At 08:14 PM 29/07/2005 +0300, you wrote:

>Hello all.
>
>I have a problem with IB_Query. A user have only select privilege to a
>table. I use IB_Query's generate for table function and it creates a
>statement like this:
>UPDATE table SET
> CODE = :CODE, /*PK*/
> DESC = :DESC
>WHERE
> CODE = :OLD_CODE
>
>INSERT INTO table(
> CODE, /*PK*/
> DESC)
>VALUES (
> :CODE,
> :DESC)
>
>DELETE FROM table
>WHERE
> CODE = :OLD_CODE
>
>everthing ok, but when a user with only select privilege opens the form,
>an error occurs " no permission for update/write access to table". User
>is not trying to update records just selecting.
>
>If I set SQL statement "select * from table for update"

This statement does not cause a set to become magically updatable. Its
purpose is to restrict fetching from the server to one row at a time.

>and don't set
>any EditSQL, UpdateSQL or DeleteSQL no problem occurs. and user can see
>the records. Why this happens? do I have to do someting special?

The XxxxxSQL properties, whether custom or generated by IBO by setting
RequestLive true, present the user with an updatable set. A user with only
SELECT privileges on any table in the statement is blocked from seeing sets
that are updatable.

How you deal with this depends on whether you will have some users who have
update privileges and some who do not. Typically, you would maintain
properties in your form or datamodule that would be tied to the Role under
which the user has logged in, and conditionally set the RequestLive or
XxxxSQL properties conditionally at run-time according to these properties.

Helen