Database Systems - SQL - DCL Statements (Chapter 3/4)

7. DCL Statements of SQL

Connection Management Transaction Management

Access Control Session Management

DCL Statements of SQL

The DCL statements are used for the following purpose:

Connection management

Transaction management

Access control

Session management

DCL: CONNECTION MANAGEMENT

Connection management statements are used to start and stop connections to the

RDBMS.

CONNECTION MANAGEMENT Statements

The connection management statements are: CONNECT statement SET CONNECTION statement DISCONNECT statement

Various RDBMSs either implement these statements in their own way or do not implement these statements but implement some other statements. Hence we do not cover the SQL standard syntax here. Rather we cover syntax used to connect to databases using command line tools provided by MySQL.

Connection Management with MySQLExamples

The right side screenshot shows user “root” logged into MySQL using command line tool “mysql”, executed a command USE to use database “schdb” and exited from the tool.

The second screenshot shows that user “root” specified database name “schdb” on the command line tool itself and hence no need to execute USE command explicitly to use the database.

Connection Management with MySQLExample with a new User

The right side screenshot shows super or root user “root” logged into MySQL server without specifying any database name, created a user “suri” with password “suri123”, gave SELECT privilege on all tables of database “schdb” and exited from the command line tool.

The second screenshot shows user “suri” logged into database “schdb” by specifying password on the command line of mysql itself, accessed a table “dept” and exited the tool.

Connection Management with MySQLConnection Errors

The right side screenshot shows that user can login into MySQL server but can not use a database if he does not have privileges.

DCL: TRANSACTION MANAGEMENT

What is a Transaction? Transaction Statements Transaction Phenomena

Isolation Level Transaction Characteristics

Deferring Execution of Constraints

What is a Transaction ?

An SQL Transaction is a logical unit of work consisting of one or more SQL statements.

Transactions are atomic. Transactions begin automatically by SELECT,

INSERT, UPDATE or DELETE statement or explicitly by START TRANSACTION statement.

Transactions are completed by either COMMIT or ROLLBACK statement.

Transaction ExamplesSELECT eno, ename, salaryFROM emp WHERE eno IN (555, 556);

UPDATE emp SET salary = 15000 WHERE eno IN (555, 556);

UPDATE emp SET salary = salary * 1.1WHERE ename = ’Alishan’;

COMMIT;

SELECT eno, ename, salaryFROM emp WHERE eno IN (555, 556);

Transaction Management Statements

Here are the transaction management statements:

START TRANSACTIONCOMMITROLLBACKSET TRANSACTIONSET CONSTRAINTS

START TRANSACTIONThe START TRANSACTION statement starts an SQL transaction and sets its characteristics.

Syntax: START TRANSACTION [ READ ONLY | READ WRITE ] [ ISOLATION LEVEL { READ UNCOMMITTED } |

{ READ COMMITTED } | { REPEATABLE READ } |

{ SERIALIZABLE } ]

[ DIAGNOSTICS SIZE ncond ]

TRANSACTION ISOLATION LEVELTransaction Phenomena

To understand the isolation levels, we need to understand the kind of phenomena that can occur while transactions are executed concurrently:

Dirty readNon-repeatable readPhantom read

TRANSACTION ISOLATION LEVELTransaction Phenomena

Phenomena DescriptionDirty Read Transaction T1 reads a row that has been changed by

another transaction T2 which has not yet committed. If T2 rolls back the transaction, T1 will have read the data that never existed.

Non-repeatable Read

Transaction T1 reads a row. Transaction T2 then modifies or deletes that row and performs a COMMIT. If T1 then attempts to reread the row, it may receive the modified value or discover that the row has been deleted.

Phantom read Transaction T1 reads a set of rows N that satisfy some search condition. Transaction T2 then executes SQL-statements that generate one or more rows that satisfy the search condition used by transaction T1. If transaction T1 then repeats the initial read with the same search condition, it obtains a different collection of rows

TRANSACTION ISOLATION LEVEL Vs TRANSACTION PHENOMENA

Isolation Level Dirty Read

Non-repeatable Read

Phantom Read

READ UNCOMMITTED Y Y Y

READ COMMITTED N Y YREPEATABLE READ N N YSERIALIZABLE N N N

The following table shows the kind of phenomena that can occur depending on the isolation level you set for transactions using SET TRANSACTION ISOLATION LEVEL statement.

COMMITThe COMMIT statement ends a transaction successfully by making database changes permanent.

Syntax: COMMIT [ WORK ]

The keyword WORK is optional.

Once the statement is executed by an RDBMS (server), all database changes done by all other DDL or DML statements executed before the COMMIT statement are made permanent by the RDBMS.

ROLLBACKThe ROLLBACK statement aborts a transaction by backing out all changes done in the transaction.

Syntax: ROLLBACK [ WORK ]

The keyword WORK is optional.

