Inserting Values into Protected Tables
In a database that uses label-based access control (LBAC), the INTO clause of the INSERT statement can reference a table that is protected by a security policy if the user holds sufficient credentials for the security policy of the label that protects the table, as well as holding the Insert privilege on the table.
- name of the security label
- name of the IDSSECURITYLABEL column in the table.
- names of the security policy components in the label and the values of their elements
INSERT INTO tab002 VALUES (SECLABEL_BY_NAME('Megacorp', 'Decca'), 45, 'A.C.Debussy');Whether this INSERT operation succeeds depends on whether the security credentials of the user are sufficient, relative to the component values of the Decca label, to enable write access to the tab002 table.
For additional examples of INSERT statements that access protected tables by calling SECLABEL_BY_NAME or similar built-in functions, see Security Label Support Functions. For general information about LBAC security policies, security labels, read and write access rules, and exemptions from those rules, see your HCL OneDB™ Security Guide.