Page |1

INFORMATION TECHNOLOGY AND INFORMATION SYSTEM

DEPARTMENT

ADVANCED DATABASE MANAGEMENT SYSTEM

EXERCISE

5
CREATING USER AND ADMINISTERING
PERMISSIONS

Favila,Cymon Neju BSIT204

NAME SECTION
4/5/24 4/5/24
DATE PERFORMED DATE FINISHED

GJPRosales
 Page |2

I. OBJECTIVES

At the end of this exercise, students must be able to:

a. Granting other users privileges to your table
b. Modifying another user's table through the privileges granted to you
c. Creating a synonym

II. BACKGROUND INFORMATION

Creating users:

 The database administrator (DBA) creates users with the CREATE USER
statement.

After a user is created, the DBA can grant specific system privileges to
that user An application developer, for example, may have the following
system privileges:
 CREATE SESSION
 CREATE TABLE
 CREATE SEQUENCE
 CREATE VIEW
 CREATE PROCEDURE

The DBA can grant specific system privileges to a user.

Give a user authority to pass along system privileges:

GJPRosales
 Page |3

Create a role:

Grant privileges to a role:

Grant a role to users:

Grant a role to users:

The DBA creates your user account and initializes your password.

You can change your password by using the ALTER USER statement.

Object privileges vary from object to object.

An owner has all the privileges on the object.
An owner can give specific privileges on that owner’s object.

Revoking Object Privileges

You use the REVOKE statement to revoke privileges granted to other users.
Privileges granted to others through the WITH GRANT OPTION clause are also
revoked.

GJPRosales
 Page |4

III. EXPERIMENTAL PROCEDURE

PART 1:
Scenario
The HR department needs your assistance in creating some queries.

Task
Write the appropriate SQL statement for the following queries. The result of the
queries will be checked from your computer.

PROVIDE A SCREENSHOT OF THE SCRIPT AND THE OUTPUT PER STEP

Task
Write the appropriate SQL statement for the following queries. The result of the queries
will be checked from your computer.

1. What privilege should a user be given to log on to the MS SQL server? Is this a
system privilege or an object privilege?

GJPRosales
 Page |5

2. What privilege should a user be given to create tables?

3. If you create a table, who can pass along privileges to other users on your table?

GJPRosales
 Page |6

4. You are the DBA. You are creating many users who require the same system
privileges. What should you use to make your job easier?

5. What command do you use to change your password?

GJPRosales
 Page |7

6. SA is the owner of the EMPLOYEES table and grants the DELETE privilege
to CREATE YOUR USER by using the WITH GRANT OPTION clause. CREATED
USER then grants the DELETE privilege on EMPLOYEES to CREATE ANOTHER
USER. SA now finds that ANOTHER USER has the privilege and revokes it
from YOUR USER. Which user can now delete from the EMPLOYEES table?

GJPRosales
 Page |8

7. You want to grant YOUR USER. the privilege to update data in the
DEPARTMENTS table. You also want to enable YOUR USER. to grant this privilege
to other users. What command do you use?

GJPRosales
 Page |9

8. Grant another user query privilege on your table. Then, verify whether that user
can use the privilege.
a. Grant another user privilege to view records in your REGIONS table.
Include an option for this user to further grant this privilege to other users.
b. Have the user query your REGIONS table.
c. Have the user pass on the query privilege to a third user (for example,
ora23).
d. Take back the privilege from the user who performs step b.

9. Grant another user query and data manipulation privileges on your COUNTRIES
table. Make sure that the user cannot pass on these privileges to other users.

GJPRosales
 P a g e | 10

10. Take back the privileges on the COUNTRIES table granted to another user.

GJPRosales
 P a g e | 11

11. Grant another user access to your DEPARTMENTS table. Have the user grant
you query access to his or her DEPARTMENTS table.

12. Query all the rows in your DEPARTMENTS table.

GJPRosales
 P a g e | 12

GJPRosales
 P a g e | 13

13. Add a new row to your DEPARTMENTS table. YOUR USER. should add
Education as department number 500. ANOTHER USER should add Human
Resources as department number 510. Query the other team’s table.

14. Query all the rows in the other team’s DEPARTMENTS table by using your
synonym.

YOUR USER. SELECT statement results:

GJPRosales
 P a g e | 14

ANOTHER USER. SELECT statement results:

15. Revoke the SELECT privilege from the YOUR USER.and ANOTHER USER..

GJPRosales
 P a g e | 15

16. Remove the row you inserted into the DEPARTMENTS table in step 13 and save
the changes.

GJPRosales
 P a g e | 16

IV. QUESTION AND ANSWER

1. Why is it important for you to create individual users for your database and tables?

It is essential to create distinct users for your tables and database in order to
maintain security, privacy, responsibility, and customization. Individual user
accounts limit access to authorized persons exclusively, just as giving distinct keys
to various people safeguards a vault. This guarantees the confidentiality of sensitive
data and permits accountability by allowing user actions to be tracked back.
Customized access rights also improve efficiency and lower the risk of data
breaches by limiting users' access to only the information pertinent to their tasks,
which streamlines workflows. All things considered, individual user accounts are
crucial to preserving the security and integrity of company data.

V. REFERENCES

Hoffer, J.A., Prescott, M.B., McFadden, F.R. (2016). Modern Database Management
12th Edition, Prentice Hall.
Microsoft. (2012). Database Administration Fundamentals . USA: Wiley.

GJPRosales