GRANTS
Returns information about privileges that are explicitly granted on database objects. Information about inherited privileges is not included.
While an ADMIN OPTION granted to users through roles is not viewable directly from this table, you can view it and a summary of privileges data with vsql meta-commands \z
and \dp
.
Column Name | Data Type | Description |
---|---|---|
GRANTEE | VARCHAR | The user being granted permission. |
GRANTEE_ID | INTEGER |
Catalog-assigned integer value that uniquely identifies the user granted permissions. |
GRANT_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the grant operation. |
GRANTOR |
VARCHAR |
The user granting the permission. |
GRANTOR_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the user who performed the grant operation. |
OBJECT_ID |
INTEGER |
Catalog-assigned integer value that uniquely identifies the object granted. |
OBJECT_NAME |
VARCHAR |
The name of the object that is being granted privileges. Note that for schema privileges, the schema name appears in the |
OBJECT_SCHEMA |
VARCHAR |
The name of the schema that is being granted privileges. |
OBJECT_TYPE |
VARCHAR |
The object type on which the grant was applied—for example, ROLE, SCHEMA, DATABASE, RESOURCEPOOL. |
PRIVILEGES_DESCRIPTION |
VARCHAR |
Lists the privileges granted on an object—for example INSERT, SELECT. An asterisk in PRIVILEGES_DESCRIPTION output shows that the privilege grant included WITH GRANT OPTION . |
Examples
The following query shows the privileges that are granted to user Rob or role R1. An asterisk (*) appended to a privilege indicates that the user can grant the privilege to other users:
=> SELECT grantor,privileges_description,object_name,object_type,grantee FROM grants WHERE grantee='Rob' OR grantee='R1'; grantor | privileges_description | object_name | object_type | grantee --------+---------------------------+-------------+--------------+--------- dbadmin | USAGE | general | RESOURCEPOOL | Rob dbadmin | USAGE, CREATE | s1 | SCHEMA | Rob dbadmin | INSERT*, SELECT*, UPDATE* | t1 | TABLE | Rob dbadmin | SELECT | t1 | TABLE | R1 dbadmin | USAGE | s1 | SCHEMA | R1 dbadmin | | R1 | ROLE | Rob (6 rows)