GRANTS
Returns privileges on database objects and associated data, including grantee and grantor. You can also use vsql meta-commands \z
and \dp
to get a summary of privileges data.
The GRANTS
table does not maintain data on role grantors.
Column Name | Data Type | Description |
---|---|---|
GRANTEE | VARCHAR | The user being granted permission. |
GRANTEE_ID | INTEGER |
Catalog-assigned integer value that uniquely identifies the user granted permissions. |
GRANT_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the |
GRANTOR |
VARCHAR |
The user granting the permission. |
GRANTOR_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the user who performed the grant operation. |
OBJECT_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the object granted. |
OBJECT_NAME |
VARCHAR |
The name of the object that is being granted privileges. Note that for schema privileges, the schemaname appears in the |
OBJECT_SCHEMA |
VARCHAR |
The name of the schema that is being granted privileges. |
OBJECT_TYPE |
VARCHAR |
The object type on which the grant was applied—for example, ROLE, SCHEMA, DATABASE, RESOURCEPOOL. |
PRIVILEGES_DESCRIPTION |
VARCHAR |
Lists the privileges granted on an object—for example INSERT, SELECT. An asterisk in PRIVILEGES_DESCRIPTION output shows that the privilege grant included WITH GRANT OPTION . |
Examples
The following query shows the privileges that are granted to user Bob
. The asterisks on privileges for table s1.t1
indicate that the GRANT
statement on this table included WITH GRANT OPTION
. This enables user Bob
to grant these privileges to other users:
=> SELECT grantor, privileges_description, object_schema, object_type, object_name, grantee FROM grants WHERE grantee = 'Bob'; grantor | privileges_description | object_schema | object_type | object_name | grantee ---------+---------------------------+---------------+--------------+-------------+--------- dbadmin | USAGE | | RESOURCEPOOL | general | Bob dbadmin | USAGE, CREATE | | SCHEMA | s1 | Bob dbadmin | INSERT*, SELECT*, UPDATE* | s1 | TABLE | t1 | Bob (3 rows)