You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafodion.apache.org by rm...@apache.org on 2016/11/28 17:13:09 UTC
[2/4] incubator-trafodion git commit: TRAFODION-2156 Update SQL
reference manual for column level privileges
TRAFODION-2156 Update SQL reference manual for column level privileges
Clarified some sections.
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6787ff0d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6787ff0d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6787ff0d
Branch: refs/heads/master
Commit: 6787ff0db6f9af23318da229fe2e26329849b848
Parents: 466048a
Author: Roberta Marton <rm...@edev07.esgyn.local>
Authored: Tue Nov 22 16:23:21 2016 +0000
Committer: Roberta Marton <rm...@edev07.esgyn.local>
Committed: Tue Nov 22 16:23:21 2016 +0000
----------------------------------------------------------------------
.../src/asciidoc/_chapters/sql_statements.adoc | 40 ++++++++++----------
1 file changed, 20 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6787ff0d/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
----------------------------------------------------------------------
diff --git a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
index 91ac2a2..359291e 100644
--- a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
+++ b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
@@ -135,7 +135,7 @@ Use these statements to register users, create roles, and grant and revoke privi
| <<alter_user_statement,ALTER USER Statement>> | Changes attributes associated with a user who is registered in the database.
| <<create_role_statement,CREATE ROLE Statement>> | Creates an SQL role.
| <<drop_role_statement,DROP ROLE Statement>> | Deletes an SQL role.
-| <<grant_statement,GRANT Statement>> | Grants access privileges on an SQL object or an SQL objects' columns to specified users or roles.
+| <<grant_statement,GRANT Statement>> | Grants access privileges on an SQL object or an SQL object's columns to specified users or roles.
| <<grant_component_privilege_statement,GRANT COMPONENT PRIVILEGE Statement>> | Grants one or more component privileges to a user or role.
| <<grant_role_statement,GRANT ROLE Statement>> | Grants one or more roles to a user.
| <<register_user_statement,REGISTER USER Statement>> | Registers a user in the SQL database, associating the user's login name with a database user name.
@@ -4831,9 +4831,8 @@ Specifies the privileges to grant. You can specify these privileges for an objec
| REFERENCES [column-list] | Can create constraints that reference the object.
| SELECT [column-list] | Can use the select statement.
| UPDATE [column-list] | Can use the update statement on table objects.
-| USAGE | For libraries, can access a library using the create procedure or create
-function statement. This privilege provides you with read access to the library\u2019s underlying library
-file. For sequences, can use the sequence in a SQL statement.
+| USAGE | For libraries, can create procedures and functions on library objects.
+For sequence generators, can use the sequence in a SQL statement.
| ALL | All the applicable privileges. When you specify all for a table or view,
this includes the select, delete, insert, references, and update privileges. When the object is a
stored procedure or user-defined function (UDF), only the execute privilege is applied. When the
@@ -4843,24 +4842,24 @@ generator, only the usage privilege is applied.
* `ON [_object-type_] [_schema_.]_object_`
+
-Specifies an object on which to grant privileges. _object-type_ can be:
+Specifies an object on which to grant privileges. If none is specified, it defaults to TABLE. See <<database_object_names,"Database Object Names>> for more details. _object-type_ can be:
-** `[FUNCTION] [_schema_.]_function-name_`, where _function-name_ is the name of a user-defined function (UDF) in the database.
-** `[LIBRARY] [_schema_.]_library-name_`, where _library-name_ is the name of a library object in the database.
-** `[PROCEDURE] [_schema_.]_procedure-name_`, where _procedure-name_ is the name of a stored procedure in java (SPJ)
+** `FUNCTION [_schema_.]_function-name_`, where _function-name_ is the name of a user-defined function (UDF) in the database.
+** `LIBRARY [_schema_.]_library-name_`, where _library-name_ is the name of a library object in the database.
