528 lines
31 KiB
HTML
528 lines
31 KiB
HTML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<meta name="dc.date" scheme="iso8601" content="2005-09-19" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow"/>
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="keywords" content="
|
|
GRANT (Function or Procedure Privileges) statement,
|
|
GRANT (Function or Procedure Privileges), SQL statements, ALL clause,
|
|
ALL PRIVILEGES clause, ALTER clause, EXECUTE clause, FUNCTION clause,
|
|
GRANT statement, SPECIFIC clause, in GRANT statement, specific-name, granting,
|
|
function, procedure, in GRANT (Function or Procedure Privileges) statement,
|
|
authorization-name, PUBLIC clause, WITH GRANT OPTION clause,
|
|
GRANT (Fnction or Procedure Privileges) statement" />
|
|
<title>GRANT (Function or Procedure Privileges)</title>
|
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
|
</head>
|
|
<body>
|
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
|
|
|
|
|
<a name="gntprc"></a>
|
|
<h2 id="gntprc"><a href="rbafzmst02.htm#ToC_1112">GRANT (Function or Procedure Privileges)</a></h2><a id="idx2785" name="idx2785"></a><a id="idx2786" name="idx2786"></a>
|
|
<a name="grntprc"></a>
|
|
<p id="grntprc">This form of the GRANT statement grants privileges on a function
|
|
or procedure.</p>
|
|
<a name="wq1554"></a>
|
|
<h3 id="wq1554"><a href="rbafzmst02.htm#ToC_1113">Invocation</a></h3>
|
|
<p>This statement can be embedded in an application program or issued interactively.
|
|
It is an executable statement that can be dynamically prepared.</p>
|
|
<a name="wq1555"></a>
|
|
<h3 id="wq1555"><a href="rbafzmst02.htm#ToC_1114">Authorization</a></h3>
|
|
<p>The privileges held by the authorization ID of the statement must include
|
|
at least one of the following: </p>
|
|
<ul>
|
|
<li>For each function or procedure identified in the statement:
|
|
<ul>
|
|
<li>Every privilege specified in the statement</li>
|
|
<li>The system authority of *OBJMGT on the function or procedure</li>
|
|
<li>The system authority *EXECUTE on the library (or directory if this is
|
|
a Java™ routine) containing the function or procedure</li></ul></li>
|
|
<li>Administrative authority</li></ul>
|
|
<p>If WITH GRANT OPTION is specified, the privileges held by the authorization
|
|
ID of the statement must include at least one of the following: </p>
|
|
<ul>
|
|
<li>Ownership of the function or procedure</li>
|
|
<li>Administrative authority</li></ul>
|
|
<a name="wq1556"></a>
|
|
<h3 id="wq1556"><a href="rbafzmst02.htm#ToC_1115">Syntax</a></h3>
|
|
<a href="rbafzmstgntprc.htm#synsgrantf"><img src="c.gif" alt="Click to skip syntax diagram" /></a>
|
|
<p> </p>
|
|
<a name="wq1557"></a>
|
|
<div class="fignone" id="wq1557">
|
|
<pre class="cgraphic"><span><img src="c.gif" alt="Read syntax diagram" longdesc="rbafzmstsyn348.htm"
|
|
border="0" /></span><a href="#skipsyn-347"><img src="c.gif" alt="Skip visual syntax diagram"
|
|
border="0" /></a> .-PRIVILEGES-.
|
|
>>-GRANT--+-ALL--+------------+-+--ON--------------------------->
|
|
| .-,-----------. |
|
|
| V | |
|
|
'---+-ALTER---+-+-----'
|
|
'-EXECUTE-'
|
|
|
|
.-,-----------------------------------------------------------------------.
|
|
V |
|
|
>----+-+-+-FUNCTION-+--<span class="italic">function-name</span>--+------------------------------+-+---+-+-->
|
|
| | '-ROUTINE--' '-(--+--------------------+--)-' | |
|
|
| | | .-,--------------. | | |
|
|
| | | V | | | |
|
|
| | '---<span class="italic">parameter-type</span>-+-' | |
|
|
| '-SPECIFIC--+-FUNCTION-+--<span class="italic">specific-name</span>-------------------------' |
|
|
| '-ROUTINE--' |
|
|
'-+-+-PROCEDURE-+--<span class="italic">procedure-name</span>--+------------------------------+-+-'
|
|
| '-ROUTINE---' '-(--+--------------------+--)-' |
|
|
| | .-,--------------. | |
|
|
| | V | | |
|
|
| '---<span class="italic">parameter-type</span>-+-' |
|
|
'-SPECIFIC--+-PROCEDURE-+--<span class="italic">specific-name</span>--------------------------'
|
|
'-ROUTINE---'
|
|
|
|
.-,----------------------.
