| Subject | RE: [firebird-support] Problem with roles |
|---|---|
| Author | Helen Borrie |
| Post date | 2003-10-10T10:30:59Z |
At 12:12 PM 10/10/2003 +0200, you wrote:
One user can have many roles (be granted many roles)
One role can be granted to many users.
Each connection involves one user in 0 or 1 role.
i.e. a user can be granted permissions directly, without any role.
heLen
>On Fri, 10 Oct 2003, Thomas Steinmaurer wrote:Yes. One connection~one user.
>
> > You have to specify the role when connecting to the
> > database.
>
>Hm... it looks like you can specify only one role per connection.
>So you can't use roles the way I understood... I thought roles...to 0 or more users.
>were just a 'bunch of permissions' that can be granted to a user.
>That means a user only 'belongs to' one role at a time andYes.
>has to reconnect to use the rights he/she might have with another role?
One user can have many roles (be granted many roles)
One role can be granted to many users.
Each connection involves one user in 0 or 1 role.
i.e. a user can be granted permissions directly, without any role.
>And how do you know which roles the user belongs to beforeYou wouldn't know.
>you connect to the database? Let's say the admin granted you
>new permissions on a table via a role, but didn't tell you.
>Sorry, but I don't think I got the idea behind roles right.Maybe, maybe not. What was your idea?
heLen