A
query specifies a result table. A query is a
component of certain SQL statements. The three forms of a query are:
- subselect
- fullselect
- select-statement.
The privileges held by the authorization ID of the statement
must include at least one of the following:
- For each table or view identified in the query, one of the following:
- SELECT privilege on the table or view
- CONTROL privilege on the table or view
- DATAACCESS authority
For each global variable used as an
expression in the query, the privileges held by the authorization
ID of the statement must include one of the following:
- READ privilege on the global variable that is not defined in a
module
- EXECUTE privilege on the module of the global variable that is
defined in a module
If the query contains an SQL data change statement, the authorization
requirements of that statement also apply to the query.
Group privileges, with the exception of PUBLIC, are not
checked for queries that are contained in static SQL statements or DDL statements.
For nicknames, authorization requirements of the data
source for the object referenced by the nickname are applied when
the query is processed. The authorization ID of the statement may
be mapped to a different authorization ID at the data source.