firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-23 00:03:02 +01:00
Code Issues
3b2489c5e0
firebird-mirror/doc/sql.extensions/README.ddl_access.txt

43 lines
1.5 KiB
Plaintext
Raw Normal View History

Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
SQL Language Extension: GRANT/REVOKE permissions on DDL operations
Implements capability to manage permissions on DDL operations.
Author:
Red Soft Corporation, roman.simakov(at)red-soft.biz
Syntax is:
Misc.
2014-07-18 03:52:24 +02:00
GRANT CREATE <OBJECT> TO [USER | ROLE] <user/role name> [WITH GRANT OPTION];
GRANT ALTER ANY <OBJECT> TO [USER | ROLE] <user/role name> [WITH GRANT OPTION];
GRANT DROP ANY <OBJECT> TO [USER | ROLE] <user/role name> [WITH GRANT OPTION];
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
Misc.
2014-07-18 03:52:24 +02:00
REVOKE [GRANT OPTION FOR] CREATE <OBJECT> FROM [USER | ROLE] <user/role name>;
REVOKE [GRANT OPTION FOR] ALTER ANY <OBJECT> FROM [USER | ROLE] <user/role name>;
REVOKE [GRANT OPTION FOR] DROP ANY <OBJECT> FROM [USER | ROLE] <user/role name>;
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
Where <OBJECT> could be:
Implemented CORE-4538: Access rights for CREATE DATABASE operator
2014-09-02 18:55:14 +02:00
TABLE, VIEW, PROCEDURE, FUNCTION, PACKAGE, GENERATOR, SEQUENCE, DOMAIN,
EXCEPTION, ROLE, CHARACTER SET, COLLATION, FILTER
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
Description:
Implemented CORE-4538: Access rights for CREATE DATABASE operator
2014-09-02 18:55:14 +02:00
Makes it possible to grant and revoke privileges on DDL operations.
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
DDL operations for managing triggers and indices re-use table privileges.
Sample:
GRANT CREATE TABLE TO Joe;
Implemented CORE-4538: Access rights for CREATE DATABASE operator
2014-09-02 18:55:14 +02:00
GRANT ALTER ANY TABLE TO Joe;
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
2014-07-08 09:35:27 +02:00
REVOKE CREATE TABLE FROM Joe;
Implemented CORE-4538: Access rights for CREATE DATABASE operator
2014-09-02 18:55:14 +02:00
For database access special form is supported:
GRANT CREATE DATABASE TO [USER | ROLE] <user/role name>;
GRANT ALTER DATABASE TO [USER | ROLE] <user/role name> [WITH GRANT OPTION];
GRANT DROP DATABASE TO [USER | ROLE] <user/role name> [WITH GRANT OPTION];
REVOKE CREATE DATABASE FROM [USER | ROLE] <user/role name>;
REVOKE [GRANT OPTION FOR] ALTER DATABASE FROM [USER | ROLE] <user/role name>;
REVOKE [GRANT OPTION FOR] DROP DATABASE FROM [USER | ROLE] <user/role name>;
Copy Permalink