Update user authorization utility

We can use the updateua utility to update the database user authorizations for a user or schema on a WebSphere Commerce database. We can use this utility in any environment to update user authorizations to grant or revoke authorization for any database object that you own.

When you, or another user, updates the schema to add or change tables for a new feature, some users might not have authorization for the new tables. If we are an owner of the new or changed database objects, we can use this utility to grant authorization for users to access the schema changes.

Parameter values

auths

Required, unless you include the parameter commonAuths. Include one or more of the following parameters to specify the type of authorization that we are granting to a user or revoking:

• -select

• -insert

• -delete

• -update

• -alter

• -execute

To grant or revoke all common authorization privileges, use the commonAuths parameter instead.

objTypes

Required. Include one or more of the following parameters to specify the database object types that authorization is being granted on or revoked:

• -tables

• -views

• -procedures

• -functions

For specific object types, only certain authorization options can be granted.

• For tables, only the authorization options select, insert, delete, update, and alter can be granted.

• For views, only the option select can be granted.

• For procedures and functions, only the option execute can be granted.

-user

Required. Identifies the user whose authorization we are updating.

-owner

Required. Identifies the owner of the database base objects that authorization is being granted on or revoked.

-ownerpass

Required. The password of the owner for connecting to the database. If you do not include a value, we are prompted for the value when you run the utility.

-database

Required. Specifies the database connection specification. We can specify the database-alias, the partial jdbc URL specification, or the full jdbc URL specification.

-commonAuths

Optional. Indicates that all common authorization options are being granted to the user or revoked for the specified object types. Including this parameter is the equivalent of included all of the following parameters as auths parameters:

• -select

• -insert

• -delete

• -update

• -execute

If you include this parameter, you do not need to include the options as auths parameters. To grant or revoke only specific authorizations, use one or more of the auths parameters instead.

-all

Optional. Indicates that all applicable authorization privileges for the user on the specified database are to be granted or revoked. When you include this parameter, you override all of the auths parameters that you include in the utility command.

-revoke

Optional. Indicates that we are revoking authorization privileges instead of granting authorization. By default, the utility grants authorization.

-schema

Optional. Specifies the database schema that includes the objects that we are granting or revoking authorization on. If you do not include this parameter, the value of the owner parameter is used as the value for the schema parameter.

-commitCount

Optional. Specifies the number of grant or revocation operations that the utility processes before a commit is issued. Default is 1.

-continueOnError

Optional. Specifies whether the utility continues to process the granting or revoking of authorizations upon encountering errors. Default is false.

-fileName

Optional. Specifies the name of the file where information about the processing of authorization grants and revocations is outputted. By default the utility uses the standard output.

-outputOnly

Optional. Indicates that the utility is to output the information about the authorization grants and revocations instead of processing the authorization updates. By default, the utility processes the authorization updates and outputs the information.

Example 1

Runtime environmentGrant authorization to user "db2inst1user" on tables, views, functions, and procedures within the schema "db2admin", which is owned by "db2admin".

updateua.sh -database dbspec -commonAuths -tables -views -functions -procedures -owner db2admin -ownerpass password -user db2inst1user

Example 2

Runtime environment Grant authorization to user "db2inst1user" on tables, views, functions, and procedures within the schema "wcs", which is owned by "db2admin".

updateua.sh -database dbspec -commonAuths -tables -views -functions -procedures -owner db2admin -ownerpass password -user db2inst1user -schema wcs

Related tasks
Running utilities from the Utility server Docker container