Java DB

Apache Derby

Derby Reference Manual

Derby Getting Started
Derby Reference Manual
Derby Developer's Guide
Derby Performance Tuning
Derby Server and Admin Guide
Derby Tools and Utilities
Derby Reference Manual
-SQL language reference
-Capitalization and special characters
-SQL identifiers
-Rules for SQL92 identifiers
-SQL92Identifier
-column-Name
-correlation-Name
-new-table-Name
-schemaName
-Simple-column-Name
-synonym-Name
-table-Name
-view-Name
-index-Name
-constraint-Name
-cursor-Name
-TriggerName
-
-RoleName
-Interaction with the dependency system
-ALTER TABLE
-CALL (PROCEDURE)
-CREATE statements
-DECLARE GLOBAL TEMPORARY TABLE
-DELETE
-DROP statements
-GRANT
-INSERT
-LOCK TABLE
-RENAME statements
-REVOKE
-SET statements
-SELECT
-UPDATE
-SQL clauses
-SQL expressions
-JOIN operations
-SQL queries
-Built-in functions
-Standard built-in functions
-Aggregates (set functions)
-ABS or ABSVAL function
-ACOS function
-ASIN function
-ATAN function
-ATAN2 function
-AVG function
-BIGINT function
-CASE expressions
-CAST function
-CEIL or CEILING function
-CHAR function
-COALESCE function
-Concatenation operator
-COS function
-COSH function
-COT function
-COUNT function
-COUNT(*) function
-CURRENT DATE function
-CURRENT_DATE function
-CURRENT ISOLATION function
-CURRENT_ROLE function
-CURRENT SCHEMA function
-CURRENT TIME function
-CURRENT_TIME function
-CURRENT TIMESTAMP function
-CURRENT_TIMESTAMP function
-CURRENT_USER function
-DATE function
-DAY function
-DEGREES function
-DOUBLE function
-EXP function
-FLOOR function
-HOUR function
-IDENTITY_VAL_LOCAL function
-INTEGER function
-LCASE or LOWER function
-LENGTH function
-LN or LOG function
-LOG10 function
-LOCATE function
-LTRIM function
-MAX function
-MIN function
-MINUTE function
-MOD function
-MONTH function
-NULLIF expressions
-PI function
-RADIANS function
-RANDOM function
-RAND function
-ROW_NUMBER function
-RTRIM function
-SECOND function
-SESSION_USER function
-SIGN function
-SIN function
-SINH function
-SMALLINT function
-SQRT function
-SUBSTR function
-SUM function
-TAN function
-TANH function
-TIME function
-TIMESTAMP function
-TRIM function
-UCASE or UPPER function
-USER function
-VARCHAR function
-XMLEXISTS operator
-XMLPARSE operator
-XMLQUERY operator
-XMLSERIALIZE operator
-YEAR function
-Built-in system functions
-Built-in system procedures
-SYSCS_B ACKUP_D ATABASE
-SYSCS_BAC KUP_DATAB ASE_NOWAIT
-SYSCS_BACKUP_DAT ABASE_AND_ENABLE _LOG_ARCHIVE_MODE
-SYSCS_BACKUP_DATAB ASE_AND_ENABLE_LOG ARCHIVE_MODE_NOWAIT
-SYSCS_EMP TY_STATEM ENT_CACHE
-SYSCS_CH ECKPOINT _DATABASE
-SYSCS_COMPRESS_TABLE
-SYSCS_INP LACE_COMP RESS_TABLE
-SYSCS_DISA BLE_LOG_AR CHIVE_MODE
-SYSCS_EXPORT_TABLE
-SYSCS_EXPOR T_TABLE_LOB S_TO_EXTFILE
-SYSCS_EXPORT_QUERY
-SYSCS_EXPOR T_QUERY_LOB S_TO_EXTFILE
-SYSCS_IMPORT_DATA
-SYSCS_IMPOR T_DATA_LOBS FROM_EXTFILE
-SYSCS_IMPORT_TABLE
-SYSCS_IMPORT _TABLE_LOBS_ FROM_EXTFILE
-SYSCS_F REEZE_D ATABASE
-SYSCS_U NFREEZE DATABASE
-SYSCS_REL OAD_SECUR ITY_POLICY
-SYSCS_SET _DATABASE _PROPERTY
-SYSCS_SET _RUNTIMES TATISTICS
-SYSCS_SET _STATISTI CS_TIMING
-SYSCS_S ET_XPLA N_SCHEMA
-SYSCS_S ET_XPLA IN_MODE
-SYSCS_S ET_USER _ACCESS
-SYSCS_U PDATE_S ATISTICS
-SYSCS_DIAG diagnostic tables and functions
-Data types
-Argument matching
-SQL reserved words
-Derby support for SQL-92 features
-Derby system tables
-XPLAIN style tables
-Derby exception messages and SQL states
-JDBC reference
-java.sql.Driver interface
-java. sql. DriverManager. getConnection method
-java.sql.Connection interface
-java. sql. DatabaseMetaData interface
-java.sql.Statement interface
-java. sql. CallableStatement interface
-java. sql. PreparedStatement interface
-java.sql.ResultSet interface
-java. sql. ResultSetMetaData interface
-java.sql.SQLException class
-java.sql.SQLWarning class
-java.sql.Savepoint interface
-Mapping of java. sql. Types to SQL types
-JDBC Package for Connected Device Configuration/Foundation Profile (JSR 169)
-JDBC 4.0-only features
-Setting attributes for the database connection URL
-bootPassword= key attribute
-collation= collation attribute
-create= true attribute
-createFrom= path attribute
-databaseName= nameofDatabase attribute
-dataEncryption= true attribute
-drop= true attribute
-encryptionKey= key attribute
-encryptionProvider= providerName attribute
-encryptionAlgorithm= algorithm attribute
-failover= true attribute
-logDevice= logDirectoryPath attribute
-newEncryptionKey= key attribute
-newBootPassword= newPassword attribute
-password= userPassword attribute
-restoreFrom= path attribute
-rollForwardRecoveryFrom= path attribute
-securityMechanism= value attribute
-shutdown= true attribute
-slaveHost= hostname attribute
-slavePort= portValue attribute
-startMaster= true attribute
-startSlave= true attribute
-stopMaster= true attribute
-stopSlave= true attribute
-territory= ll_CC attribute
-traceDirectory= path attribute
-traceFile= path attribute
-traceFileAppend= true attribute
-traceLevel= value attribute
-upgrade= true attribute
-user= userName attribute
-ssl= sslMode attribute
-Creating a connection without specifying attributes
-Derby property reference
-Scope of Derby properties
-Dynamic and static properties
-Derby properties
-derby. authentication. builtin. algorithm
-derby. authentication. ldap. searchAuthDN
-derby. authentication. ldap. searchAuthPW
-derby. authentication. ldap. searchBase
-derby. authentication. ldap. searchFilter
-
-
-derby. connection. requireAuthentication
-derby. database. defaultConnectionMode
-derby. database. forceDatabaseLock
-
-
-
-derby. database. readOnlyAccessUsers
-derby. database. sqlAuthorization
-derby.infolog.append
-derby. jdbc. xaTransactionTimeout
-
-derby. language. logStatementText
-
-
-derby. locks. escalationThreshold
-derby.locks.monitor
-
-derby. replication. logBufferSize
-derby. replication. maxLogShippingInterval
-derby. replication. minLogShippingInterval
-
-
-derby. storage. minimumRecordSize
-
-derby. storage. pageReservedSpace
-
-
-
-
-
-
-derby. stream. error. logSeverityLevel
-derby.system.bootAll
-
-derby.system.home
-derby.user.UserName
-J2EE Compliance: Java Transaction API and javax. sql Interfaces
-Derby API
-Supported territories
-Derby limitations

