Hello!

My database had only one user (the owner), Firebird version 1.5.2. So
all objects in the database have the same owner.
I had to permit a new user some rather restricted grants to access the
database. The new user can insert into some of the tables and execute
some of the procedures.
I granted (as the owner) all privileges on the chosen objects for the
new user. But: if he has the right to execute ProcA, and ProcA
contains access on TableA (which I don’t want to accessed directly by
the new user), I have to grant all for ProcA on TableA. If ProcA
contains calling ProcB, I have to grant execution right for ProcA on
ProcB. If I have a trigger on TableA, which executes ProcC, I have to
grant execution… and so on.
Recently I’ve solved the problem by collecting all dependencies in a
worktable and granting the necessary rights, based on rdb$dependencies
with a procedure. Unfortunately I have to run this procedure every
time, when a new version contains DDL changes.
Did I misunderstand something or is it possible to solve this type of
a restricted user access via a simpler method?

Thanks for any ideas

Kajtar Laszlo