Example
An “Accounts Payable” group was established and Read-Design and
Read-Data permissions are granted to all members of this group.
An “Accounts
Payable” group was established and Read-Design and Read-Data
permissions are granted to all members of this group.
Since the AP
Check Issuer is a member of the Accounts Payable, Read-Data
permission for this user is the only permission we wish to grant, since
we don’t want the person writing checks to amend amounts or pay-to-the-bearer
names.
The
AP Manager, may need to adjust account information, so this user
is assigned update permissions, however, they may not alter the design
of the table.
When
the Scriptoria Security Wizard “Grant Privileges” button is pressed, GRANT
SELECT statements for each selected table would be issued for the
Accounts Payable group. In addition, the AP Manager user
is granted DB2 UPDATE, DELETE and INSERT privileges.
Notes:
1)
When Access Administer or Modify Design permission
is set, DB2 CONTROL privilege is granted.
2) Scriptoria
generates GRANT
privileges for DB2 views (that have been converted from Access queries)
as it does for DB2 tables. That is SELECT, UPDATE, INSERT, DELETE privileges
are granted as defined by Access security. However, for converted DB2
procedures, EXECUTE privilege for the DB2 package
corresponding to the procedure.