ASA Database Administration Guide
Managing User IDs and Permissions
Managing individual user IDs and permissions
You can assign a set of permissions on individual tables and grant users combinations of these permissions to define their access to a table.
You can use either Sybase Central or Interactive SQL to set permissions. In Interactive SQL, you can use the GRANT statement to grant the following permissions on tables:
The ALTER permission allows a user to alter the structure of a table or to create triggers on a table. The REFERENCES permission allows a user to create indexes on a table and to create foreign keys. These permissions grant the authority to modify the database schema, and so will not be assigned to most users. These permissions do not apply to views.
The DELETE, INSERT, and UPDATE permissions grant the authority to modify the data in a table. Of these, the UPDATE permission may be restricted to a set of columns in the table or view.
The SELECT permission grants authority to look at data in a table, but does not give permission to alter it.
ALL permission grants all the above permissions.
To grant permissions on tables or columns (Sybase Central)
Connect to the database.
Open the Tables folder for that database.
Right-click a table and choose Properties from the popup menu.
On the Permissions tab of the Table property sheet, configure the permissions for the table:
Click Grant to select users or groups to which to grant permissions.
Click the fields beside the user or group to set specific permissions. Permissions are indicated by a check mark, and grant options are indicated by a check mark with two '+' signs.
Select a user and click the Change button beside References, Select, or Update to set that type of permission on individual columns.
Select a user or group in the list and click Revoke to revoke all permissions.
TipsYou can also assign permissions from the user/group property sheet. To assign permissions to many users and groups at once, use the table's property sheet. To assign permissions to many tables at once, use the user's property sheet. |
To grant permissions on tables or columns (SQL)
Connect to the database with DBA authority or as the owner of the table.
Execute a GRANT statement to assign the permission.
For more information, see GRANT statement.
All table permissions are granted in a very similar fashion. You can grant permission to M_Haneef to delete rows from the table named sample_table as follows:
Connect to the database as a user with DBA authority, or as the owner of sample_table.
Type and execute the following SQL statement:
GRANT DELETE ON sample_table TO M_Haneef
You can grant permission to M_Haneef to update the column_1 and column_2 columns only in the table named sample_table as follows:
Connect to the database as a user with DBA authority, or as the owner of sample_table.
Type and execute the following SQL statement:
GRANT UPDATE (column_1, column_2) ON sample_table TO M_Haneef
Table permissions are limited in that they generally apply to all the data in a table, although SELECT and UPDATE permissions may be granted to a subset of columns. You can fine-tune user permissions by creating procedures that carry out actions on tables, and then granting users the permission to execute the procedure.
SQL Anywhere Studio 9.0.2
Copyright © 1989–2004 Sybase, Inc. Portions copyright © 2001–2004 iAnywhere Solutions, Inc. All rights reserved.