Try OpenEdge Now
skip to main content
SQL Development
Data Control Language and Security : Granting privileges : GRANT statement : Database-wide privileges
Database-wide privileges
Database-wide privileges grant the user DBA, RESOURCE, AUDIT_ADMIN, AUDIT_ARCHIVE, or AUDIT_INSERT privileges. Users with DBA privileges have the ability to access, modify, or delete a database object and to grant privileges to other users. RESOURCE privileges allow a user to create database objects. Users with AUDIT_ADMIN privileges can read the data from audit tables in audit-enabled databases. Users with AUDIT_ARCHIVE privileges can read, archive, and delete audit data. Users with AUDIT_INSERT privileges can insert application audit events into audit tables. For general information about implementing auditing, see OpenEdge Getting Started: Core Business Services - Security and Auditing.
The GRANT statement syntax for granting RESOURCE or DBA privileges is:
    TO user_identifier[ , user_identifier] , ...
Identifies a username. For a tenant user, you must mention the fully qualified user name, username@domain_name, to grant access to a user.
username | username@domain_name
Note: By employing the WITH GRANT OPTION clause, you enable a user to grant the same privilege he or she has been granted to others. This clause should be used carefully due to its ability to affect database security. Example
Examples: GRANT RESOURCE statement
The following example demonstrates the use of the GRANT RESOURCE statement.
In this case, GSP is granted the privilege to issue CREATE statements, and can therefore add objects, such as tables, to the database.
The following example demonstrates how a DBA grants DELETE and SELECT privileges to the user dbuser1 associated with domuser1 of a multi-tenant table:
GRANT DELETE ON cust_view TO dbuser1@domuser1 ;
GRANT SELECT ON newcustomers TO dbuser2@domuser1 ;
The user dbuser1, dbuser2 must be associated with the domain name domuser1 in the multi-tenant table.