Skip to main content

Security.SQLPrivileges

persistent class Security.SQLPrivileges extends %Library.Persistent, %XML.Adaptor, %SYSTEM.Help

SQL Table Name: Security.SQLPrivileges

Define the SQL Privilege mapping in the ^SYS global Mapping was added for SQL Privileges to take advantage of XML export

Property Inventory

Method Inventory

Properties

property Grantable as %TinyInt (VALUELIST = ",0,1") [ Required ];
Grantable - 1/0, can this privilege be granted by the user
Property methods: GrantableDisplayToLogical(), GrantableGet(), GrantableIsValid(), GrantableLogicalToDisplay(), GrantableNormalize(), GrantableSet(), GrantableXSDToLogical()
property Grantee as %String (MAXLEN = 64, MINLEN = 1) [ Required ];
Grantee - user/role the privilege was granted to
Property methods: GranteeDisplayToLogical(), GranteeGet(), GranteeIsValid(), GranteeLogicalToDisplay(), GranteeLogicalToOdbc(), GranteeNormalize(), GranteeSet()
property Grantor as %String (MAXLEN = 64, MINLEN = 1) [ Required ];
Grantor - user/role that granted the privilege
Property methods: GrantorDisplayToLogical(), GrantorGet(), GrantorIsValid(), GrantorLogicalToDisplay(), GrantorLogicalToOdbc(), GrantorNormalize(), GrantorSet()
property Namespace as %String (MAXLEN = 256) [ Required ];
Namespace the privilege is defined in
Property methods: NamespaceDisplayToLogical(), NamespaceGet(), NamespaceIsValid(), NamespaceLogicalToDisplay(), NamespaceLogicalToOdbc(), NamespaceNormalize(), NamespaceSet()
property Privilege as %String (DISPLAYLIST = ",%ALTER,INSERT,UPDATE,DELETE,SELECT,REFERENCES,EXECUTE,USE", MAXLEN = 1, VALUELIST = ",a,i,u,d,s,r,e,l") [ Required ];
Privilege assigned to the user/role
Property methods: PrivilegeDisplayToLogical(), PrivilegeGet(), PrivilegeIsValid(), PrivilegeLogicalToDisplay(), PrivilegeLogicalToOdbc(), PrivilegeNormalize(), PrivilegeSet()
property SQLObject as %String (MAXLEN = 256) [ Required ];
ObjectType,ObjectName e.g. "1,Sample.Person" or "3,Sample.PersonView"
Property methods: SQLObjectDisplayToLogical(), SQLObjectGet(), SQLObjectIsValid(), SQLObjectLogicalToDisplay(), SQLObjectLogicalToOdbc(), SQLObjectNormalize(), SQLObjectSet()
property SQLPrivString as %String (MAXLEN = 500, XMLPROJECTION = "NONE") [ Calculated ];
SQL Privilege resource string
Property methods: SQLPrivStringCompute(), SQLPrivStringDisplayToLogical(), SQLPrivStringGet(), SQLPrivStringIsValid(), SQLPrivStringLogicalToDisplay(), SQLPrivStringLogicalToOdbc(), SQLPrivStringNormalize(), SQLPrivStringSQLCompute()

Methods

classmethod Export(FileName As %String = "SQLPrivilegesExport.xml", ByRef NumExported As %Integer = 0) as %Status
This method exports SQL Object Privilege records to a file in xml format.
Parameters:
Filename - Output file name
NumExported (byref) - Returns number of records exported.
classmethod Import(FileName As %String, ByRef NumImported As %Integer, Flags As %Integer = 0) as %Status
Import SQLPrivilege records from an xml file.
Parameters:
FileName - Filename to import Role records from
NumImported (byref) - Returns number of records imported
Flags - Control import
Bit 0 - Do not import records, just return count
Note: On failure, no records will be imported

Queries

query DirectPrivileges(UserRole As %String)
SQL Query:
SELECT Namespace,SQLObject,Privilege,Grantee,Grantor,Grantable FROM SQLPrivileges WHERE (Grantee = :UserRole)
Given a User or Role name, return the ID information for the privileges that have been directly granted to the user or role
query List()
SQL Query:
SELECT Namespace,SQLObject,Privilege,Grantee,Grantor,Grantable FROM SQLPrivileges
Return the ID information for all SQL Object Privileges

Indexes

index (IDKey on Namespace,SQLObject,Privilege,Grantee,Grantor) [IdKey, Type = key];
Index methods: IDKeyCheck(), IDKeyDelete(), IDKeyExists(), IDKeyOpen(), IDKeySQLCheckUnique(), IDKeySQLExists(), IDKeySQLFindPKeyByConstraint(), IDKeySQLFindRowIDByConstraint()

Inherited Members

Inherited Methods

Storage

Storage Model: SQLStorage

Maps: 3

  • Map number 1 is named GrantableIndex

    thismap.Global: ^*

  • Map number 2 is named Master

    thismap.Global: ^*

  • ^*($e(("^|""^^"_$zu(12)_"""|SYS"),2,*),"Security","SQL","priv",{Namespace},{Grantable},{SQLObject},{Privilege},{Grantee},{Grantor})
    =
    Node Delimiter Piece Name
    Grantable
  • Map number 3 is named mIndex

    thismap.Global: ^*

  • ^*($e(("^|""^^"_$zu(12)_"""|SYS"),2,*),"Security","SQL","priv",{Namespace},0,{SQLObject},{Privilege},{Grantee},{Grantor})
    =
    Node Delimiter Piece Name
    Grantable
    ^*($e(("^|""^^"_$zu(12)_"""|SYS"),2,*),"Security","SQL","priv",{Namespace},"m",{Grantee},{SQLObject}_"||"_{Privilege}_"||"_{Grantee}_"||"_{Grantor})
    =
FeedbackOpens in a new tab