|Subject||RE: [Firebird-Architect] User name SYSDBA|
> The SQL idea of role is substantially braindead. A more useful modelis
> the ability to for a user with a role to grant that role, withoptional
> grant rights, to another user. An even more useful model is allow aAn even better model is one where I don't have to do anything!
> user to change his roles within a session. An still more useful role
> is to let a user activate or deactivate any roles from his set of
> available roles.
> For example, you, Sean, have the roles of Firebird admin, developerlist
> curmudgeon, and boss of Nickolay. You can switch among those rolesBut I don't need to 'switch' between those roles! I am those things.
What I am doing determines the role and I am fulfilling. I don't have
to switch, I just do my job -- I can be both a curmudgeon and Nickolay's
boss at the same time! It don't need to switch between the two.
> On a good day, you can probably do things that requires the unionBut what I can do, it always based on the union of all my privileges.
> of privileges from all three.