SQL queries

A query specifies a result table. A query is a component of certain SQL statements.

The three forms of a query are:
  • subselect
  • fullselect
  • select-statement.

Authorization

The privileges held by the authorization ID of the statement must include at least one of the following authorities:
  • For each table or view identified in the query, one of the following authorities:
    • SELECT privilege on the table or view
    • SELECTIN privilege on the schema of the table or view
    • DATAACCESS privilege on the schema of the table or view
    • CONTROL privilege on the table or view
  • DATAACCESS authority
For each global variable used as an expression in the query, the privileges held by the authorization ID of the statement must include one of the following authorities:
  • READ privilege on the global variable that is not defined in a module
  • EXECUTE privilege on the module of the global variable that is defined in a module
  • EXECUTEIN privilege on the schema containing the module of the global variable that is defined in a module
  • DATAACCESS authority on the schema containing the module of the global variable that is defined in a module
If the query contains an SQL data change statement, the authorization requirements of that statement also apply to the query.

Group privileges, with the exception of PUBLIC, are not checked for queries that are contained in static SQL statements or DDL statements.

For nicknames, authorization requirements of the data source for the object referenced by the nickname are applied when the query is processed. The authorization ID of the statement may be mapped to a different authorization ID at the data source.