You can translate the question and the replies:

Database specific Roles

Hi, We have created a new Database = "ABC" similar to Admin and itpilot databses. Now I have created a new user and role , granted privilages to only the new database created - "ABC". But still the new user which is created is able to access abd view the data in other databases. The requirement is to restrict the new users from viewing / accessing the data from databases like - admin / itpilot.The same is required at catalog level as well.
user
15-08-2019 03:27:26 -0400

1 Answer

Hi Access level in Virtual DataPort server is controlled at 3 levels. * Database level - Access to direct users/roles for that specific database. * User level - Assigning roles to the user, access to the database and to objects of a database for a user. * Role level - Assigning access to database and to objects of the database for a role. I would try running the CATALOG_PERMISSIONS() stored procedure from the Virtual DataPort Administration Tool for the newly created user to get the full access list. * SELECT * FROM CATALOG_PERMISSIONS() WHERE USERNAME='<new_user>' From the result of the above query, I would find and revoke all privileges that provisions access outside of “ABC” database. A detailed explanation of the CATALOG_PERMISSIONS() stored procedure is explained in the below link * [CATALOG_PERMISSIONS()](https://community.denodo.com/docs/html/browse/6.0/vdp/vql/stored_procedures/predefined_stored_procedures/catalog_permissions) The below link explains in detail about Access Rights with Virtual DataPort server. * [Access Rights in Virtual DataPort](https://community.denodo.com/docs/html/browse/7.0/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/databases_users_and_access_rights_in_virtual_dataport) Data Catalog tool by default inherits the authorization and authentication set at Virtual DataPort Administration Tool.Hence the requirement to have this privilege at Data Catalog level would be implicitly taken care. The below link explains in detail about Data Catalog Authorization and Authentication methods * [Data Catalog Authorization and Authentication methods](https://community.denodo.com/docs/html/browse/7.0/vdp/data_catalog/authentication_and_authorization/authentication_and_authorization) Hope this helps!
Denodo Team
16-08-2019 06:07:20 -0400
You must sign in to add an answer. If you do not have an account, you can register here