beautypg.com

Managing individual user ids and permissions, Group permissions overview – Sybase 12.4.2 User Manual

Page 376

background image

Managing individual user IDs and permissions

356

Group permissions overview

Setting permissions individually for each user of a database can be a time-
consuming and error-prone process. For most databases, permission
management based on groups, rather than on individual user IDs, is a much
more efficient approach.

You can assign permissions to a group in exactly the same way as to an
individual user. You can then assign membership in appropriate groups to each
new user of the database, and they gain a set of permissions by virtue of their
group membership.

Example

For example, you may create groups for different departments in a company
database (

sales

,

marketing

, and so on) and assign these groups permissions.

Each salesperson is made a member of the

sales

group, and automatically gains

access to the appropriate areas of the database.

Any user ID can be a member of several groups, and inherits all permissions
from each of the groups.

Managing individual user IDs and permissions

This section describes how to create new users and grant permissions to them.
For most databases, the bulk of permission management should be carried out
using groups, rather than by assigning permissions to individual users one at a
time. However, as groups are simply a user ID with special properties attached,
you should read and understand this section before moving on to the discussion
of managing groups.

Using ASE stored
procedures to manage
users

The procedures in this chapter let you manage users and groups using DBISQL
and Sybase Central. You can perform many of the same tasks using Adaptive
Server Enterprise-compatible stored procedures. If you have previously used
Adaptive Server Enterprise or pre-Version 12.0 Adaptive Server IQ, you may
prefer to use these stored procedures. For details, see “Adaptive Server
Enterprise system and catalog procedures”.

UPDATE

Permission to update rows in a table or view. This may
be granted on a set of columns in a table only

ALL

All the above permissions

Permission Description

See also other documents in the category Sybase Computers: