Granting permissions on tables

You can assign a set of permissions on individual tables and grant users combinations of these permissions to define their access to a table.

You can use either Sybase Central or Interactive SQL to set permissions. In Interactive SQL, you can use the GRANT statement to grant the following permissions on tables:

  • The ALTER permission allows a user to alter the structure of a table or to create triggers on a table. The REFERENCES permission allows a user to create indexes on a table and to create foreign keys. These permissions grant the authority to modify the database schema, and so will not be assigned to most users. These permissions do not apply to views.
  • The DELETE, INSERT, and UPDATE permissions grant the authority to modify the data in a table.
  • The SELECT permission grants authority to look at data in a table, but does not give permission to change it.
  • The ALL permission grants all the above permissions.
  • The REFERENCES, SELECT, and UPDATE permissions can be restricted to a set of columns in the table or view.

To grant permissions on tables or columns (Sybase Central)

  1. Connect to the database as a user with DBA authority.

  2. Click Tables.

  3. Right-click a table and then choose Properties.

  4. Click the Permissions tab and configure the permissions for the table:

    • Click Grant.
    • Double-click a user or group.
    • In the permissions table, click the fields beside the user or group to set specific permissions.
    • Select a user and click Change to set specific permissions for a columns.
    • Click OK.
    • To revoke all permissions, select a user or group and click Revoke.

  5. Click Apply.

Tips

You can also assign permissions from the User Properties or Group Properties window. To assign permissions to multiple users or groups, use the Table Properties window. To assign permissions to multiple tables, use the User Properties window.

To grant permissions on tables or columns (SQL)

  1. Connect to the database as a user with DBA authority.

  2. Execute a GRANT statement to assign the permission.

    See GRANT statement.

Example 1

All table permissions are granted in a very similar fashion. You can grant permission to M_Haneef to delete rows from the table named sample_table as follows:

  1. Connect to the database as a user with DBA authority, or as the owner of sample_table.
  2. Execute the following SQL statement: 
    GRANT DELETE
ON sample_table
TO M_Haneef;
Example 2

You can grant permission to M_Haneef to update the column_1 and column_2 columns only in the table named sample_table as follows:

  1. Connect to the database as a user with DBA authority, or as the owner of sample_table.
  2. Execute the following SQL statement: 
    GRANT UPDATE ( column_1, column_2 )
ON sample_table
TO M_Haneef;

Table permissions are limited in that they generally apply to all the data in a table, although the REFERENCES, SELECT, and UPDATE permissions can be granted to a subset of columns. You can fine-tune user permissions by creating procedures that perform actions on tables, and then granting users the permission to execute the procedure.

See also
Copyright © 2008, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.0