Update user authorization utility

You can use the updateua utility to update the database user authorizations for a user or schema on an HCL Commerce database. You can use this utility in any environment to update user authorizations to grant or revoke authorization for any database object that you own.

When you, or another user, updates the schema to add or change tables for a new feature, some users might not have authorization for the new tables. If you are an owner of the new or changed database objects, you can use this utility to grant authorization for users to access the schema changes.



Parameter values

auths
Required, unless you include the parameter commonAuths. Include one or more of the following parameters to specify the type of authorization that you are granting to a user or revoking:
  • -select
  • -insert
  • -delete
  • -update
  • -alter
  • -execute
If you want to grant or revoke all common authorization privileges, use the commonAuths parameter instead.
objTypes
Required. Include one or more of the following parameters to specify the database object types that authorization is being granted on or revoked:
  • -tables
  • -views
  • -procedures
  • -functions
For specific object types, only certain authorization options can be granted.
  • For tables, only the authorization options select, insert, delete, update, and alter can be granted.
  • For views, only the option select can be granted.
  • For procedures and functions, only the option execute can be granted.
-user
Required. Identifies the user whose authorization you are updating.
-owner
Required. Identifies the owner of the database base objects that authorization is being granted on or revoked.
-ownerpass
Required. The password of the owner for connecting to the database. If you do not include a value, you are prompted for the value when you run the utility.
-database
Required. Specifies the database connection specification. You can specify the database-alias, the partial jdbc URL specification, or the full jdbc URL specification.
-commonAuths
Optional. Indicates that all common authorization options are being granted to the user or revoked for the specified object types. Including this parameter is the equivalent of included all of the following parameters as auths parameters:
  • -select
  • -insert
  • -delete
  • -update
  • -execute
If you include this parameter, you do not need to include the options as auths parameters. If you want to grant or revoke only specific authorizations, use one or more of the auths parameters instead.
-all
Optional. Indicates that all applicable authorization privileges for the user on the specified database are to be granted or revoked. When you include this parameter, you override all of the auths parameters that you include in the utility command.
-revoke
Optional. Indicates that you are revoking authorization privileges instead of granting authorization. By default, the utility grants authorization.
-schema
Optional. Specifies the database schema that includes the objects that you are granting or revoking authorization on. If you do not include this parameter, the value of the owner parameter is used as the value for the schema parameter.
-commitCount
Optional. Specifies the number of grant or revocation operations that the utility processes before a commit is issued. The default value is 1.
-continueOnError
Optional. Specifies whether the utility continues to process the granting or revoking of authorizations upon encountering errors. The default value is false.
-fileName
Optional. Specifies the name of the file where information about the processing of authorization grants and revocations is outputted. By default the utility uses the standard output.
-outputOnly
Optional. Indicates that the utility is to output the information about the authorization grants and revocations instead of processing the authorization updates. By default, the utility processes the authorization updates and outputs the information.

Example 1

Runtime environment
Grant authorization to user "db2inst1user" on tables, views, functions, and procedures within the schema "db2admin", which is owned by "db2admin".
updateua.sh -database dbspec -commonAuths -tables -views -functions -procedures -owner db2admin -ownerpass password -user db2inst1user

Example 2

Runtime environment
Grant authorization to user "db2inst1user" on tables, views, functions, and procedures within the schema "wcs", which is owned by "db2admin".
updateua.sh -database dbspec -commonAuths -tables -views -functions -procedures -owner db2admin -ownerpass password -user db2inst1user -schema wcs