我可以访问不同数据库中的一些模式,作为一些迁移工作的一部分,我正在比较 2 个模式。我Syscat用来比较 2 模式。但是在其中一个模式中,我收到一条错误消息
“用户没有选择权限”
我想知道,我怎样才能看到在特定模式中设置了哪些和所有访问权限(基本上所有有权访问的用户和 gievn 模式的访问类型)。数据库是 db2。请注意,我没有使用模式爬虫等任何工具。相反,我正在编写一个 JDBC 应用程序,它使用Syscat来查询详细信息,例如select * from syscat.tables where tabSchema = <schemaName>
就获得批准、证明等而言,使用工具等是一个漫长的过程(我个人认为 JDBC 程序应该很好地从分析开始)。
在 DB2 中,授予模式的特权不会授予您对属于该模式的对象的任何特权(除非您自己创建了这些对象)。您必须被授予明确的对象权限或某些数据库级别的权限,例如 DATAACCESS。
实际的 DB2 错误消息应该包含生成错误的对象的名称。尝试打印 SQLException 对象的字符串表示。
A schema is a logical group of objects. These objects can be views, tables, indexes, sequences, functions, sotred procedures, etc. Each of these objects has a different set of privileges: table has select, insert, delete and others; stored procedure has the execution and others; etc. It means that every single object has different types of privileges, and you cannot get "all privilegesfor a given schema", you have to give the type of object.
For example, in order to get the privileges on tables for a given schema, you can execute
db2 "
select substr(GRANTEE,1,16),GRANTEETYPE,substr(tabschema || '.' || tabname,1,64),
CONTROLAUTH, ALTERAUTH, DELETEAUTH, INDEXAUTH, INSERTAUTH, REFAUTH, SELECTAUTH, UPDATEAUTH
from syscat.TABAUTH
where tabschema like 'MYSCHEMA%'"
Each kind of object that a table in syscat schema that contains the privileges for that kind of object. You just have to query the table.
In a similar way, you can create the appropiated sentences in order to grant or revoke privileges on an object
select 'grant select on ' || trim(tabschema) || '.' || trim(tabname) ' to user johndoe'
from syscat.tables
where tabschema like 'MYSCHE%'
Finally, there are not only privileges (grants) on db2, there are also database level authorities, and some of them have privileges on all objects.