Control user access to database objects, there are two types of permissions: Command permissions and Object permissions.
1. Command permissions
Create Database
Create Table
Create View
Create Procedure
Create rule
Create Default
Authorization and receipt of command rights:
Grant command permissions combination to Group name | user name | role
Revoke command rights combination from Group name | user name | role
2. Object permissions
Select
Update
Insert
Delete
Reference
Execute
Object permission authorization and collection right:
Grant object permissions combination on database object to public| Group name | user name | role
[With Grant Option]
Revoke object permissions combination on database object to public| Group name | user name | role
From public public| Group name | user name | role
[Cascade]
Examples of authorization and receipt:
◇grant Insert,delete on Employee
To User_1,group_1
◇grant Execute on Pro_culculate
to public
◇grant Select on Employee (emp_id,emp_name)
To User_3
◇grant all on Employee
To User_4
◇revoke Update on Employee (emp_id,emp_name)
From User_5
◇revoke Create table,create Rule
From User_6