Subject Re: [firebird-support] CREATE ROLE
Author Helen Borrie
At 10:28 PM 20/03/2009, you wrote:
>I have firebird 2.1.1 installed with some databases on it...
>I need to create a role to a new database.
>I had 3 database when I created a role called 'UTENTI_GO'.
>Now I add a new database arc3 but I don't see this role with it, so I wanna
>associate role to database with the same name.
>Infact if I try to create it with this instruction
>And I receive this error:
>"This operation is not defined for system tables.
>unsuccessful metadata update.
>user name UTENTI_GO could not be used for SQL role."
>I understand that roles are unic and associated with databases, but how can
>associate them to databases?

You don't "associate" a role to a database, you create a role *in* the database where the role is going to be used.

You've got a problem here because you already have some permission defined that refers to a *user* named UTENTI_GO.

Use a different identifier for the role, one that is not the same as a user name.

A role exists ONLY in the database it is created in - unlike users, that exist across the whole server. A ROLE is a mechanism for packaging sets of permissions.

1. Create the role (unique, and not the same as any user name)
2. Grant permissions to the role.
3. Grant the role to each user that needs to have that package of permissions.