/grant/permission

URL: http://<db.host>:<db.port>/grant/permission

Grant user or role the specified permission on the specified object.

Input Parameter Description

NameTypeDescription
principalstringName of the user or role for which the permission is being granted. Must be an existing user or role. The default value is ''.
objectstringName of object permission is being granted to. It is recommended to use a fully-qualified name when possible.
object_typestring

The type of object being granted to

Supported ValuesDescription
contextContext
credentialCredential
datasinkData Sink
datasourceData Source
directoryKIFS File Directory
graphA Graph object
procUDF Procedure
schemaSchema
sql_procSQL Procedure
systemSystem-level access
tableDatabase Table
table_monitorTable monitor
permissionstring

Permission being granted.

Supported ValuesDescription
adminFull read/write and administrative access on the object.
connectConnect access on the given data source or data sink.
createAbility to create new objects of this type.
deleteDelete rows from tables.
executeAbility to Execute the Procedure object.
insertInsert access to tables.
readAbility to read, list and use the object.
updateUpdate access to the table.
user_adminAccess to administer users and roles that do not have system_admin permission.
writeAccess to write, change and delete objects.
optionsmap of string to strings

Optional parameters. The default value is an empty map ( {} ).

Supported Parameters (keys)Parameter Description
columnsApply table security to these columns, comma-separated. The default value is ''.
filter_expressionOptional filter expression to apply to this grant. Only rows that match the filter will be affected. The default value is ''.
with_grant_option

Allow the recipient to grant the same permission (or subset) to others The default value is false. The supported values are:

  • true
  • false

Output Parameter Description

The GPUdb server embeds the endpoint response inside a standard response structure which contains status information and the actual response to the query. Here is a description of the various fields of the wrapper:

NameTypeDescription
statusString'OK' or 'ERROR'
messageStringEmpty if success or an error message
data_typeString'grant_permission_response' or 'none' in case of an error
dataStringEmpty string
data_strJSON or String

This embedded JSON represents the result of the /grant/permission endpoint:

NameTypeDescription
principalstringValue of input parameter principal.
objectstringValue of input parameter object.
object_typestringValue of input parameter object_type.
permissionstringValue of input parameter permission.
infomap of string to stringsAdditional information.

Empty string in case of an error.