System and object permissions

Permissions determine what types of actions users can perform in the ObjectServer.

You assign permissions to roles by using the GRANT command. There are two types of permissions:

  • System permissions, which control the commands that can be run in the ObjectServer
  • Object permissions, which control access to individual objects, such as tables

System permissions include the ability to use the SQL interactive interface, create a database, and shut down the ObjectServer. For example:

  • ISQL permission is required to connect to the ObjectServer by using the SQL interactive interface.
  • ISQLWrite permission is required to modify ObjectServer data by using the SQL interactive interface.

Object permissions specify the actions that each role is authorized to perform on a particular object. Each object has a set of associated actions. For example, the actions that you can perform on an ObjectServer database are:

  • DROP
  • CREATE TABLE
  • CREATE VIEW