Hi folks,
Who knows how to retrieve the owner of SQL objects, such as SCHEMA,
TABLE etc.? Is GRANTOR within catalog view owner?
Thanks,
Laurence 7 18308
Laurence wrote:
Hi folks,
Who knows how to retrieve the owner of SQL objects, such as SCHEMA,
TABLE etc.? Is GRANTOR within catalog view owner?
Technically, there is no such thing as an "owner". You have users that have
CONTROL privilege on objects and, thus, can modify the object, for example
drop it.
Additionally, you could have a look at the DEFINER column in the respective
catalog view. But being a definer does not imply to be the owner. It does
not even imply that the definer has any privileges to the object in
question.
--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
Thank you for the reply.
On page 227 in the book "Administra tion Guide: Implementation" stated
-"When a new database is created, PUBLIC is given IMPLICIT_SCHEMA
database authority. With this authority, any user can create a schema
by creating an object and specifying a schema name that does not
already exist. SYSIBM becomes the owner of the implicitly created
schema and PUBLIC is given the privilege to create objects in this
schema."
And in the middle of that page stated -"Any user with DBADM authority
can explicitly create any schema which does not already exist, and can
optionally specify another user as the owner of the schema."
In addition, I did the following tests:
1. Log-in as db2user1, and create table t1 (col1 int, col2 char(8)).
DB2 will create the schema named DB2USR1 implicitly. I cannot drop the
schema DB2USER1 after drop table t1, even though I granted the
CREATEIN/ALTERIN/DROPIN privileges. (SYSIBM should be an owner of
schema DB2USER1)
2. Log-in as db2user1, and create schema DB2USER1 explicitly. This
time, I can drop schema DB2USER1. (DB2USER1 should be an owner of
schema DB2USER1)
Is it because of "owner", so test 1 cannot drop schema DB2USER1? If it
is true, how can I find the right owner of schema? Because I cannot
find the owner-like column in the catalog views.
Laurence
Laurence wrote:
Thank you for the reply.
On page 227 in the book "Administra tion Guide: Implementation" stated
-"When a new database is created, PUBLIC is given IMPLICIT_SCHEMA
database authority. With this authority, any user can create a schema
by creating an object and specifying a schema name that does not
already exist. SYSIBM becomes the owner of the implicitly created
schema and PUBLIC is given the privilege to create objects in this
schema."
And in the middle of that page stated -"Any user with DBADM authority
can explicitly create any schema which does not already exist, and can
optionally specify another user as the owner of the schema."
Ok, schemas have owners. They are the exception.
In addition, I did the following tests:
1. Log-in as db2user1, and create table t1 (col1 int, col2 char(8)).
DB2 will create the schema named DB2USR1 implicitly. I cannot drop the
schema DB2USER1 after drop table t1, even though I granted the
CREATEIN/ALTERIN/DROPIN privileges. (SYSIBM should be an owner of
schema DB2USER1)
SYSIBM _is_ the owner of schema DB2USER1. So only SYSIBM (or a DBADM) can
drop this schema. http://publib.boulder.ibm.com/infoce...n/r0000945.htm
2. Log-in as db2user1, and create schema DB2USER1 explicitly. This
time, I can drop schema DB2USER1. (DB2USER1 should be an owner of
schema DB2USER1)
Is it because of "owner", so test 1 cannot drop schema DB2USER1? If it
is true, how can I find the right owner of schema? Because I cannot
find the owner-like column in the catalog views.
As usual, all such things are listed in the DB2 catalog views. So you
simply query the view:
SELECT owner
FROM syscat.schemata
WHERE schemaname = ...
--
Knut Stolze
DB2 z/OS Utilities Development
IBM Germany
Thanks for the reply.
By the way, users/groups/PUBLIC need have CREATEIN privilege on the
specific schema so that user can create SQL objects (like table) within
that specific schema. BUT, why user can drop SQL objects within the
specific schema when DROPIN privilege doesn't grant to
users/groups/PUBLIC for that specific schema?
Laurence
Thanks for the reply.
By the way, users/groups/PUBLIC need have CREATEIN privilege on the
specific schema so that user can create table within that specific
schema. BUT, why user can drop table within the specific schema when
DROPIN privilege doesn't grant to users/groups/PUBLIC for that specific
schema?
Is it because of the creator automatically have the CONTROL privilege
on that table? If it's true, when/what will need to check DROPIN
privilege for schema?