|
|
V |
|
|
>--TO----+-<span class="italic">authorization-name</span>-+-+--+-------------------+-------><
|
|
'-PUBLIC-------------' '-WITH GRANT OPTION-'
|
|
|
|
</pre>
|
|
<a name="skipsyn-347" id="skipsyn-347"></a></div>
|
|
<a name="wq1558"></a>
|
|
<div class="fignone" id="wq1558">
|
|
<pre class="cgraphic"><span><img src="c.gif" alt="Read syntax diagram" longdesc="rbafzmstsyn349.htm"
|
|
border="0" /></span><a href="#skipsyn-348"><img src="c.gif" alt="Skip visual syntax diagram"
|
|
border="0" /></a>parameter-type:
|
|
|
|
|----<span class="italic">data-type</span>--+------------+----------------------------------|
|
|
'-AS LOCATOR-'
|
|
|
|
</pre>
|
|
<a name="skipsyn-348" id="skipsyn-348"></a></div>
|
|
<a name="wq1559"></a>
|
|
<div class="fignone" id="wq1559">
|
|
<pre class="cgraphic"><span><img src="c.gif" alt="Read syntax diagram" longdesc="rbafzmstsyn350.htm"
|
|
border="0" /></span><a href="#skipsyn-349"><img src="c.gif" alt="Skip visual syntax diagram"
|
|
border="0" /></a>data-type:
|
|
|
|
|--+-<span class="italic">built-in-type</span>------+---------------------------------------|
|
|
'-<span class="italic">distinct-type-name</span>-'
|
|
|
|
</pre>
|
|
<a name="skipsyn-349" id="skipsyn-349"></a></div>
|
|
<a name="wq1560"></a>
|
|
<div class="fignone" id="wq1560">
|
|
<pre class="cgraphic"><span><img src="c.gif" alt="Read syntax diagram" longdesc="rbafzmstsyn351.htm"
|
|
border="0" /></span><a href="#skipsyn-350"><img src="c.gif" alt="Skip visual syntax diagram"
|
|
border="0" /></a>built-in-type:
|
|
|
|
|--+-+---SMALLINT---+----------------------------------------------------------------------------------------------+--|
|
|
| +-+-INTEGER-+--+ |
|
|
| | '-INT-----' | |
|
|
| '---BIGINT-----' |
|
|
| .-(5,0)----------------------------. |
|
|
+-+-+-DECIMAL-+-+--+----------------------------------+---------------------------------------------------------+
|
|
| | '-DEC-----' | '-(--+------------------------+--)-' |
|
|
| '-NUMERIC-----' '-<span class="italic">integer</span>--+-----------+-' |
|
|
| '-<span class="italic">, integer</span>-' |
|
|
| .-(53)----------. |
|
|
+-+-FLOAT--+---------------+-+----------------------------------------------------------------------------------+
|
|
| | '-(--<span class="italic">integer</span>--)-' | |
|
|
| +-REAL---------------------+ |
|
|
| | .-PRECISION-. | |
|
|
| '-DOUBLE--+-----------+----' |
|
|
| .-(1)---------------. |
|
|
+-+-+-+-CHARACTER-+--+-------------------+--------------+--+----------------+---------------------------------+-+
|
|
| | | '-CHAR------' '-(--+---------+--)-' | +-FOR BIT DATA---+ | |
|
|
| | | '-<span class="italic">integer</span>-' | +-FOR SBCS DATA--+ | |
|
|
| | '---+-+-CHARACTER-+--VARYING-+--(--+---------+--)---' +-FOR MIXED DATA-+ | |
|
|
| | | '-CHAR------' | '-<span class="italic">integer</span>-' '-CCSID--<span class="italic">integer</span>-' | |
|
|
| | '-VARCHAR----------------' | |
|
|
| | .-(1M)---------------------. | |
|
|
| '-----+-+-<span>CHARACTER</span>-+--<span>LARGE OBJECT</span>-+------+--------------------------+--+----------------+--+------------+-' |
|
|
| | '-<span>CHAR</span>------' | '-(--+---------+--+---+--)-' +-FOR SBCS DATA--+ '-AS LOCATOR-' |
|
|
