forked from orientechnologies/orientdb
-
Notifications
You must be signed in to change notification settings - Fork 0
QL Grant
lvca edited this page Dec 14, 2012
·
2 revisions
The SQL Grant command change the permission of a role granting the access to one or more resources.
GRANT <permission> ON <resource> TO <role>
Where:
- permission can be:
- NONE, no permission
- CREATE, to create the indicated resource
- READ, to read the indicated resource
- UPDATE, to update the indicated resource
- DELETE, to delete the indicated resource
- ALL, all permissions
- resource, the target resource where to change the permissions
- database, as the access to the whole database
- database.class, as the access to the records contained in a class. Use
**to indicate all the classes - database.cluster, as the access to the records contained in a cluster. Use
**to indicate all the clusters - database.query, as the ability to execute query (READ is enought)
- database.command, as the ability to execute SQL commands. CREATE is for SQL INSERT, READ is for SQL SELECT, UPDATE for SQL UPDATE and DELETE is for SQL DELETE
- database.config, as the ability to access to the configuration. Valid permissions are READ and UPDATE
- database.hook.record, as the ability to set hooks
- server.admin, as the ability to access to the server resources
- role, the role name
Grant the permission to update any records in cluster Account to the role "backoffice".
GRANT update ON database.cluster.Account TO backoffice
To know more about other SQL commands look at SQL commands.