Example: Row-Level Security Constraint and SELECT Statement When User Lacks Required Privileges - Advanced SQL Engine - Teradata Database

SQL Data Manipulation Language

Product
Advanced SQL Engine
Teradata Database
Release Number
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
qtb1554762060450.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1146
lifecycle
previous
Product Category
Teradata Vantage™

This example shows how the SELECT constraint is applied when a user that does not have the required OVERRIDE privileges attempts to execute a SELECT statement on a table that has the row-level security SELECT constraint:

     SELECT * FROM rls_tbl;

SELECT statement processing includes a step to RETRIEVE from RS.rls_tbl with a condition of SYSLIB.SELECTCATEGORIES ( '90000000'XB, RS.rls_tbl.categories ) AND SYSLIB.SELECTLEVEL (2, RS.rls_tbl.levels).

The table definition used in this example is:

     CREATE TABLE rls_tbl(
       col1 INT,
       col2 INT,
       classification_levels   CONSTRAINT,
       classification_categories CONSTRAINT);

The user’s session constraint values are:

     Constraint1Name LEVELS
     Constraint1Value 2
     Constraint3Name CATEGORIES
     Constraint3Value '90000000'xb