| '-<span>CLOB</span>------------------------' '-<span class="italic">integer</span>-' +-K-+ +-FOR MIXED DATA-+ |
|
|
| +-M-+ '-CCSID--<span class="italic">integer</span>-' |
|
|
| '-G-' |
|
|
| .-(1)---------------. |
|
|
+-+-+---GRAPHIC----+-------------------+---------+--+----------------+-----------+------------------------------+
|
|
| | | '-(--+---------+--)-' | '-CCSID--<span class="italic">integer</span>-' | |
|
|
| | | '-<span class="italic">integer</span>-' | | |
|
|
| | '---+-VARGRAPHIC------+--(--+---------+--)---' | |
|
|
| | '-GRAPHIC VARYING-' '-<span class="italic">integer</span>-' | |
|
|
| | .-(1M)---------------------. | |
|
|
| '---DBCLOB----+--------------------------+--+----------------+--+------------+-' |
|
|
| '-(--+---------+--+---+--)-' '-CCSID--<span class="italic">integer</span>-' '-AS LOCATOR-' |
|
|
| '-<span class="italic">integer</span>-' +-K-+ |
|
|
| +-M-+ |
|
|
| '-G-' |
|
|
| .-(1)---------------. |
|
|
+-+-+-BINARY--+-------------------+---------+---------------------------------+---------------------------------+
|
|
| | | '-(--+---------+--)-' | | |
|
|
| | | '-<span class="italic">integer</span>-' | | |
|
|
| | '-+-BINARY VARYING-+--(--+---------+--)-' | |
|
|
| | '-VARBINARY------' '-<span class="italic">integer</span>-' | |
|
|
| | .-(1M)---------------------. | |
|
|
| '---+-BLOB----------------+----+--------------------------+--+------------+-' |
|
|
| '-BINARY LARGE OBJECT-' '-(--+---------+--+---+--)-' '-AS LOCATOR-' |
|
|
| '-<span class="italic">integer</span>-' +-K-+ |
|
|
| +-M-+ |
|
|
| '-G-' |
|
|
+-+---DATE-----------------+------------------------------------------------------------------------------------+
|
|
| | .-(--0--)-. | |
|
|
| +-TIME--+---------+------+ |
|
|
| | .-(--6--)-. | |
|
|
| '-TIMESTAMP--+---------+-' |
|
|
| .-(200)-------------. |
|
|
+---DATALINK--+-------------------+--+----------------+---------------------------------------------------------+
|
|
| '-(--+---------+--)-' '-CCSID--<span class="italic">integer</span>-' |
|
|
| '-<span class="italic">integer</span>-' |
|
|
'---ROWID-------------------------------------------------------------------------------------------------------'
|
|
|
|
</pre>
|
|
<a name="skipsyn-350" id="skipsyn-350"></a></div>
|
|
<a name="synsgrantf"></a>
|
|
<h3 id="synsgrantf"><a href="rbafzmst02.htm#ToC_1116">Description</a></h3>
|
|
<dl class="parml">
|
|
<dt class="bold">ALL <span class="base">or</span> ALL PRIVILEGES</dt><a id="idx2787" name="idx2787"></a><a id="idx2788" name="idx2788"></a>
|
|
<dd>Grants one or more privileges. The privileges granted are all those
|
|
grantable privileges that the authorization ID of the statement has on the
|
|
specified functions or procedures. Note that granting ALL PRIVILEGES on a
|
|
function or procedure is not the same as granting the system authority of
|
|
*ALL.
|
|
<p>If you do not use ALL, you must use one or more of the keywords listed
|
|
below. Each keyword grants the privilege described.</p>
|
|
</dd>
|
|
<dt class="bold">ALTER </dt><a id="idx2789" name="idx2789"></a>
|
|
<dd>Grants the privilege to use the COMMENT statement.
|
|
</dd>
|
|
<dt class="bold">EXECUTE </dt><a id="idx2790" name="idx2790"></a>
|
|
<dd>Grants the privilege to execute the function or procedure.
