CREATE USER

A user is name for an actor (person or system) that makes a connection with the SQLstream s-Server. s-Server supports two types of users. The default user, created on installation, is the administrator user. This user can create non-administrator users. These users do not have access to any system tables or functions (even in non-sandboxed environments). When s-Server is run in sandboxed mode, non-administrator users are denied the following privileges:

  • The creation of any Java-based user defined function, user defined procedure, or user defined transform unless these refer to a Java function that is annotated with the @AllowedInSandbox annotation.
  • The execution of the commands ALTER SYSTEM, ALTER SESSION, CREATE JAR, IMPORT FOREIGN SCHEMA, CREATE USER, CREATE SERVER, CREATE FOREIGN STREAM, and CREATE FOREIGN TABLE.
  • Direct access to imported schemas in the SYS_BOOT catalog.

Syntax

CREATE USER <user> [IDENTIFIED BY ‘aPassword’] DEFAULT CATALOG localdb;

This will create a new non-administrator user that by default will not have access to any system tables or functions (even in non-sandboxed environments). Only the creator of an object or schema (or the administrator) is allowed to drop or alter it.

Granting Users Permissions

Administrators can use the following SQL to grant access to foreign streams and tables, as well as system tables and streams or views based on system tables and streams:

GRANT <permission> {, <permission> }
TO <user>;

Administrators can use the following SQL to grant access to system functions:

GRANT EXECUTE ON SPECIFIC FUNCTION <function> TO <user>;

List of Permissions

Permission Repository objects to which permission applies
Select Tables, streams, views
Insert Tables, streams
Update Tables
Delete Streams
Execute User-defined routines (user defined functions, user defined procedures, or user defined transforms)