Creating DB Users and DB Roles

A DB user is someone who uses a database management system. He or she works in a particular DB role.

Context

A user logs in to a database as DB user. The user thus has the authorizations of the DB user. These authorizations include object authorizations and role authorizations.

An object authorization is an access right to the system or to tables.

A role authorization is the right to use a DB role. If a DB user is working in a DB role, they have the authorizations for this role too.

Using DB users and DB roles with the associated authorizations increases the security of a database management system, since each user has only the authorizations required for their work.

Creating a DB User or a DB Role

Prerequisites

A database schema is present.

Context

The purpose is to model a user, or a role in which a user is working.

How to proceed

  1. Select the database model in the model structure which you want to create a new DB user below.

  2. Select Start>New>New Element>Database administration>DB user or ...>DB role.

    A new DB user or a DB role is created below the selected database schema. The name is automatically selected for renaming.

  3. Enter the name and confirm with the [Enter] key.

Changing the Authorizations

Prerequisites

A DB user or DB role exists.

Context

The purpose is to model the authorizations of a user or a role.

How to proceed

  1. In the model structure, select the DB user or DB role.

    The associated authorizations for objects and roles are listed in the Details tool window.

  2. To delete an authorization, select an authorization in the Details tool window and select Start>Organize>Delete from Model (Shift+Del).

  3. To create a new role authorization, select New Subelement>Database administration>Role authorization from the context menu.

    You will be prompted to select a DB role.

  4. To create a new object authorization, select New Subelement>Database administration>Privileges from the context menu.

  5. Select the DB role which the DB user or DB role should be authorized to perform.

  6. To change an object authorization, select an object authorization in the Details tool window and change the approval, actions, objects or approver in the Properties window.

Deleting a DB User or a DB Role

How to proceed

  1. In the model structure, select the DB user or DB role.

  2. Select Start>Organize>Delete from Model (Shift+Del).