|
|
</dd>
|
|
<dt class="bold">FUNCTION or SPECIFIC FUNCTION</dt><a id="idx2791" name="idx2791"></a>
|
|
<dd>Identifies the function on which the privilege is granted. The function
|
|
must exist at the current server and it must be a user-defined function<span>, but not a function that was implicitly generated with the creation of a
|
|
distinct type</span>. The function can be identified by its name, function signature,
|
|
or specific name.
|
|
<dl class="parml">
|
|
<dt class="bold">FUNCTION <var class="pv">function-name</var> </dt>
|
|
<dd>Identifies the function by its name. The <span class="italic">function-name</span> must identify exactly one function. The function may have any number
|
|
of parameters defined for it. If there is more than one function of the specified
|
|
name in the specified or implicit schema, an error is returned.
|
|
</dd>
|
|
<dt class="bold">FUNCTION <var class="pv">function-name (parameter-type, ...)</var></dt>
|
|
<dd>Identifies the function by its function signature, which uniquely identifies
|
|
the function. The <span class="italic">function-name (parameter-type, ...)</span> must identify a function with the specified function signature. The
|
|
specified parameters must match the data types in the corresponding position
|
|
that were specified when the function was created. The number of data types,
|
|
and the logical concatenation of the data types is used to identify the specific
|
|
function instance on which the privilege is to be granted. Synonyms for data
|
|
types are considered a match.
|
|
<p>If <var class="pv">function-name ()</var> is specified,
|
|
the function identified must have zero parameters.</p>
|
|
<dl class="parml">
|
|
<dt class="bold"><var class="pv">function-name </var></dt>
|
|
<dd>Identifies the name of the function.
|
|
</dd>
|
|
<dt class="bold"><var class="pv">(parameter-type, ...)</var></dt>
|
|
<dd>Identifies the parameters of the function.
|
|
<p>If an unqualified distinct
|
|
type name is specified, the database manager searches the SQL path to resolve the schema
|
|
name for the distinct type.</p>
|
|
<p>For data types that have a length, precision,
|
|
or scale attribute, use one of the following:</p>
|
|
<ul>
|
|
<li>Empty parentheses indicate that the database manager ignores the attribute when determining
|
|
whether the data types match. For example, DEC() will be considered a match
|
|
for a parameter of a function defined with a data type of DEC(7,2). However,
|
|
FLOAT cannot be specified with empty parenthesis because its parameter value
|
|
indicates a specific data type (REAL or DOUBLE).</li>
|
|
<li>If a specific value for a length, precision, or scale attribute is specified,
|
|
the value must exactly match the value that was specified (implicitly or explicitly)
|
|
in the CREATE FUNCTION statement. If the data type is FLOAT, the precision
|
|
does not have to exactly match the value that was specified because matching
|
|
is based on the data type (REAL or DOUBLE).</li>
|
|
<li>If length, precision, or scale is not explicitly specified, and empty
|
|
parentheses are not specified, the default attributes of the data type are
|
|
implied. The implicit length must exactly match the value that was specified
|
|
(implicitly or explicitly) in the CREATE FUNCTION statement.</li></ul>
|
|
<p>Specifying the FOR DATA clause or CCSID clause is optional. Omission
|
|
of either clause indicates that the database manager ignores the attribute when determining
|
|
whether the data types match. If either clause is specified, it must match
|
|
the value that was implicitly or explicitly specified in the CREATE FUNCTION
|
|
statement.</p>
|
|
</dd>
|
|
<dt class="bold">AS LOCATOR</dt>
|
|
<dd>Specifies that the function is defined to receive a locator for this
|
|
parameter. If AS LOCATOR is specified, the data type must be a LOB or a distinct
|
|
type based on a LOB.
|
|
</dd>
|
|
</dl>
|
|
</dd>
|
|
<dt class="bold">SPECIFIC FUNCTION <var class="pv">specific-name</var> <a id="idx2792" name="idx2792"></a></dt><a id="idx2793" name="idx2793"></a><a id="idx2794" name="idx2794"></a>
|
|
<dd>Identifies the function by its specific name. The <span class="italic">specific-name</span> must identify a specific function that exists at the current
|
|
server.
|
|
</dd>
|
|
</dl>
|
|
</dd>
|
|
<dt class="bold">PROCEDURE or SPECIFIC PROCEDURE</dt>
|
|
<dd>Identifies the procedure on which the privilege is granted. The <span class="italic">procedure-name</span> must identify a procedure that exists at
|
|
the current server.
