search cancel

RC/S Authorization Selection Privileges (and what they mean) for a Table

book

Article ID: 187258

calendar_today

Updated On:

Products

RC Compare for DB2 for z/OS Database Management for DB2 for z/OS - Administration Suite Endevor SCM Interface for DB2 for z/OS Endevor SCM Interface for Remote DB2 for z/OS RC/Extract for DB2 for z/OS RC/Migrator for DB2 for z/OS RC/Merger for DB2 for z/OS RC/Query for DB2 for z/OS RC/Secure for DB2 for z/OS RC/Update for DB2 for z/OS

Issue/Introduction

 Updating an Object within an Application Domain brings up the RC/S Authorization Selection panel. Authorization choices on this screen will vary depending on the type of object (DB, TS, T etc).  For a table 
what is the meaning of all the authorization options?

RSATHDT  20.0   -------- RC/S Authorization Selection ------- 2020/03/25 09:22
 COMMAND ===>                                                  SCROLL ===> PAGE
 
 Domain Name => APPLDM                                    DB2 ID     => D12A
 Description => TEST APPL DOMAIN                          Department => TSTDEPT
 
                                                     A    S    I     D     U    U     I     A   R    R   T
                                                     L    E   N    E     P    P     N    L   E    F   R
 NAME               CREATOR         L    L    S    L     D    C     X    T   F    C   G
 
 CUSTBILL           USER1          __   G   G_  G_  G_  __  __  __  __  __  __
 ******************************* BOTTOM OF DATA ********************************

Environment

Release : 19.0  20.0

Component : RC/Secure

Resolution

These relate to the privileges to be granted to users and mean the following:  

ALL
 Grants all table or view privileges for which you have GRANT authority.
 
SELECT
 Grants the privilege to create a view or read data from the specified table or view.

INSERT 
 Grants the privilege to insert rows into the specified table or view.

DELETE
 Grants the privilege to delete rows in the specified table or view.

UPDATE
 Grants the privilege to update rows in the specified table or view.

UPDATE COLUMN
 Grants the privilege to update only the columns named. 

INDEX
 Grants the privilege to create an index on the specified table.

ALTER 
 Grants the privilege to alter the specified table or create a trigger on the specified table.

REFERENCE
 Grants the privilege to add a referential constraint in which the specified table is a parent. 

REFERENCE COLUMN
 Grants the privilege to add or drop a referential constraint in which the specified table is a parent
 using only those columns that are specified in the column list as a parent key.

TRIGGER
 Grants the privilege to create a trigger on the specified table.


For additional detail see: DB2 12 for z/OS SQL Reference - Chapter 7 - Statements (pg 1923)

https://www.ibm.com/support/knowledgecenter/SSEPEK_12.0.0/pdf/db2z_12_sqlrefbook.pdf


PF1 Help shows the options for each privilege on a table are:
Field: Privileges

    Description: For each object type, a different set of object
                 privileges is displayed.

                  Y   Grant the authority. The grant is pending until
                     implementation is executed.

                 G   Grant the authority, with grant option. The grant
                     is pending until implementation is executed.

                 R   Revoke.  The revoke is pending until implementation
                     is executed.

                 *   An asterisk is displayed in the second part of the
                     field if the change is pending.