Once the statement is executed by an RDBMS (server), all database changes done by all other DDL or DML statements executed before the ROLLBACK statement are backed out or undone by the RDBMS and the database is brought back to the state it was before starting of the transaction.

SET TRANSACTIONThe SET TRANSACTION statement sets properties or characteristics of transactions.

Syntax: SET TRANSACTION [ READ ONLY | READ WRITE ]

[ ISOLATION LEVEL { READ UNCOMMITTED } |

{ READ COMMITTED } | { REPEATABLE READ } |

{ SERIALIZABLE } ]

SET CONSTRAINTSThe SET CONSTRAINTS statement sets constraint mode for transactions. You can use this statement to defer execution of any constraints to the end of transaction.

Syntax: SET CONSTRAINTS { ALL | constraint-name-list }

{ DEFERRED | IMMEDIATE }constraint-name-list: constraint-name [, constraint-name]…

ALL : All constraints

SET CONSTRAINTS EXAMPLESchema

SET CONSTRAINTS EXAMPLEINSERT Operation

Access Control

Access Control Statements Authorization Identifier

Privileges Granting and Revoking Privileges

ACCESS CONTROLStatements

SQL supports discretionary data access control through the following statements:

• GRANT• REVOKE

GRANT: The statement is used to give privileges to other users.

REVOKE: The statement is used to take away already given privileges from other users.

ACCESS CONTROLAuthorization IdentifiersAn authorization identifier is an SQL identifier used to identify a database user.

Examples: john, praveen, akhilm and user1

• Each authorization identifier is usually associated with a password.

• Every SQL statement executed by the RDBMS on behalf of specific user.

• RDBMS uses authorization identifier to determine if the user has access to a database object and if so what kind access rights or privileges the user has.

ACCESS CONTROLPrivileges

The privileges are permissions that decide what action a user can perform on a database table or view.Here is the list of privileges defined in SQL standard:Privilege Description

SELECT The privilege to retrieve data from a table.INSERT The privilege to insert rows into a table.UPDATE The privilege to update rows of a table.DELETE The privilege delete rows from a table.REFERENCES The privilege to reference columns of a table in integrity

constraints.USAGE The privilege to use domains. collations, character sets and

translations.EXECUTE The privilege to execute stored procedures or functions.

ACCESS CONTROLGRANT Statement

The GRANT statement grants privileges on specified database objects to specified users.

Syntax: GRANT {privilege_list | ALL PRIVILEGES} ON object_name TO {auth_id_list | PUBLIC} [WITH GRANT OPTION]priv_list: SELECT [(col_name_list)] | INSERT [(col_name_list)] | UPDATE [(col_name_list)] | DELETE | REFERENCES [(col_name_list)] | USAGE | TRIGGER | EXECUTEobject_name: Table, domain , etc. (depends on privilege)auth_id_list: List of user authorization identifierscol_name_list: Comma separated column names

GRANT StatementExample - Users

(1) Users: User Name

Password

system system123akhil akhil123john john123(2) The following screen shot shows

creating the users using SqlPlus of Oracle:

(3) The following screen shot shows akhil does not have privileges to use two tables:

GRANT StatementExamples - Privileges

(1) Granting privileges to akhil and public:

(2) Testing privileges of john.

(3) Testing privileges of akhil:

ACCESS CONTROLREVOKE Statement

The REVOKE statement revokes privileges on specified database objects from specified users.

Syntax: REVOKE [GRANT OPTION FOR] {privilege_list | ALL PRIVILEGES} ON object_name FROM {auth_id_list | PUBLIC} [RESTRICT | CASCADE]priv_list: SELECT [(col_name_list)] | INSERT [(col_name_list)] | UPDATE [(col_name_list)] | DELETE | REFERENCES [(col_name_list)] | USAGE | TRIGGER | EXECUTEobject_name: Table, domain , etc. (depends on privilege)auth_id_list: List of user authorization identifierscol_name_list: Comma separated column names

REVOKE StatementExamples - Privileges

(1) Revoke SELECT privilege from akhil:

(2) Revoke UPDATE privileges from PUBLIC on table depttbl:

What Have You Learnt!

• Connecting to Databases.• How to connect to MySQL Databases.• What is a Transaction?• When Transactions begin ?• Transaction Statements START TRANSACTION, COMMIT and

ROLLBACK.• SET TRANSACTION and SET CONSTRAINTS statements.• Transaction Isolation Levels• Transaction Phenomena – Dirty Read, Non-repeatable Read and

Phantom Read• Access Control, Authorization ID • Privileges SELECT, INSERT, UPDATE, DELETE, REFERENCES, USAGE

and EXECUTE.• Granting and revoking privileges using GRANT and REVOKE

statements.

Database Systems - SQL - DCL Statements (Chapter 3/4)

Data & Analytics

Transcript of Database Systems - SQL - DCL Statements (Chapter 3/4)