Database User Management

Database user management allows the creation of multiple users/roles and grants them read and write permissions to data. When multiple users access data within the same database, this mechanism helps maintain data integrity while improving database management efficiency. The following describes users/roles in the database:

User/Role	Description
Database User	An entity used to identify and manage database access permissions. Each user has a unique username and password for authentication and access control.
Database Role	A concept in database management systems used for permission management. A role can be considered a collection of permissions that define the database operations a role can perform. By assigning a role to a user, the user inherits all the permissions of that role.
Superuser	A type of database user with the highest privileges in the database system. This user has full control over the database, including but not limited to data insertion, deletion, updating, and querying, as well as creating and deleting users and roles, and granting or revoking roles for all users.
Regular User	A type of database user whose permissions are assigned by the superuser or data owner.

Databases are widely used in the GIS industry. Users in different GIS business domains should have different permissions to ensure GIS data security. The recommended user permissions are as follows:

Scope of business	User type	Main responsibilities	Primary permissions
GIS Business Data Maintainer	Regular User	Maintain GIS business data they are responsible for. Authorize others to maintain their GIS business data.	Selection, insertion, updating, and deletion permissions for datasets. Creation permissions for datasource.
GIS Data Viewer	Regular User	Use published GIS data	Permission to use datasource. Permission to select datasets.
GIS Spatial Database Administrator	Superuser	Create/delete datasource (spatial databases). Create and manage users and roles. Maintain data for different users.	All permissions

The Database User Management section introduces how to manage database users, including:

Create Database Users: Describes how to create a regular user through the superuser.
Create and Manage Roles: describes how to Create a role and authorize/revoke the role to the user.
Manage Datasource Permission: Introduces the types of datasource permissions and how to grant datasource permissions to users or roles.
Manage Dataset Permission: Introduces the types of dataset permissions and how to grant dataset permissions to users or roles.

Currently, database user management is only supported for PostGIS and Yukon.

Starting from SuperMap iDesktopX 11i (2024) release, database user management is available.