     PUBLIC
            userid1 [,userid2] ...
     [WITH GRANT OPTION] ;

Copyright © Thunderstone Software     Last updated: Apr 15 2024

 

Copyright © 2024 Thunderstone Software LLC. All rights reserved.