Subject Re: [firebird-support] Using roles
Author Martijn Tonies
Hi James,

> I have a new user lets says its john with out any permission.
> Then a create a role name "invuser" then grant the role the
> permission to do anything to the invoice table.
> then I grant the role "invuser" to user "john"
> base from my experiment/learning ... even I have grant the
> role "invuser" to user "john". when I log in as "john" not
> identifying my role, I still can't access the "invoice" table... But
> when I log in as "john" with identifying my role, that's the time I
> can access the "invoice" table.
> here are my question.
> isn't it was awkward to have it that way? I expect that once when the

It's as designed and written in the SQL standard.

> role "invuser" was granted to user "john" everytime when "john" log
> in it has the priviledges of the role "invuser". I think it could be
> nice once the user login to the application my entering his user and
> password only, not more identifying the role to make the application
> more user friendly.

I call this "security groups" - this doesn't exist in Firebird, except for
groups - but I hardly think this is being used by anybody.

> or maybe I did something wrong?


> Well Iam using IBexpert as my tool

Ah, you're doing something wrong after all... *g*

(not really - but couldn't resist the joke)

With regards,

Martijn Tonies
Database Workbench - developer tool for InterBase, Firebird & MS SQL Server.
Upscene Productions