GRANT (Procedure)

Grants procedure privileges to users and roles.

External procedures that you create with CREATE PROCEDURE are always run with Linux dbadmin privileges. If a dbadmin or pseudosuperuser grants a non-dbadmin permission to run a procedure using GRANT (Procedure), be aware that the non-dbadmin user runs the procedure with full Linux dbadmin privileges.

Syntax

GRANT { EXECUTE | ALL [ PRIVILEGES ] }
   ON PROCEDURE [[database.]schema.]procedure( [arg-list] )[,…] 
   TO grantee[,…]
   [ WITH GRANT OPTION ]

Parameters

EXECUTE Enables grantees to run the specfied procedures.
ALL [PRIVILEGES]

Grants all procedure privileges that also belong to the grantor. Grantors cannot grant privileges that they themselves lack.

The optional keyword PRIVILEGES conforms with the SQL standard.

[database.]schema

Specifies a schema, by default public. If schema is any schema other than public, you must supply the schema name. For example:

myschema.thisDbObject

If you specify a database, it must be the current database.

procedure

The target procedure.

arg-list

A comma-delimited list of procedure arguments, where each argument is specified as follows:

[ argname ] argtype

If the procedure is defined with no arguments, supply an empty argument list.

grantee

Specifies who is granted privileges, one of the following:

WITH GRANT OPTION

Gives grantee the privilege to grant the same privileges to other users or roles, and also revoke them. For details, see Granting Privileges.

Privileges

Non-superuser, one of the following:

  • Owner
  • Privileges grantee given the option (WITH GRANT OPTION) of granting privileges to other users or roles.

Example

Grant EXECUTE privileges on the tokenize procedure to users Bob and Jules, and to the role Operator:

=> GRANT EXECUTE ON PROCEDURE tokenize(varchar) TO Bob, Jules, Operator;