| Subject | Re: [firebird-support] Access rights |
|---|---|
| Author | Helen Borrie |
| Post date | 2005-01-28T02:53:51Z |
At 04:58 PM 27/01/2005 -0600, you wrote:
and also REFERENCES rights to any tables to which this table refers through
a foreign key.
privilege on a SP.
update rights on columns in a table that the user doesn't otherwise have
UPDATE rights to.-- for example, let employees update their name and
address columns in a personnel record, but not their salary. :-)
RDB$USER_PRIVILEGES yourself - always use GRANT and REVOKE.
GRANT_OPTION will be 1 if the owner of the object passed on to the user the
right to grant that privilege to other users. In the GRANT statement, the
WITH GRANT OPTION clause is used to effect that.
recognises as "any old user". Your main problem here seems to be that you
thought GRANT ALL would give the user access to procedures. It
doesn''t. Use GRANT EXECUTE ON PROCEDURE APROCEDURE TO AUSER;
./heLen
>I'm migrating from interbase 6.0.x to firebird 1.5.x and decided toOK, this gives IMS SELECT, UPDATE, INSERT and DELETE rights on that table
>start using users instead of having my program always log in as sysdba.
>So I created a user, called "IMS" which I then called
>
>
>
>GRANT ALL ON TABLE TO IMS
and also REFERENCES rights to any tables to which this table refers through
a foreign key.
>for all the tables in the database and all the stored procedures that IGRANT ALL ON APROCEDURE does nothing. You have to grant the EXECUTE
>need access to.
privilege on a SP.
>However I keep getting a message saying ISC ERROR CODE:335544352, noNot in this case (if I'm reading you correctly). You can give column-level
>permission for read/select access to COLUMN trancat_desc.
>
>
>Do I have to grant access to individual fields in the database for all
>the tables or am I not doing something right?
update rights on columns in a table that the user doesn't otherwise have
UPDATE rights to.-- for example, let employees update their name and
address columns in a personnel record, but not their salary. :-)
>I'm using IBExpert personal edition to look at the database and I canDon't be tempted to use IBE (or any other tool) to modify
>see the grants in RDB$USER_PRIVILEGES table, not sure what the
>RDB$GRANT_OPTION field is for, but the records for my IMS user shows 0
>for it.
RDB$USER_PRIVILEGES yourself - always use GRANT and REVOKE.
GRANT_OPTION will be 1 if the owner of the object passed on to the user the
right to grant that privilege to other users. In the GRANT statement, the
WITH GRANT OPTION clause is used to effect that.
>I also tried granting all rights to the table for public, but I stillPUBLIC is "just a user" - it just happens to be one that the system
>get that error. I can still log in as sysdba, but I would prefer not to.
recognises as "any old user". Your main problem here seems to be that you
thought GRANT ALL would give the user access to procedures. It
doesn''t. Use GRANT EXECUTE ON PROCEDURE APROCEDURE TO AUSER;
./heLen