| Subject | execute statement privileges |
|---|---|
| Author | unordained |
| Post date | 2007-06-21T05:54:42Z |
I assume that the behavior described in http://tracker.firebirdsql.org/browse/CORE-805 has not been
changed recently -- I can't find any documents saying it has.
I'm trying to avoid a large set of if/then/else statements for the following scenario (basically a
virtual function / abstract method using SP):
Users have access only to a few stored procedures, and no access to any tables directly.
One of those stored procedures is a dispatcher; it receives the id of a row that indicates which
type of 'action' is being run, with parameters specific to that kind of action; a reference table
indicates the name of a stored procedure to run for that type of action, and the right stored
procedure gets called and told where to find its parameters. Users would not be expected to have
access to these implementation stored procedures, as they should always be going through the
dispatcher.
The original idea was to use EXECUTE STATEMENT to dynamically switch between SPs being called by
the dispatcher, with the assumption that all such SP names are in tables we control (users wouldn't
have an opportunity for SQL injection) and would have the same input/output prototypes so they'd be
safe to call (but that's our responsibility, maintenance-wise.)
Does anybody see a work-around to EXECUTE STATEMENT not inheriting the privileges of the parent SP,
other than lots of if/then/else statements, or granting privileges we don't want to grant?
Thanks!
changed recently -- I can't find any documents saying it has.
I'm trying to avoid a large set of if/then/else statements for the following scenario (basically a
virtual function / abstract method using SP):
Users have access only to a few stored procedures, and no access to any tables directly.
One of those stored procedures is a dispatcher; it receives the id of a row that indicates which
type of 'action' is being run, with parameters specific to that kind of action; a reference table
indicates the name of a stored procedure to run for that type of action, and the right stored
procedure gets called and told where to find its parameters. Users would not be expected to have
access to these implementation stored procedures, as they should always be going through the
dispatcher.
The original idea was to use EXECUTE STATEMENT to dynamically switch between SPs being called by
the dispatcher, with the assumption that all such SP names are in tables we control (users wouldn't
have an opportunity for SQL injection) and would have the same input/output prototypes so they'd be
safe to call (but that's our responsibility, maintenance-wise.)
Does anybody see a work-around to EXECUTE STATEMENT not inheriting the privileges of the parent SP,
other than lots of if/then/else statements, or granting privileges we don't want to grant?
Thanks!