This section describes how the four different access rights (read, create, modify, and destroy) work at the four different access levels (directory, table, column, and entry).
The objects that these various rights and levels act on are summarized in the table Table 9-5:
Table 9-5 Access Rights and Levels and the Objects They Act Upon
|
Directory |
Table |
Column |
Entry |
---|---|---|---|---|
Read |
List directory contents |
View table contents |
View column contents |
View entry (row) contents |
Create |
Create new directory or table objects |
Add new entries (rows) |
Enter new data values in a column |
Enter new data values in an entry (row) |
Modify |
Move objects and change object names |
Change data values anywhere in table |
Change data values in a column |
Change data values in an entry (row) |
Destroy |
Delete directory objects such as tables |
Delete entries (rows) |
Delete data values in a column |
Delete data values in an entry (row) |
Directory. If you have read rights to a directory, you can list the contents of the directory.
Table. If you have read rights to a table, you can view all the data in that table.
Column. If you have read rights to a column, you can view all the data in that column.
Entry. If you have read rights to an entry, you can view all the data in that entry.
Directory. If you have create rights at the directory level, you can create new objects in the directory such as new tables.
Table. If you have create rights at the table level, you can create new entries. (You cannot add new columns to an existing table regardless of what rights you have.)
Column. If you have create rights to a column, you can enter new data values in the fields of that column. You cannot create new columns.
Entry. If you have create rights to an entry, you can enter new data values in the fields of that row. (Entry level create rights do not permit you to create new rows.)
Directory. If you have modify rights at the directory level, you can move or rename directory objects.
Table. If you have modify rights at the table level, you can change any data values in the table. You can create (add) new rows, but you cannot create new columns. If an existing field is blank, you can enter new data in it.
Column. If you have modify rights to a column, you can change the data values in the fields of that column.
Entry. If you have modify rights to an entry, you can change the data values in the fields of that row.
Directory. If you have destroy rights at the directory level, you can destroy existing objects in the directory such as tables.
Table. If you have destroy rights at the table level, you can destroy existing entries (rows) in the table but not columns. You cannot destroy existing columns in a table: you can only destroy entries.
Column. If you have destroy rights to a column, you can destroy existing data values in the fields of that column.
Entry. If you have destroy rights to an entry, you can destroy existing data values in the fields of that row.