The relationships between groups, resources, permissions, and applications are stored in the
GRP_RES_PERM_REL database table. This table defines which resource permissions are granted to which user
groups for which applications.
Table 1. Columns of the GRP_RES_PERM_REL database table
Column name
Description
GROUP_NAME
The name of the group
RESPERM_ID
The ID of the resource permission that is granted to the group. This ID refers to the ID
column in the RES_PERM table.
APP_ID
The ID of the application for which the resource permission is granted to the group.
This ID refers to the ID column in the APPLICATION table.
The following figure illustrates these relationships where:
PK
Denotes a primary key.
FK
Denotes a foreign key.
Figure 1. Relation between resource permissions, user groups, and applications
To check the permissions of a user, the Operations and Administration
Console (OAC)
proceeds as shown in the following list:
Retrieves the group memberships for the user as defined in IBM®
WebSphere®
Liberty.
For each application, it selects all the resource permissions that are granted to these groups. To do this
selection, it evaluates the GRP_RES_PERM_REL, RES_PERM, and APPLICATION database tables.