The owner of a table uses the GRANT statement to grant access privileges to other users or roles.
GRANT SELECT ON USR02.T01 TO USR03
Table access is granted to roles that use filters.
GRANT SELECT ON USR02.T01 TO GROUP GRP01
GRANT SELECT ON T01 TO PUBLIC
GRANT INSERT ON T01 TO GROUP GRP01
GRANT UPDATE ON T01 TO USR01
When a user moves to a different role, it is not necessary to use the GRANT statement or REVOKE statement to change access privilege for a table. For example, when a user (USR01) moves from the Finance Department to General Administration, simply change the department name in the user's user information registered in Directory Server and execute the pdgrprfl command. USR01 will then use the table access privileges granted to the General Administration group and will no longer be able to use the table access privileges granted to the Finance Department group.
If table access privileges have been granted directly to the user, it is necessary to reevaluate those table access privileges (i.e., it may be necessary to revoke some table access privileges).