| Subject | Re: [firebird-support] Query existing users with SQL |
|---|---|
| Author | Nikolaus Kern |
| Post date | 2010-12-29T19:24:48Z |
Update (from v2.5 release notes):
Tracker reference CORE-2113.
When a user is removed from the security database or another
authentication source, such as the operating system
ACL, any associated cleanup of SQL privileges in databases has to be
performed manually. This extension adds
the capability to revoke all privileges in one stroke from a particular
user or role.
Syntax Pattern
REVOKE ALL ON ALL FROM { <user list> | <role list> }
Everything clear now.
Niko
Tracker reference CORE-2113.
When a user is removed from the security database or another
authentication source, such as the operating system
ACL, any associated cleanup of SQL privileges in databases has to be
performed manually. This extension adds
the capability to revoke all privileges in one stroke from a particular
user or role.
Syntax Pattern
REVOKE ALL ON ALL FROM { <user list> | <role list> }
Everything clear now.
Niko
> Hi all,
>
> After continuing checking I found out that revoking assigned roles from
> user cleans the table RDB$USER_PRIVILEGES.
>
> That makes sense on the one hand, on the other I am not sure why the privileges are not cleared when a user is dropped. (Same situation when the dropping is done with gsec).
>
> Input is wellcome - I want to make sure that I correctly understand the relationship user - role - RDB$USER_PRIVILEGES.
>
> Thanks
>
> Niko
>
>> Hello,
>>
>> the new features of Firebird v2.5 to administrate the users with SQL
>> (CREATE, ALTER, DROP) are very welcome and work fine.
>>
>> In order to present only those accounts that acctually exists I wonder
>> if there is a similar thing liek gsec display.
>>
>> At the moment I am using that query (As suggested on
>> http://www.firebirdfaq.org/faq266/):
>> SELECT u.RDB$USER, u.RDB$RELATION_NAME
>> FROM RDB$USER_PRIVILEGES u
>> WHERE u.RDB$PRIVILEGE = 'M'
>> ORDER BY 1, 2
>>
>> But this query shows also user accounts that were deleted before.
>>
>> Question 1: Is there a method to get a list of all existing users ?
>> Question 2: Is it neccessary to maintain the table RDB$USER_PRIVILEGES
>> directly?
>>
>> Thanks
>>
>> Niko
>>
>>
>> ------------------------------------
>>
>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>>
>> Visit http://www.firebirdsql.org and click the Resources item
>> on the main (top) menu. Try Knowledgebase and FAQ links !
>>
>> Also search the knowledgebases at http://www.ibphoenix.com
>>
>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>> Yahoo! Groups Links
>>
>>
>>
>>
>
>
> ------------------------------------
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Visit http://www.firebirdsql.org and click the Resources item
> on the main (top) menu. Try Knowledgebase and FAQ links !
>
> Also search the knowledgebases at http://www.ibphoenix.com
>
> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> Yahoo! Groups Links
>
>
>
>