Switch to: V9V8V7V6V5

GRANT PRIVILEGES

[NEW in v4.0]

This command allows to assign privileges for a user of a Valentina Server.

Make sure that property PrivilegesEnable is enabled in the INI-file of VServer to use privileges.

Syntax

privilege_def
    :    GRANT privileges TO grantee_list 

privileges
    :    object_privileges ON [object_type] object_name

object_privileges
    :    { ALL | privilege_list } [PRIVILEGES]

privilege_list
    : privilege, ...

privilege
    : NONE | READ | INSERT | UPDATE | DELETE | ALTER

object_type
    :   DATABASE | PROJECT

object_name
    :    IDENT.*

grantee_list
    :    character_string_literal [, ...]

Arguments

object_type

the type of object for which privileges are granted. If not specified then DATABASE is assumed.

object_name

the name of object for which privileges are granted.

privileges

It could be ALL or one of the following:

  • NONE - No privileges.
  • READ - Read privilege.
  • INSERT - Insert privilege.
  • UPDATE - Update privilege.
  • DELETE - Delete privilege.
  • ALTER - DDL operations privilege.

grantee_list

the list of users which are grantees of privileges for object_name.

Description

This command force Valentina Server to grant the privileges for particular object to users mentioned in grantee list. This command is available for ADMINISTRATOR of vserver only.

If server variable PrivilegesEnable is set to zero (see vServer ini-file for details) no privileges checks performed at all. It means all users are granted for any db operation (granted privileges are still stored but plays no role in this mode).

Errors

  • ERR_CONNECTION_OPERATION_NOT_PERMITTED - Valentina is running in local mode or query-issuer is not administrator of Valentina Server.
  • ERR_CONNECTION_USER_NOT_EXISTS - some user mentioned in grantee_list is not exist.
  • ERR_DB_NOT_FOUND - database with the specified name is not registered to Valentina Server.
  • ERR_DB_IDENTIFIER_NOT_FOUND - Database does not contain the object with specified name.

Examples

Example:

User1 should have all privileges to work with db1:

GRANT ALL ON db1.* TO 'User1';

Example:

User1 should be able to insert new data into the database (but he is not able to delete, update data or alter database schema):

GRANT INSERT ON db1.* TO 'User1';

Example:

User1 should be able to insert and delete data (but he is not able to update data or alter database schema):

GRANT INSERT, DELETE ON db1.* TO 'User1';