firebird-support - Object permissions issue when delegating access rigths

Subject	Object permissions issue when delegating access rigths
Author	Doru Ilasi
Post date	2008-04-10T18:10:41Z

I dont know if this is my mistake or the Firebird Gods have followed a
hidden path that I cannot see, so I must raise them the question :
where do I'm doing wrong.

-- ===================================
-- > create a dialect 3 fresh firebird database
-- > and run next sequence as SYSDBA
-- ===================================

/******************* PROCEDURES ******************/

SET TERM ^ ;
CREATE OR ALTER PROCEDURE JUST_CHECKING
AS
BEGIN EXIT; END^
SET TERM ; ^

/******************** TABLES **********************/

CREATE TABLE TABLE1
(
SOME_FIELD_IN1 Numeric(15,0)
);
CREATE TABLE TABLE2
(
SOME_FIELD_IN2 Numeric(15,0)
);

/******************** TRIGGERS ********************/

SET TERM ^ ;
CREATE OR ALTER TRIGGER TABLE1_AU FOR TABLE1 ACTIVE
AFTER UPDATE POSITION 0
as begin
-- if some_field_in1 was changed do some updates in table2 to
trigger table2_au
if (new.some_field_in1 <> old.some_field_in1) then update table2 set
some_field_in2 = some_field_in2 + 1;
end^
SET TERM ; ^

SET TERM ^ ;
CREATE OR ALTER TRIGGER TABLE2_AU FOR TABLE2 ACTIVE
AFTER UPDATE POSITION 0
as begin
-- if some_field_in2 was changed up execute was_an_update
if (new.some_field_in2 <> old.some_field_in2) then execute statement
'execute procedure just_checking;';
end^
SET TERM ; ^

/******************** GRANT ********************/
GRANT UPDATE ON TABLE1 TO MYUSERNAME;
GRANT UPDATE ON TABLE2 TO TRIGGER TABLE1_AU;
GRANT EXECUTE ON PROCEDURE JUST_CHECKING TO TRIGGER TABLE2_AU;

commit;

-- ===================================
-- > here login as MYUSERNAME
-- ===================================
update TABLE1 set SOME_FIELD_IN1 = SOME_FIELD_IN1 + 1;

-- ===================================
-- > will raise :
--> Statement failed, SQLCODE = -551
--> no permission for execute access to PROCEDURE
JUST_CHECKING
--> -At trigger 'TABLE2_AU'
--> At trigger 'TABLE1_AU'
-- ===================================
--> same issue if directly execute prcedure from table2_au
--> if (new.some_field_in2 <> old.some_field_in2) then execute
procedure just_checking;
-- ===================================

TIA,
Doru