| Subject | Re: [firebird-support] Re: api and grant problems |
|---|---|
| Author | Helen Borrie |
| Post date | 2005-02-20T22:04:38Z |
At 02:26 PM 20/02/2005 +0000, you wrote:
1. Create the role and commit it.
2. Grant the permissions to the role and commit.
3. Grant the role to the user and commit.
isc_expand_dpb(&dpb, &dpb_length, isc_dpb_user_name, "dbUser",
isc_dpb_password, "dbUserpw", isc_dpb_sql_role_name, "full_access",
NULL);
Double quotes are probably the culprit here.
Remove the quotes from the role altogether (a role is a database object).
Double quotes have a particular syntactic use in SQL identifiers. Your role
is stored as FULL_ACCESS, not "full_access".
User name and password are strings. Try putting single quotes on
them. Password is case-sensitive, btw. User name is stored as upper case,
but Firebird automatically uppercases it.
./heLen
>I have a table called cm_logs and a user called dbUser.Yes, sorry about that.
>I wanted a role called full_access which dbUser could use to gain
>insert permissions etc.
>
>wouldn't it be;
>
>SQL> create role full_access;
>SQL> grant all on cm_logs to full_access;
>SQL> grant full_access to dbUser;
>
>?
>
>I was assuming using cm_logs earlier was a typo,
> but since things still aren't working for me I'd like to check...dbUser has to exist in the server's security database. Then
1. Create the role and commit it.
2. Grant the permissions to the role and commit.
3. Grant the role to the user and commit.
isc_expand_dpb(&dpb, &dpb_length, isc_dpb_user_name, "dbUser",
isc_dpb_password, "dbUserpw", isc_dpb_sql_role_name, "full_access",
NULL);
Double quotes are probably the culprit here.
Remove the quotes from the role altogether (a role is a database object).
Double quotes have a particular syntactic use in SQL identifiers. Your role
is stored as FULL_ACCESS, not "full_access".
User name and password are strings. Try putting single quotes on
them. Password is case-sensitive, btw. User name is stored as upper case,
but Firebird automatically uppercases it.
./heLen