11.8.2 Checking the access privileges granted to an HADB user
To check which access privileges have been granted to an HADB user, search the SQL_TABLE_PRIVILEGES dictionary table.
The range of HADB users whose access privileges can be checked varies depending on the privileges granted to the HADB user who is checking. For the scope of information in dictionary tables that can be referenced by HADB users, see 2.7.7 Scope of information in dictionary tables and system tables that can be referenced by HADB users.
The following shows an example of checking the access privileges that are granted to HADB users.
- Specification example
-
An HADB user who has the DBA privilege and CONNECT privilege checks the access privileges granted to all created HADB users.
SELECT "GRANTOR","GRANTEE","TABLE_SCHEMA","TABLE_NAME", "SELECT_PRIVILEGE","INSERT_PRIVILEGE","UPDATE_PRIVILEGE", "DELETE_PRIVILEGE","TRUNCATE_PRIVILEGE", "REFERENCES_PRIVILEGE","IMPORT_TABLE_PRIVILEGE", "REBUILD_INDEX_PRIVILEGE","GET_COSTINFO_PRIVILEGE", "EXPORT_TABLE_PRIVILEGE","MERGE_CHUNK_PRIVILEGE", "CHANGE_CHUNK_COMMENT_PRIVILEGE","CHANGE_CHUNK_STATUS_PRIVILEGE", "ARCHIVE_CHUNK_PRIVILEGE","UNARCHIVE_CHUNK_PRIVILEGE" FROM "MASTER"."SQL_TABLE_PRIVILEGES"
- Explanation:
-
For example, to check whether the SELECT privilege is granted, see the information displayed in the SELECT_PRIVILEGE column.
-
If 'G' is displayed, the SELECT privilege with the grant option is granted for a schema object.
-
If 'Y' is displayed, the SELECT privilege with no grant option is granted for a schema object.
-
If 'N' is displayed, the SELECT privilege is not granted for a schema object.
The schema name and table identifier of a schema object are displayed in the TABLE_SCHEMA and TABLE_NAME columns respectively.
-
For details about dictionary table SQL_TABLE_PRIVILEGES, see B.18 Content of SQL_TABLE_PRIVILEGES.