+** `PROCEDURE [_schema_.]_procedure-name_`, where _procedure-name_ is the name of a stored procedure in java (SPJ)
registered in the database.
-** `[SEQUENCE] [_schema_.]_sequence-name_`, where _sequence-name_ is the name of a sequence object in the database.
-** `[TABLE] [_schema_.]_object_`, where _object_ is a table or view. see <<database_object_names,database object names>>.
+** `SEQUENCE [_schema_.]_sequence-name_`, where _sequence-name_ is the name of a sequence object in the database.
+** `[TABLE] [_schema_.]_object_`, where _object_ is a table or view.
* `TO {_grantee_ … }`
+
-Specifies one or more _auth-names_ to which you grant privileges.
+Specifies the _auth-name_ to which you grant privileges.
* `_auth-name_`
+
-Specifies the name of an authorization id to which you grant privileges. see <<authorization_ids,authorization ids>>.
+Specifies the name of an authorization id to which you grant privileges. See <<authorization_ids,authorization ids>>.
The authorization id must be a registered database username, an existing role name, or public. the name is a regular
-or delimited case-insensitive identifier. see <<case_insensitive_delimited_identifiers,case-insensitive delimited identifiers>>.
+or delimited case-insensitive identifier. Dee <<case_insensitive_delimited_identifiers,case-insensitive delimited identifiers>>.
If you grant a privilege to public, the privilege remains available to all users, unless it is later revoked from public.
* `WITH GRANT OPTION`
@@ -5874,8 +5873,9 @@ Specifies the privileges to revoke. You can specify these privileges for an obje
| SELECT [column-list] | Revokes the ability to use the SELECT statement.
| UPDATE [column-list] | Revokes the ability to use the UPDATE statement.
to execute a user-defined function (UDF).
-| USAGE | Revokes the ability to access a library using the CREATE PROCEDURE or CREATE FUNCTION statement.
-Revokes read access to the library\u2019s underlying library file.
+| USAGE | For libraries, revokes the ability to access a library using the
+CREATE PROCEDURE or CREATE FUNCTION statement.
+For sequence generators, revokes the ability to access a sequence in a SQL query.
| ALL | Revokes the ability to use all privileges that apply to the object type.
When you specify ALL for a table or view, this includes the SELECT, DELETE, INSERT, REFERENCES, and
UPDATE privileges. When the object is a stored procedure or user-defined function (UDF), this includes
@@ -5885,13 +5885,13 @@ When the object is a sequence generator, only the usage privilege is applied.
* `ON [_object-type_] [_schema_.]_object_`
+
-Specifies an object on which to grant privileges. See <<database_object_names,"Database Object Names>>. _object-type_ can be:
+Specifies an object on which to grant privileges. If none is specified, it defaults to TABLE. See <<database_object_names,"Database Object Names>> for more details. _object-type_ can be:
-** [FUNCTION] [_schema_.]_function-name_, where _function-name_ is the name of a user-defined function in the database.
-** [LIBRARY] [_schema_.]_library-name_, where _library-name_ is the name of a library object in the database.
-** [PROCEDURE] [_schema_.]_procedure-name_, where _procedure-name_ is the name of a stored procedure in Java (SPJ)
+** FUNCTION [_schema_.]_function-name_, where _function-name_ is the name of a user-defined function in the database.
+** LIBRARY [_schema_.]_library-name_, where _library-name_ is the name of a library object in the database.
+** PROCEDURE [_schema_.]_procedure-name_, where _procedure-name_ is the name of a stored procedure in Java (SPJ)
registered in the database.
-** [SEQUENCE] [_schema_.]_sequence-name_, where _sequence-name_ is the name of a sequence generator.
+** SEQUENCE [_schema_.]_sequence-name_, where _sequence-name_ is the name of a sequence generator.
** [TABLE] [_schema_.]_object-name_, where _object-name_ is the name of a table or view.
* `FROM {_grantee_ [,_grantee_] … }`