What are user privileges?

Privileges determine what a user is authorized to do with the data and the database. Privileges should be assigned based on the type of work the person does within the organization. Is the user involved with administration of the geodatabase? Does the user need to edit or create data? Would the user only need to query the data?

Users or groups of users are granted privileges that affect what they can do in the database. Some users can only connect to the database. These are read-only users. Other users can connect to the database and create datasets. Others can connect to the database and edit datasets but not create or delete them. Some can perform administrative tasks, such as creating backup files or performing a compress operation.

User privileges are set at different levels: the databaes management system, database, geodatabase versions, and datasets in a database.

• Database management system privileges

  Privileges at this level affect the entire database management system. They generally apply only to the database administrator, who needs to access and manage all objects in the system.

• Database privileges

  These privileges determine what a user or group of users can do in or to the geodatabase; for example, whether users can create new datasets or compress the geodatabase.

• Geodatabase version privileges

  Privileges can also be set to control user access to a geodatabase version. This is a special type of privilege that is not set through the DBMS. Instead, when a geodatabase version is created, the creator of the version decides what type of access other users will have to the version. If the version is created with Public access, all users can view and modify it. If it is created as a Private version, only the creator of the version and the geodatabase administrator can access it. If the version is Protected, other users can view the version but only the creator and geodatabase administrator can modify it. See Creating versions and setting permissions for more information on setting access to geodatabase versions.

• Dataset privileges

  Dataset privileges determine what a user can do with a particular dataset—can the user edit the dataset or only select data from it? Permission to work with specific datasets is controlled by the user who owns the data (the one who created or imported the data to the geodatabase). Users can be granted the following privileges on datasets:

  • SELECT
  • UPDATE
  • INSERT
  • DELETE

  If the dataset is registered as versioned, the last three privileges must be granted or revoked as a group. See Granting and revoking privileges on datasets for instructions on setting privileges.