| Subject | Re: [Firebird-Architect] Bulk loader. |
|---|---|
| Author | Alex Peshkov |
| Post date | 2007-11-05T08:24:43Z |
On Monday 05 November 2007 00:09, Roman Rokytskyy wrote:
to first define what is class of trigger) on per-connection basis is directly
related to bulk loader.
But completely agreed that we do not need any more permissions here. It's
enough to check that the user, which attempts to begin bulk insert operation,
has enough rights to execute DDL statements on the table and it's triggers.
> >> Because the bulk insert command would bypass triggers, which isNot sure that ability to enable/disable triggers (or classes of them - we need
> >> something you don't want to allow everybody.
> >
> > That's true, but isn't that a general problem and not particularly
> > specific to bulk insert.
>
> Sorry, I cannot trace your ideas here, please elaborate.
>
> > But while we're one the subject, wouldn't it be nice to be able disable
> > triggers on a per-connection basis? Very easy to do and would be use in
> > this case as well as many others.
>
> We could, but how do we prevent Joe from adding a
> isc_dpb_ignore_triggers to DPB and bypass the audit log triggers, and
> allow Ann doing this for bulk load stuff?
>
> > Oh, you don't need a privilege to disable triggers if you restrict it to
> > people with the right to drop the trigger. Kinda the same thing, really.
>
> Not sure that I want to merge those permissions... but you're right - a
> guy that has DROP permission on trigger does not need BULK INSERT
> permission to disable trigger.
to first define what is class of trigger) on per-connection basis is directly
related to bulk loader.
But completely agreed that we do not need any more permissions here. It's
enough to check that the user, which attempts to begin bulk insert operation,
has enough rights to execute DDL statements on the table and it's triggers.