The following constraint and user definitions are used for the examples that follow.
The following SQL text creates a hierarchical constraint named classification_level that enforces all four of the possible statement actions for a constraint.
CREATE CONSTRAINT classification_level SMALLINT, NOT NULL, VALUES (top_secret:4, secret:3, confidential:2, unclassified:1), INSERT SYSLIB.insert_level, UPDATE SYSLIB.update_level, DELETE SYSLIB.delete_level, SELECT SYSLIB.read_level;
The following SQL text creates a non-hierarchical constraint named classification_category that enforces all four of the possible statement actions for a constraint.
CREATE CONSTRAINT classification_category BYTE(8), VALUES (nato:1, united_states:2, canada:3, united_kingdom:4, france:5, norway:6, russia:7), INSERT SYSLIB.insert_category, UPDATE SYSLIB.update_category, DELETE SYSLIB.delete_category, SELECT SYSLIB.read_category;
Create user_name.
CREATE USER user_name AS PERMANENT = 1e6, PASSWORD=my_pwd, CONSTRAINT = classfication_level (top_secret), CONSTRAINT = classification_category (united_states);
Creates user pls.
CREATE USER pls AS PERMANENT = 1e6, PASSWORD=secret, CONSTRAINT = classification_level (secret, unclassified DEFAULT), CONSTRAINT = classification_category (united_states);
The following SQL text creates user arn_anderson.
CREATE USER arn_anderson AS PERMANENT = 1e6, PASSWORD=Arn2222ANDERSON, CONSTRAINT = classification_category (norway);