Hi, Ivan. Thank you.

Ivan Prenosil wrote:

> > Essence: FB (don't know about IB) checks priveleges even if no actions
> > are really performed.
> > Details: I have a trigger on one table and in case of some condition
> > it can access another table. When this trigger fires for user that have
> > no rights on second table, even if condition is'nt satisfied and no
> > access performed, exception -551 raises.
>
> In SQL, each command is first prepared, then executed. Because privileges
> are checked during preparation phase, their validity is independent
> on table contents.
>

And this is a corner stone.

>
> E.g. if you prepare update statement, and the table is empty,
> you can think that it is unnecessary to check grants for update-triggers
> because they will never fire for empty table;
> however, you can insert some rows into table in next transaction
> and use the same (already prepared) statement on that (now non-empty)
> table.
>

Nothing can be said against: even if I try to update empty table, it is
attempt to access table, not data.

>
> Perhaps more obvious is privilege checking for stored procedures:
> you must have granted appropriate privileges for all statements
> contained in SP, because during preparation IB does not know
> which parts of SP will be executed and which will be skipped
> (e.g. by if-then-else statement).
>

Just curiosity: is it linked with fact that IB stores SP as compiled or it
is more deep reason and SQL realizations that interpret SP during execution
have the same behavior?

Best regards.