getUserAccess
Syntax
getUserAccess([userIds])
Arguments
userId is a STRING scalar/vector indicating one or multiple user names.
Details
This function returns privileges for individual users, without taking into account the privileges for the groups the users belong to.
When userId is unspecified, returns the privileges for the current user. Only an administrator can use this function to get other users’ privileges.
It returns a table with the following columns:
Column |
Description |
---|---|
userId |
The user name |
groups |
The group to which the user belongs |
isAdmin |
Whether the user is an administrator |
MAX_JOB_PRIORITY |
An integer between 0 and 8 indicating the highest priority of the jobs submitted by the user. Specified by the command |
MAX_PARALLELISM |
An integer indicating the maximum number of tasks that can be executed in parallel for a job submitted by the user. It is specified by the command |
QUERY_RESULT_MEM_LIMIT |
The memory limit for a query result. It is a floating-point number indicating memory usage (in GB). You can use |
TASK_GROUP_MEM_LIMIT |
The memory limit of a task group. It is a floating-point number indicating memory usage in GB. You can use |
The following privileges are listed with permission state “allow” / “none” / “deny”: ACCESS_READ, ACCESS_INSERT, ACCESS_UPDATE, ACCESS_DELETE, VIEW_EXEC, SCRIPT_EXEC, TEST_EXEC, DBOBJ_CREATE, DBOBJ_DELETE, DB_MANAGE, DB_OWNER
Note:
Version 1.30.21/2.00.9 onwards extends privileges at the table level. The original TABLE_WRITE field is now replaced with fields TABLE_INSERT, TABLE_UPDATE, and TABLE_DELETE.
Since the DB_READ, DB_WRITE, DB_INSERT, DB_UPDATE, and DB_DELETE privileges apply to tables in databases, only table-level privileges are returned.
The remaining columns in the table display the specific objects (tables, views or databases) that the user is granted/denied access to:
objs |
---|
TABLE_READ_allowed |
TABLE_READ_denied |
TABLE_INSERT_allowed |
TABLE_INSERT_denied |
TABLE_UPDATE_allowed |
TABLE_UPDATE_denied |
TABLE_DELETE_allowed |
TABLE_DELETE_denied |
DB_READ_allowed |
DB_READ_denied |
DB_INSERT_allowed |
DB_INSERT_denied |
DB_UPDATE_allowed |
DB_UPDATE_denied |
DB_DELETE_allowed |
DB_DELETE_denied |
VIEW_EXEC_allowed |
VIEW_EXEC_denied |
DBOBJ_CREATE_allowed |
DBOBJ_CREATE_denied |
DBOBJ_DELETE_allowed |
DBOBJ_DELETE_denied |
DB_OWNER_allowed |
DB_MANAGE_allowed |