Clone
Cliff Gray <cliff.gray@hp.com>
committed
on 26 May 15
Column-level privileges - part 2
Support for column-level privileges will be in multiple deliveries.

This delivery add the following portio… Show more
Column-level privileges - part 2

Support for column-level privileges will be in multiple deliveries.

This delivery add the following portions:

1. DML operations (SELECT, INSERT, UPDATE) now recognize granted

  column-level privileges.

2. CREATE VIEW now recognizes granted column-level privileges.

3. Revoke of object-level privileges now revokes the corresponding

  column-level privilege.

Missing functionality:

1. Privileges can be granted to roles and revoked from roles, but

  REVOKE ROLE does not consider column-level privileges when

determining

  if an object depends on a role's granted privileges.

2. Column-level revoke does not enforce RESTRICT, i.e., privileges

  may be revoked even if there are dependent privileges.

3. ALTER TABLE DROP COLUMN does not remove associated column-level

  privileges, nor does it check for dependent objects.

Change-Id: Ieba04c77edb945dfeb1994e9949b54072289465e

Show less

default + 8 more