 

GRANT statement

Use the GRANT statement to give privileges to a specific user or role, or to all users, to perform actions on database objects. You can also use the GRANT statement to grant a role to a user, to PUBLIC, or to another role.

The following types of privileges can be granted:
  • Delete data from a specific table.
  • Insert data into a specific table.
  • Create a foreign key reference to the named table or to a subset of columns from a table.
  • Select data from a table, view, or a subset of columns in a table.
  • Create a trigger on a table.
  • Update data in a table or in a subset of columns in a table.
  • Run a specified function or procedure.
  • Use a sequence generator or a user-defined type.

Before you issue a GRANT statement, check that the derby.database.sqlAuthorization property is set to true. The derby.database.sqlAuthorization property enables the SQL Authorization mode.

You can grant privileges on an object if you are the owner of the object or the database owner. See the CREATE statement for the database object that you want to grant privileges on for more information.

The syntax that you use for the GRANT statement depends on whether you are granting privileges to a schema object or granting a role.

For more information on using the GRANT statement, see "Using SQL standard authorization" in the Derby Developer's Guide.

Syntax for tables

GRANT privilege-type ON [TABLE] { table-Name | view-Name } TO grantees

Syntax for routines

GRANT EXECUTE ON { FUNCTION | PROCEDURE } routine-designator TO grantees

Syntax for sequence generators

GRANT USAGE ON SEQUENCE [ schemaName. ] SQL92Identifier TO grantees

In order to use a sequence generator, you must have the USAGE privilege on it. This privilege can be granted to users and to roles. See CREATE SEQUENCE statement for more information.