Laurence
Laurence wrote:
Thanks for the reply.
By the way, users/groups/PUBLIC need have CREATEIN privilege on the
specific schema so that user can create SQL objects (like table) within
that specific schema. BUT, why user can drop SQL objects within the
specific schema when DROPIN privilege doesn't grant to
users/groups/PUBLIC for that specific schema?
A user can have the required pivilege on the specific object without
having the privilege for all objects in the schema.
Since on CREATE the specific object doesn't yet exist the schema level
privilege is all there is.
So the design makes sense. (at least to me :-)
Cheers
Serge
--
Serge Rielau
DB2 Solutions Development
IBM Toronto Lab
If you have CREATEIN on the schema and CREATETAB on the db, you can create
an object in that schema. You are now the owner and have control of the
object which means you can drop it without having the DROPIN prvilege.
DROPIN would apply to objects that your AUTHID does not CONTROL.
HTH, Pierre.
--
Pierre Saint-Jacques
SES Consultants Inc.
514-737-4515
"Laurence" <wo**********@g mail.coma écrit dans le message de news: 11************* ********@a75g20 00...legro ups.com...
Thanks for the reply.
By the way, users/groups/PUBLIC need have CREATEIN privilege on the
specific schema so that user can create SQL objects (like table) within
that specific schema. BUT, why user can drop SQL objects within the
specific schema when DROPIN privilege doesn't grant to
users/groups/PUBLIC for that specific schema?
Laurence This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Brian |
last post by:
Hi all,
I have two objects, A, which has-a B. At the same time, B is related
enough to A, that it needs to call methods from A... I can only think
of how to do this with the following method. It seems like there must
be a better way, because I dont really like what I am doing... that
is, setting the B object's owner to A's this on construction. Does
anyone have any suggestions?
|
by: ritagoldman101 |
last post by:
Pls help - how to find Domain owner
For most people this may be an easy question...but not for me.
How can I find out who the owner of a domain is so I can write to her /
him and ask if she / he wants to sell it.
Pls let me know.
reg,
|
by: Sharon |
last post by:
I’m writing a class that need to know the type or name of the class which
created me.
It can be done if the owner will pass his this, but I would like to do it
without the owner intervention.
Assuming the owner is a regular class (not a Windows class), is it possible
???
--
Regards
Sharon G.
|
by: John Regan |
last post by:
Hello All
I am trying to find the owner of a file or folder on our network (Windows
2000 Server) using VB.Net and/or API. so I can search for Folders that don't
follow our company's specified folder structure and naming conventions and
then send a Net send message to those users telling them to rectify.
The information I want to get is when you select the file/folder and then:
Properties -> Security Tab -> Advanced Button -> Owner Tab ->...
|
by: Mike Mascari |
last post by:
While migrating to 7.4, which performs quite nicely btw, I must have
performed some sequence of the migration incorrectly. Now, when I use
pg_dump on a database for backup, I get:
pg_dump: WARNING: owner of data type "plr_environ_type" appears to be invalid
pg_dump: WARNING: owner of data type "r_typename" appears to be invalid
pg_dump: WARNING: owner of function "plr_call_handler" appears to be invalid
pg_dump: WARNING: owner of...
| |
by: ArijitChaterjee |
last post by:
I have a MS SQL Server Database which consists of several Tables, amongh some has owner as "dbo" and some has another owner like "xyz".
Is there any T-SQL that can change the owner of the tables to "dbo".
And plz clarify the fact how a owner can be determined at the time of table creation.
|
by: Teresa Masino |
last post by:
I'm probably forgetting something basic, but right now I'm stumped.
We are moving a database to a new server. bcp'd out the login
accounts and bcp'd them into the new server. Restored the database
backup and everything was working fine yesterday testing out the
application -- this is a 3rd party application, not an in-house app
and database.
Today, the application server can't start. The log file shows that it
doesn't see a table. I...
|
by: aj |
last post by:
SQL Server 2005 SP2
What is the significance of the owner of a database being sa as
opposed to some administrative (or non-administrative) local login?
Should I favor one over the other?
Can I change the owner of a database?
TIA
|
by: SimeonD |
last post by:
Hi
Is there a way I can fnd the Owner of a folder, using vb.net? I know how to
find the permissions, but I can't figure how to find the owner.
Thanks
SimeonD
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |