Initial Privileges on the Violations Table

When you issue the START VIOLATIONS TABLE statement to create the violations table, the database server uses the set of privileges granted on the target table as a basis for granting privileges on the violations table. The database server follows different rules, however, when it grants each type of privilege.

The following table summarizes the circumstances under which the database server grants each type of privilege on the violations table.
Privilege
Condition for Granting the Privilege
Alter
Alter privilege is not granted on the violations table. (Users cannot alter violations tables.)
Index
User has Index privilege on the violations table if the user has the Index privilege on the target table.
Insert
User has the Insert privilege on the violations table if the user has the Insert, Delete, or Update privilege on any column of the target table.
Delete
User has the Delete privilege on the violations table if the user has the Insert, Delete, or Update privilege on any column of the target table.
Select
User has the Select privilege on the informix_tupleid, informix_optype, and informix_recowner columns of the violations table if the user has the Select privilege on any column of the target table.

User has the Select privilege on any other column of the violations table if the user has the Select privilege on the same column in the target table.

Update
User has the Update privilege on the informix_tupleid, informix_optype, and informix_recowner columns of the violations table if the user has the Update privilege on any column of the target table.

(Even with the Update privilege on the informix_tupleid column, however, the user cannot update this SERIAL column.)

User has the Update privilege on any other violations table column if the user has the Update privilege on the same column in the target table.

References
The References privilege is not granted on the violations table. (Users cannot add referential constraints to violations tables.)
The following rules apply to ownership of the violations table and privileges on the violations table:
  • When the violations table is created, the owner of the target table becomes the owner of the violations table.
  • The owner of the violations table automatically receives all table-level privileges on the violations table, including the Alter and References privileges. The database server, however, prevents the owner of the violations table from altering the violations table or adding a referential constraint to the violations table.
  • You can use the GRANT and REVOKE statements to modify the initial set of privileges on the violations table.
  • When you issue an INSERT, DELETE, or UPDATE statement on a target table that has a filtering-mode unique index or constraint defined on it, you must have the Insert privilege on the violations and diagnostics tables.

    If you do not have the Insert privilege on the violations and diagnostics tables, the database server executes the INSERT, DELETE, or UPDATE statement on the target table provided that you have the necessary privileges on the target table. The database server does not return an error concerning the lack of Insert privilege on the violations and diagnostics tables unless an integrity violation is detected during execution of the INSERT, DELETE, or UPDATE statement.

    Similarly, when you issue a SET Database Object Mode statement to set a disabled constraint or disabled unique index to the enabled or filtering mode, and a violations table and diagnostics table exist for the target table, you must have the Insert privilege on the violations and diagnostics tables.

    If you do not have the Insert privilege on the violations and diagnostics tables, the database server executes the SET Database Object Mode statement if you have the necessary privileges on the target table. The database server does not return an error concerning the lack of Insert privilege on the violations and diagnostics tables, unless an integrity violation is detected during the execution of the SET Database Object Mode statement.

  • The grantor of the initial set of privileges on the violations table is the same as the grantor of the privileges on the target table.

    For example, if user henry was granted the Insert privilege on the target table by both user jill and user albert, then the Insert privilege on the violations table is granted to henry both by jill and by albert.

  • After the violations table is started, revoking a privilege on the target table from a user does not automatically revoke the same privilege on the violations table from that user. Instead, you must explicitly revoke the privilege on the violations table from the user.
  • If you have fragment-level privileges on the target table, you have the corresponding fragment-level privileges on the violations table.