Filter
Top Products
CHAPTER 10 Managing User IDs and Permissions
355
RESOURCE authority overview
RESOURCE authority is the permission to create database objects, such as
tables, views, and stored procedures. Resource authority may be granted only
by the DBA to other users.
Ownership permissions overview
The creator of a database object becomes the owner of that object. Ownership
of a database object carries with it permissions to carry out actions on that
object. These are not assigned to users in the same way that other permissions
in this chapter are assigned.
Owners
A user who creates a new object within the database is called the owner of that
object, and automatically has permission to carry out any operation on that
object. The owner of a table may modify the structure of that table, for instance,
or may grant permissions to other database users to update the information
within the table.
The DBA has permission to modify any component within the database, and so
could delete a table created by another user, for instance. The DBA has all the
permissions regarding database objects that the owner of each object has.
The DBA is also able to create database objects for other users, and in this case
the owner of an object is not the user ID that executed the CREATE statement.
A use for this ability is discussed in “Groups without passwords”. Despite this
possibility, this chapter refers interchangeably to the owner and creator of
database objects.
Table and views permissions overview
There are several distinct permissions that may be granted to user IDs
concerning tables and views:
Permission Description
ALTER Permission to alter the structure of a table
DELETE Permission to delete rows from a table or view
INSERT Permission to insert rows into a table or view
REFERENCES Permission to create indexes on a table, and to create
unenforced foreign keys that reference a table
SELECT Permission to look at information in a table or view