Assigning Roles
Assigning a role is similar to granting a privilege.One or more roles can be assigned to one or more users, including the user PUBLIC
, using one GRANT
statement.
Assigning a role is similar to granting a privilege.One or more roles can be assigned to one or more users, including the user PUBLIC
, using one GRANT
statement.
WITH ADMIN OPTION
ClauseThe optional WITH ADMIN OPTION
clause allows the users specified in the user list to grant the role(s) specified to other users or roles.
Caution
|
It is possible to assign this option to |
For cumulative roles, a user can only exercise the WITH ADMIN OPTION
of a secondary role if all intermediate roles are also granted WITH ADMIN OPTION
.That is, GRANT ROLEA TO ROLE ROLEB WITH ADMIN OPTION
, GRANT ROLEB TO ROLE ROLEC
, GRANT ROLEC TO USER USER1 WITH ADMIN OPTION
only allows USER1
to grant ROLEC
to other users or roles, while using GRANT ROLEB TO ROLE ROLEC WITH ADMIN OPTION
allows USER1
to grant ROLEA
, ROLEB
and ROLEC
to other users.
Assigning the DIRECTOR
and MANAGER
roles to the user IVAN
:
GRANT DIRECTOR, MANAGER
TO USER IVAN;
Assigning the MANAGER
role to the user ALEX
with the authority to assign this role to other users:
GRANT MANAGER
TO USER ALEX WITH ADMIN OPTION;
Assigning the DIRECTOR
role to user ALEX
as a default role:
GRANT DEFAULT DIRECTOR
TO USER ALEX;
Assigning the MANAGER
role to role DIRECTOR
:
GRANT MANAGER
TO ROLE DIRECTOR;
WITH GRANT OPTION
ClauseThe optional WITH GRANT OPTION
clause allows the users specified in the user list to grant the privileges specified in the privilege list to other users.
Caution
|
It is possible to assign this option to the user |