SQL ROLES

From InterBase
Jump to: navigation, search

Go Up to Overview of SQL Access Privileges


InterBase implements features for assigning SQL privileges to groups of users, fully supporting SQL group-level security with the GRANT, REVOKE, and DROP ROLE statements. It partially supports GRANT ROLE and REVOKE ROLE.

Note: These features replace the Security Classes feature in versions prior to InterBase 5. In the past, group privileges could be granted only through the InterBase-proprietary GDML language. In Version 5, new SQL features were added to assist in migrating InterBase users from GDML to SQL.

Using roles

Implementing roles is a four-step process:

1. Create a role using the CREATE ROLE statement.
2. Assign privileges to the role using GRANT privilege TO rolename.
3. Grant the role to users using GRANT rolename TO user.
4. Users specify the role when attaching to a database.

These steps are described in detail in this chapter. In addition, the CONNECT, CREATE ROLE, GRANT, and REVOKE statements are described in the Language Reference Guide.

Advance To: