> I tried to grant execute permission for stored procedures for a role.
> but when this procedure is executed by a user in this role I get
> message, that rights doesn't exist on table.
>
> I see in IBExpert DDL that grant select on tables used by that procedure
> are already given to the stored procedure.
>
> Question: is it sufficient that I grant a role to a proceudure? or
> should I grant that role also rights for each individual table as well?
>
> application does all access to data though stored procedures. so in
> reality users should not need to be granted rights on tables. how would
> be best practice to solve it?

Have you provided the role name when connecting to the database?


--
With regards,
Thomas Steinmaurer (^TS^)
Firebird Technology Evangelist

http://www.upscene.com/

Do you care about the future of Firebird? Join the Firebird Foundation:
http://www.firebirdsql.org/en/firebird-foundation/