|
|
<dl class="parml">
|
|
<dt class="bold">PROCEDURE <var class="pv">procedure-name</var> </dt>
|
|
<dd>Identifies the procedure by its name. The <span class="italic">procedure-name</span> must identify exactly one procedure. The procedure may have any number
|
|
of parameters defined for it. If there is more than one procedure of the specified
|
|
name in the specified or implicit schema, an error is returned.
|
|
</dd>
|
|
<dt class="bold">PROCEDURE <var class="pv">procedure-name (parameter-type, ...)</var></dt>
|
|
<dd>Identifies the procedure by its procedure signature, which uniquely
|
|
identifies the procedure. The <span class="italic">procedure-name (parameter-type,
|
|
...)</span> must identify a procedure with the specified procedure signature.
|
|
The specified parameters must match the data types in the corresponding position
|
|
that were specified when the procedure was created. The number of data types,
|
|
and the logical concatenation of the data types is used to identify the specific
|
|
procedure instance which is to be granted. Synonyms for data types are considered
|
|
a match.
|
|
<p>If <var class="pv">procedure-name ()</var> is specified, the procedure identified
|
|
must have zero parameters.</p>
|
|
<dl class="parml">
|
|
<dt class="bold"><var class="pv">procedure-name </var></dt>
|
|
<dd>Identifies the name of the procedure.
|
|
</dd>
|
|
<dt class="bold"><var class="pv">(parameter-type, ...)</var></dt>
|
|
<dd>Identifies the parameters of the procedure.
|
|
<p>If an unqualified distinct
|
|
type name is specified, the database manager searches the SQL path to resolve the schema
|
|
name for the distinct type.</p>
|
|
<p>For data types that have a length, precision,
|
|
or scale attribute, use one of the following:</p>
|
|
<ul>
|
|
<li>Empty parentheses indicate that the database manager ignores the attribute when determining
|
|
whether the data types match. For example, DEC() will be considered a match
|
|
for a parameter of a procedure defined with a data type of DEC(7,2). However,
|
|
FLOAT cannot be specified with empty parenthesis because its parameter value
|
|
indicates a specific data type (REAL or DOUBLE).</li>
|
|
<li>If a specific value for a length, precision, or scale attribute is specified,
|
|
the value must exactly match the value that was specified (implicitly or explicitly)
|
|
in the CREATE PROCEDURE statement. If the data type is FLOAT, the precision
|
|
does not have to exactly match the value that was specified because matching
|
|
is based on the data type (REAL or DOUBLE).</li>
|
|
<li>If length, precision, or scale is not explicitly specified, and empty
|
|
parentheses are not specified, the default attributes of the data type are
|
|
implied. The implicit length must exactly match the value that was specified
|
|
(implicitly or explicitly) in the CREATE PROCEDURE statement.</li></ul>
|
|
<p>Specifying the FOR DATA clause or CCSID clause is optional. Omission
|
|
of either clause indicates that the database manager ignores the attribute when determining
|
|
whether the data types match. If either clause is specified, it must match
|
|
the value that was implicitly or explicitly specified in the CREATE PROCEDURE
|
|
statement.</p>
|
|
</dd>
|
|
<dt class="bold">AS LOCATOR</dt>
|
|
<dd>Specifies that the procedure is defined to receive a locator for this
|
|
parameter. If AS LOCATOR is specified, the data type must be a LOB or a distinct
|
|
type based on a LOB.
|
|
</dd>
|
|
</dl>
|
|
</dd>
|
|
<dt class="bold">SPECIFIC PROCEDURE <var class="pv">specific-name</var> </dt><a id="idx2795" name="idx2795"></a><a id="idx2796" name="idx2796"></a><a id="idx2797" name="idx2797"></a>
|
|
<dd>Identifies the procedure by its specific name. The <span class="italic">specific-name</span> must identify a specific procedure that exists at the current
|
|
server.
|
|
</dd>
|
|
</dl>
|
|
</dd>
|
|
<dt class="bold">TO</dt>
|
|
<dd>Indicates to whom the privileges are granted.
|
|
<dl class="parml">
|
|
<dt class="bold"><var class="pv">authorization-name,...</var> </dt><a id="idx2798" name="idx2798"></a>
|
|
<dd>Lists one or more authorization IDs.
