Access rights allow user groups read access (RETRIEVAL) or read and write access (UPDATE) to database objects, for example. Access rights can be granted and revoked.

A user group can be assigned read (RETRIEVAL) or read and write (UPDATE) access rights to the following database objects.

Access rights in CODASYL applications to:

• realms

• record types (RECORDs)

• sets

Access rights in SQL applications to:

• base tables

• foreign keys

RETRIEVAL, UPDATE and ALL access can be:

• granted using
  the ADD-USER-GROUP and GRANT-ACCESS statements

• revoked using
  the REVOKE-ACCESS statement

• qualified using
  the GRANT-ACCESS and REVOKE-ACCESS statements.

When access rights are assigned using the GRANT-ACCESS statement, any existing access rights for a database object are retained and the newly defined ones are added. In the same way, when the REVOKE-ACCESS statement is used, only the access rights specified with this statement are withdrawn; the user group retains any other access rights it has.