The only column-level access right is the UPDATE right. For example, if you want GEORGE to be able to read all of the table but to only be able to update the DESCRIPTION column, grant GEORGE the SELECT access right to the table and the UPDATE access right for the DESCRIPTION column.
Granting a table-level UPDATE access right overrides any column-level UPDATE access rights, as in the following example:
SAM is granted the UPDATE access right on only the DESCRIPTION column by the creator of the table, ED. ED also grants the table-level UPDATE access right, with grant option, to SALLY. If SALLY then grants UPDATE at the table-level to SAM, SAM now has both the table-level UPDATE access right and a column-level UPDATE access right on one column of the table. The table-level access right takes precedence, and he may update any column. However, if SALLY later revokes the table-level access right from SAM, his authorization reverts to the one-column-only status granted to him by ED.
|
Copyright © 2014 CA.
All rights reserved.
|
|