Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to show present privileges on table in IBM DB2 Z/OS with SQL

Tags:

sql

zos

db2

db2-zos

Is there an SQL way to show the privileges present on a table or view in DB2 Z/OS? I would like to achieve something like this:

select * from sysibm.magic_table where table_name = 'users'

|TABLE_NAME|PRIVILEGE_TYPE|USER_OR_GROUP_NAME|
|     USERS|        INSERT|              ANDI|
|     USERS|        SELECT|            ADMINS|

Is that possible?

like image 298
andy Avatar asked Jun 29 '16 06:06

andy


People also ask

How do you check what privileges a user has in db2?

Privileges. On an individual object level, you can use the SYSIBMADM. PRIVILEGES view. This view pulls together all the individual authorization system views to present a single view of privileges.


1 Answers

This query tells the user / role names in the grantee column and the various assigned rigths in the ...auth columns where Y = right present, G = right present and right to grant it to others.

SELECT
    grantee,
    screator,
    stname,
    tcreator,
    ttname,
    updatecols,
    alterauth,
    deleteauth,
    indexauth,
    insertauth,
    selectauth,
    updateauth
FROM
    SYSIBM.SYSTABAUTH
WHERE
    TTNAME = 'MY_TABLE'
    AND TCREATOR = 'MY_SCHEMA' 

Sample result set:

|GRANTEE  |SCREATOR |STNAME  |TCREATOR |TTNAME  |UPDATECOLS|ALTERAUTH|DELETEAUTH|INDEXAUTH|INSERTAUTH|SELECTAUTH|UPDATEAUTH|
============================================================================================================================
|MY_SCHEMA|MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         G|         |         G|         G|         G|
|USER2    |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         Y|         |         Y|         Y|         Y|
|USER3    |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         Y|         |         Y|         Y|         Y|
|GROUP1   |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         Y|         |         Y|         Y|         Y|
|GROUP2   |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         Y|         |         Y|         Y|         Y|
|GROUP3   |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |          |         |          |         Y|          |
|GROUP4   |MY_SCHEMA|MY_TABLE|MY_SCHEMA|MY_TABLE|          |         |         Y|         |         Y|         Y|         Y|

IBM documentation of SYSIBM.SYSTABAUTH (Thanks to @mustaccio)

like image 150
andy Avatar answered Nov 14 '22 21:11

andy