Data Control Statements
Data control statements let you define security for your database. When you create a dictionary, no security is defined for it until you explicitly enable security for that dictionary. Pervasive PSQL allows you to construct data control statements to do the following:
•
Enable and disable security.
•
Create and delete users and groups.
•
Add and drop users from groups and change user passwords.
•
Grant and revoke rights.
Note:
If you have a Btrieve owner name set on a file that is a table in a secure database, the Master user of the database must use the owner name in any GRANT statement to grant privileges on the given table to any user, including the Master user.
The following sections briefly describe the SQL statements associated with each of these tasks.
Enabling and Disabling Security
You can enable or disable security for a database by issuing statements using the following statement:
Table 16
Data Control Statements—Security
SET SECURITY
Enables or disables security for the database and sets the Master password.
Creating and Deleting Users and Groups
You can create or delete users and user groups for the database by constructing SQL using the following statements:
Table 17
Data Control Statements—Groups and Users
ALTER USER
Rename a user or change a user’s password.
CREATE USER
Creates a new user with or without a password or membership in a group.
DROP USER
Delete a user.
ALTER GROUP
Adds users to a group. Drops users from a group.
CREATE GROUP
Creates a new group of users.
DROP GROUP
Deletes a group of users.
GRANT LOGIN TO
Creates users and passwords, or adds users to groups.
REVOKE LOGIN FROM
Removes a user from the dictionary.
Granting and Revoking Rights
You can assign or remove rights from users or groups by issuing statements using the following:
Table 18
Data Control Statements—Rights
GRANT (access rights)
Grants a specific type of rights to a user or a group. The rights you can grant with a GRANT (access rights) statement are All, Insert, Delete, Alter, Select, Update, and References.
GRANT CREATETAB TO
Grants the right to create tables to a user or a group.
REVOKE (access rights)
Revokes access rights from a user or a group.
REVOKE CREATETAB FROM
Revokes the right to create tables from a user or a group.