Data Control Language (DCL)

Each relational database management system provides different levels of granularity for the GRANT and REVOKE SQL statements. To grant privileges on most database objects, the user must have SYSADM authority, DBADM authority, or CONTROL privilege on that object. Otherwise, the user must hold the same privilege WITH GRANT OPTION. Privileges can be granted only on existing objects. The REVOKE statement allows authorized users to revoke privileges previously granted to other users. The following examples grants and revokes SELECT privileges on the EMPLOYEE table to the user STEVE:

GRANT SELECT ON EMPLOYEE TO USER STEVE
REVOKE SELECT ON EMPLOYEE FROM USER STEVE

Several forms of the GRANT statement exist depending on the type of object being referenced. The types of GRANT statements include:

• Database Authorities— Grants authorities that apply to the entire database.

• Index Privileges— Grants the CONTROL privilege on indexes.

• Package Privileges— Grants privileges on an application package.

• Schema Privileges— Grants privileges on a schema.

• Table, View, or Nickname Privileges— Grants privileges on a table, view, or nickname.

• Server Privileges— Grants privilege to access and use a specified data source in pass-through mode.

• Table Space Privileges— Grants privileges on a table space.

• Sequence Privileges— Grants privileges on a sequence.

• Routine Privileges— Grants privileges on a routine (function, method, or procedure).