SYSTABAUTH catalog table
The SYSTABAUTH table records the privileges that users hold on tables and views. The schema is SYSIBM.
| Column name | Data type | Description | Use |
|---|---|---|---|
| GRANTOR | VARCHAR(128)
NOT NULL |
Authorization ID or role of the user who granted the privileges. Could also be PUBLIC. | G |
| GRANTEE | VARCHAR(128)
NOT NULL |
Authorization ID or role of the user who holds the privileges or the name of an application plan or package that uses the privileges. PUBLIC for a grant to PUBLIC. | G |
| GRANTEETYPE | CHAR(1)
NOT NULL |
Type of grantee:
|
G |
| DBNAME | VARCHAR(24)
NOT NULL |
If the privileges were received from a user with DBADM, DBCTRL, or DBMAINT authority, DBNAME is the name of the database on which the GRANTOR has that authority. Otherwise, DBNAME is blank. | G |
| SCREATOR | VARCHAR(128)
NOT NULL |
If the SYSIBM.SYSTABAUTH row was created as the result of a CREATE VIEW statement or CREATE TABLE statement for a materialized query table, SCREATOR is the schema of the table or view referenced in the fullselect of the CREATE VIEW or CREATE TABLE statement. Otherwise, SCREATOR is the same as TCREATOR.  |
G |
| STNAME | VARCHAR(128)
NOT NULL |
If the SYSIBM.SYSTABAUTH row was created as the result of a CREATE VIEW statement or CREATE TABLE statement for a materialized query table, STNAME is the name of the table or view referenced in the fullselect of the CREATE VIEW or CREATE TABLE statement. Otherwise, STNAME is the same as TTNAME. |
G |
| TCREATOR | VARCHAR(128)
NOT NULL |
The schema of the table or view. | G |
| TTNAME | VARCHAR(128)
NOT NULL |
Name of the table or view. | G |
| AUTHHOWGOT | CHAR(1)
NOT NULL WITH DEFAULT |
Authorization level of the user from whom the privileges
were received. This authorization level is not necessarily the highest
authorization level of the grantor.
|
G |
| — | CHAR(12)
NOT NULL |
Internal use only. | I |
| DATEGRANTED | CHAR(6)
NOT NULL |
Not used. | N |
| TIMEGRANTED | CHAR(8)
NOT NULL |
Not used. | N |
| UPDATECOLS | CHAR(1)
NOT NULL |
The value of this column is blank if the value of UPDATEAUTH applies uniformly to all columns of the table or view. The value is an asterisk (*) if the value of UPDATEAUTH applies to some columns but not to others. In this case, rows will exist in SYSIBM.SYSCOLAUTH with matching timestamps and PRIVILEGE = blank. These rows list the columns on which update privileges have been granted. | G |
| ALTERAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can alter the table:
|
G |
| DELETEAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can delete rows from the table
or view:
|
G |
| INDEXAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can create indexes on the table:
|
G |
| INSERTAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can insert rows into the table
or view:
|
G |
| SELECTAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can select rows from the table
or view:
|
G |
| UPDATEAUTH | CHAR(1)
NOT NULL |
Whether the GRANTEE can update rows of the table
or view:
|
G |
| IBMREQD | CHAR(1)
NOT NULL |
A value of Y indicates that the row was provided with the Db2 product code. For all other values, see Release dependency indicators. The value in this field is not a reliable indicator of release dependencies. |
G |
| GRANTEELOCATION | VARCHAR(128)
NOT NULL WITH DEFAULT |
Not used. | N |
| LOCATION | VARCHAR(128)
NOT NULL WITH DEFAULT |
Not used. | N |
| COLLID | VARCHAR(128)
NOT NULL WITH DEFAULT |
If the GRANTEE is a package, its collection name. Otherwise, the value is blank. | G |
| CONTOKEN | CHAR(8)
NOT NULL WITH DEFAULT FOR BIT DATA |
If the GRANTEE is a package, the consistency token of the DBRM from which the package was derived. Otherwise, the value is blank. | S |
| CAPTUREAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Not used. | N |
| REFERENCESAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can create or drop referential
constraints in which the table is a parent.
|
G |
| REFCOLS | CHAR(1)
NOT NULL WITH DEFAULT |
The value of this column is blank if the value of REFERENCESAUTH applies uniformly to all columns of the table. The value is an asterisk(*) if the value of REFERENCESAUTH applies to some columns but not to others. In this case, rows will exist in SYSIBM.SYSCOLAUTH with PRIVILEGE = R and matching timestamps that list the columns on which reference privileges have been granted. | G |
| GRANTEDTS | TIMESTAMP
NOT NULL WITH DEFAULT |
Time when the GRANT statement was executed. | G |
| TRIGGERAUTH | CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can create triggers in which
the table is named as the subject table:
|
G |
| GRANTORTYPE | CHAR(1)
NOT NULL WITH DEFAULT |
Indicates the type of grantor:
|
G |
| SYS_START |
TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS ROW BEGIN |
Reserved for future IBM® use.The row-begin column of the SYSTEM_TIME period, for system-period data versioning. |
G |
| SYS_END |
TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS ROW END |
Reserved for future IBM use.The row-end column of the SYSTEM_TIME period, for system-period data versioning. |
G |
| TRANS_START |
TIMESTAMP(12)
NOT NULL GENERATED ALWAYS AS TRANSACTION START ID |
Reserved for future IBM use. |
G |
| UNLOADAUTH |
CHAR(1)
NOT NULL WITH DEFAULT |
Whether the GRANTEE can use the UNLOAD utility to unload data:
|
G |