Privileges determine what a user is authorized to do with the data and the database. Assign privileges based on the type of work the person does within the organization.
Users connecting to SAP HANA from ArcGIS require system access and access to specific user data. As an SAP HANA administrator, you create groups based on what users need to do in the database, grant privileges to the groups, and add the appropriate database users to each group.
SAP HANA grants SELECT privileges on system metadata tables to PUBLIC by default. If you revoke those privileges, you must grant privileges to individual groups or users.
The following table lists three groups of users who will connect from ArcGIS and the minimum privileges they require to query, edit, or create data.
| Type of user | Required privileges | Purpose |
|---|---|---|
Data viewer | SELECT ON sys.st_geometry_columns and sys.st_spatial_reference_systems | These privileges are required to read ST_GEOMETRY metadata for spatial operations. |
SELECT ON <table1>,<table2>, <tablen> | Data viewers need select privileges on specific tables you want them to see and query. | |
Data editor* Data editors require the same privileges as data viewers, plus these additional privileges. | INSERT, UPDATE, DELETE on other users' tables | Grant the editing operations you want editors to perform on specific tables. |
Data creator | SELECT ON sys.st_geometry_columns and sys.st_spatial_reference_systems | These privileges are required to read ST_GEOMETRY metadata for spatial operations. |
| These privileges allow data creators to create tables and feature classes in the database. |
*You can edit data published to an ArcGIS Server feature service that has editing operations enabled.
If data creators will be creating views to restrict the amount of data returned from the database to the ArcGIS client, also grant them CREATE VIEW and DROP VIEW privileges.