ALTER PERMISSION statement

The ALTER PERMISSION statement alters a row permission that exists at the current server.

Invocation

This statement can be embedded in an application program or issued interactively. It is an executable statement that can be dynamically prepared only if DYNAMICRULES run behavior is implicitly or explicitly specified.

Authorization

The privileges held by the authorization ID of the statement must include SECADM authority.

Syntax

Read syntax diagramSkip visual syntax diagramALTER PERMISSIONpermission-name ENABLEDISABLE

Description

permission-name
This is the name of the row permission to be altered. The name must identify a row permission that already exists at the current server (SQLSTATE 42704). The name must not identify a default row permission that is created implicitly by the database manager (SQLSTATE 428H9).
ENABLE

Enables the row permission. If row level access control is not currently activated on the table, the row permission will become effective when row level access control is activated on the table. If row level access control is currently activated on the table, the row permission becomes effective immediately and all packages and dynamic cached statements that reference the table are invalidated.

ENABLE is ignored if the row permission is already defined as enabled.

DISABLE

Disables the row permission. If row level access control is not currently activated on the table, the row permission will remain ineffective when row level access control is activated on the table. If row level access control is currently activated on the table, the row permission becomes ineffective immediately and all packages and dynamic cached statements that reference the table are invalidated.

DISABLE is ignored if the row permission is already defined as disabled.

Examples

  • Example 1: Enable permission P1.
    ALTER PERMISSION P1 ENABLE
  • Example 2: Disable permission P1.
    ALTER PERMISSION P1 DISABLE