Data Control Language (DCL) provides syntax for user role management and permission management.
The following table describes the supported DCL commands, the required permissions, and the supported granularity levels.
The ALL or ALL PRIVILEGES permission includes the READ, WRITE, ADMIN, and TRASH permissions. When you grant the ALL permission, you also grant these four permissions. The following table lists only non-ALL permissions.
Lindorm user management operates at the instance level. Usernames and passwords apply to all engines within the same instance, but permissions can be configured separately.
Command classification | Command | Description | Required permissions | Supported granularity |
User role management | Creates a new user. | Requires both ADMIN and READ permissions. | GLOBAL | |
Changes the password of a user. | Requires both ADMIN and READ permissions. | GLOBAL | ||
Views existing users. Before you create a new user, run this command to check for existing usernames to prevent errors. |
|
| ||
Deletes an existing user. | Requires both ADMIN and READ permissions. | GLOBAL | ||
User permission management | Grants permissions to a specified user. Before you grant permissions, understand the supported permissions, permission scopes, and grantable objects in Lindorm. | ADMIN | GLOBAL | |
Revokes permissions from a user. | ADMIN | GLOBAL |