The DB2 12 for z/OS Blog Series – Part 6: Transferring Ownership of Database Objects

存储架构 2017-03-02 阅读原文

When a database object is created it is given a qualified two-part name. This applies to tables, indexes, table spaces, distinct types, functions, stored procedures, and triggers. The first part is the schema name (or the qualifier), which is either implicitly or explicitly specified. The default schema is the authorization ID of the owner of the plan or package. The second part is the name of the object.




But things can get confusing. When an object is created, an authorization ID is assigned as the owner of the object. This may, or may not, be used as the schema qualifier for the object. The object owner implicitly inherits privileges to reference, maintain and grant privileges to the object.




Changing the owner of a database object used to be a difficult process. But DB2 12 for z/OS delivers a simple method of transferring the ownership of your database objects: the TRANSFER OWNERSHIP SQL statement.




The primary purpose for this new feature is to make it easier to manage database objects that are owned by an employee who no longer works for your company. You can use TRANSFER OWNERSHIP to simply switch the ownership of the database objects to another employee. The new owner can be an authorization ID or a role. You can issue the statement interactively, or embed it in an application program.




The TRANSFER OWNERSHIP statement does not change the schema of the transferred database object.




In order to transfer ownership of a database object, you must either be the owner of the object or have SECADM authority. The basic syntax of the statement is as follows:




TRANSFER OWNERSHIP OF object-name

TO {USER authorization-name |

SESSION_USER |

ROLE role-name}

REVOKE PRIVILEGES




Be careful if a package depends on the current owner’s privileges. The dependent package will be invalidated unless the current owner is already explicitly granted those privileges from another source prior to the object ownership transfer. For example, after the ownership of a table is transferred and if a dependent package requires the SELECT privilege on that table by the current owner, the dependent package is invalidated unless the current owner has already been explicitly granted the SELECT privilege for that table before its ownership transfer.




Here is a quick example transferring the ownership of a specific index to a different user, in this case, JOHNDOE.




TRANSFER OWNERSHIP OF INDEX TR_P.XHIST02

TO USER JOHNDOE

REVOKE PRIVILEGES;

责编内容by:DB2PORTAL Blog 【阅读原文】。感谢您的支持!

您可能感兴趣的

Google is fixing an issue affecting users who pair... Pixel Duds Buds are still around, which is a shame because they're justnot v...
丧失先机 没有自研操作系统的大国之痛... 电脑和手机里,操作系统就像总经理。每次开启电源,操作系统第一个上岗,它根据用户的动作,命令各种硬件干活。软件的计算需求,经操作系统翻译,向各种硬件发出指令。 ...
Magic Leap unveils what its mixed reality operatin... just updates its developer documentation with a host of new details and imagery,...
Mesosphere adds Kubernetes support to DC/OS Mesosphere is adding support for Kubernetes as part of its flagship software. ...
os_mutex.c 定位到uCOS-II/Source/os_mutex.c,该文件是互斥型信号量的相关操作函数。互斥型信号量也就是互斥锁Mutex,是一个二值(0/1)信号量。在...