Contents Index Example 3: User1 creates table1, user2 creates table2, and user3 creates view3 joining table1 and table2 Managing the resources connections use

ASA Database Administration Guide
  Managing User IDs and Permissions

How user permissions are assessed


Groups do introduce complexities in the permissions of individual users. Suppose user M_Haneef has SELECT and UPDATE permissions on a specific table individually, but is also a member of two groups. Suppose one of these groups has no access to the table at all, and one has only SELECT access. What are the permissions in effect for this user?

Adaptive Server Anywhere decides whether a user ID has permission to carry out a specific action in the following manner:

  1. If the user ID has DBA authority, the user ID can carry out any action in the database.

  2. Otherwise, permission depends on the permissions assigned to the individual user. If the user ID has been granted permission to carry out the action, then the action proceeds.

  3. If no individual settings have been made for that user, permission depends on the permissions of each of the groups to which the member belongs. If any of these groups has permission to carry out the action, the user ID has permission by virtue of membership in that group, and the action proceeds.

This approach minimizes problems associated with the order in which permissions are set.


Contents Index Example 3: User1 creates table1, user2 creates table2, and user3 creates view3 joining table1 and table2 Managing the resources connections use