17.10 - Example: Security Constraint Non-Hierarchical Rules - Advanced SQL Engine - Teradata Database

Teradata Vantageā„¢ - SQL External Routine Programming

Advanced SQL Engine
Teradata Database
Release Number
Release Date
July 2021
Content Type
Programming Reference
Publication ID
English (United States)
Operation Example Rule
INSERT The current session must have a security label (1 or more compartments). All compartments in the session label are entered as the row constraint column value.

Purpose: Forces predictable row classification based on the user label.

SELECT The session security label must include all the compartments in the row label or the operation fails.

Purpose: If a row is classified with several compartments, ensures that the accessing user is a member of all compartments.

UPDATE The row label must include all the compartments contained in the session label.

Purpose: Prevents the user from inadvertently adding classifications to the row.

DELETE The row can be deleted only if the constraint column value is NULL.

Purpose:Ensures that a row is reviewed and declassified before it can be deleted.

You must have OVERRIDE UPDATE privileges to reclassify a row as NULL, so that it can be deleted.