Managing individual user IDs and permissions
356
Group permissions overview
Setting permissions individually for each user of a database can be a time-
consuming and error-prone process. For most databases, permission
management based on groups, rather than on individual user IDs, is a much
more efficient approach.
You can assign permissions to a group in exactly the same way as to an
individual user. You can then assign membership in appropriate groups to each
new user of the database, and they gain a set of permissions by virtue of their
group membership.
Example
For example, you may create groups for different departments in a company
database (
sales, marketing, and so on) and assign these groups permissions.
Each salesperson is made a member of the
sales group, and automatically gains
access to the appropriate areas of the database.
Any user ID can be a member of several groups, and inherits all permissions
from each of the groups.
Managing individual user IDs and permissions
This section describes how to create new users and grant permissions to them.
For most databases, the bulk of permission management should be carried out
using groups, rather than by assigning permissions to individual users one at a
time. However, as groups are simply a user ID with special properties attached,
you should read and understand this section before moving on to the discussion
of managing groups.
Using ASE stored
procedures to manage
users
The procedures in this chapter let you manage users and groups using DBISQL
and Sybase Central. You can perform many of the same tasks using Adaptive
Server Enterprise-compatible stored procedures. If you have previously used
Adaptive Server Enterprise or pre-Version 12.0 Adaptive Server IQ, you may
prefer to use these stored procedures. For details, see “Adaptive Server
Enterprise system and catalog procedures”.
UPDATE Permission to update rows in a table or view. This may
be granted on a set of columns in a table only
ALL All the above permissions
Permission Description