GRANTS
Returns information about privileges that are explicitly granted on database objects.
Returns information about privileges that are explicitly granted on database objects. Information about inherited privileges is not included.
Note
While an ADMIN OPTION granted to users through roles is not viewable directly from this table, you can view it and a summary of privileges data with vsql meta-commands\z and
\dp.
| Column Name | Data Type | Description |
|---|---|---|
| GRANTEE | VARCHAR | The user being granted permission. |
| GRANTEE_ID | INTEGER | Catalog-assigned integer value that uniquely identifies theuser granted permissions. |
| GRANT_ID | INTEGER | Catalog-assigned integer value that uniquely identifies thegrant operation. |
| GRANTOR | VARCHAR | The user granting the permission. |
| GRANTOR_ID | INTEGER | Catalog-assigned integer value that uniquely identifies theuser who performed the grant operation. |
| OBJECT_ID | INTEGER | Catalog-assigned integer value that uniquely identifies theobject granted. |
| OBJECT_NAME | VARCHAR |
The name of the object that is being granted privileges. Note that for schema privileges, the schema name appears in the OBJECT_NAME column instead of the OBJECT_SCHEMA column. |
| OBJECT_NAMESPACE | VARCHAR | For Eon Mode databases, namespace of the object that is being granted privileges. |
| OBJECT_SCHEMA | VARCHAR |
Schema of the object that is being granted privileges. If the schema belongs to a non-default namespace in an Eon Mode database, the schema name is front-qualified with the name of the schema's namespace. For example, |
| OBJECT_TYPE | VARCHAR | The object type on which the grant was applied—for example, ROLE, SCHEMA, DATABASE, RESOURCEPOOL. |
| PRIVILEGES_DESCRIPTION | VARCHAR |
Lists the privileges granted on an object—for example INSERT, SELECT. An asterisk in PRIVILEGES_DESCRIPTION output shows that the privilege grant included WITH GRANT OPTION. |
Examples
The following query shows the privileges that are granted to user Rob or role R1. An asterisk (*) appended to a privilege indicates that the user can grant the privilege to other users:
=> SELECT grantor,privileges_description,object_name,object_type,grantee FROM grants WHERE grantee='Rob' OR grantee='R1';
grantor | privileges_description | object_name | object_type | grantee
--------+---------------------------+-------------+--------------+---------
dbadmin | USAGE | general | RESOURCEPOOL | Rob
dbadmin | USAGE, CREATE | s1 | SCHEMA | Rob
dbadmin | INSERT*, SELECT*, UPDATE* | t1 | TABLE | Rob
dbadmin | SELECT | t1 | TABLE | R1
dbadmin | USAGE | s1 | SCHEMA | R1
dbadmin | | R1 | ROLE | Rob
(6 rows)