SYSPLANAUTH catalog table

The SYSPLANAUTH table records the privileges that are held by users over application plans. The schema is SYSIBM.

Start of changeFL 505 SYSIBM.SYSPLANAUTH has an associated history table, SYSIBM.SYSPLANAUTH_H, which provides temporal versioning of the catalog table. Both tables contain the same columns, with the same data types. The temporal relationship must be enabled before the history table can be used. Rows in the history table can be deleted by using the REORG TABLESPACE DISCARD option. For information about enabling the temporal relationship, see Temporal versioning for Db2 security-related catalog tables.End of change

Column name Data type Description Use
GRANTOR
VARCHAR(128)
NOT NULL
 Authorization ID of the user who granted the privileges. G
GRANTEE
VARCHAR(128)
NOT NULL
 Authorization ID of the user who holds the privileges. Could also be PUBLIC for a grant to PUBLIC. G
NAME
VARCHAR(24)
NOT NULL
 Name of the application plan on which the privileges are held. G
CHAR(12)
NOT NULL
 Internal use only. I
DATEGRANTED
CHAR(6)
NOT NULL
 Not used. N
TIMEGRANTED
CHAR(8)
NOT NULL
 Not used. N
GRANTEETYPE
CHAR(1)
NOT NULL
 Not used. N
AUTHHOWGOT
CHAR(1)
NOT NULL
 Authorization level of the user from whom the privileges were received. This authorization level is not necessarily the highest authorization level of the grantor.
blank
Not applicable
C
DBCTRL
D
DBADM
E
SECADM
G
ACCESSCTRL
L
SYSCTRL
M
DBMAINT
S
SYSADM
 G
BINDAUTH
CHAR(1)
NOT NULL
 Whether the GRANTEE can use the BIND, REBIND, or FREE subcommands against the plan:
blank
Privilege is not held
G
Privilege is held with the GRANT option
Y
Privilege is held without the GRANT option
 G
EXECUTEAUTH
CHAR(1)
NOT NULL
 Whether the GRANTEE can run application programs that use the application plan:
blank
Privilege is not held
G
Privilege is held with the GRANT option
Y
Privilege is held without the GRANT option
 G
IBMREQD
CHAR(1)
NOT NULL
 A value of Y indicates that the row was provided with the Db2 product code. For all other values, see Release dependency indicators.

The value in this field is not a reliable indicator of release dependencies.

 G
GRANTEDTS
TIMESTAMP
NOT NULL WITH
DEFAULT
 Time when the GRANT statement was executed. G
GRANTEETYPE
CHAR(1)
NOT NULL WITH
DEFAULT
 Indicates the type of grantee:
blank
Authorization ID
L
Role
 G
GRANTORTYPE
CHAR(1)
NOT NULL WITH
DEFAULT
 Indicates the type of grantor:
blank
Authorization ID
L
Role
 G
SYS_START
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW BEGIN
 FL 505 Start of changeThe row-begin column of the SYSTEM_TIME period, for system-period data versioning.End of change G
SYS_END
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS ROW END
 FL 505 Start of changeThe row-end column of the SYSTEM_TIME period, for system-period data versioning.End of change G
TRANS_START
TIMESTAMP(12)
NOT NULL
GENERATED ALWAYS
AS TRANSACTION
START ID
 FL 505 Start of changeThe transaction-start-ID column, for system-period data versioning.End of change G
Start of changeFL 505 GEN_SESSION_USEREnd of change Start of change
VARCHAR(128)
GENERATED ALWAYS AS (SESSION_USER)
End of change		 Start of changeThe value of the SESSION_USER special register. This column contains a null value when the value is unknown for the existing rows prior to catalog level V13R1M505.End of change Start of changeGEnd of change