|
|
</dd>
|
|
<dt class="bold">PUBLIC </dt><a id="idx2799" name="idx2799"></a>
|
|
<dd>Grants the privileges to a set of users (authorization IDs). For more
|
|
information, see <a href="rbafzmstauthown.htm#authown">Authorization, privileges and object ownership</a>.
|
|
</dd>
|
|
</dl>
|
|
</dd>
|
|
<dt class="bold">WITH GRANT OPTION </dt><a id="idx2800" name="idx2800"></a>
|
|
<dd>Allows the specified <span class="italic">authorization-names</span> to
|
|
grant privileges on the functions or procedures specified in the ON clause
|
|
to other users.
|
|
<p>If WITH GRANT OPTION is omitted, the specified <span class="italic">authorization-names</span> cannot grant privileges on the functions or procedures
|
|
specified in the ON clause to another user unless they have received that
|
|
authority from some other source (for example, from a grant of the system
|
|
authority *OBJMGT).</p>
|
|
</dd>
|
|
</dl>
|
|
<a name="wq1561"></a>
|
|
<h3 id="wq1561"><a href="rbafzmst02.htm#ToC_1117">Note</a></h3>
|
|
<p><span class="bold">Corresponding System Authorities:</span> Privileges granted
|
|
to either an SQL or external function or procedure are granted to its associated
|
|
program (*PGM) or service program (*SRVPGM) object. Privileges granted to
|
|
a Java external function or procedure are granted to the associated class
|
|
file or jar file. If the associated program, service program, class file,
|
|
or jar file is not found when the grant is executed, an error is returned.</p>
|
|
<p>GRANT and REVOKE statements assign and remove system authorities for SQL
|
|
objects. The following table describes the system authorities that correspond
|
|
to the SQL privileges:</p>
|
|
<a name="wq1562"></a>
|
|
<table id="wq1562" width="100%" summary="" border="1" frame="border" rules="all">
|
|
<caption>Table 62. Privileges Granted to or Revoked from Non-Java Functions or Procedures</caption>
|
|
<thead valign="bottom">
|
|
<tr>
|
|
<th id="wq1563" width="50%" align="left" valign="bottom">SQL Privilege</th>
|
|
<th id="wq1564" width="50%" align="left" valign="bottom">Corresponding System Authorities when
|
|
Granting to or Revoking from a Function or Procedure</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody valign="top">
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1563">ALL (Grant or revoke of ALL grants or revokes
|
|
only those privileges the authorization ID of the statement has)</td>
|
|
<td align="left" valign="top" headers="wq1564">
|
|
<div class="lines">*OBJALTER<br />
|
|
*OBJOPR<br />
|
|
*EXECUTE<br />
|
|
*OBJMGT (Revoke only)<br />
|
|
</div></td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1563">ALTER</td>
|
|
<td align="left" valign="top" headers="wq1564">*OBJALTER</td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1563">EXECUTE</td>
|
|
<td align="left" valign="top" headers="wq1564">
|
|
<div class="lines">*EXECUTE<br />
|
|
*OBJOPR<br />
|
|
</div></td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1563">WITH GRANT OPTION</td>
|
|
<td align="left" valign="top" headers="wq1564">*OBJMGT</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<a name="wq1565"></a>
|
|
<table id="wq1565" width="100%" summary="" border="1" frame="border" rules="all">
|
|
<caption>Table 63. Privileges Granted to or Revoked from Java Functions or Procedures</caption>
|
|
<thead valign="bottom">
|
|
<tr>
|
|
<th id="wq1566" width="33%" align="left" valign="bottom">SQL Privilege</th>
|
|
<th id="wq1567" width="33%" align="left" valign="bottom">Corresponding Data Authorities when Granting
|
|
to or Revoking from a Java Function or Procedure</th>
|
|
<th id="wq1568" width="33%" align="left" valign="bottom">Corresponding Object Authorities when
|
|
Granting to or Revoking from a Java Function or Procedure</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody valign="top">
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1566">ALL (Grant or revoke of ALL grants or revokes
|
|
only those privileges the authorization ID of the statement has)</td>
|
|
<td headers="wq1567">*RWX</td>
|
|
<td align="left" valign="top" headers="wq1568">
|
|
<div class="lines">*OBJEXIST<br />
|
|
*OBJALTER<br />
|
|
