HPlogo IMAGE/SQL Administration Guide: HP 3000 MPE/iX Computer Systems > Chapter 4 IMAGE/SQL Utility Commands

ADD USER
» 

Technical documentation

Complete book in PDF
» Feedback

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Adds an IMAGE/SQL user.

Syntax

AD[D] USER { User@Account User.Account } WITH { PASS=Password CLASS=Classnum } [,MODE=ModeNumber]

Parameters

User@Account

is the name used to identify the new user to IMAGE/SQL. This name, referred to in SQL as the DBEUserID, is made up of an MPE/iX user and account name, connected with the period or @ symbol. It must contain valid logon syntax. If the account is omitted, it will default to the logon account.

Password

is a password in the TurboIMAGE/XL schema. The new IMAGE/SQL user has the same access to TurboIMAGE/XL data as the user class associated with this password. The password is case-sensitive.

Classnum

is the user class number.

ModeNumber

is the DBOPEN mode with which the TurboIMAGE/XL database is opened for this user. Valid DBOPEN modes supported by IMAGE/SQL are 1 through 8. If this parameter is omitted, the mode defaults to 5. Refer to the TurboIMAGE/XL Database Management System Reference Manual for information about these DBOPEN modes.

Prerequisites

  • SET SQLDBE issued.

  • SET TURBODB issued.

  • DBC status.

  • DBA authority.

  • Database attached.

Description

Use the ADD USER command to add a new IMAGE/SQL user. When a user is added, an SQL authorization group is created that corresponds to the user class or the user class of the password given in the command. The new DBEUserID (User@Account) is then added to this group. The group is named according to the following conventions:

OwnerName_UserClassNumber

By default, OwnerName is the name of the database (unqualified by its group and account), but a different OwnerName can be specified at attach time. For example, for a database owned by MKTG, the group created for user class 11 is named MKTG_11.

To enforce TurboIMAGE/XL security, one view is created for each data set the user class is allowed to access. The view is named according to the following conventions:

OwnerName.MappedTableName_VUserClassNumber

For example, for a database owned by MKTG, the view created for the mapped table ACCOUNTS is MKTG.ACCOUNTS_V11 for user class 11. Each view contains only those mapped columns that correspond to the fields in the data set the user class can read. The corresponding authorization group is then granted access to these views.

Example

In the following example, user RYAN.ATC is being added as an IMAGE/SQL user. The database will be opened in DBOPEN mode 1. His access to data is the same as that allowed to the password "manager". Because the password "manager" is associated with user class 18, this number appears at the end of each view name.

   >>ADD USER  RYAN.ATC WITH PASS=manager, MODE=1

   Warning: command containing a password has been logged (ATCWARN 32069).

   ALLBASE/SQL group SALES_18 created.

   View SALES.DATE_MASTER_V18 created.

   View SALES.CUSTOMER_V18 created.

   View SALES.PRODUCT_V18 created.

   View SALES.VENDOR_V18 created.

   View SALES.INVENTORY_V18 created.

   View SALES.SALES_V18 created.

   >>

In the above example, using CLASS=18 instead of PASS=manager will have the same result.



Chapter 4 IMAGE/SQL Utility Commands
  		 


ATTACH  
Feedback to webmaster