These are guidelines for using the Local Schemas on the Cornell Metadb reporting database. 

What Local Schemas are available


r/o = read-only access to a given file; user can see and use the files in this schema, but cannot modify or delete them

r/w =read-write access to a given file; user can create, see, use, modify, and detete the files in this schema

*reporting team user accounts: z_slm5, z_jl41, z_lm15, z_np55, z_vp25, z_ama8, z_jmp8


Schema NameSchema DescriptionPermissions
local_openThis schema is a sandbox for all users who want to publish a file to a local schema.

r/w z_metadbuser_cornell user account

r/w any other user accounts - REMOVE

local_automationThis schema is for internal use by the Automation Team.

r/w z_metadbuser_cornell user account

r/w any other user accounts - REMOVE

local_coreThis schema is for internal use by the Reporting Team.

r/w z_metadbuser_cornell user account

r/w any other user accounts -REMOVE

local_digpresThis schema is used by the HathiTrust team.

r/w z_metadbuser_cornell user account

r/w any other user accounts -REMOVE

local_hathitrustThis schema is used internally by the HathiTrust team.

r/w z_metadbuser_cornell user account

r/w any other user accounts - REMOVE

local_protectedThis schema is used to store tables with protected data that is used internally by the Reporting Team.

r/o reporting team user accounts

r/w z_slm5, z_jl41 - KEEP

*set as r/w for z_slm5, z_jl41 as default for schema

local_sharedThis schema is used to store local tables that are in queries used by all reporting users. All users can read the files here, but only reporting team members can post files here.

r/o z_metadbuser_cornell user account

r/w reporting team user accounts - KEEP

*set as r/w for reporting team accounts as default for schema

local_statisticsThis schema is for internal use by the Assessment and Planning team. 

r/o z_metadbuser_cornell user account

r/w z_lm15, z_slm5, z_vp25 - KEEP

*set as r/w for z_lm15, z_slm5, z_vp25 as default


How to Set Permissions on files used in Local Schemas

To give other users permission to see and use a table you have imported or created in a local schema in Metadb, you need to grant that user access to the new table. To do so, you can issue a command to alter the table permissions as a query in a DBeaver session connected to Metadb. Here is an example:


To grant the user z_slm5 READ-ONLY access to the table vs_folio_physical_material_formats in the local_shared schema on Metadb, you would issue this command:

     GRANT SELECT ON local_shared.vs_folio_physical_material_formats TO z_slm5;


To grant the user z_slm5 READ-WRITE access to the table vs_folio_physical_material_formats in the local_shared schema on Metadb, you would issue this command:

     GRANT SELECT, INSERT, UPDATE, DELETE ON local_shared.vs_folio_physical_material_formats TO z_slm5;


Alter default privileges

ALTER DEFAULT PRIVILEGES for user z_slm5 IN SCHEMA local_protected GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO z_slm5, z_jl41, z_lm15, z_np55, z_vp25, z_ama8, z_jmp8;


Re-issue the command for each user if there are multiple users to whom you need to grant access. Ask the user(s) to confirm seeing the table after you have granted permissions.


*Please note that if you replace or update the table, you will need to reset these permissions.


ALTER DEFAULT PRIVILEGES for user z_slm5 IN SCHEMA local_statistics GRANT SELECT ON TABLES TO z_lm15, z_vp25;
ALTER DEFAULT PRIVILEGES for user z_slm5 IN SCHEMA local_statistics GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO z_lm15, z_vp25;
ALTER DEFAULT PRIVILEGES for user z_slm5 IN SCHEMA local_statistics GRANT USAGE ON SEQUENCES TO z_lm15, z_vp25;
ALTER DEFAULT PRIVILEGES for user z_slm5 IN SCHEMA local_statistics GRANT SELECT ON TABLES TO z_metadbuser_cornell;

Reporting Team Members and the Local Shared Schema

Reporting Team members create files in the local_shared schema that are used by report queries to show additional information in the query results, such as Cornell-specific bibliographic format, library location names, etc. To create these files, reporting team members use their z_netid user accounts because these accounts have "read-write" permissions to create files in the local_shared schema. General reporting users are connecting to the Metadb reporting database with the z_metadbuser_cornell user account, which has "read-only" permissions to the files in the local_shared schema. This means that queries that use the tables that reporting team members publish to the local_shared schema, such as "folio_physical_material_formats" and "adc_location_translation_table," will allow z_metadbuser_cornell account users to "read" the data in those tables. There is no need to assign permissions to the z_metadbuser_cornell account to see these tables as they are published because the read-only permission for z_metadbuser_cornell is part of the design of the local_shared schema.



  • No labels