Database user administration is now expressed once and applied across the supported engines. The platform enumerates native database users server-wide, creates them with scope-aware connect grants, and reports their privileges through a uniform model rather than per-engine catalog queries. Engine-specific behaviour — Oracle, DB2 LUW, SAP HANA and others — is handled beneath the common interface.
What the model covers
- Server-wide enumeration. A single view lists the native users defined on a connected database server, with each user's kind, system flag and engine-reported detail.
- Per-verb privilege reporting. Table privileges are reported per operation — select, insert, update, delete — replacing coarse yes/no flags with the exact reach a user has on each object.
- Scope-aware creation and connect grants. Users are created with connect rights scoped to the intended databases, and the PUBLIC pseudo-grantee is surfaced explicitly so a blanket public connect can be granted or revoked deliberately.
Engine coverage
- Cross-engine implementation. The model includes a DB2 LUW user-management implementation and privilege-reach detection for SAP HANA and embedded engines, so the same administration surface behaves consistently regardless of the engine bound to the connection.
This gives operators a portable way to inspect and manage native database accounts without learning each engine's catalog dialect, and it underpins audit and access reviews that must span more than one database technology.