> > >Surely it must be possible to create a view, give the role rights to that
> > >view and let the stored procedure operate upon the view?
> > well that's possible for part of the problem. but I am not sure I can
> > create a view that only displays rows which "belong" to the current user
> > (one column will be the user id). which is what I am trying to do with the
> > SP's.
>
>Now that, I think, is where your problem is. I don't believe
>that the engine can filter data based on a field in the
>manor you seem to be asking for. I rely on the interface to
>do that, but then with the right password anybody can view
>all the data from IB_SQL anyway.

That's why I was planning to use a stored procedure. it should be able to
do the filtering that way (at least I think/hope so).

Bert