Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 77960 invoked from network); 6 Sep 2006 06:04:02 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 6 Sep 2006 06:04:02 -0000 Received: (qmail 96826 invoked by uid 500); 6 Sep 2006 06:04:01 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 96793 invoked by uid 500); 6 Sep 2006 06:04:01 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 96784 invoked by uid 99); 6 Sep 2006 06:04:01 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Sep 2006 23:04:01 -0700 X-ASF-Spam-Status: No, hits=2.5 required=10.0 tests=DNS_FROM_RFC_ABUSE,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of msatoor@gmail.com designates 66.249.82.237 as permitted sender) Received: from [66.249.82.237] (HELO wx-out-0506.google.com) (66.249.82.237) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Sep 2006 23:04:00 -0700 Received: by wx-out-0506.google.com with SMTP id i27so2532968wxd for ; Tue, 05 Sep 2006 23:03:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=Nc7I/CgSAujOIXDSQwgrFj9zNz2vws4Oln5kdLi2XIKJVqrpMCe1ZpGsuPCpppY2cwSCR3zkKFeZH4XxqwF/0/sGsY/+x8uTGaIlpu/Rrm+ncZSfBRHgchoyaWpY1TjIQYAOir1saPSPSJXSJIbFXrSTLRbNZqYBl1UTWamActY= Received: by 10.70.34.3 with SMTP id h3mr9132345wxh; Tue, 05 Sep 2006 23:03:39 -0700 (PDT) Received: by 10.70.21.19 with HTTP; Tue, 5 Sep 2006 23:03:39 -0700 (PDT) Message-ID: Date: Tue, 5 Sep 2006 23:03:39 -0700 From: "Mamta Satoor" To: derby-dev@db.apache.org, Bernt.Johnsen@sun.com Subject: Re: Wikipage SQLvsDerbyFeatures & 10.2 grant/revoke In-Reply-To: <44FD69B6.4090308@Sun.COM> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_133386_9273874.1157522619799" References: <44FD69B6.4090308@Sun.COM> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_133386_9273874.1157522619799 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Brent, Thanks for thinking of this page from grant revoke point of view. Majority of the info suggested by you is correct with following comments. Derby does support E081-07 REFERENCES privilege at the column level T281 SELECT privilege with column granularity I have updated the page as per my knowledge for grant revoke. Some things to note 1)I left E081 Basic Privileges as No because Derby does not support all the subitems under it. So, based on the assumption that no for any of the subitems mean no for the parent item, I have left E081 Basic Privileges to No. If someone disagrees, please bring that up here. 2)Also, there are 3 Jira issues open for revoke statement (DERBY-1631, DERBY-1632 and DERBY-1782) which need to be fixed for revoke statement to be SQL compliant. I have recorded these 3 Jira entries on http://wiki.apache.org/db-derby/SQLvsDerbyFeatures by noting them against F034 Extended REVOKE statement. thanks, Mamta On 9/5/06, Bernt M. Johnsen wrote: > > I'm going to update the > http://wiki.apache.org/db-derby/SQLvsDerbyFeatures (anyone is free to > do so.... ;-) > > Question: Is my interpretation of what has been implemented correct? > > E081 Basic Privileges > E081-01 SELECT privilege at the table level Yes > E081-02 DELETE privilege Yes > E081-03 INSERT privilege at the table level Yes > E081-04 UPDATE privilege at the table level Yes > E081-05 UPDATE privilege at the column level Yes > E081-06 REFERENCES privilege at the table level Yes > E081-07 REFERENCES privilege at the column level No > E081-08 WITH GRANT OPTION No > E081-09 USAGE privilege No > E081-10 EXECUTE privilege Yes > > F031-19 REVOKE statement: RESTRICT clause Yes > > F311-05 GRANT statement Yes > > F034 Extended REVOKE statement No > F034-01 REVOKE statement performed by other than the owner of a schema > object No > F034-02 REVOKE statement: GRANT OPTION FOR clause > F034-03 REVOKE statement to revoke a privilege that the grantee has > WITH GRANT OPTION No > > F231 Privilege tables > F231-01 TABLE_PRIVILEGES view No > F231-02 COLUMN_PRIVILEGES view No > F231-03 USAGE_PRIVILEGES view No > > F731 INSERT column privileges No > > T211-07 TRIGGER privilege Yes > > T281 SELECT privilege with column granularity No > > > -- > Bernt Marius Johnsen, Database Technology Group, > Staff Engineer, Technical Lead Derby/Java DB > Sun Microsystems, Trondheim, Norway > > > > ------=_Part_133386_9273874.1157522619799 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline
Brent,
 
Thanks for thinking of this page from grant revoke point of view. Majority of the info suggested by you is correct with following comments.
Derby does support
E081-07 REFERENCES privilege at the column level
T281 SELECT privilege with column granularity  
 
I have updated the page as per my knowledge for grant revoke.
 
Some things to note
1)I left E081 Basic Privileges as No because Derby does not support all the subitems under it. So, based on the assumption that no for any of the subitems mean no for the parent item, I have left E081 Basic Privileges to No. If someone disagrees, please bring that up here.
 
2)Also, there are 3 Jira issues open for revoke statement (DERBY-1631, DERBY-1632 and DERBY-1782) which need to be fixed for revoke statement to be SQL compliant. I have recorded these 3 Jira entries on  http://wiki.apache.org/db-derby/SQLvsDerbyFeatures by noting them against F034 Extended REVOKE statement.
 
thanks,
Mamta

 
On 9/5/06, Bernt M. Johnsen <Bernt.Johnsen@sun.com> wrote:
I'm going to update the
http://wiki.apache.org/db-derby/SQLvsDerbyFeatures (anyone is free to
do so.... ;-)

Question: Is my interpretation of what has been implemented correct?

E081 Basic Privileges
E081-01 SELECT privilege at the table level     Yes
E081-02 DELETE privilege                        Yes
E081-03 INSERT privilege at the table level     Yes
E081-04 UPDATE privilege at the table level     Yes
E081-05 UPDATE privilege at the column level    Yes
E081-06 REFERENCES privilege at the table level Yes
E081-07 REFERENCES privilege at the column level No
E081-08 WITH GRANT OPTION                       No
E081-09 USAGE privilege                         No
E081-10 EXECUTE privilege                       Yes

F031-19 REVOKE statement: RESTRICT clause       Yes

F311-05 GRANT statement                         Yes

F034 Extended REVOKE statement                  No
F034-01 REVOKE statement performed by other than the owner of a schema
object                                          No
F034-02 REVOKE statement: GRANT OPTION FOR clause
F034-03 REVOKE statement to revoke a privilege that the grantee has
WITH GRANT OPTION                               No

F231 Privilege tables
F231-01 TABLE_PRIVILEGES view                   No
F231-02 COLUMN_PRIVILEGES view                  No
F231-03 USAGE_PRIVILEGES view                   No

F731 INSERT column privileges                   No

T211-07 TRIGGER privilege                       Yes

T281 SELECT privilege with column granularity   No


--
Bernt Marius Johnsen, Database Technology Group,
Staff Engineer, Technical Lead Derby/Java DB
Sun Microsystems, Trondheim, Norway




------=_Part_133386_9273874.1157522619799--