Update user authorization utility
You can use the updateua utility to update the database user authorizations for a user or schema on an HCL Commerce database. You can use this utility in any environment to update user authorizations to grant or revoke authorization for any database object that you own.
When you, or another user, updates the schema to add or change tables for a new feature, some users might not have authorization for the new tables. If you are an owner of the new or changed database objects, you can use this utility to grant authorization for users to access the schema changes.
Parameter values
- auths
- Required, unless you include the parameter commonAuths. Include one or more
of the following parameters to specify the type of authorization that you are granting to a user or
revoking:
- -select
- -insert
- -delete
- -update
- -alter
- -execute
- objTypes
- Required. Include one or more of the following parameters to specify the database object types
that authorization is being granted on or revoked:
- -tables
- -views
- -procedures
- -functions
- For tables, only the authorization options select, insert, delete, update, and alter can be granted.
- For views, only the option select can be granted.
- For procedures and functions, only the option execute can be granted.
- -user
- Required. Identifies the user whose authorization you are updating.
- -owner
- Required. Identifies the owner of the database base objects that authorization is being granted on or revoked.
- -ownerpass
- Required. The password of the owner for connecting to the database. If you do not include a value, you are prompted for the value when you run the utility.
- -database
- Required. Specifies the database connection specification. You can specify the database-alias, the partial jdbc URL specification, or the full jdbc URL specification.
- -commonAuths
- Optional. Indicates that all common authorization options are being granted to the user or
revoked for the specified object types. Including this parameter is the equivalent of included all
of the following parameters as auths parameters:
- -select
- -insert
- -delete
- -update
- -execute
- -all
- Optional. Indicates that all applicable authorization privileges for the user on the specified database are to be granted or revoked. When you include this parameter, you override all of the auths parameters that you include in the utility command.
- -revoke
- Optional. Indicates that you are revoking authorization privileges instead of granting authorization. By default, the utility grants authorization.
- -schema
- Optional. Specifies the database schema that includes the objects that you are granting or revoking authorization on. If you do not include this parameter, the value of the owner parameter is used as the value for the schema parameter.
- -commitCount
- Optional. Specifies the number of grant or revocation operations that the utility processes before a commit is issued. The default value is 1.
- -continueOnError
- Optional. Specifies whether the utility continues to process the granting or revoking of authorizations upon encountering errors. The default value is false.
- -fileName
- Optional. Specifies the name of the file where information about the processing of authorization grants and revocations is outputted. By default the utility uses the standard output.
- -outputOnly
- Optional. Indicates that the utility is to output the information about the authorization grants and revocations instead of processing the authorization updates. By default, the utility processes the authorization updates and outputs the information.
Example 1
Example 2
Grant authorization to user "db2inst1user" on tables, views, functions,
and procedures within the schema "wcs", which is owned by
"db2admin".
updateua.sh -database dbspec -commonAuths -tables -views -functions -procedures -owner db2admin -ownerpass password -user db2inst1user -schema wcs