GRANT (Procedure)
Grants procedure privileges to users and roles.
External procedures that you create with CREATE PROCEDURE are always run with Linux dbadmin privileges. If a dbadmin or pseudosuperuser grants a non-dbadmin permission to run a procedure using GRANT (Procedure), be aware that the non-dbadmin user runs the procedure with full Linux dbadmin privileges.
Syntax
GRANT { EXECUTE | ALL [ PRIVILEGES ] } ON PROCEDURE [[database.]schema.]procedure( [arg-list] )[,…] TO grantee[,…] [ WITH GRANT OPTION ]
Parameters
EXECUTE | Enables grantees to run the specfied procedures. |
ALL [PRIVILEGES] |
Grants all procedure privileges that also belong to the grantor. Grantors cannot grant privileges that they themselves lack. The optional keyword |
[database.]schema |
Specifies a schema, by default myschema.thisDbObject If you specify a database, it must be the current database. |
procedure |
The target procedure. |
arg-list |
A comma-delimited list of procedure arguments, where each argument is specified as follows: [ argname ] argtype If the procedure is defined with no arguments, supply an empty argument list. |
grantee |
Specifies who is granted privileges, one of the following: |
WITH GRANT OPTION |
Gives grantee the privilege to grant the same privileges to other users or roles, and also revoke them. For details, see Granting Privileges. |
Privileges
Non-superuser, one of the following:
- Owner
- Privileges grantee given the option (
WITH GRANT OPTION
) of granting privileges to other users or roles.
Example
Grant EXECUTE privileges on the tokenize
procedure to users Bob
and Jules
, and to the role Operator
:
=> GRANT EXECUTE ON PROCEDURE tokenize(varchar) TO Bob, Jules, Operator;