The kinds of operations an application can perform on the data in a given duality view depend on the database privileges accorded the view owner and the database user (database schema) with which the application connects to the database.

You can thus control which applications/users can perform which actions on which duality views, by granting users the relevant privileges.

An application invokes database operations as a given database user. But updating operations (including insertions and deletions) on duality views are carried out as the view owner.

To perform the different kinds of operations on duality-view data, a user (or an application connected as a user) needs to be granted the following privileges on the view:

• To query the data: privilege SELECT WITH GRANT OPTION

• To insert documents (rows): privilege INSERT WITH GRANT OPTION

• To delete documents (rows): privilege DELETE WITH GRANT OPTION

• To update documents (rows): privilege UPDATE WITH GRANT OPTION

In addition, the owner of the view needs the same privileges on each of the relevant tables, that is, all tables annotated with the corresponding keyword. For example, for insertion the view owner needs privilege INSERT WITH GRANT OPTION on all tables that are annotated in the view definition with INSERT.

When an operation is performed on a duality view, the necessary operations on the tables underlying the view are carried out as the view owner, regardless of which user or application is accessing the view and requesting the operation. For this reason, those accessing the view do not, themselves, need privileges on the underlying tables.

See also Updating Rule 1.