GRANTS

Returns information about privileges that are explicitly granted on database objects. Information about inherited privileges is not included.

While an ADMIN OPTION granted to users through roles is not viewable directly from this table, you can view it and a summary of privileges data with vsql meta-commands \z and \dp.

Column Name Data Type Description
GRANTEE VARCHAR The user being granted permission.
GRANTEE_ID INTEGER

Catalog-assigned integer value that uniquely identifies the user granted permissions.

GRANT_ID

INTEGER

Catalog-assigned integer value that uniquely identifies the grant operation.
GRANTOR

VARCHAR

The user granting the permission.

GRANTOR_ID

INTEGER

Catalog-assigned integer value that uniquely identifies the user who performed the grant operation.

OBJECT_ID

INTEGER

Catalog-assigned integer value that uniquely identifies the object granted.

OBJECT_NAME

VARCHAR

The name of the object that is being granted privileges. Note that for schema privileges, the schema name appears in the OBJECT_NAME column instead of the OBJECT_SCHEMA column.

OBJECT_SCHEMA

VARCHAR

The name of the schema that is being granted privileges.

OBJECT_TYPE

VARCHAR

The object type on which the grant was applied—for example, ROLE, SCHEMA, DATABASE, RESOURCEPOOL.

PRIVILEGES_DESCRIPTION

VARCHAR

Lists the privileges granted on an object—for example INSERT, SELECT. An asterisk in PRIVILEGES_DESCRIPTION output shows that the privilege grant included WITH GRANT OPTION.

Examples

The following query shows the privileges that are granted to user Rob or role R1. An asterisk (*) appended to a privilege indicates that the user can grant the privilege to other users:

=> SELECT grantor,privileges_description,object_name,object_type,grantee FROM grants WHERE grantee='Rob' OR grantee='R1';
 grantor |  privileges_description   | object_name | object_type  | grantee 
 --------+---------------------------+-------------+--------------+---------
 dbadmin | USAGE                     | general     | RESOURCEPOOL | Rob
 dbadmin | USAGE, CREATE             | s1          | SCHEMA       | Rob
 dbadmin | INSERT*, SELECT*, UPDATE* | t1          | TABLE        | Rob
 dbadmin | SELECT                    | t1          | TABLE        | R1
 dbadmin | USAGE                     | s1          | SCHEMA       | R1
 dbadmin |                           | R1          | ROLE         | Rob
 (6 rows)