Each relational database management system provides different levels of granularity for the GRANT and REVOKE SQL statements. To grant privileges on most database objects, the user must have SYSADM authority, DBADM authority, or CONTROL privilege on that object. Otherwise, the user must hold the same privilege WITH GRANT OPTION. Privileges can be granted only on existing objects. The REVOKE statement allows authorized users to revoke privileges previously granted to other users. The following examples grants and revokes SELECT privileges on the EMPLOYEE table to the user STEVE:
GRANT SELECT ON EMPLOYEE TO USER STEVE REVOKE SELECT ON EMPLOYEE FROM USER STEVE
Several forms of the GRANT statement exist depending on the type of object being referenced. The types of GRANT statements include:
Database Authorities— Grants authorities that apply to the entire database.
Package Privileges— Grants privileges on an application package.
Table, View, or Nickname Privileges— Grants privileges on a table, view, or nickname.
Server Privileges— Grants privilege to access and use a specified data source in pass-through mode.
Routine Privileges— Grants privileges on a routine (function, method, or procedure).
3.144.31.39