The sequence name is composed of an optional schemaName and a SQL92Identifier. If a schemaName is not provided, the current schema is the default schema. If a qualified sequence name is specified, the schema name cannot begin with SYS.

Syntax for user-defined types

GRANT USAGE ON TYPE [ schemaName. ] SQL92Identifier TO grantees

In order to use a user-defined type, you must have the USAGE privilege on it. This privilege can be granted to users and to roles. See CREATE TYPE statement for more information.

The type name is composed of an optional schemaName and a SQL92Identifier. If a schemaName is not provided, the current schema is the default schema. If a qualified type name is specified, the schema name cannot begin with SYS.

Syntax for roles

GRANT roleName [ {, roleName }* ] TO grantees

Before you can grant a role to a user or to another role, you must create the role using the CREATE ROLE statement. Only the database owner can grant a role.

A role A contains another role B if role B is granted to role A, or is contained in a role C granted to role A. Privileges granted to a contained role are inherited by the containing roles. So the set of privileges identified by role A is the union of the privileges granted to role A and the privileges granted to any contained roles of role A.

privilege-types

  ALL PRIVILEGES |
  privilege-list

privilege-list

 table-privilege {, table-privilege }*

table-privilege

  DELETE |
  INSERT |
  REFERENCES [column list] |
  SELECT [column list] |
  TRIGGER |
  UPDATE [column list]

column list

  ( column-identifier {, column-identifier}* )

Use the ALL PRIVILEGES privilege type to grant all of the privileges to the user or role for the specified table. You can also grant one or more table privileges by specifying a privilege-list.

Use the DELETE privilege type to grant permission to delete rows from the specified table.

Use the INSERT privilege type to grant permission to insert rows into the specified table.

Use the REFERENCES privilege type to grant permission to create a foreign key reference to the specified table. If a column list is specified with the REFERENCES privilege, the permission is valid on only the foreign key reference to the specified columns.

Use the SELECT privilege type to grant permission to perform SELECT statements or SelectExpressions on a table or view. If a column list is specified with the SELECT privilege, the permission is valid on only those columns. If no column list is specified, then the privilege is valid on all of the columns in the table.

For queries that do not select a specific column from the tables involved in a SELECT statement or SelectExpression (for example, queries that use COUNT(*)), the user must have at least one column-level SELECT privilege or table-level SELECT privilege.

Use the TRIGGER privilege type to grant permission to create a trigger on the specified table.

Use the UPDATE privilege type to grant permission to use the UPDATE statement on the specified table. If a column list is specified, the permission applies only to the specified columns. To update a row using a statement that includes a WHERE clause, you must have the SELECT privilege on the columns in the row that you want to update.

grantees

{ AuthorizationIdentifier | roleName | PUBLIC } 
[, { AuthorizationIdentifier | roleName | PUBLIC } ] *

You can grant privileges or roles to specific users or roles or to all users. Use the keyword PUBLIC to specify all users. When PUBLIC is specified, the privileges or roles affect all current and future users. The privileges granted to PUBLIC and to individual users or roles are independent privileges. For example, a SELECT privilege on table t is granted to both PUBLIC and to the authorization ID harry. The SELECT privilege is later revoked from the authorization ID harry, but Harry can access the table t through the PUBLIC privilege.

Either the object owner or the database owner can grant privileges to a user or to a role. Only the database owner can grant a role to a user or to another role.

routine-designator

{
	function-name | procedure-name
}

Examples

To grant the SELECT privilege on table t to the authorization IDs maria and harry, use the following syntax:
GRANT SELECT ON TABLE t TO maria,harry
To grant the UPDATE and TRIGGER privileges on table t to the authorization IDs anita and zhi, use the following syntax:
GRANT UPDATE, TRIGGER ON TABLE t TO anita,zhi
To grant the SELECT privilege on table s.v to all users, use the following syntax:
GRANT SELECT ON TABLE s.v to PUBLIC

To grant the EXECUTE privilege on procedure p to the authorization ID george, use the following syntax:

GRANT EXECUTE ON PROCEDURE p TO george

To grant the role purchases_reader_role to the authorization IDs george and maria, use the following syntax:

GRANT purchases_reader_role TO george,maria

To grant the SELECT privilege on table t to the role purchases_reader_role, use the following syntax:

GRANT SELECT ON TABLE t TO purchases_reader_role

To grant the USAGE privilege on the sequence generator order_id to the role sales_role, use the following syntax:

GRANT USAGE ON SEQUENCE order_id TO sales_role;

To grant the USAGE privilege on the user-defined type price to the role finance_role, use the following syntax:

GRANT USAGE ON TYPE price TO finance_role;
 

javadb@jdbcurl.com