Creating and/or Dropping Views
Article ID: 113650
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
When testing DB2 V12, the following error occurred when creating or dropping a view:
CADB2036 - A null field was passed for the resource name
A trace showed:
DSNT408I SQLCODE = -164, ERROR: xxx DOES NOT HAVE THE PRIVILEGE TO CREATE A VIEW xxxxx.
What access is needed?
CADB2036 - A null field was passed for the resource name
A trace showed:
DSNT408I SQLCODE = -164, ERROR: xxx DOES NOT HAVE THE PRIVILEGE TO CREATE A VIEW xxxxx.
What access is needed?
Environment
Release:
Component: TSSDB2
Component: TSSDB2
Resolution
Authorizing the creation of a view in CA-Top Secret/DB2 is a special process. Like DB2, CA-Top Secret/DB2 requires that the creator of the view have the SELECT authority on the base tables or views. Unlike DB2, however, CA-Top Secret/DB2 does not enforce that the qualifier of the view is one of the creator's process IDs. Instead, CA-Top Secret/DB2 checks a CA-Top Secret/DB2 special privilege called CREATE. CREATE is specified as DB2TABLE access level for the view, and is checked when a user creates or drops a view. If the PERMIT to the view does not include the CREATE access level to create or drop a view, CA-Top Secret/DB2 denies the request.
DB2DBASE with ACCESS(DBADM) is not enough. One of the following is required:
- ACCESS(CREATE,VIEW) to the DB2TABLE resource
- DB2SYS(SYSCTRL)
- DB2SYS(SYSADM)
DB2DBASE with ACCESS(DBADM) is not enough. One of the following is required:
- ACCESS(CREATE,VIEW) to the DB2TABLE resource
- DB2SYS(SYSCTRL)
- DB2SYS(SYSADM)
Feedback
Yes
No
Powered by
