Authorisation for supertypes and subtypes

Previous Next

This help topic contains details of authorisation by manipulation type (INSERT, UPDATE, DELETE). For basic information about authorisation on subtypes, go to Authorization Tables.

A supertype is a "constellation" of data in which the common attributes are defined as the supertype (or generalization), with variable additions (or specializations) for the subtypes.

For example, if Person is the supertype, Staff and Guide are possible subtypes.

Authorisation is defined separately for each table and column. Whether a table is part of a subtype tree (or constellation) is irrelevant for authorisation. However, bear in mind that:

Subtype indicator columns are part of the supertype table. Column Rights on these subtype indicator columns (if any) are separate from rights on the subtype tables, but must be functionally consistent with them.

Primary-key columns of a supertype by definition also appear in its subtype tables. Functionally these columns are considered to be the same in the whole subtype constellation. It is never useful to define different rights on primary key columns between the supertype level and the subtype level. Column rights on primary key columns in subtypes are effectively ignored.

Conditions placed on rights on subtype tables and subtype columns may refer to columns of the supertype(s).

collapseHow INSERTs into subtype constellations are authorised
collapseHow DELETEs from subtype constellations are authorised
collapseHow UPDATEs to subtype constellations are authorised



See also

Authorization Tables