privileges on functions
in [DB2]
|
Prev: Find a sentence with words separated by multiple spaces
Next: Timestamps on data records, Documentation on old versions of DB2
From: uwcssa on 2 Jul 2008 13:57 I created one function and wish to assign it to some users. however, even though "grant execute on function" succceeded, that user can still not use it. i am wondering if functions do not have transferable rights? i am using v9.1. thanks
From: Dave Hughes on 2 Jul 2008 21:11 uwcssa(a)gmail.com wrote: > I created one function and wish to assign it to some users. however, > even though > > "grant execute on function" succceeded, that user can still not use > it. i am wondering if > functions do not have transferable rights? > > i am using v9.1. thanks Assuming you committed the GRANT, the user should be able to execute the function just fine. Are you sure they're executing your function and not a similarly named function in a different schema? (or an overloaded version of the function - though I assume that's not the case as you explicitly stated "one" function) Not sure what you mean by "transferable rights" though? Cheers, Dave.
From: --CELKO-- on 3 Jul 2008 07:44 Does the function do something for which the user does not have privileges?
From: Serge Rielau on 3 Jul 2008 09:20
Couple of thoughts: 1. A function to which a user does not have EXECUTE privilege is simply invisible to that user. That is teh error you will be getting is a function not found. (In hindsight I think this behavior was a really bad idea....) What that means is that you should consider the possibility that the function is simply not found. So: Is the schema on the PATH? Are the arguments promotable to the parameters (e.g. 'hello' (a VARCHAR) is not promotable to CHAR), right number of parameters in the right order? 2. If you have GRANTed a privilege to a GROUP to which the USER is a member then DB2 will NOT consider it if th einvocation is nested in another object (such as a view or trigger) because DB2 can't track when the user gets removed from the group. In DB2 9.5 use ROLEs instead of GROUPSs Cheers Serge -- Serge Rielau DB2 Solutions Development IBM Toronto Lab |