*OBJMGT (Revoke only)<br />
|
|
</div></td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1566">ALTER</td>
|
|
<td headers="wq1567">*R</td>
|
|
<td align="left" valign="top" headers="wq1568">*OBJALTER</td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1566">EXECUTE</td>
|
|
<td headers="wq1567">*RX</td>
|
|
<td align="left" valign="top" headers="wq1568">
|
|
<div class="lines">*EXECUTE<br />
|
|
</div></td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1566">WITH GRANT OPTION</td>
|
|
<td headers="wq1567">*RWX</td>
|
|
<td align="left" valign="top" headers="wq1568">*OBJMGT</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<a name="eqtabler"></a>
|
|
<p id="eqtabler"><span class="bold">Corresponding System Authorities When Checking Privileges to
|
|
a Function or Procedure:</span> The following table describes the system authorities
|
|
that correspond to the SQL privileges when checking privileges to a function
|
|
or procedure. The left column lists the SQL privilege. The right column lists
|
|
the equivalent system authorities.</p>
|
|
<a name="wq1569"></a>
|
|
<table id="wq1569" width="100%" summary="" border="1" frame="border" rules="all">
|
|
<caption>Table 64. Corresponding System Authorities When Checking Privileges to a Non-Java Function or Procedure</caption>
|
|
<thead valign="bottom">
|
|
<tr>
|
|
<th id="wq1570" width="50%" align="left" valign="bottom">SQL Privilege</th>
|
|
<th id="wq1571" width="50%" align="left" valign="bottom">Corresponding System Authorities</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody valign="top">
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1570">ALTER</td>
|
|
<td align="left" valign="top" headers="wq1571">*OBJALTER</td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1570">EXECUTE</td>
|
|
<td align="left" valign="top" headers="wq1571">
|
|
<div class="lines">*EXECUTE and *OBJOPR<br />
|
|
</div></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<a name="wq1572"></a>
|
|
<table id="wq1572" width="100%" summary="" border="1" frame="border" rules="all">
|
|
<caption>Table 65. Corresponding System Authorities When Checking Privileges to a Java Function or Procedure</caption>
|
|
<thead valign="bottom">
|
|
<tr>
|
|
<th id="wq1573" width="33%" align="left" valign="bottom">SQL Privilege</th>
|
|
<th id="wq1574" width="33%" align="left" valign="bottom">Corresponding Data Authorities when Checking
|
|
Privileges to a Java Function or Procedure</th>
|
|
<th id="wq1575" width="33%" align="left" valign="bottom">Corresponding Object Authorities when
|
|
Checking Privileges to a Java Function or Procedure</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody valign="top">
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1573">ALTER</td>
|
|
<td headers="wq1574">*R</td>
|
|
<td align="left" valign="top" headers="wq1575">*OBJALTER</td>
|
|
</tr>
|
|
<tr>
|
|
<td align="left" valign="top" headers="wq1573">EXECUTE</td>
|
|
<td headers="wq1574">*RX</td>
|
|
<td align="left" valign="top" headers="wq1575">
|
|
<div class="lines">*EXECUTE<br />
|
|
</div></td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<p><span class="bold">Syntax alternatives:</span> The following keywords are synonyms
|
|
supported for compatibility to prior releases. These keywords are non-standard
|
|
and should not be used:</p>
|
|
<ul>
|
|
<li>The keyword RUN can be used as a synonym for EXECUTE.</li></ul>
|
|
<a name="wq1576"></a>
|
|
<h3 id="wq1576"><a href="rbafzmst02.htm#ToC_1118">Example</a></h3>
|
|
<p>Grant the EXECUTE privilege on procedure PROCA to PUBLIC. </p>
|
|
<a name="granty"></a>
|
|
<pre id="granty" class="xmp"><span class="bold">GRANT EXECUTE</span>
|
|
<span class="bold">ON PROCEDURE</span> PROCA
|
|
<span class="bold">TO PUBLIC</span></pre><a id="idx2801" name="idx2801"></a><a id="idx2802" name="idx2802"></a>
|
|
<hr /><br />
|
|
[ <a href="#Top_Of_Page">Top of Page</a> | <a href="rbafzmstgntudtp.htm">Previous Page</a> | <a href="rbafzmstgntpp.htm">Next Page</a> | <a href="rbafzmst02.htm#wq1">Contents</a> |
|
|
<a href="rbafzmstindex.htm#index">Index</a> ]
|
|
|
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
|
</body>
|
|
</html>
|